Windbg adplus, a convenient tool for capturing dump

2.3.2 adplus, a convenient tool for capturing dump

As mentioned above, the dump file can save the Process status for easy analysis. Because the dump file records the specific information of a process at a certain time point, it is very important to save the dump. For exampleProgramCrash: dump should be obtained when the command that causes the crash is executed (that is, when the 1st chance exception occurs), so that the direct cause of the problem can be seen during dump analysis.

Adplus is a vbs script in the same directory as windbg. Adplus is mainly used to capture dump files. For more information, see the adplus help in the windbg help file. There are some common usage:

Assume that our target program is test.exe:

Run the following command to monitor the time period before test.exerun crashes:

Adplus-crash-PN test.exe-o C:/dumps

When test.exe crashes due to 2nd chance exception, adplus generates a full dump file in C:/dumps. When 1st chance AV exception or 1st st chance breakpoint exception occurs, adplus generates the mini dump file in C:/dumps.

You can also use:

Adplus-crash-PN test.exe-fullonfirst-o C:/dumps

The difference is that after the-fullonfirst parameter is added, the full dump file will be generated for both 1st chance exception and 2nd chance exception.
Assume that the deadlock or memory leak in test.exe is not a crash. To obtain a dump at any time, run the following command:

Adplus-Hang-PN test.exe-o C:/dumps

This command immediately captures full dump of test.exe under C:/dumps.

The more flexible method of adplus is to use the-C parameter to bring the configuration file. In the configuration file, you can select the time when the exception occurred, whether the generated dump is Mini dump or full dump, or set breakpoints. The last chapter introduces the adplus parameter selection principles.