WinDBG 查看静态变量
本节主要介绍一下如何通过Windbg来查看静态变量的值,由于静态对象是被CLR直接引用的,因此在使用windbg查看无法从根对象逐级找到待查看对象,因此我的思路是用windbg在有引用到静态变量的函数内打上断点,在windbg在断点停下时,通过查看当前堆栈数据来查找到这个静态变量。
下面是系统中的一个片段,我的目的是要查看 s_htAllCtrl中的类容。
Code
我的思路如下:
1. 查询到待打断点的对象的MethodTable
2. 查看此MethodTable函数详细信息
3. 在需要打断点的函数上打算断点
4. 运行代码直到断点停下然后查看堆栈
5. 我要在函数的中间打断点,因此需要反汇编当前断点函数,然后在函数中间打断点
7. 在断点停下后,查看当前堆栈来取得待查参数的值
让我们一步一步的来吧:
1. 查询到函数地址
0:025> !Name2EE Sobey.MAM.SystemUI.Controls.dll Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar
Searching modules...
Module: 0017fdf8 (sobey.mam.systemui.controls.dll)
MethodTable: 0x06847e78
EEClass: 0x068aa800
Name: Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar
2. 查看函数
0:025> !dumpmt -md 0x06847e78
EEClass : 0x068aa800
Module : 0x0017fc20
Name: Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar
mdToken: 0x02000051 (d:\sony\sonaps\archive\app_server\sobey.mam.systemui.controls.dll)
BaseSize: 0xc
MethodTable Flags : 0x80000
Number of IFaces in IFaceMap : 0x0
Interface Map : 0x06847ed0
Slots in VTable : 9
--------------------------------------
MethodDesc Table
Entry MethodDesc JIT Name
0x799f6eb8 0x79b93010 PreJIT [DEFAULT] [hasThis] String System.Object.ToString()
0x799abbe8 0x79b93020 PreJIT [DEFAULT] [hasThis] Boolean System.Object.Equals(Object)
0x7999f680 0x79b93050 PreJIT [DEFAULT] [hasThis] I4 System.Object.GetHashCode()
0x79997c00 0x79b93070 PreJIT [DEFAULT] [hasThis] Void System.Object.Finalize()
0x0687e6c0 0x06847e08 JIT [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.HookScrollBar(Class System.Windows.Forms.Control)
0x06847e53 0x06847e58 None [DEFAULT] Boolean Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.ShowScrollBar(I,I4,Boolean)
0x0877c2f8 0x06847e18 JIT [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.c_VisibleChanged(Object,Class System.EventArgs)
0x0687e668 0x06847e28 JIT [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar..cctor()
0x06847e33 0x06847e38 None [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar..ctor()
3. 打断点
0:025> bp 0x0687e6c0
0:025> g
4. 查看堆栈
0:000> !clrstack
Thread 0
ESP EIP
0x0012e7f0 0x0687e6c0 [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.HookScrollBar(Class System.Windows.Forms.Control)
0x0012e7f4 0x087765b3 [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.ObjectList.UCObjectList..ctor()
at [+0x113] [+0x95]
0x0012e828 0x08776489 [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.ObjectList.UCDBObjectList..ctor()
at [+0x19] [+0xd]
0x0012e838 0x08773ff1 [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.CommandTaskMonitor.UCCommandTaskList..ctor()
0x0012e86c 0x0877337e [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.Console.ConsoleMainForm..ctor()
0x0012e990 0x7923c069 [FRAME: GCFrame]
0x0012ead0 0x7923c069 [FRAME: ECallMethodFrame] [DEFAULT] [hasThis] Object System.RuntimeType.CreateInstanceImpl(Boolean)
0x0012eae0 0x799b31bb [DEFAULT] Object System.Activator.CreateInstance(Class System.Type,Boolean)
0x0012eb04 0x0877314f [DEFAULT] [hasThis] Class Sobey.MAM.SystemUI.DockControls.IDockContent Sobey.MAM.AppServer.Console.ConsoleCarrierForm.GetContentFromPersistString(String)
