Solved

How can I read a windows crash dump ?

Posted on 2008-10-08
3
415 Views
Last Modified: 2012-06-21
I have an application crashing on a specific dll, we will call it datasss.dll i see this when windows reposrts the error and then creates a 6bc5_appcomat.txt file , if i search the file for this dll i can find many referasnces to it. i have not a clue what i am looking at please help. I cannot post the dump here due to security reasons
0
Comment
Question by:kaos_theory
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 31

Expert Comment

by:moorhouselondon
ID: 22681722
First thing to make sure of is that the dll is the correct version. Many crashes in DLL's are to do with routines being called from the exe which are either not represented in the DLL at all, or the code contained within that routine has changed.  
 
Using utilities from sysinternals.com will give you better insight into what is happening within the app, and why it is crashing.
0
 
LVL 2

Author Comment

by:kaos_theory
ID: 22683335
what exactly from sysinternals do you recomend procmon ?
0
 
LVL 31

Accepted Solution

by:
moorhouselondon earned 456 total points
ID: 22684776
I think either Procmon and Filemon would do the trick, Process Monitor completely replaces Filemon, but as you say it is a case of interpretation, and if you get too much info it is counterproductive.  Things to look out for (in Filemon, probably the same in Procmon) are the Path - in here should appear the DLL you're interested in, and the type of Request - if you see an error in there then that's where to start looking.  (Backwards from there).

Before you start, prepare your app to the point where one click is all that is needed to crash it.  Go into filemon/procmon and choose Edit, Clear Display, click on your app, crash it, then quickly go into fmon/pmon, pull down File , choose to take the tick off Capture Events.  Now you can look at the dump at your leisure.  

Try to get rid of all other complications: programs or services running that may start to interfere during the dump process - e.g., virus checker, Windows Update, etc.
0

Featured Post

Revamp Your Training Process

Drastically shorten your training time with WalkMe's advanced online training solution that Guides your trainees to action.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Ever visit a website where you spotted a really cool looking Font, yet couldn't figure out which font family it belonged to, or how to get a copy of it for your own use? This article explains the process of doing exactly that, as well as showing how…
The Bounty Board allows you to request an article or video on any technical topic, or fulfill a bounty request to earn points. Watch this video to learn how to use the Bounty Board to get the content you want, earn points, and browse submitted bount…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question