I got an email from someone who was trying to generate a crash dump file using ADPlus. This person has attended couple of my sessions about crash dump analysis and since then has solved few issues by analyzing crash dumps (way to go JC 🙂 ). Just to be fair with him, I typically use ADPlus/Windbg in my sessions so he was following same set of tools to solve this problem also. The issue he was encountering in this particular scenario was that his application crashes as soon as he launches it. Using ADPlus in this scenario is a bit tricky as it requires to attach a debugger to running process but this process crashes right at start, which does not leave any time for a user to run ADPlus command. In short, question was what tool could be used generate a crash dump file in this scenario.
There can be few ways of doing it but simplest is by using ProcDump, an amazing tool by Mark Russinovich. You can use it to monitor a process in addition to generating a crash dump. You can use various switches to specify specific criteria, once your applications hit any of these threshold, ProcDump can genearte a dump file for you. For this particualar scenario, you can use switch X, that actually starts the process under debugger. So let’s say my application name is Crasher that throws an unhandled exception at start, I can run ProcDump as follows that will create a dump file in C:\CrashDumps folder.
ProcDump -x C:\Crasher.exe C:\CrashDumps