如何讓 WinDebug Preview 載入 Dotnet Core 的 SOS.dll 進行偵錯
2023-03-06 15:00:40
一、前言
最近我在使用 WinDebug進行系統偵錯,也是在學習《Net高階偵錯》這本書。以前聽過 WinDebug 偵錯程式,但是沒有使用過,由於最近想起來了,就好好的研究一下,學習一下。初次接觸,還是走了不少彎路,踩了不少坑。關於 WinDebug 最新版的安裝方法,可以在「微軟商店」裡面,直接查詢「WinDebug」,找到後,點選安裝就好。當然都是線上安裝的,沒有網路是不行的。來一個截圖把,先有一個直接的感覺,截圖如下:
這次的偵錯環境和平臺如下:
作業系統:WIndows 10 Professinal
開發工具:Visual Studio 2019
開發語言:C#
框架平臺:Net Framework 4.8
偵錯工具:Windebug Preview
二、開始我們的入門之旅吧
由於我也是第一次使用 Windebug 進行系統偵錯,所以就免不了採一些坑。我安裝好Windebug 軟體,嘗試載入 VS2019 建立的一個控制檯專案,說明一下,不是跨平臺版本,但是就是沒有辦法獲取我想要的東西,後來,仔細對比,才發現,沒有載入 SOS.DLL,所以使用命令也不起作用。今天我們就解決一下,如何讓 Windebug 載入 Net Core 版本的 SOS.DLL。 .NET Framework 和 DotNet Core 版本不相同的是,當前的 SOS.dll 是放在獨立的 https://github.com/dotnet/diagnostics 倉庫裡面,也需要獨立安裝。好在 SOS 通過 DotNet Tool 進行分發,安裝方法也非常簡單。
1、使用以下命令進行安裝,在命令列工具中。
dotnet tool install -g dotnet-sos
安裝很簡單,執行命令就可以,我的直接安裝就成功了,
2、以上是新增 DotNet SOS 工具,接下來還需要呼叫此工具進行安裝,請在命令列輸入下面命令進行安裝。
dotnet sos install
1 C:\Users\Administrator>dotnet sos install 2 Installing SOS to C:\Users\Administrator\.dotnet\sos 3 Creating installation directory... 4 Copying files from C:\Users\Administrator\.dotnet\tools\.store\dotnet-sos\7.0.410101\dotnet-sos\7.0.410101\tools\net6.0\any\win-x64 5 Copying files from C:\Users\Administrator\.dotnet\tools\.store\dotnet-sos\7.0.410101\dotnet-sos\7.0.410101\tools\net6.0\any\lib 6 Execute '.load C:\Users\Administrator\.dotnet\sos\sos.dll' to load SOS in your Windows debugger. 7 SOS install succeeded
截圖效果:
3、通過以下命令讓 WinDebug 載入 SOS 檔案。
.load C:\Users\Administrator\.dotnet\sos\sos.dll
但是此檔案預設是 x64 的,如果期望偵錯的應用是 x86 的,那麼以上命令將會提示如下錯誤
The call to LoadLibrary(C:\Users\lindexi\.dotnet\sos\sos.dll) failed, Win32 error 0n193 "%1 不是有效的 Win32 應用程式。
4、此時的解決方法是去獲取 x86 版本的 sos.dll ,我的命令的位置如下:
C:\Users\Administrator\.dotnet\tools\.store\dotnet-sos\7.0.410101\dotnet-sos\7.0.410101\tools\net6.0\any\win-x86
需要自己去找放在 C:\Users\Administrator\.dotnet\tools\.store\dotnet-sos\7.0.410101\dotnet-sos\7.0.410101\tools\net6.0\any\win-x86\ 資料夾的對應的 dotnet 版本的 sos 的 win-x86 版本的檔案。
5、WinDebug 成功載入 Sos,我們就可以使用了,在 WinDebug 中,通過命令 .chain 命令,就可以看到結果了,紅色部分表示載入了SOS.dll。
1 1:001> .chain 2 Extension DLL search Path: 3 C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext\arcade;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\pri;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86;C:\Users\Administrator\AppData\Local\Dbg\EngineExtensions32;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\amd64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\dotnet\;D:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;D:\Program Files\Microsoft SQL Server\100\Tools\Binn\;D:\Program Files\Microsoft SQL Server\100\DTS\Binn\;D:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;D:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Users\Administrator\AppData\Local\Microsoft\WindowsApps;C:\Users\Administrator\.dotnet\tools 4 Extension DLL chain: 5 C:\Users\Administrator\.dotnet\tools\.store\dotnet-sos\7.0.410101\dotnet-sos\7.0.410101\tools\net6.0\any\win-x86\sos.dll: image 7.0.410101, API 2.0.0, built Thu Feb 2 05:49:09 2023 6 [path: C:\Users\Administrator\.dotnet\tools\.store\dotnet-sos\7.0.410101\dotnet-sos\7.0.410101\tools\net6.0\any\win-x86\sos.dll] 7 CLRComposition: image 10.0.25200.1003, API 0.0.0, 8 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext\CLRComposition.dll] 9 wow64exts: image 10.0.25200.1003, API 