Can WER produce dumps similar to .dump /ma

My impression is that dumps produced my winDbg

.dump /ma

contains more than just a full dump

Configuring WER explains DumpType 0: Custom dump CustomDumpFlags bitwise combination of MINIDUMP_TYPE But what hex value gives dumps similar dumps as .dump /ma

All the bit combinations are a bit overwhelming for me.

Solution

WinDbg's .dump /ma saves the dump with these flags:

Flags           41826
                0002 MiniDumpWithFullMemory
                0004 MiniDumpWithHandleData
                0020 MiniDumpWithUnloadedModules
                0800 MiniDumpWithFullMemoryInfo
                1000 MiniDumpWithThreadInfo
                40000 MiniDumpWithTokenInformation

You can verify this by opening the crash dump file in WinDbg and issuing the (undocumented) .dumpdebug command.

So you will want to specify 41826 (hex) or 268326 (decimal) in the CustomDumpFlags registry key.

How do I get CDB to display the value of a std::filesystem::path?
How do I get CDB to show source lines for Microsoft’s C++ Standard Library?
How do I use a remote Linux system to debug an application that’s running on Windows?
Debugging Windows kernel on a Microsoft Azure platform virtual machine
what does windbg command "d esp" exactly do?
SOS does not support the current target architecture
How to use WinDbg to analyze the crash dump for VC++ application?
What are possible GDI objects that would be leaked but not enumerated as a known GDI object type?
Windbg expects different version of mscordacwks.dll
How to determine length of null-terminated string in WinDbg
Tracing CSP calls within Windows Crypto API
How to pull .natvis data out of a PDB?
WinDbg/SOS: Explanation of !SyncBlk output
How Windows Handle to associate corresponding object type?
core dump files batch processing (Windows)
windbg .shell passes the entire script to cmd, ending in "The command line is too long"
WinDBG not able to read symbol path string set with the _NT_SYMBOL_PATH environment variable
_NT_SYMBOL_PATH format
Updating WinDbg Preview
Could not find the ... dump file, Win32 error 0n87
How to use the ah series commands of windbg?
Is 0x0000ffff the default load count of a dll in windows?
How to escape an asterisk in a Python related library?
Heap extension command fails: failed to initialize the extention
Powershell: Call Debug Analyzer cdb.exe as Process
Is there a Windbg command to find out if a process is a 32-bit one or a 64-bit one?
How do I debug a .NET Core console app with WinDbg by "Launch executable"?
How to output partial of the result !da address with windbg?
Application Verifier Stop: An HKEY was leaked
How to get Windbg x86 version?