开发者

How to walk a native object in WinDbg?

I am investigating what is taking up lots of memory in my app. Using the !DumpObj command, I can get around the managed objects. But how do I do the equivalent for native objects? For example, this .NET object has a pointer to native code. I am stuck here... how do I do the equivalent of !DumpObj from here? I have all the source and symbols.

开发者_StackOverflow0:006> !DumpObj 0000000006222a50 
Name: Beriliun.GS.Internal.Signer
MethodTable: 000007ff00658548
EEClass: 000007ff00734170
Size: 24(0x18) bytes
 (d:\GS\bin\debug\LIBXT.dll)
Fields:
              MT    Field   Offset                 Type VT     Attr            Value Name
000007fef02f8448  4000647        8                  PTR  0 instance 000000002d7621e0 pSigner
0:006> !DumpObj 000000002d7621e0 
<Note: this object has an invalid CLASS field>
Invalid object


You can dump the object by running the following command:

!object address.

In addition also the object header can be dumped. The object header is always located at 18h bytes prior to the object in memory. It can be dumped with the following command

!dt nt!_object_header address-18h

To figure out the the type you might want in addition to also dump the object type. This can be achieved with the following command.

!dt nt!_object_type address-of-type

The address of the type is printed as part of the dump of the object header. The corresponding field name is Type.


The d* command should give you contents of the memory d


dt module!typedef addr

e.g., dt MyModule!MyClass 0x12345678

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