惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

酷 壳 – CoolShell
酷 壳 – CoolShell
H
Hacker News: Front Page
P
Palo Alto Networks Blog
T
ThreatConnect
Apple Machine Learning Research
Apple Machine Learning Research
博客园_首页
T
True Tiger Recordings
P
Privacy & Cybersecurity Law Blog
B
Blog
IT之家
IT之家
Last Week in AI
Last Week in AI
F
Full Disclosure
Hacker News: Ask HN
Hacker News: Ask HN
C
Comments on: Blog
Microsoft Azure Blog
Microsoft Azure Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Microsoft Security Blog
Microsoft Security Blog
博客园 - 【当耐特】
N
News and Events Feed by Topic
NISL@THU
NISL@THU
腾讯CDC
雷峰网
雷峰网
Security Latest
Security Latest
李成银的技术随笔
M
Microsoft Research Blog - Microsoft Research
L
LangChain Blog
L
Lohrmann on Cybersecurity
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
C
Check Point Blog
Y
Y Combinator Blog
Recent Announcements
Recent Announcements
博客园 - Franky
N
News | PayPal Newsroom
V
V2EX
A
About on SuperTechFans
The Register - Security
The Register - Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Google Online Security Blog
Google Online Security Blog
MyScale Blog
MyScale Blog
Cisco Talos Blog
Cisco Talos Blog
Vercel News
Vercel News
WordPress大学
WordPress大学
C
Cyber Attacks, Cyber Crime and Cyber Security
The Hacker News
The Hacker News
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
IntelliJ IDEA : IntelliJ IDEA – the Leading IDE for Professional Development in Java and Kotlin | The JetBrains Blog
爱范儿
爱范儿
A
Arctic Wolf
L
LINUX DO - 最新话题
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

博客园 - sPhinX

如何解决在Win11下卸载McgsPro失败的问题 如何离线安装WinDbg Preview 敏捷软件开发 原则、模式与实践 第9章的例子程序(C#版) Akavache简明使用指南 Oracle存储过程解析XML内容 P/Invoke继续谈 有意思的案例: 的问题 dnSpy - 让调试镜像文件的工作变得轻松点 dnSpy调试IIS(w3wp进程) Xilium.CefGlue与SingleProcess rocketmq-client-cpp(2.0.1)编译指南 RocketMQ .NET客户端的那些坑 P/Invoke今日谈 .NET编译问题汇总 动态的世界 Process.Start可能无法选中指定文件的问题 获取本地IP 将exe和dll打包为一个exe文件 .NET异步资料收集
使用ProcDump自动生成Dump文件
sPhinX · 2019-09-21 · via 博客园 - sPhinX

ProcDump工具来自Sysinternals Suite

最近用来自动产生Dump文件

一是用来监视服务器程序无响应

procdump -accepteula -64 -ma -h server.exe

二是用来监视客户端程序闪退(猜测是有未处理的异常)

procdump -accepteula -ma -e client.exe

注意:客户端程序是32位,服务器程序是64位的

下面的例子来自官方介绍:

为名为“notepad”的进程产生迷你Dump文件(只能有一个匹配的进程存在)

C:\>procdump notepad

为ID为4572的进程产生完整Dump文件

C:\>procdump -ma 4572

为名为“notepad”的进程产生3个迷你Dump文件(每个之间间隔5秒钟)

C:\>procdump -s 5 -n 3 notepad

当名为“consume”的进程超过20%CPU达到5秒时产生最多3个迷你Dump文件

C:\>procdump -c 20 -s 5 -n 3 consume

Write a mini dump for a process named 'hang.exe' when one of it's Windows is unresponsive for more than 5 seconds:

C:\>procdump -h hang.exe hungwindow.dmp

Write a mini dump of a process named 'outlook' when total system CPU usage exceeds 20% for 10 seconds:

C:\>procdump outlook -p "\Processor(_Total)\% Processor Time" 20

Write a full dump of a process named 'outlook' when Outlook's handle count exceeds 10,000:

C:\>procdump -ma outlook -p "\Process(Outlook)\Handle Count" 10000

Write a MiniPlus dump of the Microsoft Exchange Information Store when it has an unhandled exception:

C:\>procdump -mp -e store.exe

Display without writing a dump, the exception codes/names of w3wp.exe:

C:\>procdump -e 1 -f "" w3wp.exe

Write a mini dump of w3wp.exe if an exception's code/name contains 'NotFound':

C:\>procdump -e 1 -f NotFound w3wp.exe

Launch a process and then monitor it for exceptions:

C:\>procdump -e 1 -f "" -x c:\dumps consume.exe

Register for launch, and attempt to activate, a modern 'application'. A new ProcDump instance will start when it activated to monitor for exceptions:

C:\>procdump -e 1 -f "" -x c:\dumpsMicrosoft.BingMaps_8wekyb3d8bbwe!AppexMaps

Register for launch of a modern 'package'. A new ProcDump instance will start when it is (manually) activated to monitor for exceptions:

C:\>procdump -e 1 -f "" -x c:\dumps Microsoft.BingMaps_1.2.0.136_x64__8wekyb3d8bbwe

Register as the Just-in-Time (AeDebug) debugger. Makes full dumps in c:\dumps.

C:\>procdump -ma -i c:\dumps

See a list of example command lines (the examples are listed above):

C:\>procdump -? -e

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。