1.0.0, 10 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP\wow64exts.dll] 11 dbghelp: image 10.0.25200.1003, API 10.0.6, 12 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\dbghelp.dll] 13 exts: image 10.0.25200.1003, API 1.0.0, 14 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP\exts.dll] 15 uext: image 10.0.25200.1003, API 1.0.0, 16 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext\uext.dll] 17 ntsdexts: image 10.0.25200.1003, API 1.0.0, 18 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP\ntsdexts.dll]
6、我們也可以檢視 SOS的幫助命令,執行命令:!sos.help 命令,如下:
1 0:000> !sos.help 2 ------------------------------------------------------------------------------- 3 SOS is a debugger extension DLL designed to aid in the debugging of managed 4 programs. Functions are listed by category, then roughly in order of 5 importance. Shortcut names for popular functions are listed in parenthesis. 6 Type "!help <functionname>" for detailed info on that function. 7 8 Object Inspection Examining code and stacks 9 ----------------------------- ----------------------------- 10 DumpObj (do) Threads (clrthreads) 11 DumpALC (dumpalc) ThreadState 12 DumpArray (da) IP2MD 13 DumpDelegate U 14 DumpStackObjects (dso) DumpStack 15 DumpHeap EEStack 16 DumpVC ClrStack 17 GCRoot GCInfo 18 ObjSize EHInfo 19 FinalizeQueue BPMD (bpmd) 20 PrintException (pe) COMState 21 TraverseHeap 22 23 Examining CLR data structures Diagnostic Utilities 24 ----------------------------- ----------------------------- 25 DumpDomain VerifyHeap 26 EEHeap VerifyObj 27 Name2EE FindRoots 28 SyncBlk HeapStat 29 DumpMT GCWhere 30 DumpClass ListNearObj (lno) 31 DumpMD GCHandles 32 Token2EE GCHandleLeaks 33 EEVersion FinalizeQueue (fq) 34 DumpModule FindAppDomain 35 ThreadPool (tp) SaveModule 36 DumpAssembly ProcInfo 37 DumpSigElem StopOnException (soe) 38 DumpRuntimeTypes DumpLog 39 DumpSig VMMap 40 RCWCleanupList VMStat 41 DumpIL MinidumpMode 42 DumpRCW AnalyzeOOM (ao) 43 DumpCCW SuppressJitOptimization 44 45 Examining the GC history Other 46 ----------------------------- ----------------------------- 47 HistInit SetHostRuntime (sethostruntime) 48 HistRoot SetSymbolServer (setsymbolserver) 49 HistObj SetClrPath (setclrpath) 50 HistObjFind SOSFlush 51 HistClear SOSStatus (sosstatus) 52 FAQ 53 Help (soshelp)
7、我們也可以檢視堆的具體情況,執行命令:!dumpheap -stat 命令,如下:
1 0:000> !dumpheap -stat 2 *** WARNING: Unable to verify checksum for 01、PatrickLiu.AdvanceDebug.DebugTools.exe 3 Statistics: 4 MT Count TotalSize Class Name 5 6ecf5468 1 12 System.Collections.Generic.GenericEqualityComparer`1[[System.String, mscorlib]] 6 6ecf4888 1 12 System.Security.HostSecurityManager 7 6ecf3d78 1 12 System.Collections.Generic.ObjectEqualityComparer`1[[System.Type, mscorlib]] 8 6ed59b0c 1 16 System.IO.TextReader+SyncTextReader 9 6ecf480c 1 16 System.Security.Policy.Evidence+EvidenceLockHolder 10 6ecf1848 1 16 System.Security.Policy.AssemblyEvidenceFactory 11 6ecf9098 1 20 Microsoft.Win32.SafeHandles.SafeFileMappingHandle 12 6ecf9048 1 20 Microsoft.Win32.SafeHandles.SafeViewOfFileHandle 13 6ecf8fb4 1 20 System.Text.InternalEncoderBestFitFallback 14 6ecf89dc 1 20 System.IO.Stream+NullStream 15 6ecf1790 1 20 Microsoft.Win32.SafeHandles.SafePEFileHandle 16 6ecf9004 1 24 System.Text.InternalDecoderBestFitFallback 17 6ecf8c64 1 24 System.IO.TextWriter+SyncTextWriter 18 6ecf5160 1 24 