How to write a sample code that will crash and produce dump file?

Asked 17/2, 2011 at 12:13 Answered 9/4, 2015 at 11:43

I started learned windbg and I found this good post How to use WinDbg to analyze the crash dump for VC++ application?

Now I want to follow the instructions and do it step by step. Here is the problem: I need to write some sample code that can immediately crash, and create some dump files that can be used by windbg.

How to write such code?

void Example4()
{
    int* i = NULL;
    *i = 80;
}

The above code will crash immediately; however, I don't know where to find the dump file?

Thank you

Maladjusted answered 17/2, 2011 at 12:13 Comment(1)

Take a look at this also: debuginfo.com/articles/effminidumps.html I found it very useful. It contains some sample code also. – Stairwell 17/2, 2011 at 12:18

#include <Windows.h>
#include <Dbghelp.h>

void make_minidump(EXCEPTION_POINTERS* e)
{
    auto hDbgHelp = LoadLibraryA("dbghelp");
    if(hDbgHelp == nullptr)
        return;
    auto pMiniDumpWriteDump = (decltype(&MiniDumpWriteDump))GetProcAddress(hDbgHelp, "MiniDumpWriteDump");
    if(pMiniDumpWriteDump == nullptr)
        return;

    char name[MAX_PATH];
    {
        auto nameEnd = name + GetModuleFileNameA(GetModuleHandleA(0), name, MAX_PATH);
        SYSTEMTIME t;
        GetSystemTime(&t);
        wsprintfA(nameEnd - strlen(".exe"),
            "_%4d%02d%02d_%02d%02d%02d.dmp",
            t.wYear, t.wMonth, t.wDay, t.wHour, t.wMinute, t.wSecond);
    }

    auto hFile = CreateFileA(name, GENERIC_WRITE, FILE_SHARE_READ, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0);
    if(hFile == INVALID_HANDLE_VALUE)
        return;

    MINIDUMP_EXCEPTION_INFORMATION exceptionInfo;
    exceptionInfo.ThreadId = GetCurrentThreadId();
    exceptionInfo.ExceptionPointers = e;
    exceptionInfo.ClientPointers = FALSE;

    auto dumped = pMiniDumpWriteDump(
        GetCurrentProcess(),
        GetCurrentProcessId(),
        hFile,
        MINIDUMP_TYPE(MiniDumpWithIndirectlyReferencedMemory | MiniDumpScanMemory),
        e ? &exceptionInfo : nullptr,
        nullptr,
        nullptr);

    CloseHandle(hFile);

    return;
}

LONG CALLBACK unhandled_handler(EXCEPTION_POINTERS* e)
{
    make_minidump(e);
    return EXCEPTION_CONTINUE_SEARCH;
}

int main()
{
    SetUnhandledExceptionFilter(unhandled_handler);

    return *(int*)0;
}

Porta answered 17/2, 2011 at 12:34 Comment(0)

This will produce a null pointer dereference exception: *((int*) 0) = 0;

This will produce integer division by zero: int a = 0; int b = 5 / a;

EDIT: Post-Mortem Debugging Your Application with Minidumps and Visual Studio .NET contains a lot of sample code and theory on using minidumps.

Durban answered 17/2, 2011 at 12:18 Comment(2)

thank you for the code. May you also tell me where to find the dump file? – Maladjusted 17/2, 2011 at 12:20

@Maladjusted The file will be wherever you write it out with MiniDumpWriteDump(). If you have UAC on, you may not be able to write it directly on C:\ though. In taht case, use a folder under your user, or start the app as Administrator. – Durban 17/2, 2011 at 12:25

To create a crash dump, I would not write an unhandled exception handler as proposed by @Abyx for the following reasons:

a) in case of some buffer overflow or stack overflow, the code which handles the unhandled exception may be corrupt. In case of an OutOfMemoryException, how can you load another library like DbgHelp.dll?

b) the code which you have written may be buggy. Does that code check the free disk space before it writes the dump? How do you test the code to write a crash dump? Do you have a unit test for that? How does your unit test check if the dump is correct?

c) why write code at all if Windows can do it for you?

