调试的时候想要知道当前进程装载了哪些模块,每个模块被装载的代码地址段是在哪个范围,可以使用lm命令。 拿notepad为例,输入lm命令可以发现:
0:001> lm
start end module name
00830000 00858000 notepad (pdb symbols) c:/debuggers/externalsymbols/notepad.pdb/7DAC7B3D7D1D4E68BE2132EAB080D42C2/notepad.pdb
70990000 709d2000 WINSPOOL (export symbols) C:/Windows/system32/WINSPOOL.DRV
738c0000 738ff000 uxtheme (pdb symbols) c:/debuggers/externalsymbols/UxTheme.pdb/D6B5A4E899AF4946BA6E4611D58409C02/UxTheme.pdb
74a80000 74c1d000 COMCTL32 (export symbols) C:/Windows/WinSxS/x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.16497_none_5cc0004408832c27/COMCTL32.dll
75e30000 75e7b000 GDI32 (export symbols) C:/Windows/system32/GDI32.dll
75ec0000 75f32000 COMDLG32 (export symbols) C:/Windows/system32/COMDLG32.dll
75f40000 75fdd000 USER32 (pdb symbo