[Debugging] How to find length of a CString string in application memory or in a dump

Recently a colleague of mine asked where’s the length of CString string stored in memory. Hmm so lets dig around. Please note I’ve declared the following CString object in my code… CString TestCString = _T(“Nibu is testing CString”); If you dump CString type in the debugger we see following… 0:000> dt TestCStringLocal var @ 0xb4fcd4 […]
Continue reading…

 

[Debugging] Application high memory usage on Windows 8.1

Recently had a customer who was complaining about high memory usage on Windows 8.1. The application consumed about 140 MB on a Windows 8.1 OS as compared to a meager 3 to 4 MB on a Windows 7 or 8 machine. Hmm interesting. Being experienced in troubleshooting for sometime now this smelled to me like […]
Continue reading…

 

[AgeStore] Clearing old debugging symbol files from downstream symbol store

About AgeStore It’s a good habit to clear out old symbol files. Debugging tools for windows comes with a built in tool which help us do this. The tool is named ‘AgeStore’. AgeStore executes in three modes… -date=mm-dd-yy    – deletes all files that were last accessed before the specified date. -days=xx                – deletes all files […]
Continue reading…

 

Stepping/tracing to next function or branching call

While stepping through disassembly code you might have wondered if there is a way to jump directly to the next branching statement or the next call or the next return statement instruction. The answer is: Yes there are some very useful ones, the following table of commands is taken from WinDbg documentation. p (Step) Debug […]
Continue reading…

 

Turning off filename and line number display in the debugger

Filename and line number information is stored inside private symbols (.pdb file). So if private symbols are available the debugger will try figuring out the line number information. Note: public symbols doesn’t have line number information. So the question I’ve heard people new to windbg ask is how to turn off line number display. What’s […]
Continue reading…

 

NonInvasive debugging

Non-Invasive debugging is a useful technique to debug hung processes. The debugger suspends all threads in the process and has access to all threads, memory and register’s of the process. To do non-invasive debugging via windbg/cdb check this link out: http://msdn.microsoft.com/en-in/library/windows/hardware/ff552274(v=vs.85).aspx To do this via WinDbg UI, press F6 or File->Attach to a Process… While […]
Continue reading…