I'm testing an application running on IIS using AppVerifier/WinDbg/cdb. Basically the schema is as follows: when IIS starts cdb attaches to the process and creates a named-pipe, then I use WinDbg to connect to the pipe.
Then I run thousands of test cases against the application and wait until AppVerifier throws something.
Problems/Questions:
For the duration (around 10 hours) of the test, IIS is restarted around thousand times, every time it's restarted WinDbg is shut down and I've to manually re-start the WinDbg. Is there a way to say WinDbg NOT to shut down when the pipe is closed, but retry to connect it?
I've to continuously sit on front of WinDbg and wait for AppVerifier to throw something? Is there a way to say to WinDbg to beep or show a popup when it's stopped by exception?
Thanks.
You can use the sxe command (or other sx* commands) to have WinDbg run a command when an exception is hit. For a trivial example, this prints "Hello, world: " when a module is loaded:
sxe -c ".printf \"Hello, world: \"" ld
You might think to combine this with the .beep command, but this results in a syntax error. I think that might be related to the note in the .beep help that says "This command cannot be used in script files." However, you should be able to use .shell to do something useful.
I haven't tried it, but perhaps it is possible to hack around your reconnection problem using the sx* commands to trap the "process exit" event. Or maybe you could have the cdb instance that is started with IIS notify you when an exception occurs, so that you can then connect to it using WinDbg?
Related
I have a stupid question - how can I stop debugging?
I run adplus -crash -0 path -pid number -mss symbols ..
Then I got message that it was attached to the process. I saw logs and mini dumbs in the folder, but I want to stop it. What should I do? I do not see any commands in adplus help to detach it from the process. How can I do it? Can I just close cdb.exe command window or not?
Thanks
You can break into the debugger (in the cdb window, hit Ctrl+C) and then detach using the qd command.
You might want to consider using Procdump to capture crash dumps -- it is much more flexible, easy to use, and supports both x86 and x64 processes in a single package.
I am writing a normal, innocent C++/Qt program in Windows 7/MinGW.
It is the second time in two days that after closing the program the executable remains among the active processes, and there is no way to kill it (I try both from the command line and from Windows Task Manager).
One inconvenience is that I cannot re-link my code, because the binary code cannot be overwritten, being running.
The reason is that the executable was running under the control of the debugger, and this protected the process against any attempt to kill it. Stopping it through the debugger has been successful.
I did not know that the debugger could shield a process from any external attempt to kill it so well...
How can I start my program automatically if it crashes on windows 2003 server? Sometimes my program just crashes, is there a way in windows or settings that I can set?
There are several ways to create a process supervisor/guardian process on Windows.
First, is to leverage windows command line capabilities. Create a bat file:
#echo off
:start
start /w "your app to watch.exe"
goto start
start /w will wait for the process to exit. When the process crashes and exits, the bat script will relaunch it.
Another option is to use free supervisor tool https://github.com/chebum/Supervisor. It allows to restart the crashed app, plus it allows to monitor two or more apps at once and it will automatically close these apps when supervisor's window is closed.
The usual approach is to run what is known as a guardian process. This is a separate process, often a service, that monitors the state of the main process. When the guardian detects that the main service has died, it re-spawns it.
To the very best of my knowledge, there is not built in Windows functionality to do this for you.
Notice: running self-looping bat files can be useful, but unless you know what you're doing, they can wreak all kinds of havoc. This goes especially if you run them on startup. You have been warned.
Anyway. I just remembered something from my 286 days, when I played around a lot with BAT files. If you write the file
yourprogram.exe
some other event
the BAT file will run yourprogram, and then pause and wait around in the background until the program exits. After that it will run "some other event". This used to be kind of annoying if you wanted to run multiple things at once, but here it's actually useful. Using this, it's possible to make it run a loop that restarts the program (and reruns the bat file) as soon as it exits. Combine this with https://superuser.com/questions/62525/run-a-completly-hidden-batch-file, and you'll never even see it happening.
The final BAT file ("restart.bat" in this example) will look something like:
c:\[location]\yourprogram.exe
wscript "C:\[location]\invisible.vbs" "C:\[location]\restart.bat"
That's about it. Start the program (on startup via task or even just startup folder) with line 2, and this ought to solve your problem :)
Oh, if you want to stop the loop, just rename the bat file or put "// " in front of the two lines, save it, and exit the program.
If the program you are running requires admin rights, the solution I found was using psexec (http://technet.microsoft.com/en-us/sysinternals/bb897553.aspx) to run both the program and the bat with elevated privileges. In that case the BAT will look like:
c:\[location]\psexec -h c:\[location]\yourprogram.exe
c:\[location]\psexec -h wscript "C:\[location]\invisible.vbs" "C:\[location]\restart.bat"
Then you run the bat as administrator, or run the second line (without the psexec part) from task scheduler with elevated privileges. BEWARE: running it as a normal user and clicking "no" on the UAC prompt gave me a BSOD, probably because it looped "can't run program because of lacking privileges" a couple of billion times or something :)
You can use RegisterApplicationRestart.
