bp Symbol+xxx goes elsewhere

When I try to execute this line:
bu kernel32!CreateFileA+0x30
or
bu kernel32!CreateFileA+30

The output of “bl” is:
0 e 7c801a54 0001 (0001) 0:*** kernel32!CreateFileA+0x12

If I do
bu kernel32!CreateFileA+12
I get
0 e 7c801a36 0001 (0001) 0:*** kernel32!CreateFileA+0x17

if I do
bu kernel32!CreateFileA+2b
I finally get what I wanted:
0 e 7c801a4f 0001 (0001) 0:*** kernel32!CreateFileA+0x30

What am I doing wrong?

M-A

Open debugger.chm (.hh from debugger), and read the article titled
“Performance-Optimized Code”. You can find it in the index.

Jason

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Marc-Antoine
Ruel
Sent: Friday, April 22, 2005 7:26 AM
To: Kernel Debugging Interest List
Subject: [windbg] bp Symbol+xxx goes elsewhere

When I try to execute this line:
bu kernel32!CreateFileA+0x30
or
bu kernel32!CreateFileA+30

The output of “bl” is:
0 e 7c801a54 0001 (0001) 0:*** kernel32!CreateFileA+0x12

If I do
bu kernel32!CreateFileA+12
I get
0 e 7c801a36 0001 (0001) 0:*** kernel32!CreateFileA+0x17

if I do
bu kernel32!CreateFileA+2b
I finally get what I wanted:
0 e 7c801a4f 0001 (0001) 0:*** kernel32!CreateFileA+0x30

What am I doing wrong?

M-A


You are currently subscribed to windbg as: xxxxx@winse.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Yes I was just reading that. But still, it’d be nice to have a way to
specify hard offset, symbol+bytes. It wouldn’t work for splited functions
but for normal ones, that’s be more intuitive.

Thanks

M-A

“Jason Shay” a écrit dans le message de news:
xxxxx@windbg…
Open debugger.chm (.hh from debugger), and read the article titled
“Performance-Optimized Code”. You can find it in the index.

Jason

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Marc-Antoine
Ruel
Sent: Friday, April 22, 2005 7:26 AM
To: Kernel Debugging Interest List
Subject: [windbg] bp Symbol+xxx goes elsewhere

When I try to execute this line:
bu kernel32!CreateFileA+0x30
or
bu kernel32!CreateFileA+30

The output of “bl” is:
0 e 7c801a54 0001 (0001) 0:kernel32!CreateFileA+0x12

If I do
bu kernel32!CreateFileA+12
I get
0 e 7c801a36 0001 (0001) 0:
kernel32!CreateFileA+0x17

if I do
bu kernel32!CreateFileA+2b
I finally get what I wanted:
0 e 7c801a4f 0001 (0001) 0:*** kernel32!CreateFileA+0x30

What am I doing wrong?

M-A


You are currently subscribed to windbg as: xxxxx@winse.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Marc-Antoine Ruel wrote:

Yes I was just reading that. But still, it’d be nice to have a way to
specify hard offset, symbol+bytes. It wouldn’t work for splited functions
but for normal ones, that’s be more intuitive.

And if you look at your results, that’s exactly what you ARE getting.
The “nearest symbol” an given by “bl” shows the wrong offset, but the
linear address is exactly what you asked for. CreateFileA apparently
starts at 7c801a24. If you really want 7c801a54, then “CreateFileA+30”
is exactly what you want.

-----Original Message-----

When I try to execute this line:
bu kernel32!CreateFileA+0x30
or
bu kernel32!CreateFileA+30

The output of “bl” is:
0 e 7c801a54 0001 (0001) 0:*** kernel32!CreateFileA+0x12

If I do
bu kernel32!CreateFileA+12
I get
0 e 7c801a36 0001 (0001) 0:*** kernel32!CreateFileA+0x17

if I do
bu kernel32!CreateFileA+2b
I finally get what I wanted:
0 e 7c801a4f 0001 (0001) 0:*** kernel32!CreateFileA+0x30

What am I doing wrong?


Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.

Oh you’re right. I just didn’t look at the bl output correctly. Sorry.

M-A

“Tim Roberts” a écrit dans le message de news:
xxxxx@windbg…
> Marc-Antoine Ruel wrote:
>
>>Yes I was just reading that. But still, it’d be nice to have a way to
>>specify hard offset, symbol+bytes. It wouldn’t work for splited functions
>>but for normal ones, that’s be more intuitive.
>>
>
> And if you look at your results, that’s exactly what you ARE getting. The
> “nearest symbol” an given by “bl” shows the wrong offset, but the linear
> address is exactly what you asked for. CreateFileA apparently starts at
> 7c801a24. If you really want 7c801a54, then “CreateFileA+30” is exactly
> what you want.
>
>
>>-----Original Message-----
>>
>>When I try to execute this line:
>> bu kernel32!CreateFileA+0x30
>>or
>> bu kernel32!CreateFileA+30
>>
>>The output of “bl” is:
>> 0 e 7c801a54 0001 (0001) 0:kernel32!CreateFileA+0x12
>>
>>If I do
>> bu kernel32!CreateFileA+12
>>I get
>> 0 e 7c801a36 0001 (0001) 0:
kernel32!CreateFileA+0x17
>>
>>if I do
>> bu kernel32!CreateFileA+2b
>>I finally get what I wanted:
>> 0 e 7c801a4f 0001 (0001) 0:*** kernel32!CreateFileA+0x30
>>
>>What am I doing wrong?
>>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>