Getting local crash dumps of applications in Vista and Server 2008

 

Mark Russinovich has another excellent post, Mark’s Blog : The Case of the Random IE and WMP Crashes.  He had a problem with Windows Media Player frequently falling down and going boom.

Now, WER (Windows Error Reporting) does take dumps and sends them to Microsoft, but it hasn’t been possible to get a copy of the dump to analyze with Debugging Tools for Windows.  Mark sort of cheated to get his dump;  he grabbed the dump from the temp directory while the WER dialog was waiting for him to close it.  It’s the kind of thing I’ve done.

Vista SP1–and by extension Server 2008–has a registry key setting that will save local dumps:

HKLM\Software\Microsoft\Windows\Windows Error Reporting\LocalDumps

This will make WER save all dumps in %LOCALAPPDATA% (Powershell:  $Env:localappdata), which is usually c:\users\<user>\AppData\Local.

I don’t often analyze bluescreens–they just don’t happen for me that often either at home or at SATV–but I do get a lot of apps in testing that just go boom for whatever reason.  This should help.

---