advanced debugging with windbg and sos

Sasha Goldshtein

CTOSela Group

@goldshtnblog.sashag.net

Advanced Debugging with

WinDbg and SOS

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

AN HOUR FROM NOW,YOU’LL KNOW HOW TO:

Capture crash and hang dumps Pinpoint basic crash causes from

dumps Inspect heap objects and graphs to find

memory leaks Identify deadlocked threads

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

DUMPS 101

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

A DUMP IS A SNAPSHOT OF A RUNNING PROCESS. YOU CAN

SAVE IT, MOVE IT AROUND, AND ANALYZE IT LATER. YOU CAN’T

“DEBUG” IT.

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

TWO TYPES OF DUMPS:

Crash Dump The program crashed

Hang Dump The program didn’t crash

Yet

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

SYSINTERNALS PROCDUMP: TAKE DUMPS EASILY, ANYWHERE, AND

WITH NO PUN INTENDED.

Procdump -ma -e MyApp.exeProcdump -h -x C:\temp\myapp.exeProcdump -c 90 -n 3 -s 5 MyApp.exeProcdump -e 1 1234

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

CRASH ROOT CAUSE FROM A DUMP

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

DRAG AND DROP A DUMP FILE INTO VISUAL STUDIO. CLICK THE

GREEN BUTTON. VOILA, IT WORKS.*

* NITPICKER’S CORNER: YOU NEED SYMBOLS AND SOURCES TO BE LINED UP PROPERLY.

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

“

”

YOU WILL INSTALL VISUAL STUDIO ON MY BOXEN OVER MY DEAD BODY. GOOD DAY.

I SAID “GOOD DAY”.

Joe the IT Admin

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

10

ENTER:

WinDbg Lightweight GUI debugger

Super-scriptable

Super-extensible

Knows nothing about .NET

SOS WinDbg extension for .NET

Ships with .NET Framework

Or on the symbol server*

Knows all about .NET

* As of CLR 4.0, for GDR versions

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

TAKE 2:

Drag and drop a dump file into WinDbg. Hmm. Now what?

!analyze -v !PrintException!CLRStack .load sosex!mk !mdt

.for (r $t0=@ebp; poi(@$t0)!=0; r $t0=poi(@$t0)) { !mln poi(@$t0+4) }

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

MEMORY LEAKS: THE EASY WAY

Not in this talk. Shell out $500 for a decent memory profiler.

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

MEMORY LEAKS: THE HARD WAY

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

WHAT WE NEED:

1. A list of all heap objects

2. A diff of heap objects between dumps

3. Why these heap objects won’t go away

!dumpheap -stat !objsize!gcroot !refs

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

DEADLOCKS

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

WHAT WE NEED:

1. What is thread X waiting for

2. (Suppose it’s sync object Y)

3. Which thread owns sync object Y

!syncblk !mwaits!mlocks !dlk

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

ADDITIONAL REFERENCES

www.devconnections.com

ADVANCED DEBUGGING WITH WINDBG AND SOS

18

THANK YOU!

Sasha Goldshtein@goldshtn

sashag@sela.co.ilblog.sashag.net