[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

How can I read a windows crash dump ?

Posted on 2008-10-08
3
Medium Priority
?
423 Views
Last Modified: 2012-06-21
I have an application crashing on a specific dll, we will call it datasss.dll i see this when windows reposrts the error and then creates a 6bc5_appcomat.txt file , if i search the file for this dll i can find many referasnces to it. i have not a clue what i am looking at please help. I cannot post the dump here due to security reasons
0
Comment
Question by:kaos_theory
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 31

Expert Comment

by:moorhouselondon
ID: 22681722
First thing to make sure of is that the dll is the correct version. Many crashes in DLL's are to do with routines being called from the exe which are either not represented in the DLL at all, or the code contained within that routine has changed.  
 
Using utilities from sysinternals.com will give you better insight into what is happening within the app, and why it is crashing.
0
 
LVL 2

Author Comment

by:kaos_theory
ID: 22683335
what exactly from sysinternals do you recomend procmon ?
0
 
LVL 31

Accepted Solution

by:
moorhouselondon earned 1824 total points
ID: 22684776
I think either Procmon and Filemon would do the trick, Process Monitor completely replaces Filemon, but as you say it is a case of interpretation, and if you get too much info it is counterproductive.  Things to look out for (in Filemon, probably the same in Procmon) are the Path - in here should appear the DLL you're interested in, and the type of Request - if you see an error in there then that's where to start looking.  (Backwards from there).

Before you start, prepare your app to the point where one click is all that is needed to crash it.  Go into filemon/procmon and choose Edit, Clear Display, click on your app, crash it, then quickly go into fmon/pmon, pull down File , choose to take the tick off Capture Events.  Now you can look at the dump at your leisure.  

Try to get rid of all other complications: programs or services running that may start to interfere during the dump process - e.g., virus checker, Windows Update, etc.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
The viewer will learn how to use a discrete random variable to simulate the return on an investment over a period of years, create a Monte Carlo simulation using the discrete random variable, and create a graph to represent the possible returns over…
The viewer will learn how to create two correlated normally distributed random variables in Excel, use a normal distribution to simulate the return on different levels of investment in each of the two funds over a period of ten years, and, create a …

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question