EDN Admin
Well-known member
In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.
This installment goes over the commands used to diagnose Semaphores, Mutexes and (Waitable) Timers in a user mode application. For timers, we delve deep in to the kernel to gather more information about them. We use these commands:
Resources:
Synchronization Functions
Semaphore Objects
Mutex Objects
Waitable Timer Objects
Sysinternals LiveKD
Sysinternals WinObj
Windows 7 and Windows Server 2008 R2 Kernel Changes (Timer Coalescing)
Timeline:
[02:47] - Demo Apps [SkyDrive]
[03:08] - Semaphores
[09:32] - Mutexes
[15:32] - Waitable Timers
[15:58] - Clock Resolution
[17:05] - Timer Coalescing
[19:45] - Timer demo application
[25:05] - LiveKD makes a kernel dump
[26:37] - Object Manager - !object
[29:40] - DPC Timers - !timer
[35:22] - !timer <addr>
[35:52] - Waiting Threads - !thread <addr> 17
[37:08] - Wait Start TickCount
[38:55] - Kernel Wait Routines
[41:12] - Dump Type of Kernel Thread - dt nt!_KTHREAD <addr>
[42:00] - Running, Ready and Waiting states
[44:54] - Wakable Timers
[47:22] - powercfg.exe /waketimers
[49:18] - Century DPC Timer Routine
[50:43] - Post in the forums and email us at defragtools@microsoft.com!
View the full article
This installment goes over the commands used to diagnose Semaphores, Mutexes and (Waitable) Timers in a user mode application. For timers, we delve deep in to the kernel to gather more information about them. We use these commands:
- !handle
- !handle <handle> <mask>
- !object <name>
- !object <addr>
- !timer
- !timer <addr>
- ub @rip
- dt nt!_KTHREAD <addr>
Resources:
Synchronization Functions
Semaphore Objects
Mutex Objects
Waitable Timer Objects
Sysinternals LiveKD
Sysinternals WinObj
Windows 7 and Windows Server 2008 R2 Kernel Changes (Timer Coalescing)
Timeline:
[02:47] - Demo Apps [SkyDrive]
[03:08] - Semaphores
[09:32] - Mutexes
[15:32] - Waitable Timers
[15:58] - Clock Resolution
[17:05] - Timer Coalescing
[19:45] - Timer demo application
[25:05] - LiveKD makes a kernel dump
[26:37] - Object Manager - !object
[29:40] - DPC Timers - !timer
[35:22] - !timer <addr>
[35:52] - Waiting Threads - !thread <addr> 17
[37:08] - Wait Start TickCount
[38:55] - Kernel Wait Routines
[41:12] - Dump Type of Kernel Thread - dt nt!_KTHREAD <addr>
[42:00] - Running, Ready and Waiting states
[44:54] - Wakable Timers
[47:22] - powercfg.exe /waketimers
[49:18] - Century DPC Timer Routine
[50:43] - Post in the forums and email us at defragtools@microsoft.com!
View the full article