Share via

How can I get procdump to ignore C0000008.INVALID_HANDLE exceptions?

Andrew Greenwood 0 Reputation points
2023-09-22T14:03:19.93+00:00

I need to ignore an INVALID_HANDLE (0xC0000008) exception with procdump. I'm aware of why this exception is happening and waiting for that to be fixed, but don't believe it to be related to the crash I am investigating so I'd like to be able to dump on any other exception except this one.

When this exception happens, procdump always creates a dump file with:

Exception: C0000008.INVALID_HANDLE
Unhandled: C0000008.INVALID_HANDLE

So I tried using -e with these options (separately):

-fx "C0000008.INVALID_HANDLE"
-fx "C0000008"
-fx "INVALID_HANDLE"

But I still get a dump file whenever this exception occurs. I even tried just using these filters along with the -t option to dump on termination, and omitted the -e with the same results.

How can I get procdump to ignore this exception?

Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,238 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. MotoX80 36,291 Reputation points
    2023-09-23T01:06:15.67+00:00

    I couldn't get it to work either with an old blowup.exe program that I wrote. I can see the exception filter being listed correctly, but I still get a dump. Could be related to my code since I see 2 exceptions and then the unhandled C00001A5.

    How about just increasing the dump count, "-n 10", and ignoring the C0000008 dumps. 

    PS C:\temp> procdump -e -w  -fx E06D7363.PAVEEException@@,E0434352.CLR,C00001A5 -f xxxxx blowup.exe

ProcDump v11.0 - Sysinternals process dump utility
Copyright (C) 2009-2022 Mark Russinovich and Andrew Richards
Sysinternals - www.sysinternals.com

Waiting for process named blowup.exe...

Process:               Blowup.exe (23580)
Process image:         C:\Utils\Blowup.exe
CPU threshold:         n/a
Performance counter:   n/a
Commit threshold:      n/a
Threshold seconds:     n/a
Hung window check:     Disabled
Log debug strings:     Disabled
Exception monitor:     Unhandled
Exception filter:      [Includes]
                       *xxxxx*
                       [Excludes]
                       *E06D7363.PAVEEException@@*
                       *E0434352.CLR*
                       *C00001A5*
Terminate monitor:     Disabled
Cloning type:          Disabled
Concurrent limit:      n/a
Avoid outage:          n/a
Number of dumps:       1
Dump folder:           C:\temp\
Dump filename/mask:    PROCESSNAME_YYMMDD_HHMMSS
Queue to WER:          Disabled
Kill after dump:       Disabled


Press Ctrl-C to end monitoring without terminating the process.

[20:44:05] Exception: E06D7363.PAVEEException@@
[20:44:11] Exception: E0434352.CLR
[20:44:11] Unhandled: C00001A5
[20:44:11] Dump 1 initiated: C:\temp\Blowup.exe_230922_204411.dmp
[20:44:11] Dump 1 complete: 10 MB written in 0.1 seconds
[20:44:12] Dump count reached.

PS C:\temp>
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.