Microsoft MVP성태의 닷넷 이야기
글쓴 사람
정성태 (techsharer at outlook.com)
홈페이지
첨부 파일
 

(시리즈 글이 5개 있습니다.)
디버깅 기술: 45. Windbg 확장 DLL 만들기 (1) - 스레드를 강제 종료시키는 명령어
; https://www.sysnet.pe.kr/2/0/1198

디버깅 기술: 46. Windbg 확장 DLL 만들기 (2) - Debugger Extension API 사용
; https://www.sysnet.pe.kr/2/0/1200

디버깅 기술: 118. windbg - 닷넷 개발자를 위한 MEX Debugging Extension 소개
; https://www.sysnet.pe.kr/2/0/11644

디버깅 기술: 160. Windbg 확장 DLL 만들기 (3) - C#으로 만드는 방법
; https://www.sysnet.pe.kr/2/0/12119

디버깅 기술: 177. windbg - (ASP.NET 환경에서 유용한) netext 확장
; https://www.sysnet.pe.kr/2/0/12462




windbg - 닷넷 개발자를 위한 MEX Debugging Extension 소개

초기 버전 때 써 보고는 그동안 소홀하다가 최근에 다시 다운로드해,

MEX Debugging Extension
; https://www.microsoft.com/en-us/download/details.aspx?id=53304

실습해 봤습니다. ^^

로드하고,

0:000> .load d:\wext\x64\mex.dll
Mex External 3.0.0.7172 Loaded!

help를 보니, 명령어가 너무 많이 추가되어 다 해 볼 엄두가 안 날 정도입니다. ^^;

!mex.help

몇 개 골라서 출력을 해볼까요? ^^

우선 aspnetcache는 신선하긴 하지만 출력 결과가 너무 많고 asp.net 자체가 쓰는 캐시도 많아서 실제 업무 프로그램을 대상으로 쓰게 될지는 잘 모르겠습니다.

0:074> !aspnetcache
CacheItem: 00000000ff2a2cc0
Key:       00000000ff2a2c48  "AResources.Resource" [19] (System.String)
Value:     00000000ff2a2ca0 (System.Web.Compilation.GlobalResXResourceProvider)

CacheItem: 00000000ff36e2c0
Key:       00000000ff36e280  "yapp_web_ymh0rpgj" [17] (System.String)
Value:     00000000ff36db00 (System.Reflection.RuntimeAssembly)

CacheItem: 00000000ff36e878
Key:       00000000ff36e810  "document.aspx.ac17e5c6" [37] (System.String)
Value:     00000001af315bc0 (System.Web.Compilation.BuildResultCompiledTemplateType)

CacheItem: 00000000ff400fd0
Key:       00000000ff400f90  "yapp_web_lfsxrg55" [17] (System.String)
Value:     00000000ff400600 (System.Reflection.RuntimeAssembly)

...[생략]...




"Dump All Exceptions"라는 의미의 "dae" 명령어도 예외가 제법 발생하는 현업 응용 프로그램에서는 시스템의 성능을 파악하기에는 너무 많은 출력에 난감할 수 있습니다. 단지 좋은 것은 예외 타입 별로 발생 빈도 수를 함께 출력해 주는 정도!

0:074> !dae
1 exceptions: 0x000000010f618470 
    In Generation: 0 from .NET v4.0.30319.296
    HResult: 0x80131904
    Type: System.Data.SqlClient.SqlException
    Message:  ...[생략]...
                   
    Stack Trace:

...[생략]...

29 exceptions: 0x00000000ff4acd00 0x00000000ff54a8e8 0x000000010fffc9e8 0x000000011f47fe90 0x000000011f4c3db0 0x000000012f4043a8 0x000000012f43bba8 0x000000012f469418 0x000000012f484fd8 0x000000013f5dfa20 ...
    In Generation: 0 from .NET v4.0.30319.296
    HResult: 0x80131530
    Type: System.Threading.ThreadAbortException
    Message: 스레드가 중단되었습니다.
    Stack Trace:
    SP               IP               Function
    000000001b6ee820 0000000000000000 System.Threading.Thread.AbortInternal()
    000000001b6ee820 000007ff029341c9 System.Threading.Thread.Abort(System.Object)
    000000001b6ee870 000007ff0293402d System.Web.HttpResponse.End()
    000000001b6ee8c0 000007ff02933eba DevExpress.Web.ASPxClasses.Internal.HttpUtils.EndResponse()




기존에 있던 sos 명령어에 "2"만 붙인 것은 외우기도 쉬우니 한번 써볼만합니다.

