-2

Are there any equivalent of mac OS crash dumps in Windows world? In case of SIGSEGV on macOS I can take process dump from ~/Library/Logs/DiagnosticReports and using atos tool I can get exact place of all addresses from crash dump in my source code.

I wonder is there similar functionality available on Windows? What is general approach to anaysing memory access violation on Windows? I know there is a SetUnhandledExceptionFilter function to handle unhandled exceptions , similar to sighandler_t signal(int signum, sighandler_t handler); in macOS world . So I can handle it using custom handle and log my process state .

SetUnhandledExceptionFilter documentation: https://learn.microsoft.com/en-us/windows/win32/api/errhandlingapi/nf-errhandlingapi-setunhandledexceptionfilter

However ideally I would like to find similar to macOS crash dumps functionality.

Vlad
  • 2,090
  • 3
  • 21
  • 37

1 Answers1

2

There is no completely same functionality, but there is something even better: full process memory dump. However, unlike on macOS, you need to manually setup the system to collect the one for you: https://learn.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps

The thing you get would be not a text file, but a binary one, you will need a tool to analyze it. Usually it is a WinDBG. You should get know how to work with it:

https://learn.microsoft.com/en-us/windows/win32/dxtecharts/crash-dump-analysis?source=recommendations#analyzing-a-minidump

https://stackoverflow.com/a/758840/2869674

Arthur Bulakaiev
  • 1,207
  • 8
  • 17
  • Thank you for your answer Arthur! It is sad that dump generation functionality required setup. I would be nice to collect client dumps (at least short text dumps) without any setup – Vlad Dec 12 '22 at 00:46
  • 1
    @Vlad You can do this without extra setup on the client by shipping an external crash handler, for example [crashpad](https://chromium.googlesource.com/crashpad/crashpad/+/master/README.md) – TheNextman Dec 12 '22 at 01:20