I have a windows service that has a timer that fires a method every 30 seconds.
The method then calls thread.sleep() and when it finishes it calls thread.start();
All code in the method is wrapped in a try/catch except for the calls to the tread sleep/start.
For some reason the service stops working, but if I recycle it or set it to recycle upon a crash it works fine.
How can I diagnose the problem?
Is there other events like OnCrash or somethign that I can hook into to dig into the stack trace?
A windows service is just the same as a normal application, it's just executed differently. So ask yourself if your normal app didn't crash, but stopped working what could cause it? Lots of things spring to mind like locking issues, concurrency issues etc...
There is no OnCrash event though but what I do for Windows Services is put all logic in a seperate assembly with a simple start method and that way I can host it in a console application and do testing easily and moving to a windows service is also not too hard.
Your other option is to attach the Visual Studio debugger to the Windows service and debug as normal.
No, there aren't, but why not just put in a try/catch yourself and log the exception when it occurs?
Also, I find the call to Sleep and Start very dubious. You shouldn't be using these calls in general for synchronization. Why are you making these calls?
I think first and foremost you need to find the reasons why it is crashing. OnCrash? well, if it crashed it won't have much to say, I guess.
Its the timer!.
Get rid of it and your problem will be solved.
Check this post for more info .
You are better off doing the operation like this...
While (stopSignal = False)
'do your work'
Thread.Sleep(yourInterval)
End While
EDIT: If you want to debug a service and not have to suffer through attaching a debugger, then do this.
Whether you disagree with this or not, MS has confirmed that its a bug, and removing the timer is the only way to avoid this problem. You should also not be using exceptions as program flow control (Catch and Retry) if you can help it.
You can use Microsoft's Debug Diagnostic Tool v1.1 to monitor a service and create a dump when it crashes. Then you can debug the dump.
http://www.microsoft.com/download/en/details.aspx?id=24370
Related
i have no ideal for initialization code c++ before windows shutdown. For protect algorithm of my code when running. Any ideal here?
I am not sorry to report you cannot do this reliably. You can handle WM_QUERYENDSESSION or WM_ENDSESSION Windows messages, but that really traps logoff not shutdown. Alternately you could try a Windows service and react to the stop signal. But that is exactly that, your service being stopped.
HOWEVER; none of this happens reliably. If you have some defenses best broken by the shutdown code not running, somebody who wants to break them will just power the machine off. If I thought you were writing software that needed to be fault tolerant I would now advise you on crash-only software.
To make a backing store that can survive being powered off without being corrupted, the cheapest way is to use sqlite.
I think you should create an object of your own class and write something inside the destructor (or ~YourClass()).
I've got a program that calls SetClipboardViewer at startup to register for clipboard change notifications. At shutdown time, it will call ChangeClipboardChain to remove itself from the chain correctly.
This is all great as long as the program runs normally. But that's got me wondering, what happens if the program gets aborted, either by me killing it under the debugger, by a crash, or by the user killing the process because something went wrong? Then the cleanup never happens. Can that cause trouble for the system somehow?
Specifically, I know Windows can remove my viewer without trouble because it's a handle and Windows can clean up all handles when a process terminates, but will this cause the next value downstream in the chain, that I was holding a reference to, to get lost somehow?
Yes, failure to remove yourself from the chain will break the chain. Deadly sin #2. Please read the whole list to be sure that you're following all of the rules.
http://www.clipboardextender.com/developing-clipboard-aware-programs-for-windows/6
Lots of apps suffer from this, including the Delphi IDE. i.e. if Delphi crashes in certain ways, it'll kill the clipboard chain (D2005 anyway).
Consider using Vista style notification on Vista/Windows7.
I programmed a Windows Service and it is running on a Windows 2000 machine. Sometimes the executable for this service dies, but the Windows service is still listed as "started" in the service manager. In this situation the restart behaviour defined for this service does not take effect.
Of course, the process needs to be debugged, but I am searching right now for a workaround.
How can I avoid this situation? How does the service manager in Windows 2000 determine if a windows 2000 process is still started or not?
That probably means that the service crashed. IIRC, older versions of windows didn't always recover when a service process abnormally terminates. But that was many years ago and my memory may be faulty.
The best way to avoid the situation is to figure out what's causing your service to crash and fix it.