0:074> !clrstack2
DbgId ThreadId Apartment Kind       CLR            GC Mode    GC Suspending?
   74     b398 MTA       Background v4.0.30319.296 Preemptive no

Failed to evaluate rule SocketRule: Object reference not set to an instance of an object.
SP               IP               Function                                                                                                                                            Source
000000001b91cf38 0000000000000000 NDirectMethodFrameStandalone                 
000000001b91cf00 000007ff02870992 DomainNeutralILStubClass.IL_STUB_PInvoke(IntPtr, Byte*, Int32, System.Net.Sockets.SocketFlags)                 
000000001b91cfe0 000007ff02872890 System.Net.Sockets.Socket.Receive(Byte[], Int32, Int32, System.Net.Sockets.SocketFlags, System.Net.Sockets.SocketError ByRef)
000000001b91d0b0 000007ff028725b4 System.Net.Sockets.Socket.Receive(Byte[], Int32, Int32, System.Net.Sockets.SocketFlags)
...[생략]...
000000001b91d3b0 000007ff00f205f8 System.Threading.ExecutionContext.runTryCode(System.Object)
000000001b91dad8 0000000000000000 HelperMethodFrame_PROTECTOBJ [System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode, CleanupCode, System.Object)]
000000001b91dc00 000007ff00f1efe6 System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
000000001b91dc60 000007ff00f1eebb System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
000000001b91dcb0 000007ff011264dd System.Threading.ThreadHelper.ThreadStart()
000000001b91e108 0000000000000000 GCFrame
000000001b91e4f0 0000000000000000 DebuggerU2MCatchHandlerFrame
000000001b91e6c8 0000000000000000 ContextTransitionFrame

"2"가 붙은 명령어 중에 sos.do에 대한 것도 있습니다.

0:074> !do2 00000001bf2fc148
0x00000001bf2fc148 TestApp.Timer
  0000  _timer            : 000000013f2e1ff0 (TestApp.Startup)
  0008  _thread           : 00000001bf2fc218 (System.Threading.Thread)
  0010  _Packet           : 00000001bf2fc180 (System.Collections.Generic.Dictionary<System.Int32,System.Int32>)
  0018  _timeout          : 60000 (System.Int32)
  0020  _lastTick         : 00000001bf2fc170 2018-07-30 오후 9:39:02 (System.DateTime)

sos.do에서는 DateTime 값을 알아내는 게 번거로웠는데,

windbg - 메모리 덤프로부터 DateTime 형식의 값을 알아내는 방법
; https://www.sysnet.pe.kr/2/0/11313

do2에서는 출력 결과에 DateTime을 풀어서 출력해 주므로 요긴하게 써먹을 수 있을 것 같습니다.




예전에 닷넷 모듈을 저장하는 방법을 python 스크립트를 이용해 설명하기도 했는데요,

windbg - 풀 덤프 파일로부터 .NET DLL을 추출/저장하는 방법
; https://www.sysnet.pe.kr/2/0/10943

windbg - 풀 덤프에 포함된 모든 닷넷 모듈을 파일로 저장하는 방법
; https://www.sysnet.pe.kr/2/0/11297

mex에 이를 위한 명령어가 있으니 활용하면 되겠습니다.

!mex.writemodule -a -p "destination path"

그런데 아쉽게도 닷넷 모듈에 대해서는 "windbg - 풀 덤프 파일로부터 .NET DLL을 추출/저장하는 방법" 글에서 설명한 lm 명령어의 결과로 나오는 모듈만 저장하는 한계가 있습니다. 따라서 특별한 경우가 아니라면 결국 "windbg - 풀 덤프에 포함된 모든 닷넷 모듈을 파일로 저장하는 방법" 글의 내용대로 pykd를 이용해 저장하는 것이 더 좋습니다.




SQL Connection 객체의 현황을 파악해 주는 명령어도 있습니다.

