"Fortunate are those who take the first steps.” ― Paulo Coelho

Advanced Windbg-Part 1

Would like to share the key take away’s from my training provided by Microsoft. As you all know and read earlier here about Windbg. I’m going to talk about usage of Extension for more detailed debugging techniques.

What is sosex.dll and how to load as windbg extensions? 

It’s a quite useful exten to debug deadlock related issues deeply,  you can download here  and copy the downloaded file to your windbg exe folder and call .load sosex.dll from windbg command prompt. Here is some of the handy commands ready to use.
> load sosex.dll  (Load first this dll as extension)
>.chain ( to see whether added to the extension list)
>!dlk (to check the deadlock situation)
>~* e !clrstack to view the CLR stack of all the threads and where they are
>~<ThreadId> e !clrstack to view the CLR stack of that thread.
> !finq

here is the full command list for sosex & sos.dll 

Starting, Attaching, Executing and Exiting

Start -> All Programs -> Debugging Tools for Windows -> WinDbg
F6 attach to process
Ctrl-Break interrupt debugee
.detach detach from a process
g continue debugee execution
q exit WinDbg

Getting Help

? help on commands that affect the debugee
.help help on commands that affect the debugger
.hh command view the on line help file
!help help on the extension dll at the top of the chain (e. g., SOS)

Issuing Commands

up arrow, down arrow, enter scroll through command history
Right mouse button paste into command window

Examining the Unmanaged Environment

lmf list loaded modules with full path
lmt list loaded modules with last modified timestamp
~ list unmanaged threads
~thread s select a thread for thread specific commands
!token -n view thread permissions
k view the unmanaged call stack
!runaway view thread CPU consumption
bp set a breakpoint
.dump path dump small memory image
.dump /ma path dump complete memory image

Working with Extension DLLs (e. g., SOS)

.chain list extensions dlls
.load clr10\sos load SOS for debugging framework 1.0 / 1.1
.unload clr10\sos unload SOS
.loadby sos mscorwks load SOS for debugging framework 2.0

SOS Commands

!threads view managed threads
!clrstack view the managed call stack
!dumpstack view combined unmanaged & managed call stack
!clrstack -p view function call arguments
!clrstack –l view stack (local) variables
!name2ee module class view addresses associated with a class or method
!dumpmt –md address view the method table & methods for a class
!dumpmd address view detailed information about a method
!do address view information about an object
!dumpheap –stat view memory consumption by type
!dumpheap –min size view memory consumption by object when at least size
!dumpheap –type type view memory consumption for all objects of type type
!gcroot address view which object are holding a reference to address
!syncblk view information about managed locks

SOS 2.0 Commands

!bpmd module method set breakpoint
!DumpArray address view contents of an array
!PrintException view information about most recent exception

This slideshow requires JavaScript.


September 5, 2012 - Posted by | windbg

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: