I want to be able to "pause" a program by using a DLL so I can debug an error as the memory of the program keeps getting instantly overwritten. I can attempt to do this by opening a console window and dragging/highlighting within it, which pauses the process completely. Is there a code approach to this which can mimic this behaviour? Code highlighting to pause is annoying as it is imprecise and a pain to do manually
Related
If I try to start debugging through the command "Open" of x64dbg, debugging stops without ever starting and a series of missing DLL errors are shown on the screen.
If I just open the program from WIN and THEN I use the attach command by selecting the process, debugging works.
Unfortunately I wanna "investigate" from the moment the program starts and not when it is already started.
How can I solve it ?
You need some anti-anti-debugging plugins (such as ScyllaHide) for x64dbg mentioned in this page to counter anti-debugging attempts and do some patching if needed:
https://github.com/x64dbg/x64dbg/wiki/Plugins
I use ZeroBrane studio (ZBstudio) for debugging Lua code when working with the Torch framework.
A weird issue occurs at times. When debugging, sometimes I want to run the code all the way until it encounters a breakpoint. This specific mode does not work at times (sometimes it does, sometimes it doesn't; I can't figure out why).
When it doesn't work, nothing happens when I press the relevant button in the GUI (or Ctrl+Shift+F10). I can go line-by-line (Shift+F10) when this happens, the line-by-line mode is not affected.
Sometimes when this happend, restarting the ZeroBrane IDE program fixed it, other times it remains persistant.
Not sure if anyone else encountered this strange behaviour. Thanks in any case.
Long story short, I am debugging a big application which I didn't write. It is throwing an error when it runs on the server on which it is supposed to be run, so I am testing on my own machine with the debugger attached to see what happens.
It has thousands of lines of code, and has been running for a couple of hours now. I want to know which line of code is currently executing, so I can get a rough idea of how long is left, but I don't want to Break All as the code is...rickety.
Short of firing watchpoints all over the place in a spray and pray fashion, is there a non-invasive way to see which line of code is executing right now?
Thanks
Process Explorer can show the currently executing line and call stack in the process.
Right-click a process, click Properties, and then click the Threads tab.
When i am debugging my program and an error occur, the debug session ends, but the program remains in memory. Using the activity manager of Windows to close it does not work. I need to close Visual Studio in order to kill the process.
Why is this happening?
When during debugging a program error occurs, the program usually does not "end". Instead, the debugger (VS2010) pauses execution, allowing you to inspect the code resulting in the error. Depending on the language used (e.g. C#) and the way you compiled your program, you may even be able to edit the program on the fly, move the execution cursor back a bit and continue the program from there.
If the Debug toolbar is visible (in my case it shows up automatically whenever I'm debugging), you should see a couple of "playback" buttons, allowing you to start/continue, pause, stop your program etc. If you stop your program, it will be gone from the task manager too.
As I mentioned in a comment on your question, you can also use the Debug menu to accomplish these tasks.
I work for an orginization that has a custom built Access/SQL Application running in house. We have a problem Explorer.exe throwing an error and crashing.
This is a picture of the crash:
What is the best way to start tracking this problem down and finding a solution ?
Make sure WinDBG is installed, set it up as the default debugger then use Analyze and get a crash dump.
The next time you get that dialog click "OK" to attach in WinDbg
Keep in mind that if you attach a debugger to explorer, then break, that you should not try to do anything in the debugger that invokes a call to explorer or you will deadlock the debugger. This can be surprisingly tricky as it means you cannot open a "File Open" dialog, print, browse to another computer and any number of other things.