{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 聊天终结者 的问题《How does VC++ mangle local static variable names?》','https://www.manongdao.com/q-1356202.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Here's some code I have:
MyClass* MyClass::getInstance()
{
static MyClass instance;
return &instance;
}
I want to look into this singleton's current values. But I'm currently paused three hours into execution, and the reason I'm paused is that I'm out of memory. So I can't put a breakpoint in this method there to see what the value is.
My question then is how to refer to this instance variable from a global scope. I've tried referring to it as MyClass::getInstance::instance but that doesn't work. I'm guessing getInstance has to be decorated somehow. Anyone know how?
This is in Visual Studio 2008.
That code just looks dangerous... :-)
But anyway, your mangled name is going to depend on your Calling Convention So before you find your mangle name you need to know what your build environment is using as the calling convention. MSDN has a lot more information on calling convention.
Besides this, one way to find out all this information about your class is to inspect your VTable, which is found in the first 4 bytes of your object. A nifty trick that reversers use is a hidden VC++ Flag reportSingleClassLayout that prints the class structure in an ASCII art manner.
In gdb, you can put a watchpoint on the mangled name of the variable.
For example, with this function:
I can watch _ZZ1fvE3xyz (as mangled by gcc 3.2.3 or gcc 4.0.1).
Well, the function-scoped static
instancevariable doesn't show up in a.mapfile generated bycl.exe /Fm, and it doesn't show up when I usex programname!*MyClass*in WinDbg, so the mangled name doesn't seem to containMyClassat all.Option 1: Disassemble
MyClass::getInstanceThis approach seems easier:
From this we can tell that the compiler called the object
$S1. Of course, this name will depend on how many function-scoped static variables your program has.Option 2: Search memory for the object
To expand on @gbjbaanb's suggestion, if
MyClasshas virtual functions, you might be able to find its location the hard way:xcommand to find the address of MyClass's vtable:0:000> x programname!MyClass::`vftable' 00425c64 programname!MyClass::`vftable' =scommand to search the process's virtual address space (in this example, 0-2GB) for pointers to MyClass's vtable:0:000> s -d 0 L?7fffffff 00425c64 004010dc 00425c64 c35de58b cccccccc cccccccc d\B...]......... 0040113c 00425c64 8bfc458b ccc35de5 cccccccc d\B..E...]...... 0042b360 00425c64 00000000 00000000 00000000 d\B.............dtcommand to find the class's vtable offset, and subtract that from the addresses returned from the search. These are possible addresses for the object.0:000> dt programname!MyClass +0x000 __VFN_table : Ptr32 +0x008 x : Int4B +0x010 y : Floatdt programname!MyClass 0042b360to examine the object's member variables, testing the hypothesis that the object is located at 0042b360 (or some other address). You will probably get some false positives, as I did above, but by inspecting the member variables you may be able to figure out which one is your singleton.This is a general technique for finding C++ objects, and is kind of overkill when you could just disassemble
MyClass::getInstance.