System.Version 19 6ed5b818 1 28 System.Text.DBCSCodePageEncoding+DBCSDecoder 20 6ecf91c0 1 28 System.Text.EncoderNLS 21 6ecf8b20 1 28 Microsoft.Win32.Win32Native+InputRecord 22 6ecf4cc0 1 28 System.Text.UTF8Encoding+UTF8EncodingSealed 23 6ecf27d0 1 28 System.SharedStatics 24 6ecf4b60 2 32 System.Text.DecoderReplacementFallback 25 6ecf4b10 2 32 System.Text.EncoderReplacementFallback 26 6ecf48fc 1 32 System.Text.UnicodeEncoding 27 6ecf17f0 1 32 System.Security.Policy.PEFileEvidenceFactory 28 6ecf2ef0 1 36 System.Security.PermissionSet 29 6ecf4c34 2 40 Microsoft.Win32.SafeHandles.SafeFileHandle 30 6ecf2e6c 1 40 System.Security.Policy.Evidence 31 6ed5c4b8 1 44 System.Text.InternalEncoderBestFitFallbackBuffer 32 6ecf4680 1 44 System.Threading.ReaderWriterLock 33 6ecf52a0 1 48 System.Collections.Generic.Dictionary`2[[System.String, mscorlib],[System.Globalization.CultureData, mscorlib]] 34 6ecf4ec0 1 48 System.Collections.Hashtable+bucket[] 35 6ecf42a8 4 48 System.Int32 36 6ecf304c 1 48 System.Collections.Generic.Dictionary`2[[System.Type, mscorlib],[System.Security.Policy.EvidenceTypeDescriptor, mscorlib]] 37 6ecf16f0 4 48 System.UInt16 38 6ecf4e00 1 52 System.Collections.Hashtable 39 6ecf3de0 1 52 System.Type[] 40 6ecf2e10 1 52 System.Threading.Thread 41 6ecf8b68 2 56 System.IO.__ConsoleStream 42 6ecf524c 2 56 System.Text.StringBuilder 43 6ecf46c8 2 56 System.Reflection.RuntimeAssembly 44 6ecf59a8 1 60 System.IO.StreamWriter 45 6ecf55bc 1 60 System.Collections.Generic.Dictionary`2+Entry[[System.String, mscorlib],[System.Globalization.CultureData, mscorlib]][] 46 6ed3dc64 1 64 System.IO.StreamReader 47 6ecf2b94 1 68 System.AppDomainSetup 48 6ecf4f50 1 72 System.IO.UnmanagedMemoryStream 49 6ed5bcc4 1 76 System.Text.DBCSCodePageEncoding 50 6ecf520c 1 84 System.Globalization.CalendarData 51 6ecf26b4 1 84 System.ExecutionEngineException 52 6ecf2670 1 84 System.StackOverflowException 53 6ecf2628 1 84 System.OutOfMemoryException 54 6ecf25d4 1 84 System.Exception 55 6ecf2734 8 96 System.Object 56 6ecf51c8 1 104 System.Globalization.CalendarData[] 57 6ecf2810 1 112 System.AppDomain 58 01308d50 10 116 Free 59 6ecf5700 1 132 System.Globalization.NumberFormatInfo 60 6ecf5074 2 144 System.Globalization.CultureInfo 61 6ecf26f8 2 168 System.Threading.ThreadAbortException 62 6ecf44d4 3 468 System.Collections.Generic.Dictionary`2+Entry[[System.Type, mscorlib],[System.Security.Policy.EvidenceTypeDescriptor, mscorlib]][] 63 6ecf426c 11 564 System.Int32[] 64 6ecf2d74 18 608 System.String[] 65 6ecf512c 2 616 System.Globalization.CultureData 66 6ecf3698 26 728 System.RuntimeType 67 6ecf5c40 3 806 System.Byte[] 68 6ecf2c60 10 2986 System.Char[] 69 6ecf24e4 166 6292 System.String 70 6ecf2788 6 17748 System.Object[] 71 Total 332 objects
8、如果我們想執行偵錯,可以執行g命令,然後再點選【Break】命令,切換到:~0s,執行偵錯,如下:
9、如何我們想檢視託管堆的佈局,可以執行命令:!eeheap -gc 命令,如下:
1 0:000> !eeheap -gc 2 Number of GC Heaps: 1 3 generation 0 starts at 0x02441018 4 generation 1 starts at 0x0244100c 5 generation 2 starts at 0x02441000 6 ephemeral segment allocation context: none 7 segment begin allocated size 8 02440000 02441000 02445ff4 0x4ff4(20468) 9 Large object heap starts at 0x03441000 10 segment begin allocated size 11 03440000 03441000 03445558 0x4558(17752) 12 Total Size: Size: 0x954c (38220) bytes. 13 ------------------------------ 14 GC Heap Size: Size: 0x954c (38220) bytes.
