How can I read a windows crash dump ?

Posted on 2008-10-08
Medium Priority
Last Modified: 2012-06-21
I have an application crashing on a specific dll, we will call it datasss.dll i see this when windows reposrts the error and then creates a 6bc5_appcomat.txt file , if i search the file for this dll i can find many referasnces to it. i have not a clue what i am looking at please help. I cannot post the dump here due to security reasons
Question by:kaos_theory
  • 2
LVL 31

Expert Comment

ID: 22681722
First thing to make sure of is that the dll is the correct version. Many crashes in DLL's are to do with routines being called from the exe which are either not represented in the DLL at all, or the code contained within that routine has changed.  
Using utilities from sysinternals.com will give you better insight into what is happening within the app, and why it is crashing.

Author Comment

ID: 22683335
what exactly from sysinternals do you recomend procmon ?
LVL 31

Accepted Solution

moorhouselondon earned 1824 total points
ID: 22684776
I think either Procmon and Filemon would do the trick, Process Monitor completely replaces Filemon, but as you say it is a case of interpretation, and if you get too much info it is counterproductive.  Things to look out for (in Filemon, probably the same in Procmon) are the Path - in here should appear the DLL you're interested in, and the type of Request - if you see an error in there then that's where to start looking.  (Backwards from there).

Before you start, prepare your app to the point where one click is all that is needed to crash it.  Go into filemon/procmon and choose Edit, Clear Display, click on your app, crash it, then quickly go into fmon/pmon, pull down File , choose to take the tick off Capture Events.  Now you can look at the dump at your leisure.  

Try to get rid of all other complications: programs or services running that may start to interfere during the dump process - e.g., virus checker, Windows Update, etc.

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The deadly train derailment that occurred recently in DuPont, Washington, raises a lot of questions. It was a new route, the first trip tested with passengers, and the train was travelling at 50 mph over the zone’s speed limit. Could IoT play a role…
By definition, working capital is the measure a company’s efficiency and its financial health from a short-term perspective. With the implementation of GST in India on July 1, 2017, the unorganized sector has to pay GST at various levels in order to…
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…
The Bounty Board allows you to request an article or video on any technical topic, or fulfill a bounty request to earn points. Watch this video to learn how to use the Bounty Board to get the content you want, earn points, and browse submitted bount…

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question