MSDN has an article on Collecting user mode dumps. Basically, there are some Registry settings which you can make. The advantage is: Windows will create the crash dump by the operating system, not by some corrupted code inside your own application.

Thoroughgoing answered 24/2, 2014 at 11:27 Comment(1)

Valid point but quoting the MSDN article Enabling the feature requires administrator privileges which is might not be possible for software deployments – Subduct 7/11, 2017 at 13:1

If you want to see a crash dump, you need to create one. See Heisenbug: WinApi program crashes on some computers . While you may be able to get the crash dump intended to be send for WER without going through WinQual, it is a bit messy (basically you can copy it from the temporary location before it is sent away, exact details depend on your operating system), I would recommed to create your own crashdump using the Win API MiniDump provided functions. All code needed for this can be found at The CodeProject page mentioned in the linked answer.

Osteotomy answered 17/2, 2011 at 12:24 Comment(1)

You could also configure a location for your app, where WER saves the minidump. See more details here: learn.microsoft.com/en-us/windows/win32/wer/… – Venter 15/10, 2021 at 18:43

Auto minidump generation is done by the post-mortem debugger, so you need to start there. Most importantly though, it's done by a debugger. So if you just want to generate a minidump, you can use your typical debugger (probably visual studio or windbg). Even task manager can create dump files.

The registry setting which specifies the post-mortem debugger is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug

Look at the Debugger string, and you will be on your way to finding your minidumps.

Haruspicy answered 17/2, 2011 at 12:29 Comment(0)

Dump file can be created either programmaticaly or by program error debugger tool. In first case you can use MiniDumpWriteDump function and in the second you can use Dr. Watson (for XP: have a look at this description and this very descriptive video; for Vista, have a look here)

Joannejoannes answered 17/2, 2011 at 12:43 Comment(0)

Most of the times you will find all apps dump in C:\windows\minidumps.

To generate a dump file you could use a simple solution:

Open windbg
File->Open Executable
You run the app that will crash
A breakpoint will trigger
Now you can use .dump in windbg to create a dmp file

Run the app and wait to crash
Open windbg and attach to process (File->Attach to process)
run .dump

This way you will be able to analyze that crash anytime :)

Applique answered 9/4, 2015 at 11:43 Comment(0)

I used the code below when testing out WinDbg some time ago.

The code below works and will generate a crash dump
There are two functions so that you can see a stack trace with an obvious chain of functions.
To find the crash dumps, search for *.dmp or *.mdmp in C:\Users
It's probably best to let the OS generate the dump for you. This is probably how most of the real crash dumps you see will be generated.
The code works by first allocating 1 KiB of memory, then writing both it and the following 1 KiB with a recognizable hexadecimal value. This usually hits a page of memory marked by the OS as non-writeable, which will trigger the crash.

#include "stdafx.h"
#include "stdio.h"
#include "malloc.h"

void Function2(int * ptr2)
{
    for(int i=0; i < (2 * 1024); i++)
    {
        *ptr2++ = 0xCAFECAFE;
    }
}

void Function1()
{
    int * ptr1 = (int *)malloc(1024 * sizeof(int));

    Function2(ptr1);
}

int _tmain(int argc, _TCHAR* argv[])
{
    printf("Press enter to allocate and corrupt.\r\n");
    getc(stdin);

    printf("Allocating and corrupting...\r\n");
    Function1();

    printf("Done.  Press enter to exit process.\r\n");
    getc(stdin);

    return 0;
}

Lewiss answered 30/3, 2012 at 9:44 Comment(0)

-3

Try this:

int main()
{
   int v[5];

   printf("%d", v[10]);
   return 0;
}

or access a random memory location.

Quirita answered 17/2, 2011 at 12:18 Comment(1)

this might not crash - the stack memory at v[10] is probably actually allocated and printf will just print out garbage. – Durban 17/2, 2011 at 12:19

Recommended topics

Hot tags