This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Debugging Wireshark dissector in Visual Studio 2013

0

According to the Howto here I can just open the Wireshark.exe and debug it in VisualStudio,
but the debugging option is greyed out.
Can anyone help me?

asked 15 Oct '14, 07:38

lal12's gravatar image

lal12
367712
accept rate: 33%

edited 15 Oct '14, 08:54

grahamb's gravatar image

grahamb ♦
19.8k330206

Now I found a way:

  • Compiled wireshark on the usual way.
  • Started the "wireshark-gtk2\Wireshark.exe".
  • Opened the source file I wanted to debug.
  • Now I clicked on the "Anhängen" option (in english maybe someting like ~"Append to process").
  • Then I choose the wireshark.exe from the process list and confirmed.
  • Now it was possible to debug mostly as I was already used it from Visual Studio.

But some bugs seems to occure:
- If you set an breakpoint to an "if" or "switch" you cannot see the value of compared variables, also this is not possible in the if/switch block itself. But it works if you set the breakpoint at least one step before the if or switch command.
- I am note sure, but I think sometimes the "Einzelschritt" (~"go one step") does not work, it seems that it jumps several steps.

(16 Oct '14, 01:01) lal12
1

Ensure to compile Wireshark without optimization. Edit config.nmake and remove the /O2 flag from LOCAL_CFLAGS. Then clean the objects and recompile.

(16 Oct '14, 02:50) Pascal Quantin

One Answer:

0

Works for me with VS 2013 Pro

  • Start Visual Studio.
  • From the File | Open | Project/Solution ... menu, open the wireshark executable in yourbuilddir\wireshark-gtk\Wireshark-gtk.exe or yourbuilddir\wireshark-qt-release\Wireshark.exe
  • F5 or Debug | Start Debugging

answered 15 Oct '14, 09:00

grahamb's gravatar image

grahamb ♦
19.8k330206
accept rate: 22%

Well, it does not work for me. I also have VS 2013 Pro installed, but when I open the file the only available option in the debug menu is "An den Prozess anhängen" (~"concat on the process", probably wrong translated).
It is a german installation, so I do not know how it is called in english, but maybe you see what I mean in the picture below.
I tried all combinations of calling the "SetEnv.cmd" (Debug x86, Debug x64, Release x86, Release x64),
but it is the same every case.

alt text

(16 Oct '14, 00:05) lal12

You haven't followed the instructions properly, you have opened Wireshark.exe as a "File", e.g. the following menu op; File | Open | File, or "Ctrl + O", probably not helped by my instructions being in English and your VS running in German.

Reread the instructions above or use the "Ctrl + Shift + O" shortcut.

(16 Oct '14, 03:55) grahamb ♦
1

An image of the required operation:

alt text

(16 Oct '14, 03:57) grahamb ♦

Ok thx, I found that by myself after a while. But removing the O2 flag helped.

(16 Oct '14, 04:31) lal12

Actually debugging optimised code is a separate question I think.

If an answer has solved your issue, please accept the answer for the benefit of other users by clicking the checkmark icon next to the answer. Please read the FAQ for more information.

(16 Oct '14, 04:38) grahamb ♦