当windbg值的值发生变化时,有没有办法打破visual studio或LastError调试器执行?
修改
通过在ntdll!RtlSetLastWin32Error中设置断点找到了一种方法。
有人知道另一种方式,或者它是最好的方式吗?
答案 0 :(得分:2)
在teb-> LastErrorValue
的地址上设置写断点ba w4 @@c++(&(@$thread->LastErrorValue))
开心 你可以添加条件到bp只在你想要的时候打破
0:000> ba w4 @@c++(&(@$thread->LastErrorValue)) "!gle;gc"
breakpoint 0 redefined
0:000> g
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0xc000008a - Indicates the specified resource type cannot be found in the image file.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0 - STATUS_WAIT_0
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0xc0000034 - Object Name not found.
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0 - STATUS_WAIT_0
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0xc0000034 - Object Name not found.
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0xc0000034 - Object Name not found.
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0xc0000034 - Object Name not found.
LastErrorValue: (Win32) 0 (0) - The operation completed successfully.
LastStatusValue: (NTSTATUS) 0xc0000034 - Object Name not found.