windbg | 易学教程

How to find all instances of types that implement a given interface during debugging

阅读更多关于 How to find all instances of types that implement a given interface during debugging

问题 I am looking for a way to locate all current instances on the heap of types that implement a given interface (during WinDbg debugging that is). As interfaces are not types in the sense that you can create instances of an interface, they obviously do not show up when inspecting the heap. I.e. !dumpheap is of little help here. However, !dumpmt -md on a given MT lists the number of IFaces in IFaceMap . As far as I can tell this number seems to indicate if the type implements one or more

.loadby sos clr - specified module could not be found

阅读更多关于 .loadby sos clr - specified module could not be found

问题 I am trying to get to the bottom of what the CLR exception that is in my dump file but I am having an issue trying to execute: 0:000> .loadby sos clr The call to LoadLibrary(C:\ProgramData\dbg\sym\clr.dll\5348A1EF9a0000\sos) failed, Win32 error 0n126 "The specified module could not be found." I tried to look at what is loaded and I see: 0:000> lm start end module name 00000000`00190000 00000000`001a4000 MyTest (deferred) 00000000`77a00000 00000000`77afa000 user32 (deferred) 00000000`77b00000

Cannot use WinDbg and SOS in Visual Studio Immediate window

阅读更多关于 Cannot use WinDbg and SOS in Visual Studio Immediate window

I'm following this tutorial: link . At step 8, when I say .load sos in the Immediate Window, it just pukes expected expression . System: Win 7 x64, Visual Studio 2012 Premium. I have an installed Debugging Tools for Windows (x64) 11/14/2012, Now I installed X64 Debuggers And Tools. I have Windows SDK for Windows 7 (7.1). WinDbg.exe is in c:\Program Files\Debugging Tools for Windows (x64)\ and I can start it from start menu. However I cannot find sos.dll, which supposed to come with the Debugging Tools for Windows (x64). How can I make this happen? Bonus question : {,,kernel32}_LoadLibraryExW

WinDbg Address Summary

阅读更多关于 WinDbg Address Summary

问题 Our wcf service hosted in IIS crashes (w3wp.exe ~ 1.6 GB) as the user load increases. We have got a dump through Debug Diag and ran this command in windbg. This is the output: 0:000> !address -summary Failed to map Heaps (error 80004005) --- Usage Summary ---------------- RgnCount ----------- Total Size -------- %ofBusy %ofTotal <unclassified> 6007 57a86000 ( 1.370 Gb) 85.37% 68.48% Free 268 19519000 ( 405.098 Mb) 19.78% Image 874 80da000 ( 128.852 Mb) 7.84% 6.29% Stack 8022 64ce000 ( 100.805

WinDbg and SoS, how do I print/dump a large string?

阅读更多关于 WinDbg and SoS, how do I print/dump a large string?

问题 I am debugging a hangdump coming from a production server using WinDbg with the SoS extension. There is a string parameter in one of the stacks, that I need to know the value of. However, it is a rather large string, and WinDbg won't print it when I am using DumpObj . This is the output from DumpObj : 0:036> !do 00000001b30d8668 Name: System.String MethodTable: 0000064278436728 EEClass: 000006427803e520 Size: 5125300(0x4e34b4) bytes (C:\WINDOWS\assembly\GAC_64\mscorlib\2.0.0.0_

Avoiding OutOfMemoryException during large, fast and frequent memory allocations in C#

阅读更多关于 Avoiding OutOfMemoryException during large, fast and frequent memory allocations in C#

问题 Our application continuously allocates arrays for large quantities of data (say tens to hundreds of megabytes) which live for a shortish amount of time before being discarded. Done naively this can cause large object heap fragmentation, eventually causing the application to crash with an OutOfMemoryException despite the size of the currently live objects not being excessive. One way we have successfully managed this in the past is to chunk up the arrays to ensure they don't end up on the LOH,

What do the different columns in the “!heap -flt -s xxxx” windbg command represent

阅读更多关于 What do the different columns in the “!heap -flt -s xxxx” windbg command represent

问题 I've been doing some work on high memory issues, and I've been doing a lot of heap analysis in windbg, and I was curious what the different columns really mean in "!heap -flt -s xxxx" command. I read What do the 'size' numbers mean in the windbg !heap output?, and I looked in my "Windows Internals" book, but I still had a bunch of questions. So the columns and my questions are below. **HEAP_ENTRY** - What does this pointer really point to? How is it different than UserPtr? **Size** - What

How can I extract DLL file from memory dump?

阅读更多关于 How can I extract DLL file from memory dump?

I have a memory dump (unmanaged process) . How can I extract (using windbg) one of the dlls loaded into the process ? I mean actually saving the dll file into the disk You can use the sos.dll inside windbg directory. First, load the sos.dll in windbg: .load clr10\sos.dll Then use !sam OR !SaveAllModule to extract the modules on specific disk location: !sam c:\notepad deemok To extract a DLL without using SOS, use the .writemem extension as follows: discover the module start and end addresses using lmvm dllname example output for ieframe: start end module name 61370000 61fb8000 ieframe

Got the error “Symbol clr!XXX not found” when debugging the CLR object\\class

阅读更多关于 Got the error “Symbol clr!XXX not found” when debugging the CLR object\\class

I tried to print the CLR object/class by WinDbg, however it failed. Firstly, I tried to run x clr!Thread* to get some CLR class name, the output like below. 00007ffd`68957f18 clr!ThreadStore::s_pOSContext = <no type information> 00007ffd`685b0bf0 clr!ThreadNative::SetApartmentState (<no parameter info>) 00007ffd`685b12c0 clr!ThreadNative::YieldThread (<no parameter info>) 00007ffd`6806be60 clr!Thread::ResetManagedThreadObjectInCoopMode (<no parameter info>) 00007ffd`6895e928 clr!ThreadpoolMgr::LastCPThreadCreation = <no type information> 00007ffd`68627800 clr!ThreadPoolNative:

What's the meaning of “Internal” in “!heap -h” output in windbg?

阅读更多关于 What's the meaning of “Internal” in “!heap -h” output in windbg?

I am following this stackoverflow post What do the different columns in the "!heap -flt -s xxxx" windbg command represent I am trying to understand the information printed out for one of the heaps that using up a lot of memory. I can understand most of the columns but on my windbg, I see an additional column. Most of my entries are marked as Internal . I wonder what that means. I have done !gflags +ust . So, I can see the call stack for making the memory allocation. I can do it on most of the entries except the ones marked as Internal . What does Internal mean? Is it something related to the