0:074> !sqlcn
Searching .NET Heap for SQL Pool Objects..
Pool Address     Connections Active Connections Max Pool Size Min Pool Size Connection Info
================ =========== ================== ============= ============= =======================================================
000000010f328600           1                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB (more)
000000011f328178           1                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB (more)
000000013f428d10           2                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB2 (more)
000000018f333af0           1                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB (more)
00000001af2cf420           7                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB2 (more)
00000001bf32c910           1                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB2 (more)
00000001cf31a250           3                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB (more)
00000001cf393070           1                  0           100             0 DataSource=TestDB;InitialCatalog=UnitTestDB2 (more)
8 connection pools holding 17 connections
0 connections are active, where active means that Close() has not been called

서버 프로그램의 성능을 가장 크게 좌우하는 항목이다 보니 아마 제일 먼저 실행하고 싶은 명령어가 될 것입니다.




DebugDaig Analysis로 분석 시 호출 스택 별 스레드 모아주기 기능도 "unique stack"이라는 의미의 명령어로 제공하고 있습니다.

0:074> !us
1 thread [stats]: 0
    000000007748f6fa ntdll!NtWaitForSingleObject+0xa
    000007fefd6c10dc KERNELBASE!WaitForSingleObjectEx+0x79
    000007fef9eb41bc w3wphost!AppHostInitialize+0x278
    00000000ff273c60 w3wp!wmain+0x470
    00000000ff2711f1 w3wp!PerfStopProvider+0x19b
    000000007733f34d kernel32!BaseThreadInitThunk+0xd
    0000000077472ca1 ntdll!RtlUserThreadStart+0x1d

4 threads [stats]: 22 23 24 25
    000000007748f74a ntdll!NtRemoveIoCompletion+0xa
    000007fefd6c162d KERNELBASE!GetQueuedCompletionStatus+0x39
    000000007732bbd1 kernel32!GetQueuedCompletionStatusStub+0x11
    000007fef3f752d3 iisfcgi!TRANSPORT::WorkerThread+0x2b
    000000007733f34d kernel32!BaseThreadInitThunk+0xd
    0000000077472ca1 ntdll!RtlUserThreadStart+0x1d
...[생략]...




프로세스의 다양한 정보와 명령행 인자를 확인하는 것도 가능합니다.

0:074> !mex.p
Name     Ses PID            PEB              Mods Handle Thrd
======== === ============== ================ ==== ====== ====
w3wp.exe   0 6488 (0n25736) 000007fffffdb000  322   2755  126

CommandLine: c:\windows\system32\inetsrv\w3wp.exe -ap "AppPool_TestApp" -v "v4.0" -l "webengine4.dll" -a \\.\pipe\iisipmffbc8bd0-f622-4b2e-a64d-f27c02bca3c3 -h "C:\inetpub\temp\apppools\AppPool_TestApp.config" -w "" -m 0 -t 20
Last event: 6488.4da0: Break instruction exception - code 80000003 (first/second chance not available)

Show Threads: Unique Stacks    !listthreads (!lt)    ~*kv

부가적으로 환경 변수를 알고 싶을 땐 다음의 글을 참조하시고.

