How can I read a minidump?

c++ c windows coredump minidump
chacham15 picture chacham15 · Jan 11, 2014 · Viewed 9.5k times · Source

I have a minidump written to a file via: MiniDumpWriteDump. The file was sent to me from a client (i.e. I cannot use some sort of just-in-time debugger). My question is: how do I open it? Visual Studio gives the error: "Debugging older format crashdumps is not supported." I googled that and found that people were opening kernel dumps with visual studio. This is not a kernel dump, just a dump of an app crash. I also tried to open it with WinDbg, but that was unable to open it as well. How can I get the information?

Answer

Jimx picture Jimx · Jan 11, 2014

The tool: http://technet.microsoft.com/el-gr/sysinternals/dd996900.aspx

A post you didn't see already in stackoverflow: Getting started with dump file analysis

If you're still having a problem send me the minidump file. I was interested some time ago but reading these files is toooo frustrating!

PS: Book i used: http://books.google.gr/books/about/Windows_Forensic_Analysis_DVD_Toolkit.html?id=6LX9PRoX5zgC&redir_esc=y

Related questions

Is there a replacement for unistd.h for Windows (Visual C)?

I'm porting a relatively simple console program written for Unix to the Windows platform (Visual C++ 8.0). All the source files include "unistd.h", which doesn't exist. Removing it, I get complaints about misssing prototypes for 'srandom', 'random', and 'getopt'. I …

Read More
What is the bit size of long on 64-bit Windows?

Not to long ago, someone told me that long are not 64 bits on 64 bit machines and I should always use int. This did not make sense to me. I have seen docs (such as the one on Apple's official site) …

Read More
Fastest method of screen capturing on Windows

I want to write a screencasting program for the Windows platform, but am unsure of how to capture the screen. The only method I'm aware of is to use GDI, but I'm curious whether there are other ways to go …

Read More