Prev: FindFirstDevice error code 18
Next: Getting Thumped trying to Thunk.
From: Anand Choubey on 10 Apr 2008 10:36
Hi,

I have two question.
1. Can I get Process's Memory crash dump like kernel memory dump in windows?
If yes, How can I get it?
2. Can I get call stack of crashed process?

Please let me know.
--
With regards
thanks
Anand Choubey
From: Ivan Brugiolo [MSFT] on 10 Apr 2008 15:35
#1
There are different ways of configuring automatic
generation of a user-mode crash-dump triggered by
kernel32!UnHandleExceptionFilter.
Your options range from drwtsn32.dll, the WER infrastructrue,
and.or ADPlus.vbs, that leverages the AeDebugger and cdb/ntsd.
You can even do that programmatically by writing a tool based on
the MindumpWriteDump API,

#2
Once you have a crashdump, you can do `cdb -z <crashdump.dmp>`
and debug-it like you would do with any other process.

--

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


"Anand Choubey" <AnandChoubey(a)discussions.microsoft.com> wrote in message
news:226F374D-1E21-4221-B6C9-1CF869C144E0(a)microsoft.com...
> Hi,
>
> I have two question.
> 1. Can I get Process's Memory crash dump like kernel memory dump in
> windows?
> If yes, How can I get it?
> 2. Can I get call stack of crashed process?
>
> Please let me know.
> --
> With regards
> thanks
> Anand Choubey


From: Anand Choubey on 10 Apr 2008 16:13
Hi,

Thanks a lot for your reply.

I never hear about WER infrastructrue, dll names and MindumpWriteDump .
I tries to search on Web but I did not get any useful information.
Please let me in detail where can I get this dll, api and
infrastructrue.
--
With regards
thanks
Anand Choubey


"Ivan Brugiolo [MSFT]" wrote:

> #1
> There are different ways of configuring automatic
> generation of a user-mode crash-dump triggered by
> kernel32!UnHandleExceptionFilter.
> Your options range from drwtsn32.dll, the WER infrastructrue,
> and.or ADPlus.vbs, that leverages the AeDebugger and cdb/ntsd.
> You can even do that programmatically by writing a tool based on
> the MindumpWriteDump API,
>
> #2
> Once you have a crashdump, you can do `cdb -z <crashdump.dmp>`
> and debug-it like you would do with any other process.
>
> --
>
> --
> This posting is provided "AS IS" with no warranties, and confers no rights.
> Use of any included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
>
> "Anand Choubey" <AnandChoubey(a)discussions.microsoft.com> wrote in message
> news:226F374D-1E21-4221-B6C9-1CF869C144E0(a)microsoft.com...
> > Hi,
> >
> > I have two question.
> > 1. Can I get Process's Memory crash dump like kernel memory dump in
> > windows?
> > If yes, How can I get it?
> > 2. Can I get call stack of crashed process?
> >
> > Please let me know.
> > --
> > With regards
> > thanks
> > Anand Choubey
>
>
>
From: Maxim S. Shatskih on 10 Apr 2008 17:53
> 1. Can I get Process's Memory crash dump like kernel memory dump in
>windows?
> If yes, How can I get it?

It is done automatically by DrWatson if DrWatson is set in AeDebug (the
default)

> 2. Can I get call stack of crashed process?

windbg -z on a dump.

--
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
maxim(a)storagecraft.com
http://www.storagecraft.com

 | 
Pages: 1
Prev: FindFirstDevice error code 18
Next: Getting Thumped trying to Thunk.