Running with debugger attached results in failiure.

May 10, 2012 at 6:56 AM
Edited May 10, 2012 at 7:02 AM

Before I start, I'd like to note that I accidently created an issue in the Issue Tracker (whoops, my mistake).

I'm having a problem with EasyHook 2.7 Alpha-3, whenever I run my project with the debugger attached and try injecting into my target process, it always crashes. EasyHook throws this exception:
STATUS_INTERNAL_ERROR: Unknown error in injected assembler code. (Code: 5)

I've tried running VS2010 as administrator and trying but it made no difference. I also tried on another target application which resulted in the same error.

The strange thing is that the exact same code was working a week or two ago with the same files. Another thing which makes it even more strange is when I run my program as administrator normally, it injects into the target process fine.

I'm currently running Windows 7 Ultimate 64-bit.

May 10, 2012 at 9:39 AM

Are you saying the target is crashing, your application your are debugging is crashing or you are just being given the error STATUS_INTERNAL_ERROR while trying to hook?

You said you have already tried to hook another application, but have you tried something simple like notepad? I find this to be a good sanity check.

May 10, 2012 at 1:15 PM
Edited May 10, 2012 at 1:16 PM

The target is crashing and I'm being giving the error STATUS_INTERNAL_ERROR after the target closes from crashing. Well, I can't inject into Notepad since my hook is designed only for a 32-bit target so I tried on a hex editor called HxD, the same thing occurs. I've got no idea what's going on, might be something to do with me installing the Windows SDK recently, may have affected something.

May 11, 2012 at 11:07 AM

Can you please try with the ProcessMonitor sample? I have tried it with 64 and 32-bit configurations without any issues.

Alternatively, you can try injecting outside the debugger and then attaching to the process afterwards - this was how I would do it for EasyHook 2.6.

May 12, 2012 at 12:51 AM

The ProcessMonitor example still works fine. I just tried attaching to the process afterwards, works now. Thanks spazzarama. :)

Jan 2, 2013 at 9:49 PM

I am running into a similar issue. Anything happened with this thread ? Attaching to the process after injection works but before injection it gives me a Access Violation.

Sep 16, 2013 at 9:42 AM
I am getting the same problem. Even building and running the ProcMon sample fails if I run it from the debugger, regardless of whether VS2010 is in administrator mode and regardless of which project configuration I'm running. Or there any other work-arounds, apart from late attaching ( which I will try next ) ?
Mar 6, 2014 at 7:27 PM
Edited Mar 6, 2014 at 7:28 PM
Has anyone been able to attach successfully through code before or after injection? If I attach after it hangs. If I attach before it attaches but then continuously triggers breakpoints with the following console output:
<mda:msg xmlns:mda="">
       Attempting to call into managed code without transitioning out first.  Do not
       attempt to run managed code inside low-level native extensibility points, such
       as the vectored exception handler, since doing so can cause corruption and data
  <mda:reentrancyMsg break="true"/>
Here's the code I'm using to attach with Visual Studio 2012, 64 bit Windows 7, EasyHooks 2.7.5159:
    public static void AttachToDebugger(uint pid)
        Console.WriteLine("Attempting to attached visual studio to process {0}.", pid);
        int tryCount = 0;
        while (tryCount++ < 5)
                EnvDTE80.DTE2 dte2 = (EnvDTE80.DTE2)System.Runtime.InteropServices.Marshal.GetActiveObject("VisualStudio.DTE.11.0");
                EnvDTE.Debugger debugger = (EnvDTE.Debugger)dte2.Debugger;

                foreach (EnvDTE.Process p in debugger.LocalProcesses)
                    if (p.ProcessID == pid)
                        Console.WriteLine("Attached visual studio to process {0}.", pid);
            catch //(System.Runtime.InteropServices.COMException)
        throw new Exception("Unable to attach to debugger.");
Mar 6, 2014 at 10:15 PM
I usually have the project with the injection assembly loaded and put a break point at the start of the IEntryPoint.Run method.

I then attach the debugger to the target (eg notepad or whatever), and then run outside VS the hook application (eg ProcessMonitor).

This doesn't work well if you are using the GAC, otherwise I don't have any problems.

Another approach I use is to use WinDbg.