extracting info from a minidump via winedbg

Eric Pouech eric.pouech at wanadoo.fr
Thu Mar 29 14:36:59 CDT 2007 

Dennis Schridde a écrit :
> Hello Wine users!
>
> I've got a minidump from a ("real") Windows user of our game and would like to 
> extract information from it using winedbg.
>
>
> The information winedbg gives me by default, is this:
>
> WineDbg starting on minidump on pid 068c
>   warzone2100.exe was running on #1 Intel ???-0.521 CPU on Windows XP (2600)
> Register dump:
>  CS:001b SS:0023 DS:0023 ES:0023 FS:003b GS:0000
>  EIP:0051008b ESP:0022f844 EBP:0022f858 EFLAGS:00010a87(   - 00     ROISP1C)
>  EAX:c7b054d8 EBX:19ff502e ECX:00000040 EDX:0000000f
>  ESI:02010101 EDI:00000000
> Stack dump:
> 0x0022f844:  00000000 00000000 00000000 3f800000
> 0x0022f854:  00000000 0022f8c8 0050e796 19ff502e
> 0x0022f864:  3f800000 00000000 00000000 00000000
> 0x0022f874:  00000000 00000000 00000000 ff4a4a4a
> 0x0022f884:  00000005 02010101 00000000 00000000
> 0x0022f894:  00000000 0022f8c8 00000000 00000000
> Backtrace:
> =>1 0x0051008b (0x0022f858)
>   2 0x0050e796 (0x0022f8c8)
>   3 0x00410c3b (0x0022f948)
>   4 0x0041172d (0x0022f9c8)
>   5 0x004b2272 (0x0022f9d8)
>   6 0x004aa97b (0x0022f9f8)
>   7 0x004b615a (0x0022fab8)
>   8 0x004b663f (0x0022fad8)
>   9 0x004b67e1 (0x0022faf8)
>   10 0x0041e39e (0x0022fb28)
>   11 0x00459d3e (0x0022fb58)
>   12 0x0045b2ee (0x0022fca8)
>   13 0x0055e77b (0x0022fcf8)
>   14 0x0055e932 (0x0022fef8)
>   15 0x0055e483 (0x0022fff0)
>   16 0x00000000 (0x00000000)
> WineDbg starting on pid 068c
>
>
> Which is pretty rare.
> Via addr2line I can translate the backtrace to possibly valid locations in our 
> sourcefiles.
>
>
> My questions are:
> - Why doesn't winedbg extract the sourcecode locations itself?
>   
because it needs the original PE files (.exe, .dll) to get to the debug 
information
those files must be seated in directories listed in the _NT_SYMBOL_PATH 
environment variable
> - Why doesn't winedbg show me the other information included in the minidump, 
> like the loaded modules, commandline options or version information?
>   
'info share' should do part of it... winedbg doesn't show the command 
line info nor options
other thing you can do is to use winedump (man winedump)
> - How can I get the parameters to the last called function(s)?
>   
see above for debug info
A+

-- 
Eric Pouech
"The problem with designing something completely foolproof is to underestimate the ingenuity of a complete idiot." (Douglas Adams)

More information about the wine-devel mailing list