Although Larry, being a Microsoft employee, probably knows better than anyone else, I dare say that you should give ChangeServiceConfig2 with SERVICE_CONFIG_FAILURE_ACTIONS a shot. I've worked on a legacy service that, before I did the refactoring, used to crash a lot. The remedy my predecessors chose was to use the failure action in order to invoke a program that (running under SYSTEM) would then restart the service as if nothing had happened.
All of this only works if your service is running in its own process, which I assumed given the way you describe it. If your service is implemented in a DLL this will not work.
But I wholeheartedly agree with Larry that you should investigate and fix the problem, rather than trying to conceal it. As mentioned above, I fixed the service in question and it's not crashing or very rarely crashing and everyone is happier with that solution ;)
I have an application that is hosting some unstable third-party code which I can't control in an external process to protect my main application from nasty errors it exhibits. My parent process is monitoring the other process and doing "the right thing (tm)" when it fails.
The problem that I have is that Dr. Watson is still detecting crashes in the isolated process and attaching to the processes on the way down to take a crash dump. This has the two problems of:
1. Dramatically slowing down the time that it takes for me to detect a failure because the process stays alive while the crash dump is being taken.
2. Showing annoying popups to the user asking if they want to submit the error reports to Microsoft.
Clearly I would prefer to fix the bugs in the child process, but given that it isn't an option, I would like to be able to selectively disable Dr. Watson (and Windows Error Reporting in Vista+) for that process.
I am running some of my own code in the process before handing off to the untrusted bit, so if there is an API that I can call that affects the current process that would be fine.
I am aware of: http://support.microsoft.com/default.aspx/kb/188296 which would disable Dr. Watson for the entire machine. I don't want to do that because it would make me a bad citizen to trash a machine-wide setting.
I am also aware of the WerSetFlags option in Vista+ that would seem to disable windows error reporting for the current process, but I need something that will disable Dr.Watson on earlier OS versions.
The good doctor is invoked when a process does not handle a certain exception. Therefore, the common way to go would be to handle all exceptions yourself. In your case, it is much harder since you don't own the crashing process code. What you can do then, is to inject your code into the other process at runtime, and install an exception handler that will swallow the exception causing the crash. When caught, gracefully shut down the process.
There are quite a few questions here talking about injecting code into another process. As for the crash handler, you can either set an unhandled exception filter, or add a vectored exception handler. Note that for the latter, you'll have to be careful not to swallow legit exceptions that are in fact handled inside the other process, namely find a way to recognize the crashing exception and make sure it is the only one you handle.
You want to disable the GPF popup: http://blogs.msdn.com/oldnewthing/archive/2004/07/27/198410.aspx
How to reload a crashed process on Windows? Of course, I can run a custom monitoring Win service process. But, for example, Firefox: it doesn't seem to install such a thing, but still it can restart itself when it crashes.
On Vista and above, you can use the RegisterApplicationRestart API to automatically restart when it crashes or hangs.
Before Vista, you need to have a top level exception filter which will do the restart, but be aware that running code inside of a compromised process isn't entirely secure or reliable.
Firefox constantly saves its state to the hard disk, every time you open a tab or click a link, or perform some other action. It also saves a flag saying it shut down safely.
On startup, it reads this all back, and is able to "restore" based on that info.
Structured exception handling (SEH) allows you to catch program crashes and to do something when it happens.
See: __try and __except
SEH can be very dangerous though and could lead to your program hanging instead. Please see this article for more information.
If you write your program as an NT service then you can set the first, second and subsequent failure actions to "Restart the service".
For Windows 2008 server and Windows Vista and Windows 7 you can use the Win32 API RegisterApplicationRestart
Please see my answer here for more information about dealing with different types of program crashes.
If I recall correctly Windows implements at least some subset of POSIX and so "must" have the signal interface (things like SIGKILL, SIGSEGV, SIGQUIT etc.).
I've never done this but on linux, but you could try setting the unexpected termination trap with signal() (signal.h).
From quick scan of docs it seems that very few things can be done while handling signal, it may be possible that even starting a new process is on forbidden list.
Now that I've thought about it, I'd probably go with master/worker pattern, very simple parent thread that does nothing but spawns the worker (that does all the UI / other things). If it does not set a specific "I'm gonna die now" bit but still dies (parent process always gets message / notification that spawned process died) then master respawns the worker. The main theme is keep master very simple and hard to die due to own bugs.