How to create dump file

 

 1. Windows operation level

Collecting User-Mode Dumps - Win32 apps | Microsoft Docs

Configure registry to auto create dump file:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps

 

 

 

2. Use ProcDump system internals tool to monitor specific process

ProcDump - Windows Sysinternals | Microsoft Docs

Add -w if the target process has not started, to wait until the target process gets started. Otherwise, the -w parameter is optional.

e.g.

D:\ToolsDownload\Procdump>procdump.exe -e 1 SmallTest.exe -w

ProcDump v10.11 - Sysinternals process dump utility
Copyright (C) 2009-2021 Mark Russinovich and Andrew Richards
Sysinternals - www.sysinternals.com

Waiting for process named SmallTest.exe...

Process: SmallTest.exe (17368)
Process image: D:\ex\CPlus\SmallTest\x64\Release\SmallTest.exe
CPU threshold: n/a
Performance counter: n/a
Commit threshold: n/a
Threshold seconds: n/a
Hung window check: Disabled
Log debug strings: Disabled
Exception monitor: First Chance+Unhandled
Exception filter: [Includes]
*
[Excludes]
Terminate monitor: Disabled
Cloning type: Disabled
Concurrent limit: n/a
Avoid outage: n/a
Number of dumps: 1
Dump folder: D:\ToolsDownload\Procdump\
Dump filename/mask: PROCESSNAME_YYMMDD_HHMMSS
Queue to WER: Disabled
Kill after dump: Disabled


Press Ctrl-C to end monitoring without terminating the process.

[16:21:21] Exception: E06D7363.?AVexception@std@@
[16:21:21] Dump 1 initiated: D:\ToolsDownload\Procdump\SmallTest.exe_220621_162121.dmp
[16:21:21] Dump 1 complete: 1 MB written in 0.2 seconds
[16:21:21] Dump count reached.