Debug Diagnostic Tool v1.1

The Debug Diagnostic Tool (DebugDiag) is designed to assist in troubleshooting issues such as hangs, slow performance, memory leaks or fragmentation, and crashes in any user-mode process. Please note that the latest available version of DebugDiag is 1.2 and is available from
  • Note:There are multiple files available for this download.Once you click on the "Download" button, you will be prompted to select the files you need.


    File Name:



    Date Published:


    File Size:

    4.9 MB

    10.6 MB


      The Debug Diagnostic Tool (DebugDiag) is designed to assist in troubleshooting issues such as hangs, slow performance, memory leaks or fragmentation, and crashes in any user-mode process. The tool includes additional debugging scripts focused on Internet Information Services (IIS) applications, web data access components, COM+ and related Microsoft technologies.

      DebugDiag 1.0 was released as part of the IIS Diagnostic toolkit and as a standalone tool. DebugDiag 1.1 is currently available as a standalone tool.


      DebugDiag provides an extensible object model in the form of COM objects and provides a script host with a built-in reporting framework.

      It is composed of the following 3 components; a debugging service, a debugger host, and the user interface.

      The Debugging Service
      The debugger service (DbgSvc.exe) performs the following tasks:

       Attach/Detach the host to processes
       Collect performance monitor data
       Implement HTTP ping to detect hangs
       Inject leak monitor in running processes
       Collect debugging session state information
       Shows the state of each rule defined

      The Debugger Host

      The Debugger Host (DbgHost.exe) hosts the Windows Symbolic Debugger Engine (dbgeng.dll) to attach to processes and generate memory dumps. It also hosts the main analyzer module to analyze memory dumps. Dbghost.exe has no dependency on the service “DbgSvc.exe” and can be used separately.

      The User Interface

      The user interfaces (DebugDiag.exe and DebugDiagAnalysisOnly.exe) present an interface to analyze memory dumps, automate the creation of control scripts and show the status of running processes, including services.
      It is composed of 3 views:

       Rules: Creates control script for the debugger host through a wizard. The script is located under \scripts
       Advanced Analysis: Runs a selected “Analysis Script” against one or more memory dumps.
       Processes: Shows status of running processes/services

      Note: DebugDiagAnalysisOnly.exe does not require elevation on operating systems beginning with Vista, so it only contains the Advanced Analysis view.
  • Supported Operating System

    Windows Server 2003 R2 (32-Bit x86), Windows Server 2003 R2 Datacenter Edition (32-Bit x86), Windows Server 2003 R2 Datacenter x64 Edition, Windows Server 2003 R2 Enterprise Edition (32-Bit x86), Windows Server 2003 R2 Enterprise x64 Edition, Windows Server 2003 R2 Standard Edition (32-bit x86), Windows Server 2003 R2 Standard x64 Edition , Windows Server 2003 R2 x64 editions, Windows Server 2003 x64 editions, Windows Server 2003, Datacenter Edition (32-bit x86), Windows Server 2003, Enterprise Edition (32-bit x86), Windows Server 2003, Enterprise x64 Edition, Windows Server 2003, Standard Edition (32-bit x86), Windows Server 2003, Standard x64 Edition, Windows Server 2003, Web Edition, Windows Vista Ultimate, Windows XP, Windows XP Professional Edition, Windows XP Service Pack 2

      Internet Explorer
    • Usage:

      Generating Memory Dumps

      When using DebugDiag, you need to first identify what kind of issue you are troubleshooting (e.g. a crash, hang, slow performance, or memory and handle usage). This step will aid in configuring the tool appropriately to get the right data, and therefore identifying the root cause of the problem and resolving it.

      Process Crashes

      A process crash is usually indicative of an unhandled exception occurring in a process or code running in a process that actively terminates the process. To debug a process crash, start by creating a crash rule against the process(s) in question. Similar to previous debuggers, DebugDiag will attach to a specific process (s) and will monitor the process for multiple types of exceptions or any custom breakpoints that cause the process(s) to terminate unexpectedly. When the crash occurs, a full memory dump file will be created, in the directory specified when setting up the crash rule.

      Process Hangs or Slow Performance

      To debug a process hang, use one of the following:
      1- Create a hang rule. (this feature is available only for IIS processes) . The hang monitoring feature for IIS processes is designed to troubleshoot performance issues when users browse to pages in a web application and the pages take a long time to respond, or do not respond at all. During the hang rule creation wizard, specify the target processes to dump and a URL to be monitored along with a “Ping” interval and a response “timeout” The tools will send a request to the server at the configured intervals, and if the server does not respond before the configured timeout, a memory dump will be generated for the processes specified process(es).
      2- Create a manual memory dump during the slow or hang state by right-clicking the process name in the processes view and choosing the “Create Full Userdump” option.

      Memory or Handle Usage

      To debug memory and handle usage, use one of the following:
      1. Create a leak rule against the process in question. The leak monitoring feature will track memory allocations inside the process. Tracking is implemented by injecting a DLL (leaktrack.dll) into the specified process and monitoring memory allocations over time. When configuring a memory and handle leak rule, you can specify memory dump generation based on time or memory usage.
      2. Using the “processes” view, right-click the process in question and select the “monitor for leaks” option. When the process has grown to the suspected problem size, manually dump the process by right-clicking on the same process in the processes view and choosing the “Create Full Userdump” option.

      Analyzing Memory Dumps:

      One of the most powerful features of the DebugDiag is the ability to analyze memory dumps and generate a report file showing the analysis, along with recommendations to resolve identified problems.

      DebugDiag uses “Analysis Scripts” to analyze the process dump. 2 main analysis scripts are shipped with the tool:

      Crash/Hang Analyzers

      The crash/hang analysis script analyzes exception information in the dump for crashes if detected and analyzes known hang causes such as critical section related activity. This script includes IIS, MDAC, COM+ and Windows Socket information relevant to the process.

      Memory Pressure Analyzers

      The memory pressure analysis script analyzes the memory usage of the process and presents data gathered from the leak monitoring tool, when injected.
    • New Features in 1.1:

      IE7 and Vista compatibility
      Memory and handle leak tracking improvements
      Analysis improvements
      Managed call stacks resolution
      .NET exceptions support
      Debugger events support
      Data access components and socket support
      Custom actions in Crash Rules
      Sample scripts included

      Notes about the x64 release:

      - Installing both x68 an x64 releases on the same x64 OS is not supported.
      - To debug x86 processes running on x64 OS, use the x86 release

      Please direct any questions, comments or feedback to
Site feedback

What category would you like to give web site feedback on?

Rate your level of satisfaction with this web page today: