摘要：When you build a driver or other program, the program's symbols are usually stored in symbol files, although some older compilers store certain symbols in the executable file. When a debugger is analy... 阅读全文

摘要：1. The performance hit regarding __finally without abnormal exiting.int main(){ int i; __try { i=1; printf("__try...\n"); } __finally { printf("__finally...\n"); } return i;}#1, before enterring __... 阅读全文

摘要：Part1Below is the test code I am using:#include#include void main(){ __try { int i=1; } __except(EXCEPTION_EXECUTE_HANDLER) { printf("EXCEPTION_EXECUTE_HANDLER\n"); } getchar();}Debug-mode Prolog:vo... 阅读全文

摘要：1. "x" command in windbg requires the module name. For example, if we only type "x createprocessa" in windbg, we will get nothing. "x kernel32!createprocessa" is the correct way.If you really do not k... 阅读全文