学习<软件调试>4.3.4BTF遇到的问题
Windows内核调试
学习<软件调试>4.3.4BTF遇到的问题
zhaohui2
2014-07-19, 15:39 下午
int m,n;
MSR_STRUCT msr;
CDvrAgent da;
if(!da.Init())
{
printf("Failed in initialization.\n");
return E_FAIL;
}
memset(&msr,0,sizeof(MSR_STRUCT));
msr.MsrNum=DEBUGCTRL_MSR;
msr.MsrLo|=BTF;
da.WRMSR(msr);
//Beginning of the code which will run in full speed
m=10,n=2;
m=n*2-1;
if(m==m*m/m)
m=1;
else
{
m=2;
}
//End of the code which runs in full speed
m*=m;
为什么示例程序会从14行直接滑到23行,而不是17或者20
Re: 学习<软件调试>4.3.4BTF遇到的问题
格蠹老雷
2014-07-21, 20:12 下午
把汇编代码显示出来
Re: 学习<软件调试>4.3.4BTF遇到的问题
zhaohui2
2014-07-22, 07:29 上午
汇编代码如下
msr.MsrNum=DEBUGCTRL_MSR;
009515C1 mov dword ptr [msr],1D9h
msr.MsrLo|=BTF;
009515C8 mov eax,dword ptr [ebp-34h]
009515CB or eax,2
009515CE mov dword ptr [ebp-34h],eax
da.WRMSR(msr);
009515D1 lea eax,[msr]
009515D4 push eax
009515D5 lea ecx,[da]
009515D8 call CDvrAgent::WRMSR (095124Eh)
//Beginning of the code which will run in full speed
m=10,n=2;
009515DD mov dword ptr [ m ],0Ah
009515E4 mov dword ptr [ n ],2
m=n*2-1;
009515EB mov eax,dword ptr [ n ]
009515EE lea ecx,[eax+eax-1]
009515F2 mov dword ptr [ m ],ecx
if(m==m*m/m)
009515F5 mov eax,dword ptr [ m ]
009515F8 imul eax,dword ptr [ m ]
009515FC cdq
009515FD idiv eax,dword ptr [ m ]
00951600 cmp dword ptr [m],eax
00951603 jne main+0FEh (095160Eh)
m=1;
00951605 mov dword ptr [ m ],1
else
0095160C jmp main+105h (0951615h)
{
m=2;
0095160E mov dword ptr [ m ],2
}
//End of the code which runs in full speed
m*=m;
00951615 mov eax,dword ptr [m]
00951618 imul eax,dword ptr [m]
0095161C mov dword ptr [m],eax
Re: 学习<软件调试>4.3.4BTF遇到的问题
格蠹老雷
2014-07-23, 22:34 下午
结合汇编代码再阅读书上的说明,如果还有疑问,请指出是哪句话不能理解