Menu
I'm a developer but I've been seconded into a support role which, because of my development experience, mostly involves analysing crash dumps using windbg. I'm pretty confident doing this now but one thing I've been wondering is why there are many more native frames in the output of !dumpstack than there is in the output of the k commands. Isn't !dumpstack supposed to output the native stack interleaved with the managed stack?
209
in short, k walk frame pointer under x86, virtually unwind under x64, sos!dumpstack dump every possible code pointer (in executable page) sos can find on native stack space
95
answered Jan 24 '26 12:01
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
