This document introduces WinDbg, a debugger tool that can be used for post mortem crash analysis, memory leak detection, and deadlock discovery. It discusses how to load crash dumps and symbols, and provides an overview of basic commands like listing processes and threads. Crash analysis commands for .NET like !analyze, !printexception, and !clrstack are presented. Commands for investigating memory issues like !dumpheap and !gcroot are also highlighted. The document concludes with discussing deadlock detection using commands like !dlk and !mwaits.
6. WinDbg to the rescue
Post mortem analysis of crash/hang dumps
Inspect heap and find memory leaks
Discover deadlocks
Learn more about your application
7. Basic commands
| list all processes
|. current process
|<x>s switch to process
~ list all threads
~. current thread
~<n>s – switch to thread
k call stack (unmanged)
~* all threads
~* k – call stack for all threads
8. Wait, you’re forgot something
For proper debugging you’ll need symbols
1. lm show all modules + symbol information
2. .symfix + .reload –f
3. ld Loads symbols for the specified module
Or use
File Symbol file path
11. Analyzing Crush dump
A minidump is a snapshot of an application state:
{
Process(s)
Thread(s)
Module(s)
Register(s)
Memory info
Handles
Call stack
…
}
17. Finding memory issues
1. Look at heap
2. List all objects
3. Dive in to see specific object
4. Compare with previous results
!dumpheap -stat
!dumpheap –type
!do
!gcroot
18. Other memory related commands
!FinalizeQueue
!objsize
!GCHandleLeaks
!dumpgen
!gcgen
!refs
!mk
!mdt
!FinalizeQueue – show finalizer queue
!threads – show managed threads
!objsize – calculate “real” object size
!GCHandleLeaks – track down GCHandle leaks
!finq/frq – show finilizer/freachable queue
!dumpgen – Dumps the contents gen X
!gcgen - GC generation of the specified object
!refs - all references from/to object
!mk - unmanaged and managed call stack
!mdt - fields of an object or type