How to decode crash dumps in windows?

1,271 views
Skip to first unread message

Sen Dcruz

unread,
Jan 23, 2014, 2:37:25 PM1/23/14
to google-brea...@googlegroups.com
Hi All,

I am trying to decode and analyse the crash dumps in windows for 2 days but am getting no where. 

I tried minidump_stackwalk.exe foo.dmp and output was 

Operating system: Windows NT
                  6.1.7601 Service Pack 1
CPU: x86
     GenuineIntel family 6 model 58 stepping 9
     4 CPUs

Crash reason:  EXCEPTION_ACCESS_VIOLATION_READ
Crash address: 0x3e07cdcb

Thread 0 (crashed)
 0  WingMan.exe + 0xbbffe4
    eip = 0x00f3ffe4   esp = 0x0023ed80   ebp = 0x0023ed98   ebx = 0x00000000
    esi = 0x0023edb4   edi = 0x00000000   eax = 0x3e07cdcc   ecx = 0x0023edb4
    edx = 0x3e07cdcb   efl = 0x00210202
    Found by: given as instruction pointer in context
 1  WingMan.exe + 0xaf1865
    eip = 0x00e71866   esp = 0x0023eda0   ebp = 0x0023ee08
    Found by: previous frame's frame pointer
 2  WingMan.exe + 0xaf234b
    eip = 0x00e7234c   esp = 0x0023ee10   ebp = 0x0023ee1c
    Found by: previous frame's frame pointer
 3  WingMan.exe + 0xaeba1e
    eip = 0x00e6ba1f   esp = 0x0023ee24   ebp = 0x0023ee4c
    Found by: previous frame's frame pointer

This output is hard to analyse and I guess I am missing symbol file here. I have downloaded the pdb file but how do we use it? Do I need to convert the pdb to .sym file as mentioned in http://www.chromium.org/developers/decoding-crash-dumps ? What is the command to get a proper output in windows?

Any help would be greatly appreciated.

Thanks in advance.

Ted Mielczarek

unread,
Jan 23, 2014, 3:08:31 PM1/23/14
to google-brea...@googlegroups.com
If you're on Windows you can simply load the .dmp file in your debugger (Visual Studio or WinDBG). If you intend to get stack traces on other platforms then you'll need to process your PDB files to produce Breakpad-compatible symbol files. We don't have documentation that targets Windows specifically, but the Linux documentation is pretty close:
https://code.google.com/p/google-breakpad/wiki/LinuxStarterGuide#Producing_symbols_for_your_application

-Ted


Vivian Lobo

unread,
Oct 20, 2016, 6:56:50 AM10/20/16
to google-breakpad-discuss
Sen DCruz, I am going bonkers trying to figure this out. I am unable to make sense of the dmp files. I have the symbol files and everything ready (looks like from the instructions). I still cannot really use the dmp files. Did you manage to figure something?
Reply all
Reply to author
Forward
0 new messages