Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

How to analyze Dr. Watson File Dump

Posted on 2003-03-25
6
Medium Priority
?
4,964 Views
Last Modified: 2013-12-28
We have serveral NT Servers (Service Pack 4) that are dedicated to running thousands of PeopleSoft nVision reports.  The reports are generated in Excel.  Occasionally we will get Dr. Watson errors on the servers.  When a Dr. Watson error occurs these reports do not continue to generate which interfers with our batch schedule.  We do not want to disable Dr. Watson and have a very slow change process.  So upgrading to Service pack 6 won't happen for a long time.

My question is: How can I analyze the drwtsn32.log files?  I want to be able to debug the problem.  I have Microsoft Visual Studio 6.0 and VS.NET on my XP desktop.  I did a search for "windbg" and didn't find it on my XP machine.  Can I take the log files off of the NT machines and analyze them with one of the tool provide with Visual Studio?  Installing anything on the NT boxes will be painful due to the slow change process.  A typical drwtsn32.log error example is:

Application exception occurred:
        App: excel.dbg (pid=389)
        When: 3/25/2003 @ 4:42:11.546
        Exception number: c0000005 (access violation)

Please Help!

0
Comment
Question by:jbauer22
6 Comments
 
LVL 28

Expert Comment

by:vinnyd79
ID: 8206030
I know you don't want to hear this,but in my opinion it would be worth it to install Service Pack 6a.Have you tried to install it on atleast one server to see if it helped the Dr Watson errors?
0
 
LVL 2

Author Comment

by:jbauer22
ID: 8210512
The point of this question is to do something until we are able to install service pack 6.
0
 
LVL 28

Expert Comment

by:vinnyd79
ID: 8211053
I realize that,but my point is that you might not be able to do anything until you upgrade to SP6a as it did contain alot of improvements and fixes.Hopefully someone will prove me wrong and give you what you are looking for.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Expert Comment

by:ManuelGuerra
ID: 8211914
jbauer22,
I don't know a tool for analize the drwatson log. This log usually should be analized for a technical support person. This log usually have 10 parts. The first part of the log file always contains program error information. The error number listed corresponds to the error generated by the system and with this information you can search a solution.
Application exception occurred:
       App: excel.dbg (pid=389)
       When: 3/25/2003 @ 4:42:11.546
       Exception number: c0000005 (access violation)

The next parts of the log file contains system information, list of tasks that were running on the system at the time that the program error occurred, list of modules that the program loaded, etc. etc.
MG
0
 
LVL 2

Accepted Solution

by:
skyDaemon earned 2000 total points
ID: 8310532
It depends how badly you need to analyze the log.

Getting it into VC++ won't generally help you.  All you have is a hex dump of memory anyway (you can easily waste two days analyzing the hex dump to find out it doesn't say anything you couldn't guess). Any hex editor could do that for you.  Now if you had C++ installed on the machine when it seg faulted then you'd get a chance to debug the explosion in disassembly.  Slightly better than a drwtsn.log, but not much.  I have only ever gotten a useful answer out of drwtsn.log once, in general it's not worth the effort.

Generally when I look at a drwstn32.log I just want the 15 second "what happened... vaguely" answer.  To get that, just open the log in notepad, start at the bottom and scroll up.  You're looking for something like the FAULT below.  

...

FAULT ->77f7d66e 8908             mov    [eax],ecx              ds:00000000=????????

...

Once you see that just look up the name of the function that blew up and guess.  (the blocks after the FAULT give you a basic function stack list including the function that blew up, see below)  From there you need some windows knowledge to interpret what the function name means.  For example, RtlDestroyHeap is related to deleting memory.  In the below example, I have a tabctl32 object in my project which blew up while deallocating memory.  That gave me an object and a type of error in 15 seconds.  You could try looking up the values of the function parameters in the hex dump, but I'd suggest you're better off looking at code at that point.  As for continuing through the error.  Basically what happened is an uncaught type of error ripped all the way through your code and up to windows, your process is probably dead.  Maybe try adding whacks of temporary error handling in your code.  If you can't find anything else, add a bunch of catch(...) to catch anything and have it spit out an error message to the screen.  At least that'll tell you where it happened in your code rather than in system dlls.  From there, you'll have to iteratively track it back to the source by adding progressively more specific/deeper error trapping checks.

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1  Param#2  Param#3  Param#4  Function Name
0012f4c0 77f64e17 00130000 001524e8 0012f4ec 00000000 ntdll!RtlDestroyHeap
0012f4f0 212f1448 00130000 00000000 001524f0 212f1f9e ntdll!RtlFreeHeap
77f64d60 83ec8b10 d2850cec 0f575653 00021284 087d8b00 tabctl32!<nosymbols>

...
<hex dump of memory>
...
0
 
LVL 2

Author Comment

by:jbauer22
ID: 8353981
Thanks for the input skyDaemon.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article covers five tools all IT professionals should know about, as they up productivity by a great deal!
In this tutorial, we’re going to learn how to convert Youtube to mp3 for Free. We'll show you how easy it is to make an mp3 from your video clips so that you can enjoy them offline.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question