How can I debug my own process under Win9x using Microsoft Debug APIs? If I use GetCurrentProcessId and then pass it to DebugActiveProcess, it will fail, freezing the system. Does anybody knowf this is possible?
Posted on 2003-05-05 04:31:25 by DZA
Tuts28 ,29 and 30 if your writing own debugger. That Olly Debug works pretty good to. I don't have link but should turn up if you search this site.
Posted on 2003-05-05 10:18:20 by mrgone
I'm not sure you can do this... perhaps spawn a copy of your main exe and debug that? I think it's the armadillo protection thingy that uses a technique similar to this. Unless your executable is compressed, this shouldn't be too much of a memory hit - the performance of running under debug might be something else though.
Posted on 2003-05-05 10:32:48 by f0dder
yep, Armadillo uses a separate debugger, I want to do something simillar but in my own process (I don't want a seh handler)
Posted on 2003-05-07 09:03:49 by DZA
I do not think you can debug your own process. When a debugger is attached, all threads in the debugee process are suspended. If all threads in your process are suspended you cannot call any of the debugger functions like WaitForDebugEvent.

MSDN says the following:
The system suspends all threads in the process and sends the debugger events representing the current state of the process.
Posted on 2003-05-07 17:31:38 by Mecurius
But if you are in control of your program than why can't you display regs in your own program? Just use display. Maybe I misunderstood original question. I thought he wanted a debbuger to check his program and I was telling him that Icz's tuts show you how to build a debug loop.
Posted on 2003-05-08 00:01:25 by mrgone
Mercurius that explains why the program is suspended after calling DebugActiveProcess with his own pid. Prolly you are right
Posted on 2003-05-08 06:06:05 by DZA
If you have visual c++, get into it and set up the screen so you can see the disassembled
code, the registers & memory
write a code snippet in your program to cause an exception ie
mov edx,0
mov ,edx
you will then enter the visual c++ debugger at the point of the exception (mov ,edx)note the address of the offending instruction & set that address in the memory portion
of the debug display by placing the cursor over the appropriate address & updating it, then
overwrite that instruction with 2 NOP'S 9090H.

At that point you can single step trace (F11), the results of the trace will show up in the
register display, and the memory display (if you set the memory to the locations your
interested in)

You can set a breakpoint by placing the cursor over the break location & keying in F9, then
key in F5 and execution will proceed to the break point

I hope this has been of some help, if you have any questions my E_Mail is
Posted on 2003-05-10 10:31:38 by bobr_bak
I think the original idea was to have your own program act as a debugger for itself - not just to "debug your own application" :). Furthermore, for triggering an external debuger, "int 3" (db 0CCh) is better than causing a GPF.
Posted on 2003-05-12 02:38:13 by f0dder