"If you register for restart and the application encounters an
unhandled exception or is not responsive, the user is offered the
opportunity to restart the application; the application is not
automatically restarted without the user's consent. "
For automatic restart without user intervention, there is also RestartOnCrash. Works with all Windows versions.
I was looking for something similar. There are two options to handle this - either you can write a small script by yourself or use something that is already existing.
After some googling I came across this nice list. The blogger has compiled about 8 tools to automatically restart a crashed or closed application.
Unfortunately there are no settings in Windows to automatically restart a regular program when it crashes.
Do you need to actively interact with your application's GUI? Some of the Service Wrappers (designed to run any application as a Windows Service) will monitor your application and restart it when it fails, but be sure investigate Session 0 Isolation to ensure that it won't get in the way.
You may use some special app like BDV SystemEvents or any other. It allows you to specify application which will be started if some another application is closed. Specify the same application as a Condition and as an Action and you will get expected results.
I'm debugging plugins on Windows 7 and of course the plugin host (Cubase5.exe) occasionally crashes because of errors in the plugin. On XP or Vista, I could always restart it immediately and continue working. But on Windows 7, even though Cubase appears to close, it is still visible in Task Manager and I cannot kill it by any means. After a minute or two, it disappears by itself. In the mean time, I can't work because the plugin DLL is still locked by the process.
Does anyone know why this happens on Windows 7? I've already tried disabling Automatic Error Reporting but that didn't help. I've tried attaching cdb to Cubase, but I get:
Cannot debug pid 5252, NTSTATUS 0xC0000001
"{Operation Failed} The requested operation was unsuccessful."
Debuggee initialization failed, NTSTATUS 0xC0000001
"{Operation Failed} The requested operation was unsuccessful."
I tried following the instructions here but it appears this is only possible if I connect a second machine to my computer to debug it remotely.
I finally found the solution, using this article:
http://blogs.technet.com/b/markrussinovich/archive/2005/08/17/unkillable-processes.aspx
This required installing the Windows Debugging Tools for Windows (nice name) and LiveKd, but by following the steps outlined I was able to track which driver was causing the process to hang: it turned out to be the 64-bit driver for the M-Audio Oxygen 8 V2 controller I'm using. Unfortunately no driver update is available.
Anyway, if anyone encounters a similar problem, this is the way to solve it.
Have you tried Process Explorer by Mark Russinovich? It is really useful for "killing":)
If you have error reporting enabled, it's possible that werfault.exe has Cubase open to write a minidump for crash reporting purposes.
This is just a stab in the dark but it might be your problem.
One thing you can try is to check with Process Monitor what Cubase is doing. Set a filter so that everything with a process name containing "cubase" will be recorded. It could be that you are facing some timeout issue when Cubase wants to exit.
you can end the process the service is running under. You can find this process by going to the Services tab of the Task Manager, right-clicking, and selecting Go To Process(you need to click the Show processes from all users button.). Note that one process may host multiple services (especially if it's svchost.exe), and ending the process will kill all those services. Also, this is an unclean exit, and may cause data corruption depending on what the service(s) was doing when you killed it.
Depending on which specific service you are trying to stop, there may be a cleaner way to simulate failure.
How to reload a crashed process on Windows? Of course, I can run a custom monitoring Win service process. But, for example, Firefox: it doesn't seem to install such a thing, but still it can restart itself when it crashes.
On Vista and above, you can use the RegisterApplicationRestart API to automatically restart when it crashes or hangs.
Before Vista, you need to have a top level exception filter which will do the restart, but be aware that running code inside of a compromised process isn't entirely secure or reliable.
Firefox constantly saves its state to the hard disk, every time you open a tab or click a link, or perform some other action. It also saves a flag saying it shut down safely.
On startup, it reads this all back, and is able to "restore" based on that info.
Structured exception handling (SEH) allows you to catch program crashes and to do something when it happens.
See: __try and __except
SEH can be very dangerous though and could lead to your program hanging instead. Please see this article for more information.
If you write your program as an NT service then you can set the first, second and subsequent failure actions to "Restart the service".
For Windows 2008 server and Windows Vista and Windows 7 you can use the Win32 API RegisterApplicationRestart
Please see my answer here for more information about dealing with different types of program crashes.
If I recall correctly Windows implements at least some subset of POSIX and so "must" have the signal interface (things like SIGKILL, SIGSEGV, SIGQUIT etc.).
I've never done this but on linux, but you could try setting the unexpected termination trap with signal() (signal.h).
From quick scan of docs it seems that very few things can be done while handling signal, it may be possible that even starting a new process is on forbidden list.
Now that I've thought about it, I'd probably go with master/worker pattern, very simple parent thread that does nothing but spawns the worker (that does all the UI / other things). If it does not set a specific "I'm gonna die now" bit but still dies (parent process always gets message / notification that spawned process died) then master respawns the worker. The main theme is keep master very simple and hard to die due to own bugs.