How to extract stack traces from minidumps?
Just in case anyone else wants to automate extracting stack traces from dumps, here's what I ended up doing:
Like I mentioned in the update it's possible to use dbgeng.dll instead of dbghelp.dll, which seems to be the same engine WinDbg uses. After some trial and error here's how to get a good stack trace with the same symbol loading mechanism as WinDbg.
- call DebugCreate to get an instance of the debug engine
- query for IDebugClient4, IDebugControl4, IDebugSymbols3
- use IDebugSymbols3.SetSymbolOptions to configure how symbols are loaded (see MSDN for the options WinDbg uses)
- use IDebugSymbols3.SetSymbolPath to set the symbol path like you would do in WinDbg
- use IDebugClient4.OpenDumpFileWide to open the dump
- use IDebugControl4.WaitForEvent to wait until the dump is loaded
- use IDebugSymbols3.SetScopeFromStoredEvent to select the exception stored in the dump
- use IDebugControl4.GetStackTrace to fetch the last few stack frames
- use IDebugClient4.SetOutputCallbacks to register a listener receiving the decoded stack trace
- use IDebugControl4.OutputStackTrace to process the stack frames
- use IDebugClient4.SetOutputCallbacks to unregister the callback
- release the interfaces
The call to WaitForEvent seems to be important because without it the following calls fail to extract the stack trace.
Also there still seems to be some memory leak in there, can't tell if it's me not cleaning up properly or something internal to dbgeng.dll, but I can just restart the process every 20 dumps or so, so I didn't investigate more.
An easy way to automate the analysis of multiple minidump files is to use the scripts written by John Robbins in his article "Automating Analyzing Tons Of Minidump Files With WinDBG And PowerShell" (you can grab the code on GitHub).
This is easy to tweak to have it perform whatever WinDbg commands you'd like it to, if the default setup is not sufficient.