0x0012eb3c 0x087717da [DEFAULT] Void Sobey.MAM.SystemUI.DockControls.DockPanelPersist.LoadFromXml(Class Sobey.MAM.SystemUI.DockControls.DockPanel,Class System.IO.Stream,Class Sobey.MAM.SystemUI.DockControls.DeserializeDockContent,Boolean)
0x0012f000 0x091af9cb [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.DockControls.DockPanel.LoadFromXml(Class System.IO.Stream,Class Sobey.MAM.SystemUI.DockControls.DeserializeDockContent)
0x0012f008 0x0687fd62 [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.Console.ConsoleCarrierForm.LoadDockLayout(Boolean)
0x0012f054 0x091af705 [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.Console.ConsoleCarrierForm.imgToolBar_ToolBarButtonClick(Object,Object,Class System.EventArgs)
0x0012f068 0x091af66e [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.Controls.ImgToolBar.button_Click(Object,Class System.EventArgs)
0x0012f09c 0x7b881fc4 [DEFAULT] [hasThis] Void System.Windows.Forms.Control.OnClick(Class System.EventArgs)
0x0012f0a8 0x7b885079 [DEFAULT] [hasThis] Void System.Windows.Forms.Control.WmMouseUp(ByRef ValueClass System.Windows.Forms.Message,ValueClass System.Windows.Forms.MouseButtons,I4)
0x0012f0ec 0x7b8234d0 [DEFAULT] [hasThis] Void System.Windows.Forms.Control.WndProc(ByRef ValueClass System.Windows.Forms.Message)
0x0012f100 0x7b823056 [FRAME: InlinedCallFrame]
5.反汇编当前断点
0:000> !u eip
Will print '>>> ' at address: 0x0687e6c0
Normal JIT generated code
[DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.HookScrollBar(Class System.Windows.Forms.Control)
Begin 0x0687e6c0, size 0xae
>>> 0687e6c0 55 push ebp
0687e6c1 8bec mov ebp,esp
0687e6c3 83ec14 sub esp,14h
0687e6c6 57 push edi
0687e6c7 56 push esi
0687e6c8 53 push ebx
0687e6c9 33c0 xor eax,eax
0687e6cb 8945ec mov dword ptr [ebp-14h],eax
0687e6ce c745f800000000 mov dword ptr [ebp-8],0
0687e6d5 8bf1 mov esi,ecx
0687e6d7 a1f0971602 mov eax,dword ptr ds:[021697F0h]
0687e6dc 8945ec mov dword ptr [ebp-14h],eax
0687e6df 8bc8 mov ecx,eax
0687e6e1 e896339372 call mscorwks!JIT_MonEnter (791b1a7c)
0687e6e6 8b0df0971602 mov ecx,dword ptr ds:[21697F0h]
0687e6ec 8bd6 mov edx,esi
0687e6ee 8b01 mov eax,dword ptr [ecx]
0687e6f0 ff5038 call dword ptr [eax+38h]
0687e6f3 25ff000000 and eax,0FFh
0687e6f8 7546 jne 0687e740
0687e6fa b98c57bc79 mov ecx,offset mscorlib_79990000+0x23578c (79bc578c)
0687e6ff e8143918fa call 00a02018mscorwks.pdb not exist
Use alternate method which may not work.
0687e704 8bf8 mov edi,eax
0687e706 68137e8406 push 6847E13h
0687e70b 8bcf mov ecx,edi
0687e70d 33d2 xor edx,edx
0687e70f e87f713473 call mscorlib_79990000+0x235893 (79bc5893) (System.EventHandler..ctor)
0687e714 8bd7 mov edx,edi
0687e716 8bce mov ecx,esi
0687e718 3909 cmp dword ptr [ecx],ecx
0687e71a ff15482d9e7b call dword ptr [system_windows_forms_7b810000+0x1d2d48 (7b9e2d48)] (System.Windows.Forms.Control.add_VisibleChanged)
0687e720 b9b0449106 mov ecx,69144B0h
0687e725 e8ee3818fa call 00a02018mscorwks.pdb not exist
Use alternate method which may not work.
