WinDbg CheatSheet - Aria-Akbariyeh/Docs GitHub Wiki
| Command | Usage |
|---|---|
.load C:\Windows\Microsoft.NET\Framework\v4.0.30319 |
Load SOS extension for .NET 4.0 |
.loadby sos mscorwks |
Load SOS extension by path where mscorwks loaded |
.loadby sos clr |
Same as above. mscorwks renamed to clr from .Net 4.0 |
.cordll -u -l -ve |
Makes an attempt to load matching version from local machine (It may fail!) |
.load c:\sosex |
Loads sosex extension |
.unload |
Unloads extension |
.sympath |
Content in the second column |
.sympath c:\mysymbols |
Sets symbols path if you have not set it in environment |
.sympath+ c:\mysymbols2 |
Append another symbol path |
.reload |
Reloads symbols |
.chain |
list extensions dlls |
| Command | Usage |
|---|---|
!do <address> |
Dumps a single reference object |
!da <address> |
Dumps an array object |
!mdv |
Display local variables |
!strings |
Dumps out all the strings |
!GCRoot |
Dumps reference chain of an object |
!refs <addr> |
Displays all references from and to the specified object (sosex) |
!gcgen <objectAddr> |
Displays the GC generation of the specified object (sosex) |
| Command | Usage |
|---|---|
~ |
all threads |
~<thread id>s |
Set active thread |
~~[TID]s |
Set active thread |
!Threads [-live] [-special] |
Show managed threads |
!clrstack [-a] [-p] [-l] |
Display the managed call stack of the current thread |
K or Kb [number]
|
Unmanaged stack with arguments (kb4 limits stack to 4 frames) |
!dumpstack |
view combined unmanaged & managed call stack |
!dumpheap [-stat][-type]... |
What\amount of objects and their taken space in the managed heap |
!DumpHeap -thinlock |
Show all the thin locks |
!syncblk |
Show all sync blocks that are owned by the current thread |
!mdso |
Dumps object references on the stack and in CPU registers in the current context (SOSEX) |
!eeheap -gc |
Get managed heap sizes |
!dumpgen <genNum> |
Dumps the contents of the specified generation (sosex) - TAKES TIME! |
!runaway |
CPU time of each thread |
!VerifyHeap |
Validates Managed Heap integrity |
!GCHandles |
Shows all hanldes in the process |
!GCHandleLeaks |
Attempts to find leaked handles |
!finalizequeue |
All the object that are in finalize queue |
!finq [genNum] [-stat] |
Displays objects in the finalization queue (sosex) |
!frq [-stat] |
Display objects in the Freachable queue (sosex) |
!dlk [-d] |
Displays deadlocks between SyncBlocks and/or ReaderWriterLocks, only managed (sosex) |
| Command | Usage |
|---|---|
!DumpDomain |
Dumps out application domain |
!Threadpool |
Dumps out information about CLR thread pool |
!DumpIL |
Dumps the IL for the specified address |
| Command | Usage |
|---|---|
.cls |
Clear screen |
~*e <command> |
Execute command for all threads - For example: ~*e!clrstack |
!help <command> |
Get more information about a command |