How Can I Debug an Active Process?

You can debug any active Windows 95 or Windows NT system process by attaching it to Visual C++. This functionality is critical in order to debug Windows NT services.

Warning   You should not attach to a process unless you know what the process is and understand the consequences of attaching to and possibly killing that process. For example, if you attach to the WinLogon process and then stop debugging, the system will halt because it cannot operate without WinLogon.

To attach an active process

1. From the Build menu, click Start Debug and Attach to Process.

   The Attach to Process dialog appears.

2. Select the process you want to debug.

3. Click OK.

When Visual C++ is loaded, look for statements in the status bar at the bottom of the screen stating that symbols for the application and its DLLs have been loaded. Then from the Debug menu, click Break to see the assembler listing in the main window. To view the call stack, on the View menu, click Debug Windows and Call Stack . Then double-click one of your functions. This brings up the source code for the source module in which a breakpoint can be set, or you can simply open a source file and set a breakpoint.

When you stop debugging the application, the application will be terminated. This is expected behavior.

If you pass an invalid PID, you will receive an error like:

   Invalid Parameter (Win32, Error 87)