0687e72a c6400400 mov byte ptr [eax+4],0
0687e72e c6400400 mov byte ptr [eax+4],0
0687e732 50 push eax
0687e733 8b0df0971602 mov ecx,dword ptr ds:[21697F0h]
0687e739 8bd6 mov edx,esi
0687e73b 8b01 mov eax,dword ptr [ecx]
0687e73d ff5050 call dword ptr [eax+50h]
0687e740 c745f400000000 mov dword ptr [ebp-0Ch],0
0687e747 c745f8fc000000 mov dword ptr [ebp-8],0FCh
0687e74e 6860e78706 push 687E760h
0687e753 eb00 jmp 0687e755
0687e755 8b4dec mov ecx,dword ptr [ebp-14h]
0687e758 e841359372 call mscorwks!JIT_MonExit (791b1c9e)
0687e75d 58 pop eax
0687e75e ffe0 jmp eax
0687e760 c745f800000000 mov dword ptr [ebp-8],0
0687e767 5b pop ebx
0687e768 5e pop esi
0687e769 5f pop edi
0687e76a 8be5 mov esp,ebp
0687e76c 5d pop ebp
0687e76d c3 ret
6.在汇编代码处打上断点
0:000> bp 0687e6e1
0:000> g
7. 查看当前堆栈信息,然后就可以检查堆栈上的参数
0:000> !dso
Thread 0
ESP/REG Object Name
ecx 0x1210e90 System.Collections.Hashtable
edx 0x19a1bf8 System.Windows.Forms.Panel
esi 0x19a1bf8 System.Windows.Forms.Panel
edi 0x1139b10 System.Reflection.Assembly
0x12e7d0 0x19a10b0 Sobey.MAM.SystemUI.ObjectList.UCDBObjectList
0x12e7d4 0x1139b10 System.Reflection.Assembly
0x12e7d8 0x1210e90 System.Collections.Hashtable
0:000> !clr10\sos.help
8. 查看当前参数的值
0:000> !dc 0x1210e90
Going to dump the Collection passed.
Collection 0x01210e90: System.Collections.Hashtable
buckets:
Address MT Class Name
key: 0x0120c870 0x0120c870 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x01210ef4 0x01210ef4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x01309220 0x01309220 0x7ba18fec System.Windows.Forms.Panel
val: 0x0130a6a4 0x0130a6a4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0130d7f8 0x0130d7f8 0x7ba270e4 System.Windows.Forms.TreeView
val: 0x01312288 0x01312288 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0124d328 0x0124d328 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x0124d7f4 0x0124d7f4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0131db60 0x0131db60 0x7ba18fec System.Windows.Forms.Panel
val: 0x0131dfb4 0x0131dfb4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0126c178 0x0126c178 0x7ba18fec System.Windows.Forms.Panel
val: 0x0126d0dc 0x0126d0dc 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x01313c7c 0x01313c7c 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x01313f84 0x01313f84 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x01234bac 0x01234bac 0x7ba18fec System.Windows.Forms.Panel
val: 0x01235a58 0x01235a58 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0123c664 0x0123c664 0x7ba270e4 System.Windows.Forms.TreeView
val: 0x0124a8c0 0x0124a8c0 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0120c314 0x0120c314 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x01210f30 0x01210f30 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0125ce1c 0x0125ce1c 0x7ba18fec System.Windows.Forms.Panel
val: 0x0125d270 0x0125d270 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
到这个时候,我就已经完全找到待查Hashtable的值了。
下面是系统中的一个片段,我的目的是要查看 s_htAllCtrl中的类容。
Code
我的思路如下:
1. 查询到待打断点的对象的MethodTable
2. 查看此MethodTable函数详细信息
3. 在需要打断点的函数上打算断点
4. 运行代码直到断点停下然后查看堆栈
5. 我要在函数的中间打断点,因此需要反汇编当前断点函数,然后在函数中间打断点
7. 在断点停下后,查看当前堆栈来取得待查参数的值
让我们一步一步的来吧:
1. 查询到函数地址
0:025> !Name2EE Sobey.MAM.SystemUI.Controls.dll Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar
Searching modules...
