dds、dps和dqs命令显示给定范围内存的内容,它们是把内存区域转储出来,并把内存中每个元素都视为一个符号对其进行解析,dds是四字节视为一个符号,dqs是每8字节视为一个符号,dps是根据当前处理器架构来选择最合适的长度。
比如要看看当前stack 中保存了哪些函数地址,就可以检查ebp 指向的内存:
0:000> dds ebp 0007fdfc 0007ff1c 0007fe00 010021b0 calc!WinMain+0x25f 0007fe04 0007fee8 0007fe08 00000000 0007fe0c 00000000 0007fe10 00000000 0007fe14 7c80b741 kernel32!GetModuleHandleA 0007fe18 000a232f 0007fe1c 00000000
由于 COM Interface 和C++ Vtable 里面的成员函数都是顺序排列的,所以这个命令可以方便地找到虚函数表中具体的函数地址。比如用下面的命令可以找到OpaqueDataInfo 类型中虚函数对应的实际函数地址:
0:002> x ole32!OpaqueData* 76aa6a41 ole32!OpaqueDataInfo::GetOpaqueData = <no type information> 76aa6b3b ole32!OpaqueDataInfo::UnSerialize = <no type information> 76aa6c16 ole32!OpaqueDataInfo::SerializableQueryInterface = <no type information> 76aa5748 ole32!OpaqueDataInfo::QueryInterface = <no type information> 76aa6393 ole32!OpaqueDataInfo::CopyOpaqueData = <no type information> 76aa5757 ole32!OpaqueDataInfo::AddRef = <no type information> 76a57107 ole32!OpaqueDataInfo::UnSerializeCallBack = <no type information> 76aa5766 ole32!OpaqueDataInfo::Release = <no type information> 769a697c ole32!OpaqueDataInfo::`vftable' = <no type information> 76aa69cb ole32!OpaqueDataInfo::AddOpaqueData = <no type information> 769bfae2 ole32!OpaqueDataInfo::GetOpaqueDataCount = <no type information> 76aa6b24 ole32!OpaqueDataInfo::Serialize = <no type information> 769c9df3 ole32!OpaqueDataInfo::AddRef = <no type information> 769c9ebc ole32!OpaqueDataInfo::Release = <no type information> 76aa6a97 ole32!OpaqueDataInfo::DeleteOpaqueData = <no type information> 76aa6bc9 ole32!OpaqueDataInfo::GetCLSID = <no type information> 76aa57c0 ole32!OpaqueDataInfo::OpaqueDataInfo = <no type information> 769c1cb0 ole32!OpaqueDataInfo::GetAllOpaqueData = <no type information> 76aa54b9 ole32!OpaqueDataInfo::~OpaqueDataInfo = <no type information> 76aa6be9 ole32!OpaqueDataInfo::SetParent = <no type information> 76aa5693 ole32!OpaqueDataInfo::`scalar deleting destructor' = <no type information> 76aa6b78 ole32!OpaqueDataInfo::GetSize = <no type information> 76aa6540 ole32!OpaqueDataInfo::QueryInterface = <no type information> 769a69a0 ole32!OpaqueDataInfo::`vftable' = <no type information> 0:002> dds 769a69a0 769a69a0 76aa6540 ole32!OpaqueDataInfo::QueryInterface 769a69a4 769c9df3 ole32!InstanceInfo::AddRef 769a69a8 769c9ebc ole32!InstantiationInfo::Release 769a69ac 76aa69cb ole32!OpaqueDataInfo::AddOpaqueData 769a69b0 76aa6a41 ole32!OpaqueDataInfo::GetOpaqueData 769a69b4 76aa6a97 ole32!OpaqueDataInfo::DeleteOpaqueData 769a69b8 769bfae2 ole32!ServerLocationInfo::GetRemoteServerName 769a69bc 769c1cb0 ole32!CComProcessInfo::GetProcessName 769a69c0 76a57107 ole32!InstanceInfo::UnSerializeCallBack 769a69c4 00000021 769a69c8 76a2d73d ole32!CClassMoniker::QueryInterface 769a69cc 76a339fb ole32!CErrorObject::AddRef 769a69d0 76a0679a ole32!CClassMoniker::Release 769a69d4 76a06a39 ole32!CClassMoniker::GetUnmarshalClass 769a69d8 76a06a56 ole32!CClassMoniker::GetMarshalSizeMax 769a69dc 76a06a99 ole32!CClassMoniker::MarshalInterface 769a69e0 76a2d2b9 ole32!CClassMoniker::UnmarshalInterface 769a69e4 76a07099 ole32!CClassMoniker::ReleaseMarshalData 769a69e8 769e288e ole32!CDdeObject::COleItemContainerImpl::IsRunning 769a69ec 76a2d72e ole32!CClassMoniker::QueryInterface 769a69f0 76a339dd ole32!CErrorObject::AddRef 769a69f4 76a06ab8 ole32!CClassMoniker::Release 769a69f8 76a069d1 ole32!CClassMoniker::GetComparisonData 769a69fc 90909090 769a6a00 76a066c9 ole32!CClassMoniker::QueryInterface 769a6a04 76a05efd ole32!CSCMergedEnum<IEnumCATEGORYINFO,tagCATEGORYINFO>::AddRef 769a6a08 76a067a6 ole32!CClassMoniker::Release 769a6a0c 76a068f3 ole32!CClassMoniker::GetClassID 769a6a10 769acee9 ole32!CDdeServerCallMgr::AddRef 769a6a14 76a2d7f2 ole32!CClassMoniker::Load 769a6a18 76a06931 ole32!CClassMoniker::Save 769a6a1c 76a07055 ole32!CClassMoniker::GetSizeMax