pop ecx ; restore word length
mov testbyte,cl
invoke binarysearchroutine
I set a conditional breakpoint on the invoke, thus:
`Test.asm:499` in Command box and
ecx=0xa in Condition box
which works fine, but neither of these variable forms will work, though they
set up just like the register form.
`Test.asm:499` in Command box and
testbyte=0xa in Condition box or
Test!testbyte=0xa in Condition box
Windbg recognizes the variable, thus
0:000> dv
0:000> dt Test!testbyte
0x4 ''
0:000> dt testbyte
0x4 ''
0:000> dt poi(testbyte)
Symbol not found at address 74736104.
I put a fixed breakpoint on the invoke. The value 0xa in testbyte occurred
3 times before execution ended at an Access violation. I then installed this
conditional breakpoint
bu `Test.asm:499` "j (testbyte=0xa) '.echo true'; '.echo false; gc' "
and got the debugger output following. The test returned false every time.
Thanking you for your help.
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: Test.exe
Loaded dbghelp extension DLL
Loaded ext extension DLL
Loaded exts extension DLL
Loaded uext extension DLL
Loaded ntsdexts extension DLL
*** Create process 104
DBGHELP: Symbol Search Path:
c:\windows\symbols\;c:\masm32\test\;c:\windows\symbols
Symbol search path is: c:\windows\symbols\;c:\masm32\Test\;C:\WINDOWS\Symbols
Executable search path is: C:\masm32\Test
DBGHELP: SharedUserData - virtual symbol module
Process created: 104.10c
OUTPUT_PROCESS: *** Create process ***
id: 104 Handle: 760 index: 0
id: 10c hThread: 75c index: 0 addr: 00401005
ModLoad: 00400000 00407000 Test.exe
ModLoad: 00400000 00407000 Test.exe
OUTPUT_PROCESS: *** Load dll ***
id: 104 Handle: 760 index: 0
id: 10c hThread: 75c index: 0 addr: 00401005
hFile: 748 base: 00400000
ModLoad: 7c900000 7c9af000 ntdll.dll
ModLoad: 7c900000 7c9af000 ntdll.dll
OUTPUT_PROCESS: *** Load dll ***
id: 104 Handle: 760 index: 0
id: 10c hThread: 75c index: 0 addr: 00401005
hFile: 748 base: 00400000
hFile: 74c base: 7c900000
ModLoad: 7c800000 7c8f6000 C:\WINDOWS\system32\kernel32.dll
ModLoad: 7c800000 7c8f6000 C:\WINDOWS\system32\kernel32.dll
OUTPUT_PROCESS: *** Load dll ***
id: 104 Handle: 760 index: 0
id: 10c hThread: 75c index: 0 addr: 00401005
hFile: 748 base: 00400000
hFile: 73c base: 7c800000
hFile: 74c base: 7c900000
(104.10c): Break instruction exception - code 80000003 (first chance)
eax=00241eb4 ebx=7ffdf000 ecx=00000000 edx=00000001 esi=00241f48 edi=00241eb4
eip=7c90120e esp=0012fb20 ebp=0012fc94 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000202
Loading symbols for 7c900000 ntdll.dll ->
DBGHELP: c:\windows\symbols\ntdll.pdb - file not found
ntdll.dll
DBGHELP: ntdll - public symbols
c:\windows\symbols\dll\ntdll.pdb
ntdll!DbgBreakPoint:
7c90120e cc int 3
0:000> g
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
false
(104.10c): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00000000 ebx=004043c8 ecx=00000004 edx=00000001 esi=003b1000 edi=00404835
eip=00401510 esp=0012ffb8 ebp=0012fff0 iopl=0 nv up ei pl nz ac pe cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010217
Test!start+0x4a9:
00401510 8a06 mov al,byte ptr [esi]
ds:0023:003b1000=??
For example, if your `testbyte` is a global variable of address 0x74736104
0:001> bp <address> "j (by(0x74736104) = 0xa) 'k';'g'"
You can use other pointer indirection expression evaluators, such as
by, wo, dwo, dqo, poi
to test different sizes of pointed-to quantities.
You should test the expression syntax statically, before you jam-it to
breakpoint
0:001>?(by(0x74736104) = 0xa)
to see if it evaluates to what you expect.
--
--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"porphyry5" <porp...@discussions.microsoft.com> wrote in message
news:5A3413C6-E9F3-4736...@microsoft.com...
"Ivan Brugiolo [MSFT]" wrote:
> .
>