Advanced windows debugging

708 views

Published on

How do you deal with issues that happen in production? Error and Event logs are helpful but often they provide little to no help with things like deadlocks and memory leaks.
In this session we'll explore some low level utilities that allow us to take snapshots of running code and bring it back in house for analysis.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
708
On SlideShare
0
From Embeds
0
Number of Embeds
5
Actions
Shares
0
Downloads
40
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • We talk a lot about taking dumps.Please no toilet humour
  • Parameter is address = value? 64Which is really? 00000064Which is really? 0x00000064Because I am currently in base 16 which I now because of n
  • Advanced windows debugging

    1. 1. Advanced Windows Debugging Chris Ortman, Innovative Systems @chriso
    2. 2. About me Professional developer for 11 years Telecom Lots of web Language wonk Former Castle Contributor User Group Founder INETA Senior Mentor
    3. 3. About this talk Learn to troubleshoot systems in production using a low-level utility called windbg
    4. 4. Sometimes things go wrong in production
    5. 5. • Event Logs • Performance Monitor • Reproduce (Testing & Staging) • Capture a dump of the process and analyze
    6. 6. True Story
    7. 7. Obtaining a crash dump • Easiest way is with task manager • • • Be careful of .NET version and platform architecture. Best to have them match Other tools • • • DebugDiag - Automate capture of exceptions from IIS ADPlus – Take dumps from the command line ProcDump – Capture running application watches for thresholds
    8. 8. Install windbg • Download from Microsoft • Install via chocolatey • http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx Need to configure symbol paths SOS - .NET Debugging extension • Installed with .NET framework • Must be manually copied to windbg folder C:Program Files (x86)Windows Kits8.0Debuggers{x86,x64}
    9. 9. Symbol Paths symsrv*symsrv.dll*c:localsymbols*http://msdl.microsoft.com/download/symbols
    10. 10. Examine Heap !DumpHeap –stat !DumpHeap –Type Person We are looking for something with a high count of objects Sometimes we will take 2 dumps and look for what is changing !pe can print your exception
    11. 11. DumpObj We can see fields here. Value types we see the value Reference types we see the reference on the heap MethodTable EEClass
    12. 12. DumpMT Lookup for method invocation Very fast
    13. 13. DumpClass More info about each type Stuff you would get from reflection
    14. 14. GCRoot Find what is holding reference to your object Pass an address or -all
    15. 15. lm Shows the modules loaded into your program
    16. 16. !threads View managed threads ~ shows all threads ~Ns – switch to a thread ~N e – do something to that thread like: ~2 e !clrstack
    17. 17. Threads that are locked
    18. 18. !clrstack -p shows function arguments -l shows information on local variables (no names for these, just address) -a same as -l -p
    19. 19. Review • !DumpHeap – Look at all the objects in your process, memory leaks • !GCRoot – Find what is referencing the object • !GCWhere – Tells you if the runtime has tried to collect it • !DumpObj – Examine the internals of an object, figure out behavior • !DumpMT • !DumpClass • !threads – See whats going on right now, look for locks. Deadlocks • !clrstack – Drill into specific thread
    20. 20. More Resources • http://msdn.microsoft.com/en-us/library/bb190764(v=vs.110).aspx • http://www.slideshare.net/CoryFoy/debugging-net-applications-withwindbg • http://blogs.msdn.com/tess • http://windbg.info/
    21. 21. Thank You! Don’t forget to rate the talk Further questions http://tinyurl.com/rsdcc13 @chriso Firstnamelastname at gmail dot com

    ×