windbg - 덤프 파일로부터 PID와 환경 변수 등의 정보를 구하는 방법
; https://www.sysnet.pe.kr/2/0/11478




이외에도 다음과 같은 명령어가 있으니... 틈틈이 실행해 보시면 좋을 것입니다. ^^

0:074>  !mex.help -all
Command                                     Description                                                                                                                                              Category     Owner
=========================================== ======================================================================================================================================================== ============ ===========
addr                                        Display information about an address                                                                                                                     Kernel       mexfeedback
afd                                         Afd Command Help                                                                                                                                         Networking   mexfeedback
aspnetcache                  (!aspnetcache) Display the ASP.NET Cache                                                                                                                                DotNet       mexfeedback
aspxpagesext                                Like !aspxpages, but more powerful                                                                                                                       DotNet       mexfeedback
atom                                        Dumps user mode atom table                                                                                                                               Utility      mexfeedback
backtrace                             (!bt) Displays the stack backtrace for the specified index into ntdll!RtlpStackTraceDatabase                                                                   General      mexfeedback
base64                               (!b64) Displays or saves base64 data                                                                                                                            General      mexfeedback
beep                                        Beeps                                                                                                                                                    Utility      mexfeedback
bin                                         Displays binary information located at the given address                                                                                                 Utility      mexfeedback
bits2                                 (!b2) Executes a command with all possible values of a single bit flip                                                                                         Utility      mexfeedback
bl                                          Replaces the built in breakpoint list (bl) command with DML'd version                                                                                    Utility      mexfeedback
bp                                          Replaces the built in breakpoint (bp) command with a DML'd version                                                                                       Utility      mexfeedback
cache                                  (!c) Cache the output of a command to replay later                                                                                                            Utility      mexfeedback
chkall                                      Shortcut for !chkimg against all modules                                                                                                                 Binaries     mexfeedback
classtype                             (!ct) Tries to determine the C++ class type of a pointer                                                                                                       General      mexfeedback
clipboard2                                  Gets/Sets text on the clipboard, or enable/disable clipboard access                                                                                      Utility      mexfeedback
clrstack2                            (!ck2) Prints the stack trace of a managed thread                                                                                                               DotNet       mexfeedback
clusdisk                                    Shows all the disk cluster is aware of for W2k3 - W28R2                                                                                                  General      mexfeedback
codescope                                   Prints all available code analysis checklists                                                                                                            Decompile    mexfeedback
commandline                           (!cl) Prints out the command line of a process                                                                                                                 General      mexfeedback
comment                                     Displays the comments for the dump                                                                                                                       Utility      mexfeedback
computername                          (!cn) Computer Name Command Help                                                                                                                               Utility      mexfeedback
conhost                              (!con) Displays console host (conhost.exe) info                                                                                                                 Process      mexfeedback
context                                (!w) Prints out the current implicit process and thread context (e.g. where am I)                                                                             General      mexfeedback
cordll                            (!cordll) Displays available CLR versions                                                                                                                          DotNet       mexfeedback
count                                       Counts the number of lines returned by a command                                                                                                         Utility      mexfeedback
criticalsection                       (!cs) CS - Displays details for a critical section                                                                                                             General      mexfeedback
cut                                         Filters output, removing unwanted areas                                                                                                                  Utility      mexfeedback
da                                          Displays an ANSI string                                                                                                                                  Utility      mexfeedback
dae                    (!DumpAllExceptions) Replacement for !dae                                                                                                                                     DotNet       mexfeedback
ddt                                         Wrapper for dt that adds some DML                                                                                                                        Utility      mexfeedback
decodeoplockstate                   (!dols) Decode an OpLockState to human readable values                                                                                                           General      mexfeedback
decompilemember                             Decompile and print psuedo-C# source code for the given [MemberName]                                                                                     Decompile    mexfeedback
decompiletype                               Decompile and print psuedo-C# source code for the given [TypeName]                                                                                       Decompile    mexfeedback
deferredready                        (!dfr) Shows the current deferredready threads                                                                                                                  Thread       mexfeedback
delegaterefs                       (!drefs) Displays information about objects referenced by delegates                                                                                               DotNet       mexfeedback
desktop                         (!desktops) Displays the desktops for the Windows Stations                                                                                                           Kernel       mexfeedback
deviceobject                        (!devo) Displays information about a device object                                                                                                               Kernel       mexfeedback
