Windbg基本命令应用总结

.cordll -ve -u -l //reload core dlls

------加载下载系统文件符号的URL----------

.sympath SRV*C:Symbols*http://msdl.microsoft.com/download/symbols

---------加载.net组件------- ---------------

.loadby sos clr

.load psscor4

-----------------Memory查看-------------------------

!dumpheap -stat //all .net objects statistics

!dumpheap -mt 000007feed866738 -min 80000 -max 90000 -stat //object size statistic

!dumpheap -mt 000007feed866738    -min 80000 //object in range addres list

!heap -s //shows heap summary

!heap -stat -h 00000000003a0000 //shows the heap statistics for the specified heap

!heap -flt s 1f64 //filters all other blocks of heap and displays the details of blocks having size 1f64

!heap -p -a UsrPtr //displays the call stack for UsrPtr

!traverseheap d:HeapStatus.log //dump heap log, analyze by CLRProfiler

-----------------CPU------------------------------

!threads //show manage and unmanaged threads

!threadpool // show cpu usage and thread pool statistics

!runaway //show running threads and their cpu consuming

!threads -special //show all threads including gc, finalizer etc.

----------------堆栈查看----------------------------

~*e!mk //show all threads stack

~*kb 2000 //Examine the native callstacks

~*e!clrstack //Examine the .net callstacks 所有线程调用堆栈

!dso //find the objects on the stack

!clrstack 当前线程托管方法调用堆栈

k查看调用堆栈

!finalizequeue

!gcroot <address of string> 被根化（rooted）到哪里（即为什么它们不会被回收)

!eeHeap -gc查看.net GC 堆的大小

kb 2000产看当前线程本地（原生）调用堆栈

~* kb 2000 得到所有查看本地资源的callstack 触发GC的函数（mscorwks!)SVR::GCHeap::GarbageCollectGeneration）

GC 线程gc_heap::gc_thread_stub等待GC完成（GCHeap::WaitUntilGCComplete

------查看请求的url----

!aspxpages

!clrusage

//gcroot all the objects, find where the object created .foreach (obj {!dumpheap -mt 000007fef4c3da30  -short}) {!gcroot obj; .echo -----}

--------------------异常查看---------------

!pe 查看异常

!dso 查看栈上的对象

!pe [Object]打印出原先的异常，查看输出的信息 !SaveModule <Base address> <Filename> base Address还可以通过lm命令查看

!syncblk，查看线程中，锁的信息

------------------自动分析----------------------

!analyze

------------------服务器上dump文件的方法-----

1.服务器上使用windows任务管理器，选择进程创建转储文件即可。

2.Debugging Tools for Windows里提供了一个好工具, 其路径与Debugging Tools for Windows的安装路径相同，使用的方法如下所示: 在命令行模式下进入工具所在目录执行： adplus.exe -hang -p 1234 -o d:dump

-p需要抓取文件的进程ID

-o文件输出的路径

adplus.exe -hang -p 33668 -o d:dump

adplus.exe -crash -p 33668 -o d:dump

当前安装包名称：X64 Debuggers And Tools-x64_en-us.msi

常用插件：

psscor4.dll下载地址： http://www.microsoft.com/download/en/details.aspx?id=21255

SOS.dll 获取地址：C:WindowsMicrosoft.NETFrameworkv2.0.50727