Module: 0017fdf8 (sobey.mam.systemui.controls.dll)
MethodTable: 0x06847e78
EEClass: 0x068aa800
Name: Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar
2. 查看函数
0:025> !dumpmt -md 0x06847e78
EEClass : 0x068aa800
Module : 0x0017fc20
Name: Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar
mdToken: 0x02000051 (d:\sony\sonaps\archive\app_server\sobey.mam.systemui.controls.dll)
BaseSize: 0xc
MethodTable Flags : 0x80000
Number of IFaces in IFaceMap : 0x0
Interface Map : 0x06847ed0
Slots in VTable : 9
--------------------------------------
MethodDesc Table
Entry MethodDesc JIT Name
0x799f6eb8 0x79b93010 PreJIT [DEFAULT] [hasThis] String System.Object.ToString()
0x799abbe8 0x79b93020 PreJIT [DEFAULT] [hasThis] Boolean System.Object.Equals(Object)
0x7999f680 0x79b93050 PreJIT [DEFAULT] [hasThis] I4 System.Object.GetHashCode()
0x79997c00 0x79b93070 PreJIT [DEFAULT] [hasThis] Void System.Object.Finalize()
0x0687e6c0 0x06847e08 JIT [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.HookScrollBar(Class System.Windows.Forms.Control)
0x06847e53 0x06847e58 None [DEFAULT] Boolean Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.ShowScrollBar(I,I4,Boolean)
0x0877c2f8 0x06847e18 JIT [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.c_VisibleChanged(Object,Class System.EventArgs)
0x0687e668 0x06847e28 JIT [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar..cctor()
0x06847e33 0x06847e38 None [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar..ctor()
3. 打断点
0:025> bp 0x0687e6c0
0:025> g
4. 查看堆栈
0:000> !clrstack
Thread 0
ESP EIP
0x0012e7f0 0x0687e6c0 [DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.HookScrollBar(Class System.Windows.Forms.Control)
0x0012e7f4 0x087765b3 [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.ObjectList.UCObjectList..ctor()
at [+0x113] [+0x95]
0x0012e828 0x08776489 [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.ObjectList.UCDBObjectList..ctor()
at [+0x19] [+0xd]
0x0012e838 0x08773ff1 [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.CommandTaskMonitor.UCCommandTaskList..ctor()
0x0012e86c 0x0877337e [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.Console.ConsoleMainForm..ctor()
0x0012e990 0x7923c069 [FRAME: GCFrame]
0x0012ead0 0x7923c069 [FRAME: ECallMethodFrame] [DEFAULT] [hasThis] Object System.RuntimeType.CreateInstanceImpl(Boolean)
0x0012eae0 0x799b31bb [DEFAULT] Object System.Activator.CreateInstance(Class System.Type,Boolean)
0x0012eb04 0x0877314f [DEFAULT] [hasThis] Class Sobey.MAM.SystemUI.DockControls.IDockContent Sobey.MAM.AppServer.Console.ConsoleCarrierForm.GetContentFromPersistString(String)
0x0012eb3c 0x087717da [DEFAULT] Void Sobey.MAM.SystemUI.DockControls.DockPanelPersist.LoadFromXml(Class Sobey.MAM.SystemUI.DockControls.DockPanel,Class System.IO.Stream,Class Sobey.MAM.SystemUI.DockControls.DeserializeDockContent,Boolean)
