Search code examples
windowscrashcrash-dumps

How to generate windows memory dump when application crashes.?

Is there an easy way of generating the memory dump for the crashed application?

I have a situation in which the customer received the code which is generating the crash, as the code itself has no signal handlers for the backtrace generation on abort I was wondering if there is an easy way of telling windows to generate the memory dump of the crashing application.

Ideal solution wouldn't involve the installation of the debug tools (or the code modification) but if this is not possible, it would be really helpful to know.

Solution
    1. One simple way to dump memory when application crashes is by using windows taskmanager. When ever an exception or an application error occurs windows pops up an memory dialog and shows the address location which was causing a crash.Before you click ok on the message box open Task Manger and right click on the crashed application and select Create Dump file.Take a look at the screen shot below. Select the file

    enter image description here

    2)Another way of generating user mode dumps is by adding the following registry key

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting >\LocalDumps\application.exe application.exe should be replaced by the application name which is under scanner.

    under this key following values can be added

    DumpFolder

    The path where the dump files are to be stored. If you do not use the default path, then make sure that the folder contains ACLs that allow the crashing process to write data to the folder. For service crashes, the dump is written to service specific profile folders depending on the service account used. For example, the profile folder for System services is %WINDIR%\System32\Config\SystemProfile. For Network and Local Services, the folder is %WINDIR%\ServiceProfiles.

    DumpCount

    The maximum number of dump files in the folder. When the maximum value is exceeded, the oldest dump file in the folder will be replaced with the new dump file.

    DumpType

    Specify one of the following dump types: 0: Custom dump 1: Mini dump 2: Full dump

    CustomDumpFlags

    The custom dump options to be used. This value is used only when DumpType is set to 0. The options are a bitwise combination of the MINIDUMP_TYPE enumeration values.