 |
|
|
|
|
|
|
|
WinDbg
帖子发起人: sgyhm 发起时间: 2007-03-27 17:07 下午 回复: 7
  
|
|
帖子排序:
|
|
|
|
 2007-03-27, 17:07 下午
|
sgyhm
注册: 2007-02-09
发 贴: 16
|
|
|
|
实在是不好意思,刚刚用上windbg就遇到这么估计很白痴的问题,不会用这条ba指令。
请看如下例子:
int main(int argc, char* argv[])
{
//double CBA =0;
int me = 10;
char tt = 't';
int tttt = 15;
me = me +1; //我指望使用ba断点能让windbg在这里断下,只要操作me变量就停下。
return 0;
}
说干就干,调试这段代码,把&me add到watch里面,主要是我不知道怎么找到变量的地址。
windbg有直接的命令么?
0013ffbc就是me的地址。
于是ba e2 0013ffbc
F5执行,它就是不断下来,不知道我到底做错了什么亲爱的调试器。
哪位能为我解答这个白痴问题谢谢。
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-28, 13:23 下午
|
advdbg
注册: 2005-12-19
发 贴: 14
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
dd me就会显示出它的地址呀,在内容的左边。
问题出在e2. e代表执行时触发,你应该用
ba r1 ...
或者
ba w1 ...
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-28, 13:23 下午
|
advdbg
注册: 2005-12-19
发 贴: 14
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
dd me就会显示出它的地址呀,在内容的左边。
问题出在e2. e代表执行时触发,你应该用
ba r1 ...
或者
ba w1 ...
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-28, 16:44 下午
|
sgyhm
注册: 2007-02-09
发 贴: 16
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
int main(int argc, char* argv[])
{
//.1double CBA =0;
Line1 int x = 16;
Line2 int me = 10;
Line3 int sizea = sizeof(int);
Line4 me = me +1;
return 0;
}
还是不行 ,具体如下:
F10走到Line3
DD me
CallFunction!main+0x26:
0040d6e6 c745f404000000 mov dword ptr [ebp-0Ch],4 ss:0023:0013ff74=cccccccc
0:000> dd me
Windbg显示:
0013ff78 0000000a 00000010 0013ffc0 004013f9
0013ff88 00000001 00ad1030 00ad10a8 0121f6f0
0013ff98 00000074 7ffd7000 00000001 00000006
0013ffa8 0013ff94 b7838d08 0013ffe0 004050a0
0013ffb8 00422118 00000000 0013fff0 7c816fd7
0013ffc8 0121f6f0 00000074 7ffd7000 8054b6ed
0013ffd8 0013ffc8 8562e020 ffffffff 7c839aa8
0013ffe8 7c816fe0 00000000 00000000 00000000
输入 ba w1 0013ff78
然后F5还是不停下来 ,我哭死了。。。。。
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-28, 21:50 下午
|
土豆泥
注册: 2006-04-07
发 贴: 59
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
兄弟,怎么可能不行呢?
以下是完整的执行过程。
0:000> dd me
0012ff78 0000000a 00000010 0012ffc0 00401149
0012ff88 00000001 003710c0 00371138 00011970
0012ff98 7c9118f1 7ffdf000 00000006 ace78d04
0012ffa8 0012ff94 89e69074 0012ffe0 004026c0
0012ffb8 00422020 00000000 0012fff0 7c816fd7
0012ffc8 00011970 7c9118f1 7ffdf000 805441fd
0012ffd8 0012ffc8 8824bc48 ffffffff 7c839a00
0012ffe8 7c816fe0 00000000 00000000 00000000
0:000> ba w1 0012ff78
0:000> g
Breakpoint 1 hit
eax=0000000b ebx=7ffdf000 ecx=00000000 edx=00371138 esi=7c9118f1 edi=0012ff80
eip=00401046 esp=0012ff28 ebp=0012ff80 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202
trial!main+0x36:
00401046 33c0 xor eax,eax
这么好用的工具;_)唉!
你把WinDbg中的原始执行过程复制过来!
