Post mortem debugger.

[Magnum]

try setting idapro as the default debugger

We have 1129 USD / 1019 EUR. for the Pro version??  :lol:

Olly is enought to debugging
But Jochen has right to set Olly to default debugger is very nice :t

IDA is sure proud of their program. :-)

$1129 is extremely expensive.

[GoneFishing]

Found advanced  reference on google books :
Memory Dump Analysis Anthology, Vol.2
Part 2:Professional Crash Dump Analysis , page 38
All at Once: Postmortem Logs and Dump Files

Note that the author downloads debugging symbols from the symbols server 

[MichaelW]

A VEH in the program being debugged can catch the exception, but I see no non-clumsy way to generate a disassembly.

[GoneFishing]

WinDbg itself can handle exceptions so it's not a problem.
Yesterday I tried  to generate in-process minidump  as shown in C++ on this page . It doesn't work for single threaded app at least ( next time I'll see if creating a worker thread helps to achieve the goal ) . Then I started experimenting with custom post-mortem "debugger" - simple test program that receives crashed process ID and event handle . Now I have to get a process name from PID ( through enumerating all processes , I think) and learn how to deal with event handle ( no idea at the moment).

Bookmarking an excellent article Prolific Usage of MiniDumpWriteDump (Automating Crash Dump Analysis Part 0)

       

[hutch--]

Now that I have recently spent some time on algorithms, I am getting something like a useful result from WinDBG, the first try is useless but on the second try it shows one line of assembler, the instruction that failed which is exactly what I need.