dhcp                                        Displays information for the DHCP server process                                                                                                         Networking   mexfeedback
diffimg                                     Compares the process' loaded module list with a scan of memory and displays any differences                                                              Binaries     mexfeedback
displayobj                           (!do2) Display a managed object structure                                                                                                                       DotNet       mexfeedback
dnsclient                           (!dnsc) Displays the DNS client cache, and includes many other features for the DNS Client service.                                                              Networking   mexfeedback
dr                                          Displays registers showing volatile registers highlighted with (*)                                                                                       General      mexfeedback
driverobject                        (!drvo) Displays details about a driver object                                                                                                                   Kernel       mexfeedback
dtpool                               (!dtp) Displays information about a pool allocation, if it is a known pooltag we will 1. Try to run the correct extension, or 2. Just dt the structure for you. Kernel       mexfeedback
du                                          Displays a Unicode string                                                                                                                                Utility      mexfeedback
dumpaspnetsession                           Prints information on ASP.NET InProc Sessions                                                                                                            DotNet       mexfeedback
dumpdataset                                 Dumps a list of all DataSet objects                                                                                                                      DotNet       mexfeedback
dumpdotsourcedfiles                         Outputs any dot sourced Powershell files optionally with their accompanying script blocks                                                                PowerShell   mexfeedback
dumpdynamicassemblies2              (!dda2) Like !DumpDynamicAssemblies, but better                                                                                                                  DotNet       mexfeedback
dumphttpruntime2                            Dumps the HttpRuntime objects on the heap                                                                                                                DotNet       mexfeedback
dumpinfo                              (!di) Display dump information                                                                                                                                 Utility      mexfeedback
dumppsvariables                             Outputs the Powershell Variables of the currently running script on the current thread                                                                   PowerShell   mexfeedback
dumpstackpscommands                         Outputs the commands, cmdlets, etc. found on the current thread including those referenced by other objects on the thread.                               PowerShell   mexfeedback
dumpstackpsobjects                          Outputs the PSObjects found on the current thread including those referenced by other objects on the thread.                                             PowerShell   mexfeedback
dumpstackstrings                     (!dss) Displays all the strings on the stack                                                                                                                    Thread       mexfeedback
dumptime                                    Time Information                                                                                                                                         Utility      mexfeedback
dumpwcfmessage                    (!wcfmsg) Dumps information about a WCF buffered message                                                                                                           DotNet       mexfeedback
dumpwindowsurfaces                   (!dws) Dump window surfaces to a directory                                                                                                                      Kernel       mexfeedback
eresource                           (!eres) Displays details for a nt!_ERESOURCE                                                                                                                     Kernel       mexfeedback
evt                                         Show detail for a nt!_KEVENT                                                                                                                             Kernel       mexfeedback
exec                                        Runs a series of commands. Use this instead of using semicolons                                                                                          Utility      mexfeedback
executive                                   Displays details on threads waiting on the executive                                                                                                     Thread       mexfeedback
fileobject                            (!fo) Displays information about a given file object                                                                                                           Kernel       mexfeedback
fileserver                            (!fs) Displays thread running the SRV.sys or SRV2.sys drivers, excluding threads waiting on inbound work                                                       General      mexfeedback
finalizable                  (!finalizable) Displays information about finalizable objects in the GC Heap                                                                                            DotNet       mexfeedback
fixthis                                     Preface a broken command with this one to open an email and send it to the Mex team (e.g. !fixthis !otherMexCommandThatDidNotWork                        Mex          mexfeedback
foreachcpu                           (!fec) Executes a command on each processor                                                                                                                     Kernel       mexfeedback
foreachframe                         (!fef) An implementation of !for_each_frame that supports filtering and sets the context before executing                                                       Thread       mexfeedback
foreachitem                          (!fei) Iterates through a list, executing a command for each item.                                                                                              Utility      mexfeedback
foreachline                          (!fel) Runs a command against every line of data                                                                                                                Utility      mexfeedback
foreachmatchingstack                (!fems) Run a command against identical stacks                                                                                                                   Thread       mexfeedback
foreachmodule                        (!fem) An implementation of !for_each_module that supports filtering                                                                                            Binaries     mexfeedback
foreachobject                        (!feo) Runs a command against each CLR object                                                                                                                   DotNet       mexfeedback
foreachprocess                       (!fep) An implementation of !for_each_process that supports filtering and sets the context before executing                                                     Kernel       mexfeedback
foreachthread                        (!fet) An implementation of .for_each_thread that works in user and kernel mode                                                                                 Thread       mexfeedback
gatewait                                    Shows threads with a state of GateWait                                                                                                                   Thread       mexfeedback
gchandleinfo                    (!gchandle) Displays information on GC Handles                                                                                                                       DotNet       mexfeedback
