ProcDump (procdump.exe) is a Windows Sysinternals tool. It allows you to create dumps of the Bria process if our team needs them while troubleshooting an issue.
When Procdump captures the dump file, it does not kill the running process.
The Process
To create a dump with ProcDump, do the following:
- Download ProcDump from Windows Sysinternals site
- Create a folder where dumps will be stored (e.g. C:\Dumps\)
- Unzip the archive and put the procdump.exe in to the created directory
- Open Windows command-line: Hit Start and type in cmd. Right-click and choose Run as Administrator.
- In CMD, switch to the newly created folder using the cd command:
cd <path_to_folder>
For example: cd C:\Dumps
- Depending on the nature of the issue (immediate process crash, hanging process, lock-up etc.) choose what options are to be used with ProcDump. See the most common examples below:
- Crashing: Situations when processes are crashing (e.g. right upon starting, or they crash randomly) can be universally handled by the following command:
procdump -e -ma -w <process_name>
If Bria is crashing, the command will look like:
procdump -e -ma -w bria.exe
This will execute ProcDump to monitor for the process to start (if it's not running yet) and create a full process memory dump as soon as it encounters unhandled exception and crashes.
In case you need to capture memory dumps of more than one process, or you don't know what process is going to crash (e.g. when provided with custom libraries), use the following command - it will capture all memory dumps for any crash that occurs:
procdump -ma -i C:\dumps
-
Hanging: If you need to create a dump file of the running process in its current state (e.g. if it seems to hang or uses a lot of resources, etc.), then the command is even simpler:
procdump -ma -s 3 -n 5 <process_name>
This command will write 3 mini-dumps 5 seconds apart; change the values if needed.
Using PID (useful if multiple processes with the same name are running):
procdump -ma <process_PID> (where process_PID is the process identifier)
If bria.exe seems to be hanging, the following command can be used:
procdump -ma -s 3 - n 5 bria.exe
or
procdump -ma 3255 (if 3255 is the process identifier)
The full list of the parameters can be found in on the ProcDump download page or by issuing command procdump /?
- Crashing: Situations when processes are crashing (e.g. right upon starting, or they crash randomly) can be universally handled by the following command:
- Once the necessary dumps are created, you can locate them in the same folder where ProcDump resides (e.g. C:\Dumps\)
- Compress the process dump into a .zip file
- Send the dump file to CounterPath Support by attaching it to your ticket or uploading to your trusted file host of choice
Just-In-Time Debugging
You can also set up Just-in-time debugging (AeDebug Windows option) to collect crash dump automatically in case of a process crash. Once configured, the system will invoke procdump automatically, without any user interaction, whenever an application crash event occurs and the dump file will be written automatically. Also, the system can be rebooted any amount of times and there will be no need for any extra action after each reboot to resume monitoring for crashes.
Process
-
Download ProcDump from Windows Sysinternals site. Select a folder to put procdump.exe in, e.g. C:\procdump.
You should choose a folder where procdump.exe can be kept until the support ticket is fully investigated, resolved and solution is created and verified. The path to procdump need to remain unchanged because of the way we will be collecting dumps, described further below
-
Open Windows command-line: Hit Start and type in cmd. Right-click and choose Run as Administrator.
-
Change current directory to the folder with procdump.exe. In our example it would be:
cd C:\procdump -
4) Register procdump as the AeDebug postmortem debugger:
procdump.exe -accepteula -ma -iThis will tell the system that whenever any application crashes - not only Bria - Windows will launch procdump automatically and save a memory dump of the crashed process into the folder with procdump.exe. Procdump will be launched only when an application crash event occurs and it does not need to be running all the time.
-
The text output of the previous command should confirm that procdump was registered successfully:
ProcDump is now set as the Just-in-time (AeDebug) debugger.If there is an error or warning, please reboot the computer and repeat the procedure starting with step 2)
- Wait until the crash occurs
-
Check the folder where ProcDump is stored (C:\procdump in this example) for files with .dmp file name extension.
If they are present, upload them to your Support Ticket or your trusted file host of choice.
If there are no .dmp files, it means either procdump was not registered properly, or something prevented it from generating crash memory dump files. Try disabling antivirus and repeat the procedure starting with Step 2.
-
After CounterPath finishes diagnosis, undo the changes you've made in this process:
- Run "cmd" as administrator (Press Windows key to open the start menu. Type in cmd to search for Command Prompt. Press Ctrl+Shift+Enter to launch Command Prompt as administrator)
- Change current directory to the folder with procdump.exe. In our example it would be: cd C:\procdump
- Run the following command to stop Just-in-time debugger mode: procdump.exe -u
More information
To collect dump files of multiple processes with a given name:
- Navigate to the directory where procdump.exe is located.
-
Execute:
for /f "tokens=2 delims=," %F in ('tasklist /nh /fi "imagename eq <process>.exe" /fo csv') do procdump -ma %~F SP_%~F.dmpwhere <process> is the name of the process(es) you are collecting dumps of, for example bria.exe
Or create a batch file with this command:
for /f "tokens=2 delims=," %%F in ('tasklist /nh /fi "imagename eq <process>.exe" /fo csv') do procdump -ma %%~F SP_%%~F.dmpwhere <process> is the name of the process(es) you are collecting dumps of, for example bria.exe
Please also check the Process Explorer Tool which can be useful for dumps creation. This tool detects which dump (32/64 Bit) should be created automatically.