0x0012f000 0x091af9cb [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.DockControls.DockPanel.LoadFromXml(Class System.IO.Stream,Class Sobey.MAM.SystemUI.DockControls.DeserializeDockContent)
0x0012f008 0x0687fd62 [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.Console.ConsoleCarrierForm.LoadDockLayout(Boolean)
0x0012f054 0x091af705 [DEFAULT] [hasThis] Void Sobey.MAM.AppServer.Console.ConsoleCarrierForm.imgToolBar_ToolBarButtonClick(Object,Object,Class System.EventArgs)
0x0012f068 0x091af66e [DEFAULT] [hasThis] Void Sobey.MAM.SystemUI.Controls.ImgToolBar.button_Click(Object,Class System.EventArgs)
0x0012f09c 0x7b881fc4 [DEFAULT] [hasThis] Void System.Windows.Forms.Control.OnClick(Class System.EventArgs)
0x0012f0a8 0x7b885079 [DEFAULT] [hasThis] Void System.Windows.Forms.Control.WmMouseUp(ByRef ValueClass System.Windows.Forms.Message,ValueClass System.Windows.Forms.MouseButtons,I4)
0x0012f0ec 0x7b8234d0 [DEFAULT] [hasThis] Void System.Windows.Forms.Control.WndProc(ByRef ValueClass System.Windows.Forms.Message)
0x0012f100 0x7b823056 [FRAME: InlinedCallFrame]
5.反汇编当前断点
0:000> !u eip
Will print '>>> ' at address: 0x0687e6c0
Normal JIT generated code
[DEFAULT] Void Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar.HookScrollBar(Class System.Windows.Forms.Control)
Begin 0x0687e6c0, size 0xae
>>> 0687e6c0 55 push ebp
0687e6c1 8bec mov ebp,esp
0687e6c3 83ec14 sub esp,14h
0687e6c6 57 push edi
0687e6c7 56 push esi
0687e6c8 53 push ebx
0687e6c9 33c0 xor eax,eax
0687e6cb 8945ec mov dword ptr [ebp-14h],eax
0687e6ce c745f800000000 mov dword ptr [ebp-8],0
0687e6d5 8bf1 mov esi,ecx
0687e6d7 a1f0971602 mov eax,dword ptr ds:[021697F0h]
0687e6dc 8945ec mov dword ptr [ebp-14h],eax
0687e6df 8bc8 mov ecx,eax
0687e6e1 e896339372 call mscorwks!JIT_MonEnter (791b1a7c)
0687e6e6 8b0df0971602 mov ecx,dword ptr ds:[21697F0h]
0687e6ec 8bd6 mov edx,esi
0687e6ee 8b01 mov eax,dword ptr [ecx]
0687e6f0 ff5038 call dword ptr [eax+38h]
0687e6f3 25ff000000 and eax,0FFh
0687e6f8 7546 jne 0687e740
0687e6fa b98c57bc79 mov ecx,offset mscorlib_79990000+0x23578c (79bc578c)
0687e6ff e8143918fa call 00a02018mscorwks.pdb not exist
Use alternate method which may not work.
0687e704 8bf8 mov edi,eax
0687e706 68137e8406 push 6847E13h
0687e70b 8bcf mov ecx,edi
0687e70d 33d2 xor edx,edx
0687e70f e87f713473 call mscorlib_79990000+0x235893 (79bc5893) (System.EventHandler..ctor)
0687e714 8bd7 mov edx,edi
0687e716 8bce mov ecx,esi
0687e718 3909 cmp dword ptr [ecx],ecx
0687e71a ff15482d9e7b call dword ptr [system_windows_forms_7b810000+0x1d2d48 (7b9e2d48)] (System.Windows.Forms.Control.add_VisibleChanged)
0687e720 b9b0449106 mov ecx,69144B0h
0687e725 e8ee3818fa call 00a02018mscorwks.pdb not exist
Use alternate method which may not work.
