Kernel debugging with a Hyper-V virtual machine

Tuesday, June 25, 2013

One of the best ways of investigating the way Windows works is through a kernel debugger. Windows supports a local kernel debugging mode that can be activated in one of two ways:Setup windows to run in local debugging mode by running bcdedit /debug on from an elevated command prompt and then restart. Finally, run WinDbg and select File / Kernel Debug… from the menu and then select the Local tab and click OK:The main downside here is the need for restart, and more subtly – some apps behave strangely when the debug flag is on.2. Use the LiveKD tool...
no comments

Visual Studio Tip: Show Threads in Source

Tuesday, May 29, 2012

Debugging multithreaded applications is always hard, so any help we can get from the debugger is appreciated. Here’s one tip that can help using Visual Studio 2010 when many threads are running at the same time, some of which run similar code.It’s tedious to lookup each thread’s call stack to see where its next instruction pointer is located. Here’s the Threads window in action: To find the actual source line each thread is at the breakpoint moment, we’ll need to switch to that thread by double clicking it in the Threads window and then we’ll see something like...

Reminder: WPDUG September Meeting

Sunday, September 4, 2011

This Wednesday (the 7th) will hold a Windows Platform Developer User Group meeting in Microsoft’s offices in Ra’anana (Israel). Our first session will be about adding realtime and deterministic capabilities to Windows and its impact on the system and the ways to program such a system (all based on addons by a company called TenAsys). The second session will demonstrate useful (and undocumented) debugging tips and tricks in Visual Studio (primarily for native developers). Should be interesting for all you Visual C++ developers, and others interested in low level coding. Use this link to...

Tip: Using a Console in a GUI Application

Wednesday, May 11, 2011

When working with a WinForms or a WPF application in .NET, a console application is not created by default, so statements involving the Console class normally go to the trash. The console window may be a useful debugging aid, printing anything that may be important during runtime. Fortunately, there is a way to get it back. Actually, there are two ways. The first, the “hard way” is to create the console explicitly using the native AllocConsole function: private static extern void AllocConsole(); All that’s left is to call this function in Main, or the Application class’ constructor. The other way (the easy way)...

PSSCOR4 Debugger Extension Released

Friday, April 29, 2011

A while back, Microsoft released the PSSCOR2 debugger extension for WinDbg, supporting more command than the classic SOS.DLL. This was for CLR v2 (.NET 2-3.5). Now a similar extension has been released for CLR 4 (.NET 4). You can download it here. There are versions for x86 and x64. The easiest way to use them is copy the relevant DLL to the .NET framework directory for the corresponding “bitness” (where SOS lives, something like C:\Windows\Microsoft.NET\Framework\v4.0.30319 (32bit) or C:\Windows\Microsoft.NET\Framework64\v4.0.30319 (64bit)) and then use .loadby psscor4 clr to load the extension. Then type !help to look at all the...

How to Annoy Your Boss (or get yourself fired)

Saturday, September 4, 2010

If you want to make your boss a bit crazy, here’s what you can do: First, get him away from his computer. You can explain you need to run some connectivity test or configure some important service for the sake of the project. Once he’s out of the way, you can proceed: 1. Install the Debugging Tools For Windows package (if you don’t have it already). You can get the latest version from the Windows SDK installation, but any previous version will do. We’ll need the Global Flags utility from that package. 2. Run gflags.exe (Start->Programs->Debugging...

Strange Bundle: WDK & Debugging Tools

Wednesday, March 3, 2010

Microsoft has released an update Windows Driver Kit (WDK) a few days ago, but with a new twist: The Debugging Tools for Windows are now bundled with the WDK and are no longer available as a free (and easy) download. The WDK is only available to MSDN subscribers and via the Microsoft Connect web site. This doesn’t make sense to me. Although WinDbg and friends are essential in the device driver world, they are just as important in the user mode world. I hope Microsoft reverts this decision and will once again allow free and easy download...

Local Kernel Debugging and LiveKd Update

Tuesday, October 27, 2009

Local kernel debugging is the ability to view kernel data structures in a live system (i.e. not connecting to a target system through a null cable modem or USB or other alternatives), and is supported since Windows XP. This is a great way to explore windows on its darker side (the kernel and related subsystems) with all its mysteries and secrets. With Windows XP, starting local kernel debugging is pretty easy. Just fire up WinDbg (or kd for that matter), select from the menu File->Kernel Debug, navigate to the “Local” tab, click OK and start exploring. In...

How to Kill Visual Studio 2008 Elegantly

Monday, October 12, 2009

Here’s an elegant (in my opinion) way to kill Visual Studio 2008 immediately without leaving any trace. Here’s what you need to do: 1. Open up VS 2008 and create a new project of type C# WPF Application. 2. Open Window1.xaml and make sure you get a split view of XAML and preview. 3. The top level layout panel is a Grid (by default). Add two rows, and in one place a button. Also name the window (e.g. “win”). The markup should be something like this: <Window x:Class="WpfApplication3.Window1"     xmlns=""     xmlns:x=""...
one comment