截圖如下:
10、如何我們想檢視幫助檔案,可以執行命令:.hh,注意,前面有英文點號。
11、我自己重新下載了 SOSEX.Dll,然後使用 load 命令載入到 Windebug 中。紅色表示要執行的命令。
1 0:000> .load F:\Books\debug Tools\sosex_32\sosex.dll 2 0:000> .chain 3 Extension DLL search Path: 4 C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext\arcade;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\pri;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86;C:\Users\Administrator\AppData\Local\Dbg\EngineExtensions32;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\amd64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\dotnet\;D:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;D:\Program Files\Microsoft SQL Server\100\Tools\Binn\;D:\Program Files\Microsoft SQL Server\100\DTS\Binn\;D:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;D:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Users\Administrator\AppData\Local\Microsoft\WindowsApps;C:\Users\Administrator\.dotnet\tools 5 Extension DLL chain: 6 F:\Books\debug Tools\sosex_32\sosex.dll: image 4.5.0.0, API 1.0.0, built Fri Mar 7 23:17:26 2014 7 [path: F:\Books\debug Tools\sosex_32\sosex.dll] 8 C:\Windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll: image 4.8.4300.0, API 1.0.0, built Thu Oct 8 08:41:14 2020 9 [path: C:\Windows\Microsoft.NET\Framework\v4.0.30319\SOS.dll] 10 CLRComposition: image 10.0.25200.1003, API 0.0.0, 11 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext\CLRComposition.dll] 12 wow64exts: image 10.0.25200.1003, API 1.0.0, 13 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP\wow64exts.dll] 14 dbghelp: image 10.0.25200.1003, API 10.0.6, 15 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\dbghelp.dll] 16 exts: image 10.0.25200.1003, API 1.0.0, 17 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP\exts.dll] 18 uext: image 10.0.25200.1003, API 1.0.0, 19 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\winext\uext.dll] 20 ntsdexts: image 10.0.25200.1003, API 1.0.0, 21 [path: C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\WINXP\ntsdexts.dll]
12、可以使用 !sosex.help 命令,檢視 SOSEX的幫助檔案。紅色表示要執行的命令。
1 0:000> !sosex.help 2 SOSEX - Copyright 2007-2014 by Steve Johnson - http://www.stevestechspot.com/ 3 To report bugs or offer feedback about SOSEX, please email [email protected] 4 Quick Ref: 5 -------------------------------------------------- 6 bhi [filename] BuildHeapIndex - Builds an index file for heap objects. 7 bpsc (Deprecated. Use !mbp instead) 8 chi ClearHeapIndex - Frees all resources used by the heap index and removes it from memory. 9 dlk [-d] Displays deadlocks between SyncBlocks and/or ReaderWriterLocks 10 dumpfd <FieldAddr> Dumps the properties of a FieldDef structure 11 dumpgen <GenNum> [-free] [-stat] [-type <TYPE_NAME>] Dumps the contents of the specified generation 12 [-nostrings] 13 finq [GenNum] [-stat] Displays objects in the finalization queue 14 frq [-stat] Displays objects in the Freachable queue 15 gcgen <ObjectAddr> Displays the GC generation of the specified object 16 gch [HandleType]... [-stat] Lists all GCHandles, optionally filtered by specified handle types 17 help [CommandName] Display this screen or details about the specified command 18 lhi [filename] LoadHeapIndex - load the heap index into memory. 