Windbg – command types

Windbg has the following command types

  • Native commands: it starts without any prefix
    • vertaget, k, ~, s, lm, lmv m *clr*
  • Meta commands(.): it starts with ‘.’
    • .load, .chain, .prefer_dml 1(available .NET4)
    • .exr -1 => dd poi(addr) => !pe
    • Print all exceptions: .foreach (ex {!dumpheap -type Exception -short}){.echo “********************************”;!pe ${ex} }
  • Extension commands(!): it starts with ‘!’
    • !help, !peb
    • List exceptions in dump file: !dumpheap -type Exception

Loading the right version of sos.dll

The following command will ensure that the debugger to load the extension “sos.dll” from the same place that clr.dll was loaded. That ensures that you get the right version of SOS (it should be the one that matches the clr you are using)
Notes: SOS stands for Son of Strike from (Drill Into .NET Framework Internals to See How the CLR Creates Runtime Objects:

  • .NET4
  • .loadby sos.dll clr
  • .NET2
  • .loadby sos.dll mscoworks

Channel9 MSDN show

More examples

    !analyze -v
    !process 0 17
    .reload /f
    .reload /user
    !address -summary
    !sos.dumpstackobjects / !sos.dso
    !sos.dumpobj / !
    !sos.printexception / !
    lm / lmm / lmvm
    .prefer_dml 1
This entry was posted in Programming. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s