Home/ Questions/Q 8879657
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T19:59:49+00:00

I’m debugging a kernel-mode device driver for Windows, using WinDbg. Is it possible to

  • 0

I’m debugging a kernel-mode device driver for Windows, using WinDbg.
Is it possible to create a minidump on-demand?

I mean, one of my breakpoints is hit, the system is stopped. I want to create a minidump (let’s say stack only). Is there a WinDbg keyword for this?

Thanks in advance

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can write a minidump like so when it hits your breakpoint:

    bp myDLL!myFunc ".dump /ma c:\myDump.dmp;g"

    This will add a breakpoint to your function and execute the commands in the quotation marks, this will write a minidump with most flags and then continue.

    See here for more info on .dump and here on bp syntax.

    To dump the complete memory in user or kernel mode:

    .dump /f

    but /ma switch actually puts more information in for user-mode.

    If you get the error: 

    Unable to create file 'c:\myDump.dmp' - Win32 error 0n5
    "Access is denied."

    try writing the file to the c:\users\public\ directory.

    .dump /f c:\users\public\myDump.dmp
    • 0