Menu
I'm using Visual studio 2008 to track down a bug in an executing process. I have attached to the process and identified the module of interest. (It happens that debug symbols for this module have been loaded from a pdb file.) I want to show the disassembled code in the Disassembly window so that I can decide where to set a breakpoint.
When I break the process, the currently executing module is shown in the Disassembly window. Unfortunately, this is not the module of interest. I can't figure out how to show the code for the module of interest while it is not executing.
453
For this in Visual Studio put a breakpoint on code in question and when debugger hits it rigth click and find "Go To Assembly" ( or press CTRL+ALT+D ) Second approach is to generate assembly listings while compiling. For this go to project settings -> C/C++ -> Output Files -> ASM List Location and fill in file name.
Debug from the DLL project Set breakpoints in the DLL project. Right-click the DLL project and choose Set as Startup Project. Make sure the Solutions Configuration field is set to Debug. Press F5, click the green Start arrow, or select Debug > Start Debugging.
In Visual Studio it is easy to view the assembly code and step through it with the debugger. Just place a breakpoint in the C++ code and run the program in Debug mode. When the debugger stops at the breakpoint switch to the assembly mode by choosing Debug → Windows → Disassembly.
Assuming you are debugging an unmanaged process...
When you "Debug/Break All", follow these steps:
Choose "Debug/Windows/Modules" to get a listing of all loaded modules. Under the "Address" column in the Modules window is the memory range for that module. In the "Address:" box in your disassembly window, type in the start address for the module (make sure to add 0x before the number)
You should now be at the start of the module you want to play with. If you know the address of a function, you can just jump to that address.
Here's an example:
Run sol.exe Attach to the process, and break all. Look at the modules, and find "cards.dll", you'll see it loads at 6fc10000 (on my machine, anyway).
Type that address (0x6fc10000) into the disassembly window, and it will bring you to the start of the module.
Now say I want to actually jump to a function. Open the DLL in Dependency Walker (depends.exe) to get the offsets of the functions. In my example, I want to set a breakpoint on the function "cdInit". In Dependecny Walker, it shows that the offset to the exported function cdInit is 0x000013e6. So to get to that function, I would add the start address of the module (0x6fc10000) to the offset (0x000013e6) to get 0x6fc113e6.
Typing this address into the disassembly box does indeed jump me right to the start of that function.
133
Doing stuff like this is far easier in WinDbg
uf cards!cdInit
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
