Windbg – command types

Windbg has the following command types

  • Native commands: it starts without any prefix
    • vertaget, k, ~, s, lm, lmv m *clr*
  • Meta commands(.): it starts with ‘.’
    • .load, .chain, .prefer_dml 1(available .NET4)
    • .exr -1 => dd poi(addr) => !pe
    • Print all exceptions: .foreach (ex {!dumpheap -type Exception -short}){.echo “********************************”;!pe ${ex} }
  • Extension commands(!): it starts with ‘!’
    • !help, !peb
    • List exceptions in dump file: !dumpheap -type Exception

Loading the right version of sos.dll

The following command will ensure that the debugger to load the extension “sos.dll” from the same place that clr.dll was loaded. That ensures that you get the right version of SOS (it should be the one that matches the clr you are using)
Notes: SOS stands for Son of Strike from (Drill Into .NET Framework Internals to See How the CLR Creates Runtime Objects: http://msdn.microsoft.com/en-us/magazine/cc163791.aspx#S5)

  • .NET4
  • .loadby sos.dll clr
    
  • .NET2
  • .loadby sos.dll mscoworks
    

Channel9 MSDN show

http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-14-WinDbg-SOS

More examples

    version
    vertarget
    |
    ||
    .sympath
    .srcpath
    .exepath
    .extpath
    .chain
    !analyze -v
    .bugcheck
    !error
    ~
    ~NNs
    ~~[TID]s
    ~*k
    ~*r
    !process 0 17
    !threads
    !findstack
    !uniqstack
    !peb
    !teb
    k=
    dps
    dpu
    dpa
    dpp
    .reload /f
    .reload /user
    !gle
    !tls
    !address -summary
    !address
    !vprot
    !mapped_file
    ~*kv
    ~
    ~~[TID]s
    !cs
    !locks
    dv
    dt
    !sos.dumpstack
    !sos.dumpstackobjects / !sos.dso
    !sos.dumpobj / !sos.do
    !sos.printexception / !sos.pe
    .frame
    .f+
    .f-
    .load
    .unload
    .loadby
    .chain
    lm / lmm / lmvm
    .extmatch
    .prefer_dml 1
    .lines
    .ecxr
    .cls
Advertisements
This entry was posted in Programming. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s