Windows : Print stacktrace in case of a coredump during CI testing

Question

I have set up a part of the Gitlab-CI continuous integration system of my company. We run builds and tests on all platforms nightly. I managed to print the stacktrace in case of a crashing process for Linux and MacOS (with GDB and LLDB respectively). I'm trying to do it aswell for Windows but i didn't find yet how to...

Coredump generation

I first tried to enable Windows Error Reporting, as said in the documentation. It works with the default settings, but I would prefer the coredumps to be generated in the executable directory...

I tried putting "%CD%" in the DumpFolder key (type REG_EXPAND_SZ, I checked), but it doesn't work... I'm now trying to understand how to generate the coredump with WinDbg instead, but I still can't figure out how yet.

Stacktrace display

When the coredump will be generated in the right folder, I will need to figure out how to print the stacktrace... Do you already know a command for this (this is mandatory for me) ?

Both powershell scripts or basic commands should be ok.

edit :

I could print the stacktrace of the generated coredump with windbg quite easily in local. However, for some reason, when the job is trigerred by Gitlab-CI, the coredump isn't generated... Is there any undocumented value to add to the Windows Error Reporting keys to generate the coredumps even if the faulty program is launched via Gitlab-CI ? (it works if I launch it via SSH)

Answer 1

I doubt that %CD% will work in this case. %CD% will likely expand to the current directory of the process which is reading the registry entry. That's not the same directory as your executable's directory.

Have a look at ProcDump. The -x command line option lets you specify a directory where to put crash dump files.

Here's what works for me:

..\procdump.exe  -e -x . SimpleCppCrash.exe -arg1 -arg2 -arg3

I can verify that in the crash dump:

0:000> !peb
[...]
CommandLine:  '"SimpleCppCrash.exe"  -arg1 -arg2 -arg3'
[...]

so, the executable has the arguments passed.

The rest was already answered by @blabb: use cdb -c "<whatever>;q", potentially with -logo <logfile> option if you want it persistent.

It is certainly possible with WinDbg/cdb alone, but I would not recommend it. If the exception needs to be examined in more detail, it's good to have the crash dump file still around.

Answer 2

%cd% I think would expand to the directory from which windbg started and not where the executable resides

and I don't think you can ask any generic tool to dump to arbitrary directories

for creating dumps with windbg / cdb / kd check out adplus (read adplus.doc) in windbg installation folder

it takes a -O parameter but that's a single directory not multiple arbitrary directories

anyway provided you managed to create a .dmp file in the directory of your choice

printing call stack is accomplished simply by loading the dump in windbg and issuing kb command

assuming you don't want to look at all the loading stuff you can run a regex match in powershell maybe

F:\>dir /s /b *.dmp
F:\mydmp.dmp

F:\>powershell
Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.

PS F:\> $foo = cdb -c "kb;q" -z .\mydmp.dmp
PS F:\> $pattern = "Reading(.*?)quit:"
PS F:\> [regex]::Match($foo,$pattern)


Groups   : {0, 1}
Success  : True
Name     : 0
Captures : {0}
Index    : 1033
Length   : 761
Value    : Reading initial command 'kb;q' RetAddr           : Args to Child
                : Call Site 00007fff`46466246 : 00000000`00000000 00007fff`464bd100 00007fff`464bd100 00007fff`464bd100 :
           ntdll!LdrpDoDebuggerBreak+0x30 00007fff`46453879 : 00000000`00000001 00000000`00000000 00000000`00000000
           00000000`00000001 : ntdll!LdrpInitializeProcess+0x1d92 00007fff`464056c3 : 00000000`00000000 00007fff`46390000
           00000000`00000000 00000041`08a21000 : ntdll!_LdrpInitialize+0x4e19d 00007fff`4640566e : 00000041`08cff780
           00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrpInitialize+0x3b 00000000`00000000 :
           00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe quit:



PS F:\> exit

F:\>