How to approximately know the function trace from crash dump from optimized windows binary?

Question

I have a crash dump file generated from windows X86-64 binary (XXX).

00000000`005764aa : 00000000`00000abc 00000000`005d0c68 00000000`00000000 00000000`00000000 : kernel32!WaitForSingleObjectEx+0xdf
00000000`00572653 : 00000000`00da0480 00000000`008e0000 00000000`00e7ac10 00000000`00d83480 : xxx+0x1764aa
00000000`00431ddd : 00000000`00da0480 00000000`004c673c 0000b9f4`17498418 00000000`01ce1e8a : xxx+0x172653
00000000`00446b4e : 00000000`007b06fe 00000000`00000000 0000b9f4`17498418 00000000`00000000 : xxx+0x31ddd
00000000`00563dbb : 00000000`0000000f 00000000`005e4b80 00000000`00000000 00000000`005e5450 : xxx+0x46b4e
00000000`00442b3e : 00000000`0000000f 00000000`008d8d00 00000000`00614e00 005d5d48`00000000 : xxx+0x163dbb
00000000`005bd5d1 : 00000000`0000000f 00000000`008d8d00 00000000`00000000 00000000`00000000 : xxx+0x42b3e
00000000`77d596ac : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : xxx!OVdecrypt+0xa161
00000000`00000000 : 00000000`005bd460 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseProcessStart+0x2c

I have the executable with me. Is it possible to use objdump or dumpbin to map the address with the function name?

Thanks, Naga

You need the symbol file associated with the executable. – Raymond Chen Dec 09 '11 at 14:37 — Raymond Chen, Dec 09 '11 at 14:37

How to approximately know the function trace from crash dump from optimized windows binary?

0 Answers0