Wireshark · Wireshark-dev: Re: [Wireshark-dev] Getting a wireshark stack trace on Windows

[Graham Bloice <graham.bloice@xxxxxxxxxxxxx>]

On 22 August 2013 20:02, Evan Huus <eapache@xxxxxxxxx> wrote:

Could somebody who knows windows a little better take a look at bug #9062? I don't fully understand how our build environment interacts with windows debuggers / stack tracers. Is there a way to get a symbolic stack trace on Windows without compiling from source? Do the build-bot nightly packages include symbols?

Thanks,
Evan

I'll add a comment to the bug, but there are basically two ways:

1.  The user has a Windows debugger (e.g. Visual Studio or WinDbg) and can get the stack trace from the debugger.  The user must have the pdb's and let their debugger know where they are.

2.  The user generates a memory dump (basically an image of the faulting process) and forwards that to someone who has a debugger and the pdb's and they can see the stack trace and (if a full memory dump is provided) poke around inside the process image which is frozen as if it had hit a breakpoint.

The memory dump can be generated in a few ways, and there are a few versions of the dump that only inlcude the stack of the faulting thread, stacks for all threads or a full memory image.  Obviously the full image can be quite big, especially if the fault was caused by the process running out of memory but it does zip up a bit.