How to walk a native object in WinDbg?
I am investigating what is taking up lots of memory in my app. Using the !DumpObj command, I can get around the managed objects. But how do I do the equivalent for native objects? For example, this .NET object has a pointer to native code. I am stuck here... how do I do the equivalent of !DumpObj from here? I have all the source and symbols.
开发者_StackOverflow0:006> !DumpObj 0000000006222a50
Name: Beriliun.GS.Internal.Signer
MethodTable: 000007ff00658548
EEClass: 000007ff00734170
Size: 24(0x18) bytes
(d:\GS\bin\debug\LIBXT.dll)
Fields:
MT Field Offset Type VT Attr Value Name
000007fef02f8448 4000647 8 PTR 0 instance 000000002d7621e0 pSigner
0:006> !DumpObj 000000002d7621e0
<Note: this object has an invalid CLASS field>
Invalid object
You can dump the object by running the following command:
!object address.
In addition also the object header can be dumped. The object header is always located at 18h bytes prior to the object in memory. It can be dumped with the following command
!dt nt!_object_header address-18h
To figure out the the type you might want in addition to also dump the object type. This can be achieved with the following command.
!dt nt!_object_type address-of-type
The address of the type is printed as part of the dump of the object header. The corresponding field name is Type.
The d* command should give you contents of the memory d
dt module!typedef addr
e.g., dt MyModule!MyClass 0x12345678
精彩评论