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-29, 10:06 上午
|
sgyhm
注册: 2007-02-09
发 贴: 16
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
#include "stdafx.h"
int main(int argc, char* argv[])
{
int x = 16; Line1
int me = 10; Line2
int sizea = sizeof(int); Line3
me = me +10; Line4
return 0; Line5
}
以上是source code
操作如下:
1、Open Executable File debug version to debug
CommandLine: F:\work\CallFunction\Debug\CallFunction.exe
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
ModLoad: 00400000 0042c000 CallFunction.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
ModLoad: 7c920000 7c9b4000 ntdll.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
ModLoad: 7c800000 7c91c000 C:\WINDOWS\system32\kernel32.dll
(cb4.ccc): Break instruction exception - code 80000003 (first chance)
eax=00251eb4 ebx=7ffde000 ecx=00000001 edx=00000002 esi=00251f48 edi=00251eb4
eip=7c921230 esp=0013fb20 ebp=0013fc94 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202
ntdll!DbgBreakPoint:
7c921230 cc int 3
2、Press F9 to set bp on Line3, input g
3、g
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ShimEng.dll -
ModLoad: 5cc30000 5cc56000 C:\WINDOWS\system32\ShimEng.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\AppPatch\AcGenral.DLL -
ModLoad: 58fb0000 5917a000 C:\WINDOWS\AppPatch\AcGenral.DLL
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USER32.dll -
ModLoad: 77d10000 77d9f000 C:\WINDOWS\system32\USER32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\GDI32.dll -
ModLoad: 77ef0000 77f37000 C:\WINDOWS\system32\GDI32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ADVAPI32.dll -
ModLoad: 77da0000 77e49000 C:\WINDOWS\system32\ADVAPI32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\RPCRT4.dll -
ModLoad: 77e50000 77ee1000 C:\WINDOWS\system32\RPCRT4.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\WINMM.dll -
ModLoad: 76b10000 76b3a000 C:\WINDOWS\system32\WINMM.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ole32.dll -
ModLoad: 76990000 76acd000 C:\WINDOWS\system32\ole32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\msvcrt.dll -
ModLoad: 77be0000 77c38000 C:\WINDOWS\system32\msvcrt.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\OLEAUT32.dll -
ModLoad: 770f0000 7717c000 C:\WINDOWS\system32\OLEAUT32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\MSACM32.dll -
ModLoad: 77bb0000 77bc5000 C:\WINDOWS\system32\MSACM32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\VERSION.dll -
ModLoad: 77bd0000 77bd8000 C:\WINDOWS\system32\VERSION.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHELL32.dll -
ModLoad: 7d590000 7dd82000 C:\WINDOWS\system32\SHELL32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHLWAPI.dll -
ModLoad: 77f40000 77fb6000 C:\WINDOWS\system32\SHLWAPI.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USERENV.dll -
ModLoad: 759d0000 75a7e000 C:\WINDOWS\system32\USERENV.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\UxTheme.dll -
ModLoad: 5adc0000 5adf7000 C:\WINDOWS\system32\UxTheme.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\IMM32.DLL -
ModLoad: 76300000 7631d000 C:\WINDOWS\system32\IMM32.DLL
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\LPK.DLL -
ModLoad: 62c20000 62c29000 C:\WINDOWS\system32\LPK.DLL
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USP10.dll -
ModLoad: 73fa0000 7400b000 C:\WINDOWS\system32\USP10.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -
ModLoad: 77180000 77283000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\comctl32.dll -
ModLoad: 5d170000 5d20a000 C:\WINDOWS\system32\comctl32.dll
Breakpoint 1 hit
eax=cccccccc ebx=7ffde000 ecx=00000000 edx=00ad10a8 esi=00000074 edi=0013ff80
eip=00401036 esp=0013ff28 ebp=0013ff80 iopl=0 nv up ei pl nz ac po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000212
CallFunction!main+0x26:
00401036 c745f404000000 mov dword ptr [ebp-0Ch],4 ss:0023:0013ff74=cccccccc
4、DD me
0:000> dd me
0013ff78 0000000a 00000010 0013ffc0 00401149
0013ff88 00000001 00ad1030 00ad10a8 00dff6f0
0013ff98 00000074 7ffde000 00000001 00000006
0013ffa8 0013ff94 b920ad08 0013ffe0 004026c0
0013ffb8 00422020 00000000 0013fff0 7c816fd7
0013ffc8 00dff6f0 00000074 7ffde000 8054b6ed
0013ffd8 0013ffc8 85dafda8 ffffffff 7c839aa8
0013ffe8 7c816fe0 00000000 00000000 00000000
5、0:000> ba w1 0013ff78
你的怎么是0012ff78我不知道
6、g
0:000> g
Breakpoint 2 hit
eax=00000014 ebx=7ffde000 ecx=00000000 edx=00ad10a8 esi=00000074 edi=0013ff80
eip=00401046 esp=0013ff28 ebp=0013ff80 iopl=0 nv up ei pl nz ac pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000216
CallFunction!main+0x36:
00401046 33c0 xor eax,eax
这太奇怪了,停在line5上?不是应该line4么?
