|This entry needs a lot of work. Please contribute if you can. |
Check this page to see if there are some suggestions for adding to Debugging.
Debugging is the process of finding and removing glitches and bugs in a process or library. For this people use programs called debuggers. The debugger (as in a person who is debugging) can place breakpoints to check or change the values of variables. Some known tools are OllyDbg and SoftICE. Some IDE's come with a debugger as well, such as Borland's Delphi 7 and Microsoft Visual Studio. Cheat Engine has a debugger as well, which is, unlike others, not based on OllyDBG's debugger.
Breakpoints are forced stops in a process to check or change the variables in a process, like the memory. Breakpoints can be placed after the execution of a codeline, or when a certain condition has been reached.
On intel architecture breakpoints can be controlled by the Debug Registers, which provide the ability to not only break on execution, but also when an address is being read, or written to. In debugging terms, these are called "Hardware breakpoints". Another way of specifying a breakpoint is using the int3 opcode, (0xcc) which is only 1 byte long and can be placed at the start of an instruction causing a breakpoint to be generated when executed. The debugger, in this case, must restore the original byte, execute a single step, and restore with the breakpoint opcode. These kind of breakpoints are called "Software breakpoints"
The stack is important when debugging. It contains the address of calling routines and, in 32-bit, contains the parameters that have been passed down to the function you are currently debugging. Note though, that in 64-bit debugging, parameter passing happens with registers, so the only way to find out the original parameters then, is a breakpoint at the start.