OllyDbg supports many kinds of INT3 breakpoints: ordinary, conditional and conditional logging. Of course, internally this is the same breakpoint with different options activated. At the first glance, it looks overcomplicated and illogical; but it is really so. Version 2.0 should make breakpoints better, but now you must live with what you have.
Breakpoint consists of single-byte command INT3 that replaces first byte of the breakpointed command, descriptor of type t_bpoint in table of active breakpoints and several names associated with the same address that specify expressions and necessary actions:
| Name type | Meaning |
| NM_BREAK | Condition associated with breakpoint. If condition is absent or invalid, OllyDbg assumes that it is true; |
| NM_BREAKEXPL | Explanation - any text that identifies breakpoint to user. Usually has no special meaning. Message breakpoints use special name "<WinProc>"; |
| NM_BREAKEXPR | Expression that should be estimated and logged. First byte of expression contains flags (set of COND_xxx, explained below) that control behaviour of breakpoint; |
| NM_PLUGCMD | Commands that will be passed, one by one, to plugins if breakpoint is taken. Command are separated by CR, LF or CRLF. |
Ordinary breakpoint (toggled if you press F2) has no associated names and zero pass count. Program pauses whenever this breakpoint is hit.
Conditional breakpoint (shortcut Shift+F2) has associated name of type NM_BREAK. If breakpoint is hit, OllyDbg estimates value of expression. If result is not 0, or expression is invalid, program pauses. Otherwise, OllyDbg continues execution.
Conditional logging breakpoint (Shift+F4) has at least associated name of type NM_BREAKEXPR. First byte of this name is a set of flags COND_xxx that specify additional options. Strange settings of bits COND_NOBREAK and COND_BRKALWAYS are for backward compatibility with version 1.00. As you see, so deep compatibility is not always good:
| Bit | Meaning | Equivalent in dialog |
| COND_NOBREAK | Don't pause execution if breakpoint is hit. Has higher priority than COND_BRKALWAYS | Pause program: Never |
| COND_BRKALWAYS | Always pause if breakpoint is hit. If both COND_NOBREAK and COND_BRKALWAYS are zero, pause on condition | Pause program: Always |
| COND_LOGTRUE | Estimate value of expression NM_BREAKEXPR and log it together with NM_BREAKEXPL if condition is true | Log value: On condition |
| COND_LOGALWAYS | Always log value of expression | Log value: Always |
| COND_ARGTRUE | Decode and log arguments of known function if expression is true | Log arguments: On condition |
| COND_ARGALWAYS | Always log arguments of known function | Log arguments: Always |
| COND_FILLING | Always set to assure that resulting byte is not 0 |
Descriptor of breakpoint contains pass count. This feature is new to OllyDbg 1.10. If breakpoint is hit and conditions (or their absence) indicate that program should be paused, OllyDbg compares pass count with 0. If count is 0, program pauses. Otherwise, OllyDbg decrements counter and continues execution. Pass count does not restore automatically, that is, after it is decremented to zero, it remains zero until user or plugin will set it again.
See also: Breakpoint functions, Manualbreakpoint, Setbreakpoint, Setbreakpointext, Getbreakpointtypecount.