调试windbg中的.Net字符串值
我有一个.Net应用程序转储,它捕获了一个异常,我正在使用windbg进行分析,并对其中一个方法上的字符串参数值感兴趣。我已经隔离了字符串对象。我的windbg正在工作:调试windbg中的.Net字符串值,.net,debugging,windbg,postmortem-debugging,.net,Debugging,Windbg,Postmortem Debugging,我有一个.Net应用程序转储,它捕获了一个异常,我正在使用windbg进行分析,并对其中一个方法上的字符串参数值感兴趣。我已经隔离了字符串对象。我的windbg正在工作: 0:000> .loadby sos mscorwks 0:000> !dso OS Thread Id: 0x16f0 (0) RSP/REG Object Name 00000000001fe908 000000000f011440 System.AppDomainSetu
0:000> .loadby sos mscorwks
0:000> !dso
OS Thread Id: 0x16f0 (0)
RSP/REG Object Name
00000000001fe908 000000000f011440 System.AppDomainSetup
00000000001fe918 000000000f0335f8 System.ArgumentException
00000000001fe920 000000000f011b60 System.String
0:000> !do 000000000f011b60
Name: System.String
MethodTable: 000007feef477a80
EEClass: 000007feef07e530
Size: 538(0x21a) bytes
(C:\Windows\assembly\GAC_64\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll)
String: C:\Windows\Installer\MSI2D87.tmp
Fields:
MT Field Offset Type VT Attr Value Name
000007feef47ecf0 4000096 8 System.Int32 1 instance 257 m_arrayLength
000007feef47ecf0 4000097 c System.Int32 1 instance 179 m_stringLength
000007feef4794c8 4000098 10 System.Char 1 instance 43 m_firstChar
000007feef477a80 4000099 20 System.String 0 shared static Empty
>> Domain:Value 00000000029d02d0:000000000f011308 <<
000007feef479378 400009a 28 System.Char[] 0 shared static WhitespaceChars
>> Domain:Value 00000000029d02d0:000000000f0121f8 <<
System.IO.Path.CheckInvalidPathChars方法是使用在m_stringLength中找到的长度处理字符串,还是考虑了字符串本身的空终止?
如果你能发现我没有发现的东西,我也愿意接受这样一个事实,那就是还有其他问题。下面是System.IO.Path.CheckInvalidPathChars正在做的事情(至少在.NET 2.0中是这样):
如果可能的话,我会尝试模拟这个问题,通过检索精确的字符串(最大长度存储在m_stringLength中)并尝试重现这个问题。我会将内存中的实际字符串转储到文件中,以检查内容,而不只是查看windbg中的输出 这是我不久前写的一个Windbg脚本,用于将字符串转储到文件中
$$ Dumps the managed strings to a file
$$ Platform x86
$$ Usage $$>a<"c:\temp\dumpstringtofolder.txt" 6544f9ac 5000 c:\temp\stringtest
$$ First argument is the string method table pointer
$$ Second argument is the Min size of the string that needs to be used filter the strings
$$ Third is the path of the file
.foreach ($string {!dumpheap -short -mt ${$arg1} -min ${$arg2}})
{
$$ MT Field Offset Type VT Attr Value Name
$$ 65452978 40000ed 4 System.Int32 1 instance 71117 m_stringLength
$$ 65451dc8 40000ee 8 System.Char 1 instance 3c m_firstChar
$$ 6544f9ac 40000ef 8 System.String 0 shared static Empty
$$ start of string is stored in the 8th offset, which can be inferred from above
$$ Size of the string which is stored in the 4th offset
r@$t0= poi(${$string}+4)*2
.writemem ${$arg3}${$string}.txt ${$string}+8 ${$string}+8+@$t0
}
$$将托管字符串转储到文件中
$$平台x86
$$用法$$>a
for (int i = 0; i < path.Length; i++)
{
int num2 = path[i];
if (((num2 == 0x22) || (num2 == 60)) || (((num2 == 0x3e) || (num2 == 0x7c)) || (num2 < 0x20)))
{
throw new ArgumentException(Environment.GetResourceString("Argument_InvalidPathChars"));
}
}
public int Length { [MethodImpl(MethodImplOptions.InternalCall)] get; }
$$ Dumps the managed strings to a file
$$ Platform x86
$$ Usage $$>a<"c:\temp\dumpstringtofolder.txt" 6544f9ac 5000 c:\temp\stringtest
$$ First argument is the string method table pointer
$$ Second argument is the Min size of the string that needs to be used filter the strings
$$ Third is the path of the file
.foreach ($string {!dumpheap -short -mt ${$arg1} -min ${$arg2}})
{
$$ MT Field Offset Type VT Attr Value Name
$$ 65452978 40000ed 4 System.Int32 1 instance 71117 m_stringLength
$$ 65451dc8 40000ee 8 System.Char 1 instance 3c m_firstChar
$$ 6544f9ac 40000ef 8 System.String 0 shared static Empty
$$ start of string is stored in the 8th offset, which can be inferred from above
$$ Size of the string which is stored in the 4th offset
r@$t0= poi(${$string}+4)*2
.writemem ${$arg3}${$string}.txt ${$string}+8 ${$string}+8+@$t0
}