gcheapinfo                          (!gchi) Get info on the managed GC Heap                                                                                                                          DotNet       mexfeedback
grep                                        Search the output of a command for a specific string or pattern                                                                                          Utility      mexfeedback
handlefind                            (!hf) Find handles for a given kernel object                                                                                                                   General      mexfeedback)
head                                        Displays the first X lines of a command's output                                                                                                         Utility      mexfeedback
help                                        Help                                                                                                                                                     General      mexfeedback
httpheaders                                 Print the contents of an HttpHeaderCollection                                                                                                            DotNet       mexfeedback
if                                   (!mif) Condition detection based on command output                                                                                                              Utility      mexfeedback
il                                          Prints the IL for the specified method                                                                                                                   Decompile    mexfeedback
ilspy                                       Automatically extracts the module from the dump, and launches ILSpy                                                                                      DotNet       mexfeedback
imports                                     Displays the import table for a module                                                                                                                   Binaries     mexfeedback
initialized                         (!init) Shows the current threads in the initialized state                                                                                                       Thread       mexfeedback
interpretrawstack                    (!irs) This command dumps the raw stack and interprets the values as symbols, and as unicode and ansi strings. It will also highlight start and end of frames   General      mexfeedback
ip                                          Converts an address into an IP address format                                                                                                            Networking   mexfeedback
irpbyfilename                       (!ibfn) Dump any IRP containing the specified text in filename                                                                                                   General      mexfeedback
ldap                                        Displays LDAP client or server details                                                                                                                   Process      mexfeedback
listthreads                           (!lt) Displays a list of threads                                                                                                                               Thread       mexfeedback
listticks                         (!lticks) Show tick counts for threads                                                                                                                             Kernel       mexfeedback
loop                                        Loops either forwards or backwards through a series of numbers with variable replacement                                                                 Utility      mexfeedback
managedthreads                  (!mthreads) A !threads look-alike, with !aspxpagexext-like output                                                                                                    DotNet       mexfeedback
mappeddrives                     (!mdrives) Displays mapped drives                                                                                                                                   Process      mexfeedback
messagequeue                          (!mq) Displays message queue                                                                                                                                   Kernel       mexfeedback
mheap                                       A DML'd version of !heap.                                                                                                                                Process      mexfeedback
mirp                                        Displays IRP details (replaces !irp)                                                                                                                     Kernel       mexfeedback
mirpfind                                    Mex version of IRPFIND                                                                                                                                   Kernel       mexfeedback
mods                                        Displays modules loaded in a process                                                                                                                     Binaries     mexfeedback
more                                        Runs a command in paged mode, asking for input every X lines                                                                                             Utility      mexfeedback
mreg                                        This is a DML'd version of !reg                                                                                                                          Kernel       mexfeedback
mrmsg                                (!msg) Interprets a Windows message                                                                                                                             Utility      mexfeedback
mup                                         Displays info for the Multiple UNC Provider (MUP)                                                                                                        Networking   mexfeedback
ncsi                                        Displays Network Connectivity Status Indicator (NCSI) configuration                                                                                      Networking   mexfeedback
ndao                                        Native Dump ALL Objects - Potentially very slow                                                                                                          General      mexfeedback
ndro                                        Native Dump Register Objects                                                                                                                             General      mexfeedback
ndso                                        Native Dump Stack Objects                                                                                                                                Thread       mexfeedback
net                                         Net Command Help                                                                                                                                         Networking   mexfeedback
obj                                         Displays details for a given kernel object (object manager)                                                                                              Kernel       mexfeedback
objectsummary                               Outputs object analysis summary                                                                                                                          DotNet       mexfeedback
obtrace                                     Dumps the trace information for an object                                                                                                                Kernel       mexfeedback
oracleclientperfcounters                    Display System.Data.OracleClient performance counters                                                                                                    DotNet       mexfeedback
outline                               (!ol) Outlines the calls inside a given function                                                                                                               Utility      mexfeedback
p                                           Displays process details                                                                                                                                 Process      mexfeedback
parsemem                                    Walks a range of memory and counts unique byte sequences                                                                                                 Kernel       mexfeedback
