How to set a breakpoint on a DLL in Visual Studio?

Question

I'm studying the source code of a DLL (written in C++) which is a plugin for another program. There's no documentation, and I don't have the source code of the main program. I'm trying to figure out where and when the main program calls into the DLL. There's over a hundred functions marked as DllExport, so that alone isn't much help.

To this end then it would be nice if I could trigger a breakpoint every time execution reaches code in my DLL. That or log it somewhere. Is this possible and how?

Answer 1

Phew, that is quite a requirement you have. But to be honest, that might be something really usefull, even for other scenarios.

The most easiest way I think you could achieve this is using WinDbg and setting breakpoints there. With WinDbg you could do something like this (assuming your image is named myplugin.dll):

1. Open WinDbg
2. File -> Symbol File Path (add path where the .pdb for the plugin is)
3. File -> Source File Path (add path where the sources for the plugin are)
4. File -> Image File Path (add path where the the plugin DLL itself is)
5. File -> Open Executable (or attach to an existing process, select the main application)
6. At the command line: bm myplugin!*
7. Run the program (F5)

Step 6 will add a breakpoint at every symbol in the myplugin.dll. But be cautious here: This will really add a breakpoint at every function, even at functions that you might have not defined yourself but are included through headers (like the STL). This is the most radical way to set breakpoints everywhere in your module. If the plugin is programmed in a way where all your exported functions are located in a namespace, or with a prefix, you can trim down the search-pattern and get more accurate breakpoints. Let's assume that all these functions that are interesting to you are prefixed with PLG_, then you would write:

bm myplugin!PLG_*

to have every breakpoint set accordingly - pretty straight forward.

The drawback of course is that you have to use an external debugger. Visual Studio does support Function Breakpoints that work similar, but as far as I know they either don't work well with wildcards in every cases, or they have changed it in VS2013+, either one of these.

This was the most simple approach that I am aware of (not that there aren't any, but I simply don't know). The second most easiest: Add the breakpoints once manually and save away your .suo file if you need the breakpoints again later. It is a cumbersome task, but lookig for a faster solution might take longer than doing it by hand (count in a working-day).

Others were that you write a program that adds a trampoline at the very beginning of your exported functions (read PE header and get the RVA of the functions) with a int 3 and the original instruction, but this is overkill - you'd easily have put breakpoints in 1000 functions manually before you have done this.

Another way would be to alter the .suo Solution Options file where the breakpoints are stored. But these are, again as to my knowledge, only available through the Extensibility API of Visual Studio, which means you'd have to write a plugin or macro for Visual Studio itself.

I am very interested in this, too. So I will observe this question some while, maybe there is a lot more simpler solution that somebody knows about. If you are new to WinDbg, just add a comment and I'll try to explain how you get it and how it works :)