With visual studio you can attach to a running process, hit 'pause' (or called break), and even without symbol files or source, you've paused the process and can see a disassembled view.
I would like to achieve this but at the very start of the process. Attaching and pausing as quickly as possible is not the solution I'm looking for :)
For example, if the application was a console based c++ app, gdb can set a break point on main() [or any named function it can find for that matter]. Can something similar be done with visual studio?
But this question is for the more general case - I'd like to be able to start a process and have it pause immediately upon entry (immediately after the kernel launches the process).
http://blogs.msdn.com/b/greggm/archive/2008/09/12/attaching-a-debugger-at-startup.aspx
There are some level of support. But if I were you, I would use WinDbg directly.
Related
i'm really new to debugging, and debugging is not my strong point so just so i'm not confusing anyone, i'm not asking how to set a breakpoint in a program using ollydbg, but the break feature, somewhat similar to the break that is available in visual c++ debugger when debugging a program there, is this available at all in ollydbg?
if it is then what do i do it use it? or if it's not then is there anything else that i can do to similate a break in a program using the ollydbg WIN32 debugger?
If what you mean is the "Break all" feature of the Visual Studio debugger, which suspends all threads and sets the cursor to the currently executing source line (or one of them, at least, you can use the threads tab to change threads)...
... then this is analagous to the OllyDbg pause function, which again suspends all threads and sets the cursor to the actively executing instruction.
To change between threads you can simply open the threads view (alt+t) and press enter on the required thread. This will take you to the EIP for that thread.
I am new to programming.
I know only Start debug before. Maybe start debug suit for some small application develop better.
I found Visual studio IDE provide another method of attach to process for using.
When & Why must I use the attach debugging?
Such as multi-threading application debugging. Client/Service application debugging. etc. Thank you.
Sometimes you need to debug a process started by another program.
For example you need a reliable solution and in order to protect against access violations, memory leaks and other barely recoverable stuff, you have a master program and several worker programs. The master program starts the worker program and passes parameters to it. How do you debug a worker program which is not intended to be started by anything except the master program?
You use "attach to process for that".
Typically you do it this way: insert a statement that blocks the worker program for some time - for example, call Sleep() for 15 seconds. Then you kindly ask the master program to start the worker program. When the worker program is started it blocks and you now have 15 seconds to attach to it.
This way you can debug almost any issues - problems at early startup stages, wrong parameters, etc, which you wouldn't reliably reproduce with "run with debugging".
Attaching to a process is useful if you don't want to debug right from starting the process. For example, debugging usually slows down execution, so it can be quicker to start the app, get it to a state where a bug appears, and then attach a debugger.
It's also useful if you already have an external means of launching the process that you don't want or can't to import into the IDE.
Start debugging from VS launches an instance of the VS webserver and attaches the debugger to it.
Attach to process allows you to attach to any process and debug it, usually you'd do this to your instance of w3wp.exe running your code in IIS
Attach to process is mostly used when you can't run the application from Visual Studio.
For example, if it's a service or if it is a process that has run for a long time and now you want to start debugging it.
Sometimes you also want to debug a remote process, not on your machine - and you can do that using attach to process.
I have a VB app that I need to monitor while it is running. I added some variables to the Watch window, but while the app is running the watch window is greyed out. The only way that I have found to see the variable values is to use Debug -> Break All, but this stops the program.
I have used other IDEs and they allow active variables to be monitored. Is this possible in VS?
Sorry if this is a noob question.
UPDATE: To be clear, my app is communicating with a piece of lab equipment and and as data is sent or received or errors are detected counters are incremented. I would like to watch these counters but I don't want to build a screen to do this since they are for debugging. I just assumed that this is basic functionality in any IDE
SHOCKED: It seems that Visual Studio does not offer this (what I would consider) basic functionality. For those that seem to think that this is not possible with an interpreted language, consider this thought experiment. If you pressed Break All quickly followed by a Continue then you would refresh the watch window - correct? Why then can't Visual Studio do this as a single Refresh Watch command or better yet allow this function to automatically run at a period specified by the user. No debug writes, no log files, no stopping your program mid-stream and creating timeouts. I am just shocked that you cannot do this. Its a little like not having breakpoints.
