为啥子导入符号表以后windbg还是不能对send,CreateWindowExA等函数下断呢
还是先看下符号表路径吧....
D:\MyLocalSymbols\;SRV*D:\MyLocalSymbols\*http://msdl.microsoft.com/download/symbols
首先导入模块::
.kd> .reload
Connected to Windows XP 2600 x86 compatible target at (Wed Aug 25 20:54:02.500 2010 (GMT+8)), ptr64 FALSE
Loading Kernel Symbols
...............................................................
.......................................................
Loading User Symbols
Loading unloaded module list
..........
*** WARNING: Unable to verify timestamp for vmx_fb.dll
*** ERROR: Module load completed but symbols could not be loaded for vmx_fb.dll
*** ERROR: Module load completed but symbols could not be loaded for ipnat.sys
*** ERROR: Module load completed but symbols could not be loaded for ipsec.sys
*** ERROR: Module load completed but symbols could not be loaded for viamraid.sys
*** ERROR: Module load completed but symbols could not be loaded for vmx_svga.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for drmk.sys -
*** ERROR: Module load completed but symbols could not be loaded for intelppm.sys
*** ERROR: Module load completed but symbols could not be loaded for DKbFltr.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for vmci.sys -
*** ERROR: Module load completed but symbols could not be loaded for vmscsi.sys
kd> u send
Couldn't resolve error at 'send'
kd> u PspGetCurrentProcess
Couldn't resolve error at 'PspGetCurrentProcess'
不能下断,所以导入dll试下
kd> .load ws2_32.dll
kd> bp send
Bp expression 'send' could not be resolved, adding deferred bp
kd> .load Kernel32.dll
kd> bp CreateWindowExA
Bp expression 'CreateWindowExA' could not be resolved, adding deferred bp
还是不行... 很是纠结...
还有个小问题就是.... 为啥子断点没下成功bl命令的时候还是会显示啊...softice就不会那样... 有解决的方法吗?
kd> bl
0 eu 0001 (0001) (send)
1 eu 0001 (0001) (CreateWindowExA)
