Defrag Tools — Season 1, Episode 26: WinDbg - Semaphores, Mutexes and Timers
45 min • 1 season, 125 episodes
Episode synopsis
In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This installment goes over the commands used to diagnose Semaphores, Mutexes and (Waitable) Timers in a user mode application. For timers, we delve deep in to the kernel to gather more information about them. We use these commands: !handle !handle <handle> <mask> !object <name> !object <addr> !timer !timer <addr> ub @rip dt nt!_KTHREAD <addr> Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.
About Defrag Tools
Andrew Richards, Chad Beeder and Larry Larsen host this deep dive into the tools used on the tech support show Defrag. Each Defrag Tools show focuses on a specific tool, going deep into a tool's features, explaining when and why you should use the tool, and provides experience based tips to get the most out of the tool.