Defrag Tools #172 - Application Hangs
Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition
Play Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition
Description
In this episode of Defrag Tools, Andrew Richards and Chad Beeder are joined by Aaron Margosis, the co-author of the Sysinternals book -- now in its 2nd Edition!
Troubleshooting with the Windows Sysinternals Tools, 2nd Edition
Resources:
Defrag Tools: #81 - Aaron Margosis
Windows Sysinternals Administrator's Reference
Troubleshooting with the Windows Sysinternals Tools, 2nd Edition
Aaron Margosis' Non-Admin, App-Compat and Sysinternals WebLog
Download
More episodes in this series
Defrag Tools #174 - Security Baseline, Policy Analyzer and LGPO
Related episodes
Defrag Tools #178 - Sysinternals ProcDump v9.0
Defrag Tools #164 - Sysinternals for Nano Server - Mark Russinovich
Defrag Tools #163 - Virtual Hard Disk (VHD) - Sysinternals Disk2VHD
Tech Pros Rejoice - Sysinternals Live Launches
Create your first WPF app on .NET Core [3 of 3]
![Create your first WPF app on .NET Core [3 of 3]](https://sec.ch9.ms/ch9/52e3/c2fa6c93-7183-48af-9554-73f67e2f52e3/DesktopCreateFirstWPFAppNETCore_512.jpg)
Create your first WinForms app on .NET Core [2 of 3]
![Create your first WinForms app on .NET Core [2 of 3]](https://sec.ch9.ms/ch9/47a8/e33774a7-e35a-44ee-bcdd-6d8e5ce247a8/DesktopCreateFirstWinFormsAppNETCore_512.jpg)
.NET Core and .NET Framework - what to choose? [1 of 3]
![.NET Core and .NET Framework - what to choose? [1 of 3]](https://sec.ch9.ms/ch9/609d/af95f889-2cf5-4420-9e00-0350591f609d/DesktopNETCoreNETFrameworkWhatToChoose_512.jpg)
Docker Desktop Integration with WSL
Supporting Windows Forms and WPF in .NET Core 3
Updating the WinForms Designer for .NET Core 3.0
The Discussion
-
claudiamcse Thank you for sharing! Great video. I look forward to reading the book!
-
Luke Hi,
Have you ever used windgb extention cmkd.dll from http://www.codemachine.com/cmkd.html to extract the first four arguments passed to calls on x64n stacks, like so?
0:000> !cmkd.stack -p
Call Stack : 7 frames
## Stack-Pointer Return-Address Call-Site
00 000000a408c7fb28 00007ffda95b1148 ntdll!NtWaitForSingleObject+a
Parameter[0] = 0000000000000034
Parameter[1] = 0000000000000000
Parameter[2] = 0000000000000000
Parameter[3] = (unknown)
01 000000a408c7fb30 00007ff7e44c13f1 KERNELBASE!WaitForSingleObjectEx+98
Parameter[0] = 0000000000000034
Parameter[1] = 00000000ffffffff
Parameter[2] = 0000000000000000
Parameter[3] = 00007ff7e44cba28
02 000000a408c7fbd0 00007ff7e44c3fed ConsoleApplication2!main+41
Parameter[0] = (unknown)
Parameter[1] = (unknown)
Parameter[2] = (unknown)
Parameter[3] = (unknown)
Is this extention safe?
Thx,
Luke -
ChadBeeder @Luke: I haven't used that debug extension, but I have met the Codemachine guys, and I have no reason to think it wouldn't work as advertised.
-
MariaHamilton I use it all the time @Luke. I am mainly analyzing crash dumps rather than debugging live x64 systems, though (it's unusual that a problem only turns up on x64 boxes, so if I have to debug something I tend to do it on an x86 one).