Reputation: 11187
I am trying to make a call to a method of a Windows COM interface from the Go language. I suspect I am doing something wrong in the way I invoke the call and would like to see how the registers change during the invocation.
But I have a hard time getting to it since I can't seem to set a breakpoint in WinDBG. The command "bu 64b6ea43" ends up not working with an error "Only part of a ReadProcessMemory or WriteProcessMemory request was completed". The full message is below.
Microsoft (R) Windows Debugger Version 6.2.8400.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: C:\Users\ccherng\Go\bin\error.exe
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
ModLoad: 00400000 00971000 image00400000
Unable to insert breakpoint 1 at 64b6ea43, Win32 error 0n299
"Only part of a ReadProcessMemory or WriteProcessMemory request was completed."
bp1 at 64b6ea43 failed
WaitForEvent failed
eax=00415a7b ebx=7ffdd000 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=77b37098 esp=0006fff0 ebp=00000000 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000200
77b37098 89442404 mov dword ptr [esp+4],eax ss:0023:0006fff4=00000000
Upvotes: 3
Views: 1516
Reputation: 108
To me it was problem because of ASLR. running editbin /DYNAMICBASE:NO NameOfDetectedExe.exe fixed it.
Upvotes: 0
Reputation: 11187
Switched to Ollydbg which works. Learned that WinDbg sucks badly.
Upvotes: -4