Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Home WINDBG

Before Posting...

Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


WinDbg service debuggin

Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230
in WINDBG

Folks, I need some insight into the following process of debugging a service , using DebugBreak() ..

Using the following link -- https://docs.microsoft.com/en-us/windows/win32/api/debugapi/nf-debugapi-debugbreak

Registry entry I added --
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\colortokens-lgm.mtoken]
"Debugger"="C:\Program Files\Debugging Tools for Windows (x64)\windbg.exe\""

In foo( ...)

I've the call to DebugBreak();

Now when I demand start the service, after sometime it hits that line of code, and locked the VMware work station. Without the DebugBreak() statement, I've exeception coming from some other parts, needless to say, excetption handling is not ideal here...

Question is the VM gets locked, any clue ?

Also I suppose the Windbg would be launched automatically !!

TIA,
Pro

· Share on Facebook

Comments

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,660

    It looks like you have a backslash after the exe name. That's certainly wrong. And does that really say "colortokens-lgm.mtoken"? That's nonsense. Where did you find that?

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

    · Share on Facebook
  • Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230

    Thanks much Tim

    https://docs.microsoft.com/en-us/windows/win32/services/debugging-a-service
    is what I found online ( after a long while got back to Windows environment ).

    For the second part it should be the name of exe (i,e, foo.exe ) I think.

    Another one is https://docs.microsoft.com/en-us/previous-versions/visualstudio/visual-studio-2010/a329t4ed(v=vs.100)?redirectedfrom=MSDN
    The image file execution.

    Which one is better ?

    Pro

    · Share on Facebook
  • Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230

    OK, the first option also no longer available from Vista onward.

    Going to try the Image File execution, to see ...
    Pro

    · Share on Facebook
  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,660

    Right, the key name should be

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\YourExeName.exe

    What you had was not sensible.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

    · Share on Facebook
  • Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230

    That was the service name, not the exe. Now I tried with the exact exe name...
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ct-lgm.exe]
    "debugger"="WinDbg.exe"

    System env. variable is update to point to the full path of Windbg.

    With that , after rebooting, I can not start the service (either by the service name - which what I do for demand start, or trying to start the exe -- which is not really sc understand ).

    sc start colortokens-lgm.mtoken
    [SC] StartService FAILED 2:

    The system cannot find the file specified.

    Administrator@WIN-QLARN9P79KK MINGW64 /c/Program Files/ColorTokens/LGM/LogFiles
    $ sc start ct-lgm.exe
    [SC] StartService: OpenService FAILED 1060:

    The specified service does not exist as an installed service.

    Thanks,
    Pro

    · Share on Facebook
  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,660

    Unless you know "windbg.exe" is on your default boot-time PATH, you'd best include the complete path to the exe.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

    · Share on Facebook
  • Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230

    %SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%systemroot%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft Windows Performance Toolkit\;C:\Program Files\Git\cmd;"C:\Program Files\Debugging Tools for Windows (x64)\windbg.exe"

    · Share on Facebook
  • Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230

    I will put the full path, anyway...

    Need to see how the flags are being set when the service is created ( Joy of debugging old cruft :smile: )
    prokash

    · Share on Facebook
  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,660

    Was that supposed to be your PATH? A PATH does not include individual executables. It includes the directories that CONTAIN the executables. Remove "\windbg.exe" from the end of that.

    Tim Roberts, [email protected]
    Providenza & Boekelheide, Inc.

    · Share on Facebook
  • Prokash_SinhaProkash_Sinha Member - All Emails Posts: 230

    Thanks, making so many mistakes ( lost lot of context )

    · Share on Facebook
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

Sign In Register
Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 16-20 October 2023 Live, Online
Developing Minifilters 13-17 November 2023 Live, Online
Internals & Software Drivers 4-8 Dec 2023 Live, Online
Writing WDF Drivers 10-14 July 2023 Live, Online

Categories