Re: [XenAccess-devel] Xenaccess examples with Windows XP/Vista
Status: Beta
Brought to you by:
bdpayne
Menu
▾
▴
Re: [XenAccess-devel] Xenaccess examples with Windows XP/Vista
|
From: Bryan D. P. <br...@th...> - 2008-01-17 20:42:30
|
One more thought. I just had another look at your debug output. It looks like it is failing in the get_ntoskrnl_base function (located in windows_memory.c), because there is no evidence that it found the kernel image. Normally you would see something like: --got ntoskrnl (0x004d7000) This function would fail if it had the wrong offset for PsInitialSystemProcess (but it sounds like you have tried all kinds of options for that, since this is read from the exports file), if the kernel image did not start at the top of the mapped page (which is conceivable for PSE), or if we were just having trouble reading memory from the VM. You might try adding additional debugging code within this function (and its helper, test_ntoskrnl_base) to see exactly where it's failing. -bryan On Jan 17, 2008 2:27 PM, Matthew Donovan <ma...@at...> wrote: > Thanks for the pointers. > > I think I've exhausted all combinations of option 1 with no success. The > extra output (= _Symbol@X) shows some linking information (calling > convention and total size of arguments in bytes) and was caused by > dumpbin.exe. I used the version that came with Visual Studio 2008; an older > version of dumpbin doesn't produce it. I generated export files for both > kernels (pae and non-paw) and stipped out the extra stuff. Still no go. > > I guess I'll move on to option 2. > > -matthew > |
