I have a situation where I have a user in the field who is getting an address exception in a UM app, possibly as a result of one of my DLLs. However, he doesn’t get a drwatson log or a user.dmp, which a) makes me think someone has an exception handler that is catching the fault, and b) makes it impossible to figure out what is going on.
This guy is an installer, so has some mild technical competence, and with instructions should be able to drive windbg. That won’t directly help me though, because he is 2000 miles away in the back of a theater someplace.
What would help me would be a minidump or at the minimum a stack traceback. Clearly he should be able to set windbg up to break on C0000005 and get a stack traceback, and he can then log/save that and send it to me.
But is there any way to cause/provoke/obtain a dump in a given situation using windbg? The ideal thing would be to stop on that address error, provoke a dump, and send me the result to look at.
Yes, I know about remote debugging. Too many firewalls in the way that nobody has any control over; not practical unfortunately.
Loren
.dump
Should do the trick. .dump /? Will show the options available to you.
Make sure windbg is the latest version as well.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Loren Wilton
Sent: Tuesday, May 31, 2005 10:12 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Creating a dump from windbg?
I have a situation where I have a user in the field who is getting an
address exception in a UM app, possibly as a result of one of my DLLs.
However, he doesn’t get a drwatson log or a user.dmp, which a) makes me
think someone has an exception handler that is catching the fault, and
b) makes it impossible to figure out what is going on.
This guy is an installer, so has some mild technical competence, and
with instructions should be able to drive windbg. That won’t directly
help me though, because he is 2000 miles away in the back of a theater
someplace.
What would help me would be a minidump or at the minimum a stack
traceback. Clearly he should be able to set windbg up to break on
C0000005 and get a stack traceback, and he can then log/save that and
send it to me.
But is there any way to cause/provoke/obtain a dump in a given situation
using windbg? The ideal thing would be to stop on that address error,
provoke a dump, and send me the result to look at.
Yes, I know about remote debugging. Too many firewalls in the way that
nobody has any control over; not practical unfortunately.
Loren
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Thanks Doron! I guess I should try to RTFM more often, but last time I remember doing that I didn’t come across dump. (But then, maybe its been there all along and I just never needed it so skipped over it…)
Loren
-----Original Message-----
From: Doron Holan
Sent: Jun 1, 2005 3:00 AM
To: Windows System Software Devs Interest List
Subject: RE: [ntdev] Creating a dump from windbg?
.dump
Should do the trick. .dump /? Will show the options available to you.
Make sure windbg is the latest version as well.
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Loren Wilton
Sent: Tuesday, May 31, 2005 10:12 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Creating a dump from windbg?
I have a situation where I have a user in the field who is getting an
address exception in a UM app, possibly as a result of one of my DLLs.
However, he doesn’t get a drwatson log or a user.dmp, which a) makes me
think someone has an exception handler that is catching the fault, and
b) makes it impossible to figure out what is going on.
This guy is an installer, so has some mild technical competence, and
with instructions should be able to drive windbg. That won’t directly
help me though, because he is 2000 miles away in the back of a theater
someplace.
What would help me would be a minidump or at the minimum a stack
traceback. Clearly he should be able to set windbg up to break on
C0000005 and get a stack traceback, and he can then log/save that and
send it to me.
But is there any way to cause/provoke/obtain a dump in a given situation
using windbg? The ideal thing would be to stop on that address error,
provoke a dump, and send me the result to look at.
Yes, I know about remote debugging. Too many firewalls in the way that
nobody has any control over; not practical unfortunately.
Loren
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@windows.microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
—
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument: ‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
Loren Wilton wrote:
Yes, I know about remote debugging. Too many firewalls in the way that nobody has any control over; not practical unfortunately.
FWIW, most firewalls allow through connections on at least *some* ports.
Have you tried setting up remote debugging over port 80 (the default
HTPP port), for example?
…/ray..
Please remove “.spamblock” from my email address if you need to contact
me outside the newsgroup.