Obtaining Call Stack from Crash dump of Windows Application using WinDbg
If you are a developer or a member of a team developing & maintaining desktop applications, you are inevitably going to face application crash issues. More the legacy and large application, the more sophisticatedly you have to handle them.
From developer point of view, application crashes can be categorized as: Non-reproducible crash, Always Reproducible crash, Reproducible Crash only on customer machine, Random crash.
To be able to find out the reason of crash, the crash log or Stack Trace is your true friend in need. As it happens on some really bad days, you may be facing some crash issue without crash log. The steps below may help you in those times. So read on to know how to get the crash log when Application crashes without any crash log.
From developer point of view, application crashes can be categorized as: Non-reproducible crash, Always Reproducible crash, Reproducible Crash only on customer machine, Random crash.
To be able to find out the reason of crash, the crash log or Stack Trace is your true friend in need. As it happens on some really bad days, you may be facing some crash issue without crash log. The steps below may help you in those times. So read on to know how to get the crash log when Application crashes without any crash log.
Prerequisites:
- WinDbg - The Windows Debugger
Download link: https://go.microsoft.com/fwlink/p/?LinkId=845298
Link may change over time, so here is the main page link: https://developer.microsoft.com/en-us/windows/hardware/download-windbg - The symbol files of the application executable and related dlls
- Crash dump - The memory dump file generated on Application Crash
- Launch WinDbg. Its installed within the Win SDK at C:\Program Files (x86)\Windows Kits\10\Debuggers\windbg.exe.
- Load memory dump file that is generated as one of WER dumps when application crashes.
For this, do File->Open crash dump. Choose the memory.dmp file from WER dumps (In one of C:\ProgramData\Microsoft\Windows\WER\ReportQueue\ AppCrash_<YOUR APP NAME>* folder) - Set symbol path
Open File->Symbol File Path. Add the build symbol folder locations in ‘Symbol Search Path’ dialog. Make sure that the paths you add contain all the symbol files of your exe and dlls etc. - Enter command !analyze -v and press Enter to run the command. It'll start analyzing.
- There you go. After few seconds the command window will show the call stack and other details.
Useful links:
A short section at MSDN on Getting Started with WinDbg.
A short section at MSDN on Getting Started with WinDbg.
A blog post on MSDN for Walkthrough:Basics of Analyzing a Crash dump using Windbg.
Disclaimer: Opinions expressed are solely my own and do not express the views or opinions of my employer.
Comments
Post a Comment