phandles                              (!ph) Shows a list of currently open printer handles                                                                                                           General      mexfeedback
pingtrack                                   Pingtrack command                                                                                                                                        Networking   mexfeedback
printdbcommand                              Prints information about a DBCommand object                                                                                                              DotNet       mexfeedback
printexception2                      (!pe2) Like !PrintException, with DML                                                                                                                           DotNet       mexfeedback
printmanifest                               Prints the assembly manifest for the specified module                                                                                                    Decompile    mexfeedback
printmembers                                Scans specified module and type [Module!TypeName] and prints all members                                                                                 Decompile    mexfeedback
printtypes                                  Scans specified [Module] and prints all types                                                                                                            Decompile    mexfeedback
psrunspace                                  Outputs the runspaces in the process.                                                                                                                    PowerShell   mexfeedback
psscriptblock                               Outputs the script blocks in the process.                                                                                                                PowerShell   mexfeedback
rasmans                                     Displays the rasmans!ConnectionBlockList                                                                                                                 Networking   mexfeedback
readfile                                    Read a file from the filesystem and display the output in the debugger                                                                                   Utility      mexfeedback
ready                                (!rdy) Shows the currently ready threads                                                                                                                        Thread       mexfeedback
rollup                                (!ru) Takes an input value and rolls it up to the appropriate bucket (e.g. bytes to GB)                                                                        Utility      mexfeedback
runaway2                                    Runaway2.. Replacement for !runaway                                                                                                                      General      mexfeedback
runcheck                       (!runchecks) runs the specified check(s) on the specified module(s)                                                                                                   Decompile    mexfeedback
runchecklist                                runs the specified checklist(s) on the specified module(s)                                                                                               Decompile    mexfeedback
running                              (!cpu) (Kernel mode only) A brief overview of currently executing threads                                                                                       Thread       mexfeedback
rxirps                                      Displays the list of IRPs stored in rdbss!RxIrpsList                                                                                                     Kernel       mexfeedback
sccm                                        SCCM                                                                                                                                                     SystemCenter mexfeedback
scom                                  (!om) Utilities for SC Operations Manager.                                                                                                                     SystemCenter mexfeedback
scsm                                  (!sm) Utilities for SC Service Manager                                                                                                                         SystemCenter mexfeedback
searchthreadstacks                   (!sts) Searches thread stacks for a value                                                                                                                       Thread       mexfeedback
services                         (!service) Displays details about services. Requires access to the usermode address space of services.exe (userdump of services.exe or complete memory dump)        General      mexfeedback
settings                                    Mex Settings                                                                                                                                             Mex          mexfeedback
sort                                        Sort command                                                                                                                                             Utility      mexfeedback
spdisposecheck                              Executes the SharePoint Dispose and Do Not Dispose Checklist items                                                                                       Decompile    mexfeedback
sqlclientperfcounters                       Display System.Data.SqlClient performance counters                                                                                                       DotNet       mexfeedback
sqlcmd                                      Provides information about ADO.NET Commands to SQL Server                                                                                                DotNet       mexfeedback
sqlcn                                       Provides an overview of ADO.NET connections to SQL Server                                                                                                DotNet       mexfeedback
sqlports                        (!sqlports) Gets the local and remote TCP ports from a SqlConnection object                                                                                          DotNet       mexfeedback
srvnet                                      Displays info on SRVNET                                                                                                                                  Networking   mexfeedback
standby                              (!sby) Shows the current standby threads                                                                                                                        Thread       mexfeedback
staticfields                                Display static fields of a managed type                                                                                                                  DotNet       mexfeedback
strings                                     Prints out readable strings in an address range                                                                                                          Utility      mexfeedback
sum                                  (!sum) Sums the output returned by a command                                                                                                                    Utility      mexfeedback
suspended                                   Displays details on suspended threads                                                                                                                    Thread       mexfeedback
svcreg                                      Dumps the passed in service/driver registry key                                                                                                          General      mexfeedback
svcthreads                    (!svcthreads) Find threads executing WCF services                                                                                                                      DotNet       mexfeedback
t                                           A new implementation of !thread for user & kernel mode                                                                                                   Thread       mexfeedback
tac                                         Writes input to console, last line first.                                                                                                                Utility      mexfeedback
