How to Configure Windows to Generate Crash Dumps
The native debug tool on Windows systems, Dr. Watson, allows you to generate crash dumps. Dr. Watson, the system failure or "crash" analysis tool, has been replaced on Windows Vista with Problem Reports and Solutions.
However, Dr. Watson does not allow generation of crash dumps on a running process. To generate crash dumps from a running process, install the Debugging Tools. The Debugging Tools are freely available from the Windows web site at http://www.microsoft.com/whdc/devtools/debugging/default.mspx.
- You can use Dr. Watson for crash dumps generated when a process dies.
- Use the drwtsn32 -i command to make Dr. Watson the default debugger.
- Open Dr. Watson with the drwtsn32 -i command.
- Check all options.
- Choose the path where crash dumps are generated.
When providing crash dumps, collect both the dmp and drwtsn32.log files.
- Use the Window Debugging Tools to generate crash dumps of a running process.
- Make sure you install the latest version of the Debugging Tools and OS Symbols for your version of Windows.
- Set the _NT_SYMBOL_PATH for your environment.
- Enable generation of a crash dump for your application.
Get the process ID of the application using the tlist.exe command, then enable the crash dump.
win-dbg-root\tlist.exe
win-dbg-root\adplus.vbs -crash -FullOnFirst -p pid -o C:\dump-dir
The adplus.vbs command tracks the application with process ID pid. The adplus.vbs command generates a dmp file in the event of a crash.
Windows Debuggers:
kd = kernel mode debugger
ntsd/cdb = user mode debuggers
WinDbg = kernel or user mode debugger
Crash Dump Tools
Dr Watson
Dumpchk => Check whether dump is valid/invalid
API
MiniDumpWriteDump()
ref:
Crash Dump Analysis - http://msdn.microsoft.com/en-us/library/bb204861(VS.85).aspx
Windows Online Crash Analysis - http://oca.microsoft.com/en/
How to Generate a Memory Dump File When a Server Stops Responding (Hangs) -
http://support.microsoft.com/kb/303021/
Windows feature lets you generate a memory dump file by using the keyboard -
http://support.microsoft.com/kb/244139
To Configure Windows to Generate Crash Dumps -
http://docs.sun.com/app/docs/
Windows feature lets you generate a memory dump file by using the keyboard -
http://support.microsoft.com/kb/244139
How to generate a complete crash dump file or a kernel crash dump file by using an NMI on a Windows-based system - http://support.microsoft.com/kb/927069
Windows: Understanding Crash Dump Files -
http://www.ditii.com/2008/01/08/windows-understanding-crash-dump-files/
Testing Your PDB Files -
http://blogs.msdn.com/joshpoley/archive/2008/01/10/testing-your-pdb-files.aspx
Crash Dumps Blog -
http://blogs.msdn.com/joshpoley/search.aspx?q=crash+dump&p=1
Opening a Crash Dump File (Automating Crash Dump Analysis Part 1) -
Getting the Stack from a .DMP File (Automating Crash Dump Analysis Part 2) -
Getting the Crash Details from a .DMP File (Automating Crash Dump Analysis Part 3) -
MiniDumps and "Bad" Stack - http://blogs.msdn.com/joshpoley/archive/2008/11/10/minidumps-and-bad-stacks.aspx
Effective minidumps (part1) by Oleg Starodumov -
http://www.debuginfo.com/articles/effminidumps.html
Effective minidumps (part2) y Oleg Starodumov - http://www.debuginfo.com/articles/effminidumps2.html
DbgHelp Functions , Mini Crash Dump API
- MiniDumpCallback , MiniDumpReadDumpStream , MiniDumpWriteDump :
http://msdn.microsoft.com/en-us/library/ms679291(VS.85).aspx