DS3 not breaking

[britedream]

Hi,
Ds3 isn't breaking on bpx or bpm at all.
any clue is appreciated. Thanks.

[BiMode]

Did you have enabled 'NTSYMBOLS=ON' yet?

To be honest - I have exactly the same problem. Well, maybe not "exactly".

I'm loading the very small test program (BTW Symbol Loader now stops at entry point!), do bpm x and it is OK! Later on I do bpx MessageBoxA (bl shows me that everything is OK and I have NTSYMBOLS = ON and I have a valid path to user32.dll in my winice.dat) and NOTHING happens.

I don't think it is a bug in Soft-Ice. I might be missing something... I don't know what ((

BTW - usual bpx on a certain address is working fine!

Piece of shit!

bpx MessageBoxA is NOT working... but bpx ExitProcess is working fine! What's the hell?

Piece of shit twice!

Seems to me either it is something wrong with my head or Soft-Ice doesn't seem to work stable with breakpoints!

[britedream]

To Bimode
Thanks for the reply,
Yes I did, and I aslo used symbol retriever util. with no luck.

britedream

Same problem here guys .

It will not break all
I set the first breakpoint click on the desired program but Ice will not break and not popup by itself.

Finaly my mous works with this version but ice is useless this way.

Hope that there will be a fix.


ysco.

I have found the issue. To get this to work, you must create/enable the breakpoint while in the address context of the process who will actually call the function you want to break on.

You can see your current address context in the bottom-right of the SI window, I think it is always Idle when you Ctrl+D.

As an example, I wrote a quick Delphi app to test this (just a button on a form that calls MessageBoxA), it's called Project1. When I Ctrl+D, my address context is Idle. If I bpx MessageBoxA now, pressing the button on my form will show the messagebox without breaking. But, if I Ctrl+D, then do ADDR Project1 (or if I have more than one process running called Project1, I can do PROC, see the Process ID of the instance I want to break, and do ADDR <Process ID>), then do bpx MessageBoxA, when I press the button on my form, it breaks correctly.

Also, if you already have a breakpoint, instead of clearing the breakpoint and recreating it in the right address context, you can just disable it then reenable it in the right address context (less typing! ).

As far as I know, you had to do this same thing to get breakpoints to work in SoftICE 2.7. At least I did. That's how I knew what the problem was, since I had to figure this out while using 2.7 .

One thing I discovered is, when you run an app through symbol loader, and SI breaks on entry point, even though SI says you're in the right address context, if the PROC command shows more than one process with the name of the process you're debugging, you still have to manually do ADDR <process id>. I found that while Delphi was open, PROC listed two or more Project1 processes, one being my real running process, and the others having a status of Deleting. When I loaded my app through SL and immediately did bpx MessageBoxA, it didn't break properly. But, if I loaded my app through SL, and did ADDR <my running process id>, it worked. Once I closed Delphi, and loaded my app, PROC only showed one instance of Project1 (the one with the status of Deleting was no longer there), and immediately setting my bpx without doing ADDR worked. So, the rule here is, if PROC shows more than one process with the name of the process you're debugging, you always have to type ADDR <process id> before setting any breakpoints, regardless of what SI says your current address context is!

Since every time you press Ctrl+D, your address context is Idle, I find it useful when debugging an app to write a quick macro (I call mine AC) that just does ADDR <name/id of process I'm debugging>. Then, every time I hit Ctrl+D, I just type AC to get in the right address context, then breakpoints etc work correctly.

Let me know if my explanation is too confusing, or if you find a better solution.

[Squidge]

Isn't this why programs like SuperBPM were created - to address this very issue?

I have found a command in SoftICE to automate the whole ADDR thing. The ATTACH command lets you set the default address context and symbol table to change to when SoftICE pops up. This eliminates the need to manually (with ADDR or with a macro) set your address context every time you go into SoftICE. The DETACH command then clears any attached address contexts.

Satyric0n

You explanation is clear, thanks. But! It means I have to have Ice in the necessary context that automatically does many tricks useless!

Thanks for the info Satyric0n but Ice must can work like it worked before in the previous versions.I think that i install Ice 4.05 again that 1 worked oke in xp but only my mous wasn`t supported.
I can`t believe that this is the way that 3.0 must work.There is some kind off bug in it.
Have try to set some macro but i can get it to work

ysco.

This problem exists in all version DS2.7 and later when using win2k/xp/2003.

I've used all these versiongs on these OSs.
ICE can not work like previous.

So, many times, i using DS2.7 in win98 to do my cracks.

Just as mentioned by Satyric0n, using DS on Windows2k/xp/2003 is very annoying.

I found ICE can work occasionally without ADDR/ATTATCH preceeding on my Windows2003. But it's very very annoying still.

[hobgoblin]

Hi guys,
I haven't installed DS 3.0 yet, but I encountered this problem in DS 2.7. I found a way around it:
Open the Symbol retriever (comes with the Softice package), and download the symbols for the file ntoskrnl.exe. When finished, exit the Symbol retriever. Now you have a folder in c:\ named c:\nmsout (unless you told the retriever to put the downloaded symbols someplace else..). Open up winice.dat and add the following line: LOAD=C:\nmsout\ntoskrnl.nms
When you reboot and restart Softice, it should now react to breakpoints. At least, this worked for me.
If not, use the method described by Satyricon. It should work every time.

regards,
hobgoblin

@@Hobgolbin,

Hi.. This is the similar one which Volodya mentioned above.
I am using this trick but it is not breaking even on BPX getwindowtexta. I'm on W2k Adv Server with sp4. I installed the sp4 patch d/led from Compuware Support site, but no luck.


With regards,