[Winpcap-users] PDB file for npf.sys version 4.1.3
食肉大灰兔V5
hsluoyz at gmail.com
Wed Sep 16 11:14:16 UTC 2015
Hi Michael,
A seemingly viable way would be that you decompile your driver (npf.sys)
into C code using IDA pro, cross-searched the failing address in IDA and
WinPcap souce code, you will probably find the wrong line of code.
Cheers,
Yang
On Wed, Sep 16, 2015 at 11:56 AM, Michael Acosta <mike.acosta at gmail.com>
wrote:
> Hi,
>
> We've been using WinPCAP optionally to send GARP frames on Windows
> server (2008r2 and up), but it sometimes seems to hang in a call. It's
> not easily reproducible, but I managed to get a kernel memory dump
> today of the issue - the problem is that we do not have the symbols
> for 4.1.3 to see what it's doing in WINDBG.
>
> Can someone provide the symbols to me so we can see what's hanging up
> here? If we compile on our own, the PDB isn't going to match our
> running environment, and since it's not easily reproducable we're kind
> of light on collected kernel data, so just building our own is not an
> option at this point. We need to see the symbols from the version
> built and accessible on winpcap.org in order to make progress here.
>
> Please let me know if you need more information.
>
> Thank you,
>
> --
> Michael Acosta
> _______________________________________________
> Winpcap-users mailing list
> Winpcap-users at winpcap.org
> https://www.winpcap.org/mailman/listinfo/winpcap-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.winpcap.org/pipermail/winpcap-users/attachments/20150916/e272a4ce/attachment.html>
More information about the Winpcap-users
mailing list