0687e72a c6400400 mov byte ptr [eax+4],0
0687e72e c6400400 mov byte ptr [eax+4],0
0687e732 50 push eax
0687e733 8b0df0971602 mov ecx,dword ptr ds:[21697F0h]
0687e739 8bd6 mov edx,esi
0687e73b 8b01 mov eax,dword ptr [ecx]
0687e73d ff5050 call dword ptr [eax+50h]
0687e740 c745f400000000 mov dword ptr [ebp-0Ch],0
0687e747 c745f8fc000000 mov dword ptr [ebp-8],0FCh
0687e74e 6860e78706 push 687E760h
0687e753 eb00 jmp 0687e755
0687e755 8b4dec mov ecx,dword ptr [ebp-14h]
0687e758 e841359372 call mscorwks!JIT_MonExit (791b1c9e)
0687e75d 58 pop eax
0687e75e ffe0 jmp eax
0687e760 c745f800000000 mov dword ptr [ebp-8],0
0687e767 5b pop ebx
0687e768 5e pop esi
0687e769 5f pop edi
0687e76a 8be5 mov esp,ebp
0687e76c 5d pop ebp
0687e76d c3 ret
6.在汇编代码处打上断点
0:000> bp 0687e6e1
0:000> g
7. 查看当前堆栈信息,然后就可以检查堆栈上的参数
0:000> !dso
Thread 0
ESP/REG Object Name
ecx 0x1210e90 System.Collections.Hashtable
edx 0x19a1bf8 System.Windows.Forms.Panel
esi 0x19a1bf8 System.Windows.Forms.Panel
edi 0x1139b10 System.Reflection.Assembly
0x12e7d0 0x19a10b0 Sobey.MAM.SystemUI.ObjectList.UCDBObjectList
0x12e7d4 0x1139b10 System.Reflection.Assembly
0x12e7d8 0x1210e90 System.Collections.Hashtable
0:000> !clr10\sos.help
8. 查看当前参数的值
0:000> !dc 0x1210e90
Going to dump the Collection passed.
Collection 0x01210e90: System.Collections.Hashtable
buckets:
Address MT Class Name
key: 0x0120c870 0x0120c870 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x01210ef4 0x01210ef4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x01309220 0x01309220 0x7ba18fec System.Windows.Forms.Panel
val: 0x0130a6a4 0x0130a6a4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0130d7f8 0x0130d7f8 0x7ba270e4 System.Windows.Forms.TreeView
val: 0x01312288 0x01312288 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0124d328 0x0124d328 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x0124d7f4 0x0124d7f4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0131db60 0x0131db60 0x7ba18fec System.Windows.Forms.Panel
val: 0x0131dfb4 0x0131dfb4 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0126c178 0x0126c178 0x7ba18fec System.Windows.Forms.Panel
val: 0x0126d0dc 0x0126d0dc 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x01313c7c 0x01313c7c 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x01313f84 0x01313f84 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x01234bac 0x01234bac 0x7ba18fec System.Windows.Forms.Panel
val: 0x01235a58 0x01235a58 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0123c664 0x0123c664 0x7ba270e4 System.Windows.Forms.TreeView
val: 0x0124a8c0 0x0124a8c0 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0120c314 0x0120c314 0x7ba3d688 System.Windows.Forms.RichTextBox
val: 0x01210f30 0x01210f30 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
key: 0x0125ce1c 0x0125ce1c 0x7ba18fec System.Windows.Forms.Panel
val: 0x0125d270 0x0125d270 0x069144b0 Sobey.MAM.SystemUI.Controls.Skin.CoolScrollBar/ScrollBarCtrlMsg
到这个时候,我就已经完全找到待查Hashtable的值了。
