windbg bp condition
0:000> bp 0012f2fc "j @ecx == 0 '';'gc'" 0:000> g
j代表judgement,与c++中的condition?A:B类似。
如果断点处ecx是0,则停下;否则go until next breakpoint(gc).
bp 0012f2fc "j (@@c++(*(int*)(@esp+4) == 0x50)) 'dd esp';'gc'"
bp 0012f2fc "j (@@c++(*(int*)(@esp+4) != 0)) '? (dwo(@esp+4))';'gc'"