Skip to content

Instantly share code, notes, and snippets.

@tmp64

tmp64/WinDbgCrashDumping.md

Last active December 9, 2023 03:27
Show Gist options
  • Save tmp64/9ab5f192e1480e9e78d22fda96049236 to your computer and use it in GitHub Desktop.
Save tmp64/9ab5f192e1480e9e78d22fda96049236 to your computer and use it in GitHub Desktop.
Download ZIP
Crash-dumping with WinDbg
Raw
WinDbgCrashDumping.md
  1. Install WinDbg from this link
  2. Open WinDbg
  3. Press File -> Start debugging -> Launch executable (advanced)
  4. Fill the path to the program, arguments and working directory
    Example:
    image
  5. Press Debug
  6. When debugging starts, the program will be paused at int 3 instruction.
    image
  7. Press Go button in the top bar or F5 key.
  8. Wait for the program to crash.
  9. When the program crashes, the debugger will print exception info in the console and will show where the crash occured.
    Example: image
  10. To make a mini-dump, type this command. This will make a CAB archive with the mini-dump and additional info. 
    .dump /ba D:/CrashDump.cab
    Example:
    image
  11. To make full dump, type this command. It is still called "mini user dump", but contains complete information. This command may take a few minutes. 
    .dump /ba /mA D:/CrashDumpFull.cab
    Example: image
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment