Assuming you are debugging an unmanaged process ...
When you are "Debug / Break All", follow these steps:
Select "Debug / Windows / Modules" to get a list of all loaded modules. The "Address" column in the "Modules" window shows the memory range for this module. In the "Address:" field in the disassembly window, enter the starting address of the module (be sure to add 0x in front of the number)
Now you should be at the beginning of the module you want to play with. If you know the address of the function, you can simply go to that address.
Here is an example:
Run sol.exe Attach to the process and break everything. Look at the modules and find "cards.dll", you will see that it loads on 6fc10000 (on my machine, anyway).
Enter this address (0x6fc10000) in the disassembly window, and it will lead you to the beginning of the module.
Now say that I want to go to the function. Open the DLL in Dependency Walker (depend.exe) to get the function offsets. In my example, I want to set a breakpoint on the cdInit function. Dependecny Walker shows that the offset to the exported cdInit function is 0x000013e6. Therefore, to go to this function, I would add the starting address of the module (0x6fc10000) to the offset (0x000013e6) to get 0x6fc113e6.
Entering this address in the disassembler field really takes me straight to the beginning of this function.
Galacticjello
source share