windbg

问题 .logopen is not the answer, because it lets the command output to the windbg console. For example, !sosex.dumpgen 2 produces a helluva lot of output, which I do not want to see in the debugger console. Right now I am using the following: .shell -i- -ci "!dumpgen 2" cmd /c more > D:\tmp\dumpgen2.log My problem is that the more command is interactive and requires user input after outputting certain amount of data. This is a huge problem for me. One solution could be running the debugger itself

问题 I just want to find out which location does the WER write its dump file? Also is this location specific to OS? 回答1: The documentation for WER says you can set registry setting to control the dump location and the type of dump HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps\DumpFolder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps\DumpType Default value for DumpFolder is %LOCALAPPDATA%\CrashDumps. 来源： https://stackoverflow.com

问题 Is there any difference between . and ! ? 回答1: There are different kinds of commands in WinDbg. Regular commands, e.g. kb apply to the debugging session. E.g. show stack dump etc. Meta commands are prefixed with a dot, e.g. .load . Meta commands apply to the debugger itself. E.g. load extensions, show help and so forth. Extension commands are prefixed with an exclamation mark, e.g. !analyze and !dumpheap are defined in debugger extensions (DLLs that provide additional functionality). 回答2:

问题 While my .Net 3.5 app was running, the Windows Task Manager shown that my app had 16 threads. I collected a memory dump for the process and opened it using WinDbg/SOS. Running the !threads command reveals that I have : ThreadCount: 456 UnstartedThread: 0 BackgroundThread: 6 PendingThread: 0 DeadThread: 449 Hosted Runtime: no Here are the first few lines of the !threads output: ID OSID ThreadOBJ State GC Context Domain Count APT Exception 0 1 2848 004366a8 6020 Enabled 11738178:11738778

问题 I have a simple test program causing an infinite wait on lock. public class SyncBlock { } class Program { public static SyncBlock sync = new SyncBlock(); private static void ThreadProc() { try { Monitor.Enter(sync); } catch (Exception) { //Monitor.Exit(sync); Console.WriteLine("3rd party code threw an exception"); } } static void Main(string[] args) { Thread newThread = new Thread(ThreadProc); newThread.Start(); Console.WriteLine("Acquiring lock"); Monitor.Enter(sync); Console.WriteLine(

问题 Is there a Windbg/NTSD command to tell me if a process I have attached to in a live debugging session is a 32-bit one or a 64-bit one? Could you please tell me for both: An unmanaged process? and A managed one? For a managed one, I can find that out programmatically in C# but still I'd like to know if there's a Windbg command for this. UPDATE The target process I am debugging is Microsoft Word (winword.exe). The Office version is 2016 but I am not sure if it is a 32-bit or a 64-bit binary.

问题 How do I dump a struct using windbg, is there a dumpstruct command similar to dumpobject? Or can dumpobject dump structs aswell? 回答1: Yes, you could use the !dumpvc command. Since structs don't have an object header, the debugger doesn't know its type, so you will have to pass it the struct's MethodTable address. >!DumpVC <METHOD_TABLE_ADDRESS> <OBJECT_ADDRESS> 来源： https://stackoverflow.com/questions/3717292/windbg-with-sos-how-to-dump-a-c-sharp-struct

问题 I've spent several days trying to speed up loading of symbols when debugging crash dumps using WinDbg, and I'm unable to get past a particular problem. The issue is that when symbols for a module in the dump doesn't exist in any accessible symbol store or symbol server location (e.g. it's a third-party modules without available symbols), WinDbg will spend literally hours looking for them. I've set up my symbol path correctly to properly set the search order and the cache directories: .sympath

问题 If I take dump, using Windbg, of Java process running on Windows Can I analyze (easly?) the Java heap, objects, and threads? Just like I could do with SOS for .Net process? Otherwise - how can I offline debug a problem happening on production systems? Thanks! 回答1: Windows minidumps (.dmp) can be used with these utilities: jvisualvm utility from JDK can get you both thread dump and heap dump Open jvisualvm In the Applications pane, find VM Coredumps Right-click it Select Add VM Coredump...

问题 We're having an exception with our application. Using Dr.Watson we didn't capture any dmp as well log files. I'm told, WinDbg is an alternative to create dump files upon exceptionn/crash of a program. After a googling, I come across a piles of confusion. First of all, I'd like to confirm, whether it is possible, to creat dump files with help of WinDbg. Second, is there any recommended simple command lines to attach WinDbg to an application to get the dump files upon its crash? Thanks alot!