19 mbc <SOSEX breakpoint ID | *> Clears the specified or all managed breakpoints 20 mbd <SOSEX breakpoint ID | *> Disables the specified or all managed breakpoints 21 mbe <SOSEX breakpoint ID | *> Enables the specified or all managed breakpoints 22 mbl [SOSEX breakpoint ID] Prints the specified or all managed breakpoints 23 mbm <Type/MethodFilter> [ILOffset] [Options] Sets a managed breakpoint on methods matching the specified filter 24 mbp <SourceFile> <nLineNum> [ColNum] [Options] Sets a managed breakpoint at the specified source code location 25 mdso [Options] Dumps object references on the stack and in CPU registers in the current context 26 mdt [TypeName | VarName | MT] [ADDR] [Options] Displays the fields of an object or type, optionally recursively 27 mdv [nFrameNum] Displays arguments and locals for a managed frame 28 mfrag [-stat] [-mt:<MT>] Reports free blocks, the type of object following the free block, and fragmentation statistics 29 mframe [nFrameNum] Displays or sets the current managed frame for the !mdt and !mdv commands 30 mgu // TODO: Document 31 mk [FrameCount] [-l] [-p] [-a] Prints a stack trace of managed and unmanaged frames 32 mln [expression] Displays the type of managed data located at the specified address or the current instruction pointer 33 mlocks [-d] Lists all managed lock objects and CriticalSections and their owning threads 34 mroot <ObjectAddr> [-all] Displays GC roots for the specified object 35 mt (no parameters) Steps into the managed method at the current position 36 mu [address] [-s] [-il] [-n] Displays a disassembly around the current instruction with interleaved source, IL and asm code 37 muf [MD Address | Code Address] [-s] [-il] [-n] Displays a disassembly with interleaved source, IL and asm code 38 mwaits [-d | LockAddr] Lists all waiting threads and, if known, the locks they are waiting on 39 mx <Filter String> Displays managed type/field/method names matching the specified filter string 40 rcw [Object or SyncBlock Addr] Displays Runtime Callable Wrapper (RCW) COM interop data. 41 refs <ObjectAddr> [-target|-source] Displays all references from and to the specified object 42 rwlock [ObjectAddr | -d] Displays all RWLocks or, if provided a RWLock address, details of the specified lock 43 sosexhelp [CommandName] Display this screen or details about the specified command 44 strings [ModuleAddress] [Options] Search the managed heap or a module for strings matching the specified criteria 45 46 ListGcHandles - See gch 47 48 Use !help <command> or !sosexhelp <command> for more details about each command. 49 You can also use the /? (or -?) option on any command to get help for that command.
13、我們可以使用 !strings 命令,檢視當前程序中所有字串。紅色字型表示要執行的命令。
