Process Monitor научился трассировать 32-х битный стек на x64.


? ???-?? ??????, ??? Process Monitor ?? ????? ?????????? 32-? ?????? ???? ???????, ??????? ????????? ? 32-? ????????? ????????, ????????????? ??? Wow64. ?????? ????? ?? ????????? ?????? 64-? ?????? ????, ??? ???? ????????? ??????????, ??? ??? ??? ?? ??????????? ?????? ???????? wow64.dll ??????????. ?????? ????? ????????? ?? Sysinternals Forums ??????????, ??? ??????? ? Vista SP1 ??? ??? ????????.

???????????, ????????????? ????????:

Process Monitor shows Wow64 symbols.

????????????:

  • Vista SP1 (6001.18000.amd64fre.longhorn_rtm.080118-1840)
  • Process Monitor v1.26
  • Debugging Tools for x64 v6.8.4.0

Process Monitor ?????????? dbghelp.dll ?? ??????? Debugging Tools. ???????????? ??????? ? http://msdl.microsoft.com/download/symbols.

??????, ?????????? ??????? ??????? ?? ?????? ??????. ?? ????? ???? ???? 32-? ?????? ??? (?????? 19-26) ?????? ???? ????? 13-?? ? 14-?? ????????. ?? ??? ??????? ??????? ?? ????, ??? ??? ?????? Rtl ??????? ?? ntdll.dll, ? ???, ????????? ? ???????, ?? ???????????? ????????????? ??????????? ??????? ???????. ?????? ??????? ???????????? 64-? ?????? ????, ? ????? – 32-? ??????.

Cross-posted from blog.not-a-kernel-guy.com.

Skip to main content