Geek Answers Handbook

Debugging minidump in Visual Studio, where the call stack is zero

I have a client that receives a 100% reproducible failure, which I cannot reproduce in my program compiled in Visual Studio 2005. I sent them a debug build of my program and saved all the PDB and DLL files. They sent me the minidump file, but when I open it, I get:

"Unhandled exception at 0x00000000 in MiniDump.dmp: 0xC0000005: location where access violation 0x00000000 was read."

Then the call stack shows only "0x00000000 ()", and the disassembler shows me a memory dump at 0x0. I set up a character server, loaded my PDB characters, etc. But I see no way to find out which of the many DLLs actually caused the transition to zero. This is a large project with many dependencies, and some of them are binaries for which I do not have the source or PDB, since I use the API as a third party.

So, how useful is this minidump? How to find out which DLL caused the crash? I have never used minidumps for debugging before, but all the tutorials I read seem to at least display the function name or something else that gives you the key to the call in the call stack. I just get one line pointing to zero.

I also tried using Depends to find out if there was any dependency on the DLL that was unresolved; however, on my three test machines with different Windows OSs, I seem to get three different sets of DLL dependencies on the OS (and still can't replicate the crash); therefore, this does not seem to be a particularly reliable method for diagnosing a problem.

What other methods are available to determine the cause of this problem? Is there a way to undo a single command to see which DLL has moved to zero?

+7
debugging visual-c ++ visual-studio-2005 minidump
source share
6 answers

The whole idea of ​​all the β€œeasy” ways to debug post mortem is to capture a stack trace. If your application overwrites the stack, there is no way for such an analysis. Only very sophisticated methods that ensure that all program execution is written to dedicated hardware can help.

In this case, you can find the log files. Distribute several log statements very widely around the area where the error occurs, and pass this version to the client. After the failure, you will see the last log statement in your log file. Add more log data between this point and the next log operation that was not written to the log file, resubmit this version. Repeat until you find the line causing the problem.

I wrote an article about this article on ddj.com:

About Log Files Part 1

About Log Files Part 2

+2
source share

Well, it seems the answer in this case was "Use WinDbg instead of Visual Studio to debug mini-disks." I could not get any useful information from VS, but WinDbg provided me with a ton of information about the chain of function calls that led to the crash.

In this case, it still did not help to solve my problem, since all the functions were in a third-party library that I use, so it seems that the only final answer to my specific problem is to use log files to track the state of my application, which leads to a failure.

I assume that if someone else sees a similar problem with a useless call stack when debugging minidump, it is best to open it using WinDgb rather than Visual Studio. It seems strange that the best tool for working is a free Microsoft product, not a commercial one.

Another lesson here is probably "any program using a third-party library should write a log file."

+5
source share

Just an observation, but the stack becomes truncated or rewritten, maybe this is a simple case of using an uninitialized field or, possibly, a buffer overflow?

It can be pretty easy to find.

0
source share

Have you tried installing WinDbg on a client computer and using it as the default debugger for any application that causes a crash? You just need to add the pdb files to the folder where your application is located. When the WinDbg distribution begins, you can try to get a call stack.

0
source share

You may already know this, but here are a few questions about debugging minidump: 1. You must have exactly the same executable files and PDB files as on the client computer where minidump was created, and they should be placed in exactly the same directories. Just rebuilding the same version will not help. 2. The debugger must be connected to the MS Symbols server. 3. When the debugger starts, it prints the process load log in the "Output" window. As a rule, all libraries should be loaded successfully with debugging information. Libraries without debugging information are also loaded, but "debugging information" is not printed. Check out this journal - it may provide you with some information.

If the executable stack contains frames from the library without debugging information, it may not be displayed. This happens, for example, if your code acts as a callback to a third-party library.

Try creating a mini drive on your own computer by adding code that creates an unhandled exception, and debug it immediately. It works? Compare the download log of successful and failed debugging sessions.

0
source share

You may have indicated a null pointer to a function. Current execution function information is needed to display call stack information. A forced instruction pointer to run any simple function, then you will again see call stack information.

void SimpleFunc() { // <- set next statement here }
0
source share

More articles:


All Articles