Download this episode
In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.
This installment goes over the commands used to diagnose an Event hang in a user mode application. We talk about single and multiple event hangs, automatic and manual events, waitable object handles and common design patterns that you will encounter. We use these commands:
- dp <addr>
- !handle <handle> <mask>
- !findstack <text>
Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.
[00:00] - Event objects
[03:56] - Waitable objects and Design Patterns
[08:00] - Handles
[10:52] - x64/x86/ARM calling conventions and 32/64bit addressing
[14:10] - WaitForSingleObject with a single Auto-Reset Event
[14:55] - !handle
[16:02] - .dumpdebug -- MiniDumpWithHandleData
[16:36] - !handle <handle> <mask>
[19:48] - Sysinternals WinObj
[24:14] - WaitForMultipleObjects with multiple Thread Handles
[30:00] - Work and Quit Event Design Pattern
[33:45] - WaitForMultipleObjects with multiple Event Handles
[38:52] - Windows Explorer example
[44:50] - Process Explorer also shows Handles (Ctrl-H)
Available formats for this video:
Actual format may change based on video formats available and browser capability.