Menu
I'm looking into creating dump files for a managed process.
I know that I can use windbg to create a dump file, but I'm wondering if their are any special flags that I should pass to the ".dump" command, given that it's a managed application instead of a native one.
a related side question: I've heard of a tool called mscordmp.exe (if you google it, you can find mention of it online). Is mscordmp still relevant? I can't find a download point for it anywhere, but I thought it might be better suited for dumping managed memory than windbg.
372
A dump file is a snapshot of an application at the point in time the dump is taken. It shows what was executing, what modules are loaded, and if saved with heap, contains a snapshot of what was in the application's memory at that point in time.
What is a DMP file? The DMP file is primarily associated with the MemoryDump or Minidump file format. It is used in Microsoft Windows operating system to store data that has been dumped from the memory space of the computer. Usually, DMP files are created when a file crashes or an error occurs.
You should use /ma to create full memory dump. Otherwise sos will complain that managed analysis will be very limited.
111
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
