dbgeng.dll 中只导出了 3 个函数?

发布于 2024-09-19 16:30:38 字数 208 浏览 5 评论 0原文

从一些书籍中,我知道dbgeng.dll是调试器的调试引擎,它导出了很多用于调试的方法。

但是通过depends,我发现dbgeng.dll中只导出了3个函数(如下),那么像windbg.exe/cdb.exe这样的调试器如何使用dbgeng.dll

DebugConnect
DebugConnectWide
DebugCreate

From some books, I knew that the dbgeng.dll is the debug engine for the debugger, it exports lots of methods for debugging.

But with depends, I found that only 3 functions(as below) are exported in the dbgeng.dll, so how can those debuggers like windbg.exe/cdb.exe use the dbgeng.dll

DebugConnect
DebugConnectWide
DebugCreate

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

明月夜 2024-09-26 16:30:49

我没有详细研究这个特定的接口,但很多 DLL 的工作原理大致相似。最有可能的 DebugCreate 返回(地址?)某种对象,该对象具有进行真正调试的所有调用(但您需要知道哪个函数的地址位于什么偏移量以及什么参数)在您可以真正使用它之前加载)。

可以将其视为 COM 对象的类似物,但只有一个预定义的接口,而不是多个能够动态查找和使用接口的接口。

I haven't investigated this particular interface in detail, but quite a few DLLs work roughly similarly. Most likely DebugCreate returns (the address of?) some sort of object that has all the calls to do the real debugging (but you need to know things like which function's address is at what offset, and what parameters to load where before you can really use it).

Think of it as sort of an analog of a COM object, but with only one, predefined interface instead of several with the ability to find and use interfaces dynamically.

小猫一只 2024-09-26 16:30:46

下载 WinDBG 并查看 SDK 示例,特别是 dumpstk 示例,它演示了如何打开故障转储文件并打印调用堆栈。 Jerry 描述得正确,您调用 DebugCreate 来创建 IDebugClient 的实例,然后您可以创建其他类的实例来执行与调试相关的活动。

来自样本:

void
CreateInterfaces(void)
{
    HRESULT Status;

    // Start things off by getting an initial interface from
    // the engine.  This can be any engine interface but is
    // generally IDebugClient as the client interface is
    // where sessions are started.
    if ((Status = DebugCreate(__uuidof(IDebugClient),
                              (void**)&g_Client)) != S_OK)
    {
        Exit(1, "DebugCreate failed, 0x%X\n", Status);
    }

    // Query for some other interfaces that we'll need.
    if ((Status = g_Client->QueryInterface(__uuidof(IDebugControl),
                                           (void**)&g_Control)) != S_OK ||
        (Status = g_Client->QueryInterface(__uuidof(IDebugSymbols),
                                           (void**)&g_Symbols)) != S_OK)
    {
        Exit(1, "QueryInterface failed, 0x%X\n", Status);
    }
}

-scott

Download WinDBG and check out the SDK examples, particularly the dumpstk example which shows how to open a crash dump file and print the call stack. Jerry described it correctly, you call DebugCreate to create an instance of an IDebugClient and from there you can create instances of other classes to do debugging related activities.

From the sample:

void
CreateInterfaces(void)
{
    HRESULT Status;

    // Start things off by getting an initial interface from
    // the engine.  This can be any engine interface but is
    // generally IDebugClient as the client interface is
    // where sessions are started.
    if ((Status = DebugCreate(__uuidof(IDebugClient),
                              (void**)&g_Client)) != S_OK)
    {
        Exit(1, "DebugCreate failed, 0x%X\n", Status);
    }

    // Query for some other interfaces that we'll need.
    if ((Status = g_Client->QueryInterface(__uuidof(IDebugControl),
                                           (void**)&g_Control)) != S_OK ||
        (Status = g_Client->QueryInterface(__uuidof(IDebugSymbols),
                                           (void**)&g_Symbols)) != S_OK)
    {
        Exit(1, "QueryInterface failed, 0x%X\n", Status);
    }
}

-scott

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文