Here is a handy trick to make some code wait for a debugger to attach.
Let's say you have some user mode code you need to debug and it has some kind of tricky activation flow that makes it hard to get a debugger on the process before the code executes.
In my case, I was helping someone on my team debug some test failures. Some weirdness was happing when the test activated an out-of-proc COM object. The COM server was getting loaded into a COM surrogate dllhost.exe. We added some more WPP tracing to see if we could narrow down the issue, and the was happening when the COM object was getting activated.
We tried to use named pipe debugging like I outlined before but it wasn't really applicable because it was using the surrogate instead of the svchost.
You can also set up windbg to automatically attach to the children of the process that you are currently debugging, but that didn't help either. The COM runtime was the one creating the process. I can't remember exactly, but I think it was the RPC endpoint mapper doing it.
Then the thought I had was to just make the COM server sleep for long enough for me to attach a user-mode debugger for say 30 sec. Our traces were showing the server's PID, or you can also use tlist.exe to find the PID. Instead of waiting for a long timeout, I added some code that spins until a debugger is attached.
Here is the code that spins until a debugger attaches.
while (!IsDebuggerPresent()) {
Sleep(1000);
}
__debugbreak();