7 0:000> !strings 8 Address Gen Length Value 9 --------------------------------------- 10 033e1228 0 0 11 033e1254 0 121 E:\Visual Studio 2019\Source\Projects\PatrickLiu.AdvanceDebug.Test(2019)\01、PatrickLiu.AdvanceDebug.DebugTools\bin\Debug\ 12 033e1354 0 169 E:\Visual Studio 2019\Source\Projects\PatrickLiu.AdvanceDebug.Test(2019)\01、PatrickLiu.AdvanceDebug.DebugTools\bin\Debug\01、Patr... 13 033e1524 0 4 true 14 033e153c 0 32 PARTIAL_TRUST_VISIBLE_ASSEMBLIES 15 033e15d0 0 162 E:\Visual Studio 2019\Source\Projects\PatrickLiu.AdvanceDebug.Test(2019)\01、PatrickLiu.AdvanceDebug.DebugTools\bin\Debug\01、Patr... 16 033e1724 0 7 .config 17 033e1750 0 41 01、PatrickLiu.AdvanceDebug.DebugTools.exe 18 033e1804 0 121 E:\Visual Studio 2019\Source\Projects\PatrickLiu.AdvanceDebug.Test(2019)\01、PatrickLiu.AdvanceDebug.DebugTools\bin\Debug\ 19 033e1904 0 48 01、PatrickLiu.AdvanceDebug.DebugTools.exe.config 20 033e1974 0 7 RELPATH 21 033e1990 0 1 ; 22 033e19a0 0 12 DYNAMIC_BASE 23 033e19c8 0 15 PRIVATE_BINPATH 24 033e19f4 0 16 SHADOW_COPY_DIRS 25 033e1a24 0 10 CACHE_BASE 26 033e1a48 0 7 APPBASE 27 033e1a64 0 8 DEV_PATH 28 033e1a84 0 12 DISALLOW_APP 29 033e1aac 0 22 CODE_DOWNLOAD_DISABLED 30 033e1ae8 0 22 DISALLOW_APP_REDIRECTS 31 033e1b24 0 25 DISALLOW_APP_BASE_PROBING 32 033e1b64 0 19 FORCE_CACHE_INSTALL 33 033e1b98 0 18 BINPATH_PROBE_ONLY 34 033e1bcc 0 15 APP_CONFIG_FILE 35 033e1bf8 0 15 APP_CONFIG_BLOB 36 033e1c24 0 8 APP_NAME 37 033e1c44 0 14 MACHINE_CONFIG 38 033e1c70 0 21 config\machine.config 39 033e1ca8 0 11 HOST_CONFIG 40 033e1ccc 0 5 false 41 033e1ce4 0 46 C:\Windows\Microsoft.NET\Framework\v4.0.30319\ 42 033e1d50 0 67 C:\Windows\Microsoft.NET\Framework\v4.0.30319\config\machine.config 43 033e1de4 0 32 NetFx40_TimeSpanLegacyFormatMode 44 033e1e34 0 28 NetFx40_LegacySecurityPolicy 45 033e1e7c 0 34 NetFx45_LegacyManagedDeflateStream 46 033e260c 0 26 .NETFramework,Version=v4.8 47 033e265c 0 11 Hello World 48 033e26bc 0 1 � 49 033e27d0 0 13 codepages.nlp 50 033e2878 0 8 capacity 51 033e2898 0 6 length 52 033e292c 0 32 NLS_CodePage_{0}_{1}_{2}_{3}_{4} 53 033e29c4 0 1 * 54 033e29d4 0 1 1 55 033e29e4 0 1 . 56 033e29f4 0 1 , 57 033e2a04 0 38 Invariant Language (Invariant Country) 58 033e2a60 0 2 iv 59 033e2a74 0 18 Invariant Language 60 033e2aa8 0 2 IV 61 033e2abc 0 17 Invariant Country 62 033e2aec 0 1 + 63 033e2afc 0 1 - 64 033e2b0c 0 1 0 65 033e2b1c 0 1 2 66 033e2b2c 0 1 3 67 033e2b3c 0 1 4 68 033e2b4c 0 1 5 69 033e2b5c 0 1 6 70 033e2b6c 0 1 7 71 033e2b7c 0 1 8 72 033e2b8c 0 1 9 73 033e2b9c 0 3 NaN 74 033e2bb0 0 8 Infinity 75 033e2bd0 0 9 -Infinity 76 033e2bf0 0 1 % 77 033e2c00 0 1 ‰ 78 033e2c10 0 1 ¤ 79 033e2c20 0 3 XDR 80 033e2c34 0 27 International Monetary Fund 81 033e2c78 0 2 AM 82 033e2c8c 0 2 PM 83 033e2ca0 0 8 HH:mm:ss 84 033e2cc0 0 5 HH:mm 85 033e2cd8 0 8 hh:mm tt 86 033e2cf8 0 4 H:mm 87 033e2d10 0 7 h:mm tt 88 033e2d2c 0 5 Latn; 89 033e2d44 0 3 IVL 90 033e2d58 0 3 IVC 91 033e2d6c 0 3 ivl 92 033e2d80 0 3 ivc 93 033e2d94 0 13 0409:00000409 94 033e2dbc 0 50 System\CurrentControlSet\Control\Nls\RegionMapping 95 033e3084 0 18 Gregorian Calendar 96 033e30b8 0 10 MM/dd/yyyy 97 033e30dc 0 10 