WinDBG 常用命令表[转]

启动, 附加进程, 执行和退出(Starting, Attaching, Executing and Exiting)

=======================

	Start -> All Programs -> Debugging Tools for Windows -> WinDBG	启动
F6	attach to process	附加到进程
Ctrl-Break	interrupt debugee	中断正在被debug的程序
.detach	detach from a process	脱离进程
g	continue debugee execution	继续执行被debug的程序
q	exit WinDBG	退出WinDBG

获得帮助(Getting Help)

=======================

?	help on commands that affect the debugee	列出所有的内置命令和操作符
.help	help on commands that affect the debugger	列出所有的元命令
.hh command	view the on line help file	打开WinDBG的帮助文件
!help	help on the extension dll at the top of the chain (e. g., SOS)	列出扩展DLL中的扩展命令帮助

操纵命令(Issuing Commands)

=======================

up arrow, down arrow, enter	scroll through command history	浏览命令历史
Right mouse button	paste into command window	在命令窗口中粘贴

检查非托管环境(Examining the Unmanaged Environment)

=======================

lmf	list loaded modules with full path	列出已加载了的模块及其完整路径
lmt	list loaded modules with last modified timestamp	列出已加载了的模块和最后修改的时间戳
~	list unmanaged threads	列出所有非托管线程
~thread s	select a thread for thread specific commands
!token -n	view thread permissions
k	view the unmanaged call stack	查看非托管调用栈
!runaway	view thread CPU consumption	显示每个线程占用的时间
bp	set a breakpoint	设置一个断点
.dump path	dump small memory image	创建一个小的dump内存镜像
.dump /ma path	dump complete memory image	创建一个完整的dump文件

使用Debuger DLL扩展(Working with Extension DLLs (e. g., SOS))

=======================

.chain	list extensions dlls	列出所有加载了的debugger extension
.load clr10\sos	load SOS for debugging framework 1.0 / 1.1	加载.net 1.1托管程序的debug扩展
.unload clr10\sos	unload SOS	卸载SOS
.loadby sos mscorwks	load SOS for debugging framework 2.0	加载.net 2.0的debug 扩展

SOS命令(SOS Commands)

=======================

!threads	view managed threads	查看所有托管线程
!clrstack	view the managed call stack	查看托管调用栈
!dumpstack	view combined unmanaged & managed call stack	查看非托管和托管结合的调用栈
!clrstack -p	view function call arguments	查看托管函数调用的参数
!clrstack –l	view stack (local) variables	查看托管栈的局部变量
!name2ee module class	view addresses associated with a class or method	查看某个类或方法的内存地址
!dumpmt –md address	view the method table & methods for a class	查看指定地址的方法表和一个类的方法集
!dumpmd address	view detailed information about a method	显示指定地址的MethodDesc结构信息
!do address	view information about an object	显示某地址的对象的信息, 包括fields, EEClass, Method Table和object size
!dumpheap –stat	view memory consumption by type	显示堆内存的使用
!dumpheap –min size	view memory consumption by object when at least size	查看堆内存使用, 忽略小于size字节大小的对象
!dumpheap –type type	view memory consumption for all objects of type type	查看所有类型为type的对象的内存使用
!gcroot address	view which object are holding a reference to address	查看所有对指定地址的对象的引用
!syncblk	view information about managed locks	查看托管的锁(SyncBlock结构)

SOS 2.0 命令(SOS 2.0 Commands)

========================

!bpmd module method	set breakpoint	在指定模块的某一指定的方法上设置断点
!DumpArray address	view contents of an array	查看数组中的元素
!PrintException	view information about most recent exception	格式化地显示最近的异常信息

资料来源:

WinDbg / SOS Cheat Sheet

http://geekswithblogs.net/.netonmymind/archive/2006/03/14/72262.aspx

SOS.dll (SOS Debugging Extension)

http://msdn.microsoft.com/en-us/library/bb190764.aspx

[转]http://www.cnblogs.com/awpatp/archive/2010/05/30/1747736.html