Hi,

Came here to find an answer to a question no one wants to touch.

I'm currently doing some work with debugging principles in Windows C and have found a very odd problem when spawning a process. When using CreateProcess with any of the debug flags set on my other process, I was getting no window but a valid handle to the thread and process of my child. It listed fine in Task Manager but just would not show. Now, I decided to take the procid and spawn a thread to adjust the token of the child to allow debug and then resumed the main thread and all was well, the window appeared.

One catch, the code had to be release code only, no debug symbols allowed. So I checked system privileges, did numerous scans and verifications and everything came up clean. Even weirder, it didn't matter if it was my code ANY application that spawned a process with a debug flag hung up, even one you compiled on your machine and gave me to run.

Now using Process Explorer I was able to view the stack calls on the hung children and found what was handing it up was the winspool service. Oddly enough, I don't have a printer so no service running and decided to enable it. Wallah, window appears but fails to draw the inside contents unless I explicitly send a show window command to make it draw itself.

Now, why in the world would spool.exe have to be running in order to show a window with debug access?

One final note to the strangness. I could get a handle to a running process and DebugActiveProcess and pass it the handle and attach to any process for debugging no problem.

Anyone care to shed some light on all this madness?

Thank you for responding. Yes sir, in this fashion

CreateProcess ( tFile, NULL, NULL, NULL, FALSE, DEBUG_PROCESS, NULL, tPath, &si, &pi ) ;

Window fails to show but pi has valid info.

This code on the other hand is not a problem.

// open the process
if ( ( handle = OpenProcess ( PROCESS_ALL_ACCESS, FALSE, dwID ) ) == 0 )
{
		dwErr = GetLastError ( ) ;
		Err ( "OpenProcess", dwErr ) ;
		return 0 ;
}

// attach to it as debugger - must be in same thread as Create/OpenProcess
if ( ! DebugActiveProcess ( dwID )  )
{
		dwErr = GetLastError ( ) ;
		Err ( "DebugActiveProcess", dwErr ) ;
		CloseHandle ( handle ) ;
		return 0 ;
}

Hi,

Just wondering if you managed to crack this problem. I have exactly the same issue!

Thanks
Ian

This article has been dead for over six months. Start a new discussion instead.