yyyy-MM-dd 98 033e3100 0 18 dddd, dd MMMM yyyy 99 033e3134 0 9 yyyy MMMM 100 033e3154 0 7 MMMM dd 101 033e3170 0 4 A.D. 102 033e3188 0 2 AD 103 033e319c 0 6 Sunday 104 033e31b8 0 6 Monday 105 033e31d4 0 7 Tuesday 106 033e31f0 0 9 Wednesday 107 033e3210 0 8 Thursday 108 033e3230 0 6 Friday 109 033e324c 0 8 Saturday 110 033e326c 0 3 Sun 111 033e3280 0 3 Mon 112 033e3294 0 3 Tue 113 033e32a8 0 3 Wed 114 033e32bc 0 3 Thu 115 033e32d0 0 3 Fri 116 033e32e4 0 3 Sat 117 033e32f8 0 2 Su 118 033e330c 0 2 Mo 119 033e3320 0 2 Tu 120 033e3334 0 2 We 121 033e3348 0 2 Th 122 033e335c 0 2 Fr 123 033e3370 0 2 Sa 124 033e3384 0 7 January 125 033e33a0 0 8 February 126 033e33c0 0 5 March 127 033e33d8 0 5 April 128 033e33f0 0 3 May 129 033e3404 0 4 June 130 033e341c 0 4 July 131 033e3434 0 6 August 132 033e3450 0 9 September 133 033e3470 0 7 October 134 033e348c 0 8 November 135 033e34ac 0 8 December 136 033e34cc 0 3 Jan 137 033e34e0 0 3 Feb 138 033e34f4 0 3 Mar 139 033e3508 0 3 Apr 140 033e351c 0 3 Jun 141 033e3530 0 3 Jul 142 033e3544 0 3 Aug 143 033e3558 0 3 Sep 144 033e356c 0 3 Oct 145 033e3580 0 3 Nov 146 033e3594 0 3 Dec 147 033e3758 0 6 zh-CHS 148 033e3774 0 6 zh-CHT 149 033e3790 0 5 zh-CN 150 033e3824 0 5 zh-cn 151 033e39e4 0 5 zh-CN 152 033e39fc 0 5 zh-CN 153 033e3a14 0 5 zh-CN 154 033e3a2c 0 5 zh-CN 155 033e3a44 0 5 zh-TW 156 033e3a5c 0 5 zh-CN 157 033e3ad4 0 5 zh-CN 158 033e3b48 0 6 format 159 033e3b64 0 4 args 160 033e3da8 0 1 \ 161 033e3db8 0 3 936 162 033e3dcc 0 1 3 163 033e3ddc 0 1 2 164 033e3dec 0 1 0 165 033e3dfc 0 1 0 166 033e3e0c 0 24 NLS_CodePage_936_3_2_0_0 167 033e3eec 0 8 encoding 168 033e3f0c 0 6 stream 169 033e437c 0 5 bytes 170 033e4394 0 5 chars 171 033e43ac 0 9 charCount 172 033e43cc 0 9 charIndex 173 033e43ec 0 9 byteCount 174 033e4b5c 0 5 count 175 033e4b74 0 6 offset 176 ---------------------------------------
14、使用 !mlocks 命令,檢視是否有死鎖問題。
1 0:000> !mlocks 2 Examining SyncBlocks... 3 Scanning for ReaderWriterLock instances... 4 Scanning for holders of ReaderWriterLock locks... 5 Scanning for ReaderWriterLockSlim instances... 6 Scanning for holders of ReaderWriterLockSlim locks... 7 Examining CriticalSections... 8 9 ClrThread DbgThread OsThread LockType Lock LockLevel 10 ---------------------------------------------------------------------- 11 0x1 0 0x4450 thinlock 033e4f50 (recursion:0)
15、我們可以使用 qq 命令退出 Windebug 。紅色字型表示要執行的命令。
1 windbg> qq 2 NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\Visualizers\atlmfc.natvis' 3 NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\Visualizers\ObjectiveC.natvis' 4 NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\Visualizers\concurrency.natvis' 5 NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\Visualizers\cpp_rest.natvis' 6 NatVis script unloaded from 'C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2210.3001.0_x64__8wekyb3d8bbwe\x86\Visualizers\stl.natvis'
三、結束語
學無止境,還有很多,以後會慢慢來的。不學不知道,一學嚇一跳,發現很多以前概念性的東西,現在變得更具體得了,知道託管堆是什麼樣子了。但是學的越多,好像懂得越少,沒辦法,我們只能無限努力,不忘初心,重新啟程。老天不會辜負努力的人。
天下國家,可均也;爵祿,可辭也;白刃,可蹈也;中庸不可能也