This is a set of notes on how to debug a Windows service starting up, mostly for my reference. Building on https://www.sysadmins.lv/retired-msft-blogs/alejacma/how-to-debug-windows-services-with-windbg.aspx with command line steps where possible.
In this example, we’ll be debugging
mycool.exe, which has the service name
Find the path to
C:\Program Files (x86)\Windows Kits\10\Debuggers\x86).
Start an elevated command prompt. Set the service to manual start (and stop it if it is currently running, … duh):
sc config mycoolservice start=demand sc stop mycoolservice
Find the short path for
cdb.exe(pasting the path from point 1 as appropriate):
for %A in ("C:\Program Files (x86)\Windows Kits\10\Debuggers\x86\cdb.exe") do @echo %~sA
Enable the debug hook for the service, using gflags, replacing the path as necessary:
C:\PROGRA~2\WI3CF2~1\10\DEBUGG~1\x86\gflags /p /enable mycool.exe /debug "C:\PROGRA~2\WI3CF2~1\10\DEBUGG~1\x86\cdb.exe -server tcp:port=9999"
Change the service startup timeout to 1 hour to avoid Windows killing the service on startup:
reg add HKLM\System\CurrentControlSet\Control /v ServicesPipeTimeout /t REG_DWORD /d 3600000
Reboot, start an elevated command prompt again.
Start the service, which will appear to hang:
sc start mycoolservice
Open Windbg, Ctrl+R
Go forth and debug.
Start an elevated command prompt, and enter the following commands:
C:\PROGRA~2\WI3CF2~1\10\DEBUGG~1\x86\gflags /p /disable mycool.exe reg delete HKLM\System\CurrentControlSet\Control /v ServicesPipeTimeout
Reset the service startup parameters to your preferred startup type.
Reboot to reset the service control timeout.
2 thoughts on “Debugging a Windows Service”
We currently experience the issue that cdb isn’t started, when it is configured via gflags to start for a process, which is a child of a service process. Did you ever experience this, and if, did you find a solution?
I haven’t experienced that; you might find procmon helpful for diagnosing why cdb isn’t starting?