tag                                         Searches kernel modules for a given pooltag                                                                                                              Kernel       mexfeedback
tail                                        Displays the final X lines of a command's output                                                                                                         Utility      mexfeedback
tasklist                              (!tl) Displays information about running tasks (processes)                                                                                                     Kernel       mexfeedback
tasktriage                         (!tasks) Analyzes the System.Threading.Tasks.Task objects still on the heap.                                                                                      DotNet       mexfeedback
tcpip                                (!tcp) TCP/IP - Gets TCP and UDP ports from Kernel Memory                                                                                                       Networking   mexfeedback
threadpool                            (!tp) Displays information regarding NTDLL thread pools                                                                                                        Thread       mexfeedback
threadreport                        (!trep) Displays a thread report.                                                                                                                                Thread       mexfeedback
time                                        Time how long a command takes to execute                                                                                                                 Utility      mexfeedback
tr                               (!replace) Search and Replace. Translate a char/string into another char/string.                                                                                    Utility      mexfeedback
transition                         (!trans) Shows the current threads in the transition state                                                                                                        Thread       mexfeedback
udescan                         (!manalyze) Scans dump for known issues and displays them in human-readable format.                                                                                  Utility      mexfeedback
uniqlines                             (!ul) Prints each line of output and a count of how many times they appeared                                                                                   Utility      mexfeedback
uniquestacks                          (!us) Like the built-in !uniqstacks except it associates thread IDs with the stack traces                                                                      Thread       mexfeedback
userrequest                                 Displays details on threads with a wait reason of UserRequest                                                                                            Thread       mexfeedback
vadmodules                          (!vadm) Lists the vads of a process.                                                                                                                             Kernel       mexfeedback
ver                                         Displays OS version info                                                                                                                                 Utility      mexfeedback
vss                                         Vss Command Help                                                                                                                                         Kernel       mexfeedback
wcfperfcounters                             Dumps performance counters for WCF services                                                                                                              DotNet       mexfeedback
wcftcpconnectionpools               (!wtcp) Display WCF Net.TCP connection pools                                                                                                                     DotNet       mexfeedback
whocalls                                    Scans all loaded managed modules and finds methods that call [MethodName]                                                                                Decompile    mexfeedback
whoimplements                               Scans all loaded managed modules and finds types that implement [InterfaceName]                                                                          Decompile    mexfeedback
whoinherits                                 Scans all loaded managed modules and finds types that inherit [TypeName]                                                                                 Decompile    mexfeedback
whonews                                     Scans all loaded managed modules and finds methods that construct [TypeName]                                                                             Decompile    mexfeedback
whopins                                     Scans managed modules and all finds methods that pin objects of a given [TypeName] or all types                                                          Decompile    mexfeedback
window                               (!wnd) Displays windows for each desktop. You must be in the context of a given session to see that session's windows                                           Kernel       mexfeedback
windowstation                     (!winsta) Display details for windows station(s)                                                                                                                   Kernel       mexfeedback
winnsi                                      winnsi Command Help                                                                                                                                      Networking   mexfeedback
wq                                          Displays executive work queue threads                                                                                                                    Kernel       mexfeedback
wrcpuratecontrol                            Displays details on threads with a wait reason of WrCpuRateControl                                                                                       Thread       mexfeedback
wrexecutive                                 Displays details on threads waiting on the executive                                                                                                     Thread       mexfeedback
wrfastmutex                                 Displays details on threads waiting for a Fast Mutex                                                                                                     Thread       mexfeedback
wrfreepage                                  Displays details on threads with a wait reason of WrFreePage                                                                                             Thread       mexfeedback
writefile                                   Runs a command and writes the data to a file                                                                                                             Utility      mexfeedback
writemodule                                 Writes a module to your temp directory                                                                                                                   Binaries     mexfeedback
wrlpcreceive                        (!lpcs) Displays details on LPC/ALPC server threads                                                                                                              Thread       mexfeedback
wrresource                                  Displays details on threads with a wait reason of WrResource                                                                                             Thread       mexfeedback
x                                           Wrapper for x that adds some DML                                                                                                                         General      mexfeedback
xx                                    (!x2) Replacement for !x                                                                                                                                       General      mexfeedback




[이 글에 대해서 여러분들과 의견을 공유하고 싶습니다. 틀리거나 미흡한 부분 또는 의문 사항이 있으시면 언제든 댓글 남겨주십시오.]







[최초 등록일: ]
[최종 수정일: 8/8/2018]

Creative Commons License
이 저작물은 크리에이티브 커먼즈 코리아 저작자표시-비영리-변경금지 2.0 대한민국 라이센스에 따라 이용하실 수 있습니다.
by SeongTae Jeong, mailto:techsharer at outlook.com

비밀번호

댓글 작성자
 




... 196  197  198  199  200  201  [202] 
NoWriterDateCnt.TitleFile(s)
2정성태6/14/200646140COM 개체 관련: 1. IWebBrowser2와 IHTMLDocument2의 상호 변환 [2]
1정성태7/17/200330715스크립트: 1. IE 의 훌륭한 저장기능 - userData
... 196  197  198  199  200  201  [202]