WinDbg debugging. NET

WinDbg getting started with debugging. NET Programs

As the saying goes: everything starts hard!

Since came to the new company encountered performance problems, need to find a way to solve this problem, but there is no appropriate performance analysis tools, and then found Stevenchennet God help, he used the WinDbg tool to help me analyze a dump file, but only see the keyboard "Pa pa", got the results, It is not clear how WinDbg magic is used in particular. As a result, the next day, performance problems come again, can not always bother the big God, so I have to start learning WinDbg, here to record an introductory process.

1, first, download and install the WinDbg program

Open from the following address:
https://msdn.microsoft.com/en-us/windows/hardware/hh852365
and see
Standalone Debugging Tools for Windows (WINDBG)
Download.
After installation, in the start-"Windows Kits folder there are WINDBG (x86), WINDBG (x64) Two programs shortcuts, if you want to debug
64-bit program, just use WinDbg (x64).

2. Create a memory dump file

You can get the dump file of the current process in Task Manager, process-Create dump file, I use the following program to generate the dump file:
Procdump
: https://technet.microsoft.com/en-us/sysinternals/dd996900.aspx
For the use of the Prodump program, you can refer to the following 2 blog posts:
High CPU Dump Collection tool-procdump how to use

Introduce a handy tool to grab the dump-procdump

On the command line, run this program:

Procdump-ma MydotNetApp.exe D:\myapp.dmp

After running, will get a myapp.dmp file, if this file is generated natively, then VS2013 can open this file directly and can parse the managed memory, but often the memory dump file is generated on the server, and the server is probably not the same as the development environment, so it is necessary to describe the WinDbg to Debug.

3. Configuring the Debug environment

First, open our dump file, which can be opened using the menu command:
File->open Crash Dump ...
When opened, it shows the environment in which the program was running, at which point the symbol file was not found:

Error:symbol file could not being found.  

If not configured, the use of the command will prompt the error, such as:

0:000>. Loadby SOS clrjit0:000>!tp*** error:symbol file could not being found.  defaulted to export symbols for Clr.dll-************* Symbol Loading Error Summary **************module name            ERRORCL R                    PDB not found:e:\appserver\symbols\dll\clr.pdb

E:\appserver is the directory where my DMP file is located, and it defaults to the symbols subdirectory to find the symbol file.

Then, configure the debugging environment under which this file is used.
In the menu command file->symbol path ... Open the dialog box, select Browse, find the directory of the DMP file directory related program Files E:\AppServer, the directory below the program-related exe,pdb file.

Enter the following command:

0:000>. sympath+ C:\symbolsSymbol Search Path is:e:\appserver;c:\symbolsexpanded Symbol search path is:e:\appserver; C:\symbolserror:attempts to access ' C:\Symbols ' failed:0x2-the system cannot find the file specified. Symbol Path Validation Summary **************response time                         (ms)     Locationok                                             

There is no control here, this folder can be generated later.

0:000> .symfix0:000>. symfix+ c:\symbols0:000>. Sympathsymbol Search Path is:srv*expanded Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols************* Symbol Path Validation Summary ************* *response Time                         (ms)     locationdeferred  

That's right.
Execute the following reload command:

0:000>. Reload ......................................................................................................................... ...................

Then perform the following:

0:000>. Loadby SOS clr0:000>!tpthe version of SOS does not match the version of the CLR is debugging.  Pleaseload the matching version of SOS for the version of the CLR is debugging. CLR Version:4.0.30319.296sos version:4.6.96.0failed to load data access DLL, 0x80004005

It is suggested here that the version of SOS is more CLR mismatched, it is necessary to find the SOS.dll on the server where thedump file was generated, note that because the server program is 64-bit, it must be found in the. Net Framework64 directory and Mscordacwks.dll files are copied together (for the time being, we'll talk about them soon).

Just after the execution of this command, we were pleasantly surprised to find that the C:\Symbols directory created itself, and downloaded a few directories such as clr.pdb, this is the copy of the server just SOS.dll, Mscordacwks.dll, put on the local machine c:\symbols Directory below.

Execute the following commands again:

0:000>. Reload ......................................................................................................................... ................... 0:000>. Loadby SOS clr0:000>!tpthe version of SOS does not match the version of the CLR is debugging.  Pleaseload the matching version of SOS for the version of the CLR is debugging. CLR Version:4.0.30319.296sos version:4.6.96.0failed to load data access DLL, 0x80004005

Or an error, it appears that SOS.dll is not loaded correctly, with the following command:

0:000>. Load c:\symbols\sos.dll0:000>. loadby SOS clr0:000>!TP

Here the load command must take the path of SOS.dll. Loads it, and then executes the. loadby SOS CLR, which represents debugging. NET managed programs.

Start a long wait, the program window prompts:

*busy*
Downloading symbols for [clr.pdb]/

Wait until the relevant symbol files are all downloaded, and finally appeared a successful interface:

CPU utilization:11%worker thread:total:8 running:0 idle:8 maxlimit:32767 minlimit:8work Request in queue:0-------- ------------------------------Number of timers:14--------------------------------------completion Port Thread: Total:1 free:1 maxfree:16 currentlimit:0 maxlimit:1000 minlimit:8

4. Get Help information

For WinDbg detailed debug naming, refer to the following article:
WinDbg Debug Commands
Http://www.cnblogs.com/kekec/archive/2012/12/02/2798020.html

Or, you can always use Help to see how it's used:

0:000>!help-------------------------------------------------------------------------------SOS is a debugger Extension DLL designed to aid in the debugging of Managedprograms. Functions is listed by category and then roughly in order ofimportance. Shortcut names for popular functions is listed in parenthesis. Type "!help <functionname>" for detailed info on the that function. Object inspection examining code and Stacks--------------------------------------------------------             --dumpobj (DO) Threadsdumparray (DA) threadstatedumpstackobjects (DSO)                             Ip2mddumpheap UDUMPVC Dumpstackgcroot                Eestackobjsize clrstackfinalizequeue gcinfoprintexception (PE) Ehinfotraverseheap BPMD comstateexamining CLR data structure SdIagnostic Utilities----------------------------------------------------------dumpdomain Veri                            Fyheapeeheap VERIFYOBJNAME2EE findrootssyncblk                             HEAPSTATDUMPMT gcwheredumpclass listnearobj (LNO) DUMPMD GCHANDLESTOKEN2EE gchandleleakseeversion Finalize                       Queue (FQ) dumpmodule Findappdomainthreadpool savemoduledumpassembly ProcInfo Dumpsigelem stoponexception (SOE) Dumpruntimetypes Dumplo Gdumpsig vmmaprcwcleanuplist Vmstatdumpil MiniD Umpmode Analyzeoom (AO) examining the GC history of other------------------------ -----      -----------------------------Histinit Faqhistroothistobjhistobjfindhistclear 

You can also use the. help command, which is not the same as this, which lists some of the commands:

0:000>. Help. Commands:   . Allow_exec_cmds [0|1]-Control execution Commands   . allow_image_mapping [0|1]-control On-demand  Image file mapping   . APPLY_DBP [<options>]-Add current data breakpoint state to a                            register context   . asm [<options>]-Set disassembly options   . asm-[<options>]-Clear disassembly options   . Attach <proc >-Attach to <proc> at next execution   . Block {<commands>}-brackets a set of commands for nested EX Ecution   . Break-break out of the enclosing loop

You can also use the. hh command:
Use ". HH <command>" or open Debugger.chm in the debuggers directory to get
Detailed documentation on a command.

OK, with dump file generation, Debug environment configuration, and help commands, it's finally getting started.

Category: Technical talk

WinDbg debugging. NET