Defrag Tools #172 - Application Hangs

Play Defrag Tools #172 - Application Hangs
Sign in to queue


In this episode of Defrag Tools, Andrew Richards and Chad Beeder talk about Application Hangs. We collect a dump of a process and debug it with the Debugging Tools for Windows.

Defrag Tools: #24 - WinDbg - Critical Sections
Defrag Tools: #25 - WinDbg - Events
Defrag Tools: #26 - WinDbg - Semaphores, Mutexes and Timers

[00:00] Happy New Year!
[01:20] Tools for Application Hang analysis
[02:36] Analyze Wait Chain in Task Manager
[04:36] Sysinternals ProcDump
[07:00] Thread List: ~
[07:34] Call Stack of each thread: ~*k
[08:28] Unique Call Stacks (filtering): !uniqstack
[11:26] Call Stacks (with N+ frames): !pde.deep [N]
[12:40] Call Stacks (with N+ frames) not on a wait: !pde.busy [N]
[15:20] Demo Apps and PDE are on the Defrag Tools OneDrive
[17:45] View Critical Section Locking: !locks
[21:48] Conclusion

Email us your questions and comments to



The Discussion

  • User profile image

    WinDbg should evolve and be based around objects, like powershell. Filtering would be much easier, but also you could use the data to create custom visualizations and debugger-based monitoring (like deciding whether to dump the process based on the file path passed to CreateFile and whether MyModule!* is on the stack).

  • User profile image

    @siodmy:The new JavaScript support does exactly that. Stay tuned for more info.

  • User profile image

    @siodmy:I disagree. I like windbg just the way it is. There are other debugging tools out there, and maybe there's an audience for what you're describing. However, it shouldn't come at the expense of redefining windbg. 

  • User profile image

    The new JavaScript model balances both worlds nicely I think. It doesn't remove the old dscript approach (of which I'm a huge fan), it augments it.

    As Bill has shown, the LINQ queries, etc. that is supports makes some tasks very easy to achieve.

    If you haven't tried it already, download the MEX debugger extension. It was partly the inspiration for the JavaScript support -- as it is very good at filtering/chaining commands.


  • User profile image

    Chad's outfit matches the background, Great style in this episode Chad, when debugging crashes in the latest Windows 10 insider preview builds, symbols always are not found, the !analyze -v says WRONGSYMBOLS always, i downloaded the latest WDK and Adk but they are build 14986 and i'm now on build 15014 so the symbols dont match up? is there anything we can do to get up to date symbols?

  • User profile image

    @s3curityConsult: Thanks. :) I was under the impression the officially released Windows Insider builds were supposed to have symbols indexed on the symbol server. If you do ".symfix" and then ".reload" does it find them?

  • User profile image

    @ChadBeeder: for Build 15031 I also see no symbols on symbol server. For 15025 there is a MSI for symbols to download from here:

  • User profile image

    I think you guys need more boardgames on the show ; ) Andrew, if you havent already, try out Caverna. Its a great worker placement game.

Add Your 2 Cents