Published on January 9, 2017 by Microsoft

In this episode of Defrag Tools, Andrew Richards and Chad Beeder talk about Application Hangs. We collect a dump of a process and debug it with the Debugging Tools for Windows.

Resources:
Defrag Tools: #24 – WinDbg – Critical Sections
Defrag Tools: #25 – WinDbg – Events
Defrag Tools: #26 – WinDbg – Semaphores, Mutexes and Timers

Timeline:
[00:00] Happy New Year!
[01:20] Tools for Application Hang analysis
[02:36] Analyze Wait Chain in Task Manager
[04:36] Sysinternals ProcDump
[07:00] Thread List: ~
[07:34] Call Stack of each thread: ~*k
[08:28] Unique Call Stacks (filtering): !uniqstack
[11:26] Call Stacks (with N+ frames): !pde.deep [N]
[12:40] Call Stacks (with N+ frames) not on a wait: !pde.busy [N]
[15:20] Demo Apps and PDE are on the Defrag Tools OneDrive
[17:45] View Critical Section Locking: !locks
[21:48] Conclusion

Email us your questions and comments to defragtools@microsoft.com

Leave a Reply

7 Comments on "Defrag Tools #172 – Application Hangs"

Notify of
avatar

MagicAndre1981
Guest
MagicAndre1981
11 days 9 hours ago

@ChadBeeder: for Build 15031 I also see no symbols on symbol server. For 15025 there is a MSI for symbols to download from here: www.microsoft.com/en-us/software-download/windowsinsiderpreviewadvanced

ChadBeeder
Guest
ChadBeeder
17 days 23 hours ago

@s3curityConsult: Thanks. 🙂 I was under the impression the officially released Windows Insider builds were supposed to have symbols indexed on the symbol server. If you do ".symfix" and then ".reload" does it find them?

s3curityConsult
Guest
s3curityConsult
28 days 8 hours ago

Chad’s outfit matches the background, Great style in this episode Chad, when debugging crashes in the latest Windows 10 insider preview builds, symbols always are not found, the !analyze -v says WRONGSYMBOLS always, i downloaded the latest WDK and Adk but they are build 14986 and i’m now on build 15014 so the symbols dont match up? is there anything we can do to get up to date symbols?

windev
Guest
windev
1 month 10 days ago

The new JavaScript model balances both worlds nicely I think. It doesn’t remove the old dscript approach (of which I’m a huge fan), it augments it.As Bill has shown, the LINQ queries, etc. that is supports makes some tasks very easy to achieve.If you haven’t tried it already, download the MEX debugger extension. It was partly the inspiration for the JavaScript support — as it is very good at filtering/chaining commands. 

tgrt
Guest
tgrt
1 month 13 days ago

@siodmy:I disagree. I like windbg just the way it is. There are other debugging tools out there, and maybe there’s an audience for what you’re describing. However, it shouldn’t come at the expense of redefining windbg. 

windev
Guest
windev
1 month 13 days ago

@siodmy:The new JavaScript support does exactly that. Stay tuned for more info.

siodmy
Guest
siodmy
1 month 14 days ago

WinDbg should evolve and be based around objects, like powershell. Filtering would be much easier, but also you could use the data to create custom visualizations and debugger-based monitoring (like deciding whether to dump the process based on the file path passed to CreateFile and whether MyModule!* is on the stack).

wpDiscuz