Why do similar crashes sometimes get grouped separately?

Similar crashes get grouped separately when their stack traces differ in frames that the fingerprinting algorithm considers significant. Common causes include inlined functions that appear in some builds but not others, different code paths leading to the same underlying bug, and version differences where line numbers shifted. Tuning the grouping depth and normalization rules helps merge these related crashes.

How many stack frames should be used for crash grouping?

Most crash reporting systems use the top 3 to 5 frames from the crashing thread for grouping. Using too few frames (1-2) over-groups different bugs that happen to crash in the same low-level function. Using too many frames (10+) under-groups the same bug that is reached through different call paths. The sweet spot depends on your codebase, but 3-5 frames works well for most game projects.

Stack Trace Grouping for Game Crash Reports: Reduce Noise, Find Patterns

Quick answer: Stack trace fingerprinting is the process of computing a unique identifier (fingerprint) for a crash based on its stack trace. The fingerprint is typically a hash of the normalized function names from the top N frames of the crashing thread.

This guide covers stack trace grouping for game crash reports in detail. A thousand crash reports that all represent the same bug are useless as individual items. They become valuable only when grouped into a single issue with a count of 1,000 and a list of affected players. Stack trace grouping is the process that makes this possible, and getting it right is the difference between a prioritized bug list and a wall of noise.

The Problem: Too Many Reports, Not Enough Signal

A popular game with a 0.5% crash rate and 100,000 daily players generates 500 crash reports per day. Without grouping, your dashboard shows 500 individual reports. With effective grouping, those 500 reports collapse into perhaps 15 distinct crash signatures, each with a count showing how many players are affected. Now you have a prioritized list: fix the crash that hits 200 players before the one that hits 3.

How Fingerprinting Works

The core of crash grouping is fingerprinting: computing a hash from the stack trace that is the same for all instances of the same bug. The simplest approach hashes the function names of the top N frames:

# Simple fingerprinting: hash the top 5 function names
def fingerprint(stack_trace):
    frames = stack_trace.frames[:5]
    key = "|".join(f.function_name for f in frames)
    return sha256(key).hexdigest()

# Example: two crashes with the same top frames produce the same hash
# Crash A: ApplyDamage -> ProcessHitQueue -> Tick -> ... -> hash: a1b2c3
# Crash B: ApplyDamage -> ProcessHitQueue -> Tick -> ... -> hash: a1b2c3
# Same fingerprint = same group

This simple approach works for many cases but breaks down when the same bug is reached through different call paths, when function inlining changes between builds, or when engine internals add noise frames that vary between platforms.

Frame Normalization

Before computing the fingerprint, each frame needs to be normalized. Normalization removes the parts of a frame that vary between instances of the same bug while preserving the parts that distinguish different bugs.

Strip addresses and offsets. Memory addresses change between runs due to ASLR (Address Space Layout Randomization). The same function will have a different address on every launch. Remove all numeric addresses and instruction offsets from frames.

Remove line numbers. Minor code changes shift line numbers without changing the bug. A crash on line 247 in one build might be on line 251 in the next. Use only the function name for fingerprinting, not the line.

Normalize template parameters. C++ templates produce function names that include type parameters: Array<Entity*>::Remove versus Array<Component*>::Remove. If both are the same underlying bug in the array implementation, normalize by stripping or collapsing template arguments.

# Before normalization
"TArray<UObject*>::RemoveAt(int, int, bool) + 0x4f [Array.h:1247]"

# After normalization
"TArray::RemoveAt"

Choosing the Right Grouping Depth

The number of frames you include in the fingerprint dramatically affects grouping quality. Too shallow and you over-group; too deep and you under-group.

1-2 frames: Many different bugs crash in the same low-level function (like malloc or std::vector::push_back). Using only the top 1-2 frames groups unrelated bugs together. You lose the ability to distinguish between a crash in the inventory system and a crash in the combat system if both ultimately crash inside the same container operation.

3-5 frames: This is the sweet spot for most games. The top frame shows where the crash happened, and the next 2-4 frames provide enough context to distinguish different call paths. Two crashes in Array::Remove are correctly separated if one was called from Inventory::DropItem and the other from AI::ClearTargets.

6+ frames: You start capturing caller-specific context that varies between game states. The same inventory bug triggered from the pause menu versus the in-game UI produces different fingerprints because the callers differ. This fragments a single bug into multiple groups.

Filtering Noise Frames

Not all frames are equally useful for grouping. Engine internals, OS libraries, and standard library functions appear in almost every crash and add noise without helping identify the bug. A good grouping algorithm filters these out before fingerprinting:

# Frames to skip during fingerprinting
NOISE_MODULES = [
    "ntdll.dll",
    "kernel32.dll",
    "libc.so",
    "libpthread.so",
    "UnityPlayer.dll",       # Engine internals
    "UE4Editor-Core.dll",    # Engine internals
]

def significant_frames(stack_trace):
    return [f for f in stack_trace.frames
            if f.module not in NOISE_MODULES]

After filtering, the fingerprint is computed from the first 3-5 significant frames. This produces more accurate grouping because the fingerprint is based on your game code rather than which engine or OS function happened to be at the top of the stack.

Deduplication Across Versions

When you release a new version, the same bug may produce slightly different stack traces due to code changes that shift function positions. A good grouping system tracks which crash groups persist across versions. If a crash group disappears after an update, it was likely fixed. If it reappears, it may be a regression.

Bugnet handles cross-version deduplication by computing fingerprints using normalized function names without line numbers or offsets. This means the same bug in v1.2.3 and v1.2.4 produces the same group, as long as the function names in the significant frames have not changed. The dashboard shows version-specific counts within each group so you can see whether a fix actually resolved the crash.

"A crash reporting dashboard without grouping is a log file with a web UI. Grouping is what turns raw data into a prioritized bug list."

Related Issues

For the foundational concepts behind crash deduplication, see our guide on stack trace grouping and crash deduplication. To understand how crash-free session rates help you measure stability, read game stability metrics and crash-free sessions. For prioritizing which crashes to fix first, check out how to triage player bug reports efficiently.

Group by the top 3-5 significant frames from your code. Anything fewer merges different bugs. Anything more splits the same bug.