Jaa


Debugging Tips: Use windbg as a calculator, a chat client and more…

Yes, you read it right… it’s not only a debugger, for only $19.95 extra, we’ll throw in a free calculator and chat client:) and you can even run applications from windbg’s command prompt.

Calculator

Jokes aside, not even I would open up windbg only for the purposes of doing calculations, but when you are debugging and need to do some simple conversions from hex to decimal, and some integer calculations you don’t have to switch to calc.exe, you can just use windbg’s expression evaluator.

Let’s say you’re given a size in hex like so 2e903000 (from !address for example), you can convert and do calculations like this

 0:000> ?2e903000
Evaluate expression: 781201408 = 2e903000 

So 0x2e903000 bytes is 781201408 bytes

To get the number of MB’s you just run

 0:000> ?2e903000/0n1024/0n1024 
Evaluate expression: 745 = 000002e9 

I.e. divide by 0n1024 twice (decimal numbers are prefixed with 0n) and find out that it’s 745 MB.

Chat client

Ok, it’s not really a chat client, but, when you are in a remote session, i.e. when someone has remoted out a debug session with .server and you want to point something out to them you can start a comment with * and it wont get parsed by the debugger, but the other parties connected to the remote will see it.

 0:000> *** Hey, check this weird thing out... 

Spawn other applications

If you need to do some processing on the output of a command, and don’t want to go through the process of copying the results out to notepad, running the external app etc. the .shell command is a must try. It’s especially helpful if you need to do some processing in the debugger with the returned results.

On my blog TODO list I have a post about how to use this in more specific cases but for now I stole this particular example from my colleague Doug.

 0:000> .shell -i - -ci "~* kb 2000" FIND /c "mscorwks!ThreadpoolMgr::WorkerThreadStart" 
7 
.shell: Process exited 

The example runs ~* kb 2000, sends the output to the DOS command FIND, and returns the number of occurrences of the string, so it tells us how many threads are executing the function WorkerThreadStart.

You can pass commands to your own applications as well using standard in and standard out to read the command results and print the results back to the debugger.

Save debugging sessions

.logopen opens a log file where all your commands, and their output are stored, until you call .logclose. With the /t switch it appends current date and time along with the PID for the process you are debugging.

 0:000> .logopen /t g:\debugginglog.txt 
Opened log file 'g:\debugginglog_1498_2006-01-18_17-12-13-766.txt' 

Very useful if you’re like me and get sidetracked a lot.

I’m still waiting for the .bring_me_a_cup_of_coffee_and_a_huge_pizza command:), but I heard it’s in progress for the next version, until then, enjoy these.

Comments

  • Anonymous
    January 30, 2006
    The comment has been removed
  • Anonymous
    March 25, 2006
    The only issue is for you to use the calculator or the shell command, you have to be attached to a debuggee first which is counter-productive if you only wish to perform a simple calculation or hex conversion.
    By the way, why doesn't Windbg support binary arithmetic and conversions, ie. converting numbers from and to binary representation. GNU Debugger (GDB) supports binary calculations and also you can use it as a calculator without loading a debuggee first, which are both handy features. You don't know how many times I simply wanted to do a simple binary calculation.
  • Anonymous
    March 28, 2006
    Not sure what you mean by binary arithmetic and conversions... You can do something like this:

    0:000> ? 0y100+0y10
    Evaluate expression: 6 = 0000000000000006<br><br>0:000&gt; .formats 0y111<br>Evaluate expression:<br> &nbsp;Hex: &nbsp; &nbsp; 0000000000000007
     Decimal: 7
  • Anonymous
    October 15, 2008
    Interesting post, haven't used it yet but after reading this will give it a try. Thanks.