Which IDE or development environment shows - in real time - the values of variables in the Watch window, without having to hit any breakpoints, while the application is running?
Visual Studio doesn't provide this. In order to get updated values in the Watch window, or edit items there, the app needs to be at a breakpoint or debugging.
After you've done "break" to give control of the program to the debugger, then you can "step" through the code using function keys like F10 and F11. During each 'step', the program evaluates one or more statements; after each step it stops (until the next step), and while (only while) it's stopped you can 'watch' its current state.
There are other ways too to break into the debugger (to use the Watch window while the program is stopped): other ways like to set 'breakpoints', and use the 'run to cursor' feature.
Of course, but stopping a program that is actively receiving or sending data to a some other process, driver, etc, stops this communication and causes timeouts and other problems.
That's true. To watch values change in real-time, I use a log file:
Add statements to my code, such that when I change the value of a variable I emit a new line to a log file (showing the changed value)
Run the program
Watch new lines being appended to the log file using a utility like tail -f.
I've never see a debugger with the functionality you mention. The closest thing to the functionality you mentioned (and which isn't exactly the functionality you mentioned) is How to: Set a Data Breakpoint (Native Only).
What you're attempting to do is not possible in Visual Studio. All of the variable inspection windows (watch, locals, autos, etc ...) rely on the debugee process being in a break state in order to function.
This is true of essentially any debugger I've worked with in the past. At least those which use a compiled language.
I'm curious as to what IDE's you're referring to? Did they deal with interpreted languages?
Make sure you are in "Debug" build and Microsoft Debugger is running as a service and not blocked/disabled.
This should help you: How to trace and debug in Visual C++ .NET and in Visual C++ 2005
my 88 year old memory remembers an old version of visual studio allowing a watch window to function while debugging.
OK, just me.
I have a main C++ app built in Visual Studio 2005, called A.exe. It spawns a child process, B.exe. I run process A in the debugger by hitting F5 -- the only way I know to hit breakpoints in process B is to wait for A to kick it off, then run Debug -> Attach to Process, and manually select B.exe. This doesn't work very well if I need to debug initialization code in process B -- I have to start putting in 10 second sleeps at the beginning.
Is there some trick in the vs2005 GUI that I'm missing?
I'm using native code, by the way.
Thanks,
Nathan
You can tell Windows to automatically attach the debugger when a certain process is started (by specifying the process name in a registry setting).
The details are here:
http://msdn.microsoft.com/en-us/library/a329t4ed(v=vs.100).aspx
You'd be hard pushed to make use of the debugbreak command in the child process as the debug process is not yet attached.
However, there is another that may be of use. Seeing as your creating the process, you'll have the handle to it. So give the DebugBreakProcess function a whirl.
1.exe doesn't give enough time for me to launch the IDE and attach 1.exe to the debugger to break into.
I would suggest taking the same approach as with NT services in this case. They will also start and usually not give you enough time to attach the debugger for the start-up routines.
Details are described here: http://www.debuginfo.com/articles/debugstartup.html
In short you add a registry entry for the second exe:
HKLM\Software\Microsoft\Windows
NT\CurrentVersion\Image File Execution
Options\2.exe Debugger =
"c:\progs\msvs\common7\ide\devenv.exe
/debugexe" (REG_SZ)
Change the c:\progrs\msms\ to match your settings.
Hope that helps.
I assume you have the source to 1.exe (if you're debugging it), then just insert a statement near the beginning that will cause it to hang around long enough to attach a debugger. ( getch() if you're desperate and it's not interactive. )
After the attach, just skip to the next statement and let it go.
You could put in some preprocessor commands for debug builds - just remember to build your release in release mode:
#ifdef DEBUG
Thread.Sleep(10000);
#endif
How is 1.exe launched? If you can launch it using CreateProcess(), you can start the process in a suspended state, attach the debugger, then release the new process.
If you are willing to consider a debugger other than Visual Studio, WinDBG can auto-debug child processes (native code only).
You did not mention what language you are using. But if you using C# or VB.NET you can add Debug.Break() or Stop to trigger the prompt to attach debugger to the process.
Or as mentioned above just use something like Console.Readline() or MessageBox.Show() to pause starting of process untill you can attach debugger to it.