Dump files and obtaining stack information

Hot Topic

2005 upgrade ports Floating Point Consistency incorrectly
how to terminate threads?
How to utilize Shortcut property RUN -> Minimized
Creating .exe file to debug a dll proyect
global const Array
Visual C++ Express Edition missing header files
How do I? Complete Newby.
HELP: error C2664 in atlcom.h coming back
Root HKEY_CLASSES_ROOT permissions destroyed.
Registry editing

Visual C++

Compiling FilmBox SDK Under VC6
is it possible that a cpp file will "recognize" a c file from another project ?
Itanium compiler removed in VS 2005 PRO (it is only on team version)
On adjacent ">"s in a parameterized declaration
BLOCK_TYPE_IS_VALID
StackOverflowException in Managed C++ wrapper
Unable to get desktop handle
Why in C always fopen creats file in its project folder
VC++ Directories - my entries ignored by compiler
ATL COM Singleton

Dump files and obtaining stack information

Hi All,

Im trying to read a mini dump file using MiniDumpReadDumpStream, which successfully works, and want to know how to obtain stack information that is contained within this file.

Ive found StackWalk64, which requires a handle to a process and thread to be passed in - how can this be obtained from the dump file If anyone has any examples - it would much be appreciated.

Thanks

Answer this question

Dump files and obtaining stack information

  • Pille

    Ok cool, il give that ago as well. I have found a way to do it though, it involves using the SDK from windbg - (Debugger Engine Reference) - which allows you to get back all sorts of info. But i really appreciate everyones ideas and support.

    Thank you all

  • SFedor

    So am i right in thinking that the stack trace can be obtained for a running process, but not from a crash dump file

  • Blue9000

    Ok il send you some stuff 2moro. At the minute i dont have access to my source

  • Andrea Lanza

    AFAIK this is not possible. You can use VS or WinDbg to load the minidump file.

    It may be easier for you to create the stack trace as a seperate operation when you create the minidump. This is the way I do it.

    Also this gets beyond the scope of this forum, try it here:

    http://msdn.microsoft.com/newsgroups/default.aspx dg=microsoft.public.win32.programmer.kernel&lang=en&cr=US

    or here

    http://msdn.microsoft.com/newsgroups/default.aspx dg=microsoft.public.windbg&lang=en&cr=US



  • Laurence1215

    I'd like receive your handler implementation, if possible.

    Tanks advance.

    send to : lsalamon (a) gmail com

  • CharlieD

    Yes! So is my knowlage.

    A debugger can use the dump files and examin the stacktrace, but I see no documented functions that allow this.

    Ask in the newsgroups!



  • smiledotnet

    Here u go take this link, download the code - its got everything you need to read a mini dump file - registers, threads, modules, stack etc.

    http://msdn.microsoft.com/msdnmag/issues/02/06/Bugslayer/

    To read the stack for a dump file that you've produced - just add the following method call before GetStackTrace() : SetScopeFromStoredEvent(). This just gets you the context record for the generated excpetion. Its like doing .ecxr in windbg, which you almost certainly need to do.

    Either place this call here or before in some of the earlier method calls!

    Cheers

  • Lerxst51014

    Another option to consider is to build your app to create its own crash dump file that walks the stack.

    I borrowed this from an article in Dr. Dobb's Journal May 2005 ("Postmortem Debugging", p. 18). You can download the source code at ftp://66.77.27.238/sourcecode/ddj/2006/ and select 0605.zip (May 2006). It involves calling SetUnhandledExceptionFilter in your InitInstance function. When your app crashes, it calls the handler, which dumps the stack trace to a filename you specify (hard coded). You then use a simple app download from DDJ called MapAddr.exe that converts the stack addresses into subroutine names using the map file created at build time (which you have to save, obviously).

    Another advantage is that these crash log files are very small - just the stack addresses and 16 bytes of arguments from the stack (all translated into ASCII text). I modified the routines in the article to append to the log file so I can see the results of (heaven forbid!!) multiple crashes. I also looked up a bunch of error codes (like 0xC0000005 = EXCEPTION_ACCESS_VIOLATION) and translated them into text to make my life easier. I can email you the fault handler if you like. It's about 150 lines of code.

    Works great for me!
  • Dump files and obtaining stack information
Answer this question