启动, 附加进程, 执行和退出(Starting, Attaching, Executing and Exiting)
=======================
|
| Start -> All Programs -> Debugging Tools for Windows -> WinDBG | 启动 |
| F6 | attach to process | 附加到进程 |
| Ctrl-Break | interrupt debugee | 中断正在被debug的程序 |
| .detach | detach from a process | 脱离进程 |
| g | continue debugee execution | 继续执行被debug的程序 |
| q | exit WinDBG | 退出WinDBG |
获得帮助(Getting Help)
=======================
| ? | help on commands that affect the debugee | 列出所有的内置命令和操作符 |
| .help | help on commands that affect the debugger | 列出所有的元命令 |
| .hh command | view the on line help file | 打开WinDBG的帮助文件 |
| !help | help on the extension dll at the top of the chain (e. g., SOS) | 列出扩展DLL中的扩展命令帮助 |
操纵命令(Issuing Commands)
=======================
| up arrow, down arrow, enter | scroll through command history | 浏览命令历史 |
| Right mouse button | paste into command window | 在命令窗口中粘贴 |
检查非托管环境(Examining the Unmanaged Environment)
=======================
| lmf | list loaded modules with full path | 列出已加载了的模块及其完整路径 |
| lmt | list loaded modules with last modified timestamp | 列出已加载了的模块和最后修改的时间戳 |
| ~ | list unmanaged threads | 列出所有非托管线程 |
| ~thread s | select a thread for thread specific commands |
|
| !token -n | view thread permissions |
|
| k | view the unmanaged call stack | 查看非托管调用栈 |
| !runaway | view thread CPU consumption | 显示每个线程占用的时间 |
| bp | set a breakpoint | 设置一个断点 |
| .dump path | dump small memory image | 创建一个小的dump内存镜像 |
| .dump /ma path | dump complete memory image | 创建一个完整的dump文件 |
使用Debuger DLL扩展(Working with Extension DLLs (e. g., SOS))
=======================
| .chain | list extensions dlls | 列出所有加载了的debugger extension |
| .load clr10\sos | load SOS for debugging framework 1.0 / 1.1 | 加载.net 1.1托管程序的debug扩展 |
| .unload clr10\sos | unload SOS | 卸载SOS |
| .loadby sos mscorwks | load SOS for debugging framework 2.0 | 加载.net 2.0的debug 扩展 |
SOS命令(SOS Commands)
=======================
| !threads | view managed threads | 查看所有托管线程 |
| !clrstack | view the managed call stack | 查看托管调用栈 |
| !dumpstack | view combined unmanaged & managed call stack | 查看非托管和托管结合的调用栈 |
| !clrstack -p | view function call arguments | 查看托管函数调用的参数 |
| !clrstack –l | view stack (local) variables | 查看托管栈的局部变量 |
| !name2ee module class | view addresses associated with a class or method | 查看某个类或方法的内存地址 |
| !dumpmt –mdaddress | view the method table & methods for a class | 查看指定地址的方法表和一个类的方法集 |
| !dumpmd address | view detailed information about a method | 显示指定地址的MethodDesc结构信息 |
| !do address | view information about an object | 显示某地址的对象的信息, 包括fields, EEClass, Method Table和object size |
| !dumpheap –stat | view memory consumption by type | 显示堆内存的使用 |
| !dumpheap –min size | view memory consumption by object when at least size | 查看堆内存使用, 忽略小于size字节大小的对象 |
| !dumpheap –typetype | view memory consumption for all objects of type type | 查看所有类型为type的对象的内存使用 |
| !gcroot address | view which object are holding a reference to address | 查看所有对指定地址的对象的引用 |
| !syncblk | view information about managed locks | 查看托管的锁(SyncBlock结构) |
SOS 2.0 命令(SOS 2.0 Commands)
========================
| !bpmd module method | set breakpoint | 在指定模块的某一指定的方法上设置断点 |
| !DumpArray address | view contents of an array | 查看数组中的元素 |
| !PrintException | view information about most recent exception | 格式化地显示最近的异常信息 |
