Entries:
Comments:
Posts:

Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Defrag Tools: #56 - Explorer Hang

Download

Right click “Save as…”

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen show you the analysis of a hang. The hang happens in Explorer when Windows-E is pressed - the folder window never appears. We show Andrew's debugging steps to solve the issue.

Resources:

Debugging Tools for Windows
SkyDrive - procdumpext.dll
SkyDrive - sieextpub.dll

Timeline:
[00:00] - Explorer Hang
[01:35] - Open the dump in the Debugger
[01:59] - List Threads - "~"
[02:20] - List thread stacks - ~*k
[02:46] - List thread stacks - !procdumpext.deep 20
[03:23] - Review of Thread #2
[04:03] - Review of Thread #5
[05:21] - Look for Unicode strings - dpu <addr> <addr>
[06:36] - Internet Explorer Security Zones
[07:08] - Loader Lock (Ldr* routines)
[08:30] - Review of Thread #6
[09:21] - Look for Unicode strings - dpu <addr> <addr>
[10:30] - Display Unicode strings - du <addr>
[12:56] - Force Symbol Load - .reload /f
[13:28] - Use grep to filter to 3rd Party Modules - !procdumpext.grep export lm
[13:56] - RBVirtualFolder64 is from Roxio - lmvm RBVirtualFolder64
[14:21] - Look for Unicode strings - !procdumpext.dpx -du
[14:50] - Large Dispositions (caused by no symbols)
[15:46] - List exported functions - x <module>!*
[16:25] - Unassemble - u RBVirtualFolder64!DllRegisterServer
[18:12] - Loader Lock (Ldr* routines)
[18:45] - Critical Section Lock Ownership - !locks
[24:04] - It's a Deadlock!
[24:27] - Easy Analysis - !sieextpub.critlist
[26:02] - Only do kernel32 synchronization object creation while holding the Loader Lock!
[27:50] - Summary
[29:35] - Email us your issues at defragtools@microsoft.com

Tags:

Follow the Discussion

  • Thx Andrew for bringing this to the public.

    'really good explanation of what to do when the symbols are missing.

    FYI, this all happened because some Roxio DVD player software shipped with my Dell. I never used it and eventually a Windows Update did me in.

    'sure is nice to have family access to a debugging expert Smiley

    Edward

     

     

  • Great episode, thanks for taking the time to go through this Smiley

  • ChadChad

    Excellent show. You introduced me to !procdumpext.deep, which will be handy.<br><br>The context switches needed to debug are fascinating: From the low levels of dumping Unicode strings in an address range to the higher levels of understanding DllMain loader lock issues. I find these videos great for bridging these gaps.

Remove this comment

Remove this thread

close

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.