dbgeng.dll 中只导出了 3 个函数?
从一些书籍中,我知道dbgeng.dll是调试器的调试引擎,它导出了很多用于调试的方法。
但是通过depends,我发现dbgeng.dll中只导出了3个函数(如下),那么像windbg.exe/cdb.exe这样的调试器如何使用dbgeng.dll
DebugConnect
DebugConnectWide
DebugCreate
From some books, I knew that the dbgeng.dll is the debug engine for the debugger, it exports lots of methods for debugging.
But with depends, I found that only 3 functions(as below) are exported in the dbgeng.dll, so how can those debuggers like windbg.exe/cdb.exe use the dbgeng.dll
DebugConnect
DebugConnectWide
DebugCreate
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我没有详细研究这个特定的接口,但很多 DLL 的工作原理大致相似。最有可能的 DebugCreate 返回(地址?)某种对象,该对象具有进行真正调试的所有调用(但您需要知道哪个函数的地址位于什么偏移量以及什么参数)在您可以真正使用它之前加载)。
可以将其视为 COM 对象的类似物,但只有一个预定义的接口,而不是多个能够动态查找和使用接口的接口。
I haven't investigated this particular interface in detail, but quite a few DLLs work roughly similarly. Most likely
DebugCreate
returns (the address of?) some sort of object that has all the calls to do the real debugging (but you need to know things like which function's address is at what offset, and what parameters to load where before you can really use it).Think of it as sort of an analog of a COM object, but with only one, predefined interface instead of several with the ability to find and use interfaces dynamically.
下载 WinDBG 并查看 SDK 示例,特别是 dumpstk 示例,它演示了如何打开故障转储文件并打印调用堆栈。 Jerry 描述得正确,您调用 DebugCreate 来创建 IDebugClient 的实例,然后您可以创建其他类的实例来执行与调试相关的活动。
来自样本:
-scott
Download WinDBG and check out the SDK examples, particularly the dumpstk example which shows how to open a crash dump file and print the call stack. Jerry described it correctly, you call DebugCreate to create an instance of an IDebugClient and from there you can create instances of other classes to do debugging related activities.
From the sample:
-scott