It is essential for software engineers to know how khổng lồ evaluate & process dumps in order to lớn figure out why their program is failing or acting strangely. However, deciding where to begin the process can be difficult.

Bạn đang xem: How to save a windows complete memory dump file after a blue screen of death/unexpected reboot?

This post can serve as an excellent starting point for debugging a crash dump tệp tin when you are running a.NET application on Windows operating system.

Table of contents

What are dump files?Types of dump filesHow to lớn automatically capture the crashing process of dump files?How to lớn create a dump?Investigating dumps with Visual studioInvestigating dumps with WindbgConclusion

What are dump files?

Memory Dump Files (.dmp files) are snapshots of a program"s memory taken at a certain point in time, such as during a crash. You can see -

The current executing lines of codeThe values of local valuesThe values of all heap objects in a dump file.

In other words, a dump tệp tin contains the complete state of the program at the time it was captured.

Dumps are commonly used to lớn troubleshoot crashes (Crash Dumps), but they can also be utilized for other purposes. Here are their uses (in order of most common lớn least common) -

Debug crashed programsDebug hung programsFind memory leaksDebugging on a different machine or even debugging at a different timeDebugging programs that cannot be attached lớn a debuggerDebugging with WinDbg

Types of Dump Files

Full Memory Dump and Minidump are the two forms of dump files. A Full Memory Dump comprises the whole memory of the program. It often gets huge in terms of space.

The term "minidump" is deceptive. It"s a dump format that can be customized. It can either contain all of the memory, taking up as much space as a full memory dump (and possibly more) or can simply contain a portion of the memory per configuration.

We"ll usually use Dumps with the entire RAM for.NET khổng lồ get a complete debugging experience. It can be a full memory dump or a minidump with the entire memory area included.

How to lớn automatically capture the crashing process of dump files?

You must adjust registry settings khổng lồ enable the dump tệp tin because it is not created by default. Khổng lồ enable the capture, you have two options. The first option is to set up the postmortem debugger settings.

In the first option, you first select a debugger application, such as Visual Studio, ProcDump, WinDbg, or ADPlus, & then the command switches for the programs to lớn create a dump tệp tin or attach lớn the process for live debugging if they tư vấn it.

The second option is khổng lồ set WER khổng lồ create a dump file for your individual program in the sự kiện that it crashes. If you don"t need live debugging and only need the dump file created on disc for later analysis, this is the way to lớn go. Because this feature is built into Windows, no additional software is required to make the dump. The following are the registry settings for WER dumps:

If it doesn"t already exist, build the base WER local dump registry key.

HKLM:SOFTWAREMicrosoftWindowsWindows Error ReportingLocalDumps

Then, create the key for application-specific dump tệp tin settings.

If HelloWorldCrasher.exe is the application to lớn save dumps for, then vị the following:

New Key: HKLM:SOFTWAREMicrosoftWindowsWindows Error ReportingLocalDumpsHelloWorldCrasher.exe

Registry values under this key:

DumpFolder: thư mục path lớn store dump files.DumpType: Specify a value of 2 for full dumps. 1 for mini-dump (smaller, but not the entire process memory space).DumpCount: the number of dumps to save prior lớn overwriting the old dump files. The mặc định value is 10.
*

Re-run the executable file for the hello world crashing application after you"ve configured these settings in the registry. When it crashes this time, a dump file should be written on disc in the thư mục we specified.

How to lớn create a dump?

A Dump can be created in a variety of ways. Here are a few of the most popular and recommended ones:

While debugging with Visual Studio

Go to lớn Debug | Save Dump As... When debugging.

With Heap, you"ll be able to save a minidump that includes the entire memory space.

Make use of Task Manager.

Right-click the desired process và select Create dump tệp tin from the Task Manager"s Details menu. This will result in a complete memory dump.

Make use of ProcDump.

ProcDump is a component of the SysInternal toolkit, a collection of incredibly helpful Windows development tools. The command-line utility ProcDump is used khổng lồ create dumps. It can create dumps on-demand or watch a program & generate a dump if it crashes or hangs.

With Process Explorer

Another tool in the SysInternal toolset is Process Explorer. It"s a Task Manager that’s one cấp độ higher. You can examine active Threads, registry entries, and, of course, build dumps to lớn see which processes loaded a specific DLL or Handle.

Choose Create Dump | Create Full Dump... From the context thực đơn of any process.

Debugging dumps with Visual Studio

The most straightforward method lớn explore dump files is to mở cửa the Dump file (.dmp) in Visual Studio. You"ll create a wonderful debugging experience if you can match the Symbols (.pdb files) & Source Files. That is, the code will seem khổng lồ you as if you were standing on a breakpoint. You"ll notice the Exception that caused the crash if it was a Crash Dump. Threads, điện thoại tư vấn Stacks, Locals, Loaded Modules, & so on should all be visible.

Steps to lớn debug with Visual Studio:

In Visual Studio, open the .dmp file.Choose “Debug with Managed Only” or “Debug with Mixed” from the drop-down menu that appears.Wait for Visual Studio to attempt to load symbols and compare them to lớn the source code.The code will appear if symbols were loaded. Otherwise, the điện thoại tư vấn stack, exception information (if collected on exception), và possibly local values should be visible.Investigate the exception or problem as though you were debugging in Visual Studio.

Investigate dumps with Windbg

When it comes lớn investigating Dump files, WinDbg is the preferred tool for most people.

Visuals Studio is still catching up in terms of capabilities. WinDbg can examine the object heap, extract modules, locate deadlocks, và do a lot of other things that VS can"t.

If you"re unfamiliar with WinDbg, it"s a Windows debugging tool that mostly uses the command line. With the SOS debugging extension, WinDbg may be used for native programs as well as managed.NET ones.

Xem thêm: Xử Nam Là Gì - Một Số Từ Ngữ Thường Gặp Trong Truyện P2

Conclusion

In 2021 you have a plethora of tools at your disposal khổng lồ make debugging considerably easier. Visual Studio, DumpMiner, SuperDump, and WinDbg Preview are just a few of the tools available lớn you today. You can find many other tools to give you a 360-degree view of your programs.