I'm having trouble figuring out how to get to the address of a static .NET class member using WinDBG w/ SOS. Given an input program like this:
namespace windg_static_test
{
class StaticTest
{
public static bool static_bool_field = true;
public void show_and_set()
{
while (static_bool_field)
{
Console.WriteLine("static_bool_field = " + static_bool_field + "\nEnter new value: ");
static_bool_field = Console.ReadLine()[0] == '0' ? false : true;
}
}
}
class Program
{
static void Main(string[] args)
{
StaticTest st = new StaticTest();
st.show_and_set();
}
}
}
I can find the EEClass using !name2ee, and I can view the values using !dumpclass w/ the name2ee value.
0:004> !dumpclass 1c12e0
Class Name: windg_static_test.StaticTest
mdToken: 02000002
File: C:\Develop\Projects\windg static test\bin\Release\windg static test.exe
Parent Class: 64f84920
Module: 001c2e94
Method Table: 001c3844
Vtable Slots: 4
Total Method Slots: 6
Class Attributes: 100000
Transparency: Critical
NumInstanceFields: 0
NumStaticFields: 1
MT Field Offset Type VT Attr Value Name
65377208 4000001 1f System.Boolean 1 static 1 static_bool_field
But I can't seem to figure out how to get the address that the value is actually stored at. How is this done, in general?
Thanks, Eglin
Poking around the disassembly allowed me to see the static values being picked up from the .data segment. I wasn't able to figure out how to formulate a general-purpose solution to get the correct location from the offset that !dumpclass/!dumpobj give you for value-types, but the indexes do work fine for static reference type members on the heap once you figure out the base pointer. I'm guessing I'd have to delve into the details of the PE format to get better information on how information is stored in the .data segments, although I'm not exactly sure where to start or if it's worth pursuing at this point.
Thanks for the help, everyone.