windbg反汇编函数的问题
Windows内核调试
windbg反汇编函数的问题
zhaohui2
2014-05-24, 23:29 下午
最近学习windows的SEH机制,在windbg下显示如下的错误
lkd> uf ntdll!KiUserExceptionDispatcher
Couldn't resolve error at 'ntdll!KiUserExceptionDispatcher'
lkd> x ntdll!*Dispatcher*
^ Couldn't resolve 'x ntdll'
系统是win8.1 x64
请问该如何解决
Re: windbg反汇编函数的问题
dbger
2014-05-25, 12:03 下午
Symbol 没对
# .sympath+ symsrv*symsrv.dll*d:\symbols*http://msdl.microsoft.com/download/symbols
# .reload /s /f ntdll.dll
Re: windbg反汇编函数的问题
zhaohui2
2014-05-25, 13:25 下午
lkd> .reload /s /f ntdll.dll
"ntdll.dll" was not found in the image list.
Debugger will attempt to load "ntdll.dll" at given base 00000000`00000000.
Please provide the full image name, including the extension (i.e. kernel32.dll)
for more reliable results.Base address and size overrides can be given as
.reload <image.ext>=<base>,<size>.
Unable to add module at 00000000`00000000
Re: windbg反汇编函数的问题
dbger
2014-05-25, 15:40 下午
你是km debug吗?先重启下系统看看吧
Re: windbg反汇编函数的问题
zhaohui2
2014-05-25, 16:04 下午
突然正常了
Re: windbg反汇编函数的问题
zhaohui2
2014-05-26, 00:16 上午
又不行了
时好时坏
会不会跟杀软有关?