7、更奇怪的,ctrl+shift+f5
0:000> .restart /f
CommandLine: F:\work\CallFunction\Debug\CallFunction.exe
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
ModLoad: 00400000 0042c000 CallFunction.exe
*** WARNING: Unable to verify checksum for CallFunction.exe
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
ModLoad: 7c920000 7c9b4000 ntdll.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\kernel32.dll -
ModLoad: 7c800000 7c91c000 C:\WINDOWS\system32\kernel32.dll
(f98.ec8): Break instruction exception - code 80000003 (first chance)
eax=00251eb4 ebx=7ffde000 ecx=00000001 edx=00000002 esi=00251f48 edi=00251eb4
eip=7c921230 esp=0013fb20 ebp=0013fc94 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202
ntdll!DbgBreakPoint:
7c921230 cc int 3
8、g
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ShimEng.dll -
ModLoad: 5cc30000 5cc56000 C:\WINDOWS\system32\ShimEng.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\AppPatch\AcGenral.DLL -
ModLoad: 58fb0000 5917a000 C:\WINDOWS\AppPatch\AcGenral.DLL
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USER32.dll -
ModLoad: 77d10000 77d9f000 C:\WINDOWS\system32\USER32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\GDI32.dll -
ModLoad: 77ef0000 77f37000 C:\WINDOWS\system32\GDI32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ADVAPI32.dll -
ModLoad: 77da0000 77e49000 C:\WINDOWS\system32\ADVAPI32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\RPCRT4.dll -
ModLoad: 77e50000 77ee1000 C:\WINDOWS\system32\RPCRT4.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\WINMM.dll -
ModLoad: 76b10000 76b3a000 C:\WINDOWS\system32\WINMM.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\ole32.dll -
ModLoad: 76990000 76acd000 C:\WINDOWS\system32\ole32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\msvcrt.dll -
ModLoad: 77be0000 77c38000 C:\WINDOWS\system32\msvcrt.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\OLEAUT32.dll -
ModLoad: 770f0000 7717c000 C:\WINDOWS\system32\OLEAUT32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\MSACM32.dll -
ModLoad: 77bb0000 77bc5000 C:\WINDOWS\system32\MSACM32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\VERSION.dll -
ModLoad: 77bd0000 77bd8000 C:\WINDOWS\system32\VERSION.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHELL32.dll -
ModLoad: 7d590000 7dd82000 C:\WINDOWS\system32\SHELL32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\SHLWAPI.dll -
ModLoad: 77f40000 77fb6000 C:\WINDOWS\system32\SHLWAPI.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USERENV.dll -
ModLoad: 759d0000 75a7e000 C:\WINDOWS\system32\USERENV.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\UxTheme.dll -
ModLoad: 5adc0000 5adf7000 C:\WINDOWS\system32\UxTheme.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\IMM32.DLL -
ModLoad: 76300000 7631d000 C:\WINDOWS\system32\IMM32.DLL
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\LPK.DLL -
ModLoad: 62c20000 62c29000 C:\WINDOWS\system32\LPK.DLL
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\USP10.dll -
ModLoad: 73fa0000 7400b000 C:\WINDOWS\system32\USP10.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll -
ModLoad: 77180000 77283000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\WINDOWS\system32\comctl32.dll -
ModLoad: 5d170000 5d20a000 C:\WINDOWS\system32\comctl32.dll
Breakpoint 1 hit
eax=cccccccc ebx=7ffde000 ecx=00000000 edx=00ad10a8 esi=00000074 edi=0013ff80
eip=00401036 esp=0013ff28 ebp=0013ff80 iopl=0 nv up ei pl nz ac po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000212
CallFunction!main+0x26:
00401036 c745f404000000 mov dword ptr [ebp-0Ch],4 ss:0023:0013ff74=cccccccc
这是Line3设定的bp
9奇怪的在这里
再次g
eax=76300000 ebx=00000000 ecx=77d10000 edx=00150608 esi=7c92e88e edi=00000000
eip=7c92eb94 esp=0013fe54 ebp=0013ff50 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
ntdll!KiFastSystemCallRet:
7c92eb94 c3 ret
程序退出了,第二个断点去哪里了〉?
晕眩中
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-29, 14:16 下午
|
土豆泥
注册: 2006-04-07
发 贴: 59
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
第一,数据访问断点是事后触发的,也就是读写操作之后,才报告的。所以到调试器中时,对应的赋值语句已经执行结束,EIP指针指向即将执行的下一条语句。
第二,如果重新开始调试会话,你应该重新设置断点。
使用bl命令可以列出目前设置的断点。
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2007-03-29, 16:25 下午
|
sgyhm
注册: 2007-02-09
发 贴: 16
|
Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
高端调试 » 软件调试 » WinDbg » Re: windbg想说爱你不容易,关于BA指令的问题。
|
|
|
|
|
|