1. Forum
  2. Fidonet
  3. ALT.COMP.OS.WINDOWS-10

  • Re: What do you use to read your Windows crash logs?

    From Hank Rogers@3:633/10 to All on Fri May 29 19:00:41 2026
    Maria Sophia wrote on 5/29/2026 6:27 PM:
    Every day I get crash logs such as these below.
    What do you normally use to read them?

    dir %LOCALAPPDATA%\CrashDumps\*
    05/29/2026 04:13 PM <DIR> .
    05/29/2026 04:13 PM <DIR> ..
    05/29/2026 04:13 PM 709,526,427 aloha.exe.244.dmp
    05/22/2026 05:12 PM 234,100,509 explorer.exe(1).4940.dmp
    05/22/2026 05:12 PM 234,104,853 explorer.exe.4940.dmp
    05/29/2026 11:31 PM 280,854,111 SystemSettings.exe.8232.dmp
    etc.

    Looking it up, there's the official Microsoft tool, WinDbg & NirSoft CrashDumpViewer for example. Just curious what you use to view crash dumps?


    What do you use Mary?



    --- PyGate Linux v1.5.15
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From malxau@3:633/10 to All on Sat May 30 04:39:55 2026
    In alt.comp.microsoft.windows Maria Sophia <mariasophia@comprehension.com> wrote:
    Because the DLL had already been ripped out of RAM, that address was no longer a valid code block since it was just dead, unallocated space. The
    CPU read the address, realized it was violating NX protection rules, threw the c0000005 Access Violation and collapsed the program.
    ...
    Since this is my first crash debug attempt, I am wondering what others on this newsgroup use to debug crash logs found in %LOCALAPPDATA%\CrashDumps

    I still use WinDbg classic, not WinDbgX. But for a first attempt, that
    was a great analysis. I think to be "strictly correct" you'd want to
    check the exception record/context record (.exr/.cxr) to see which
    address was accessed, but it's 99%+ likely that it's unloaded code.

    In the spirit of "IRC is for people with mutual interests", this is my
    intro to WinDbg: http://www.malsmith.net/blog/patching-closed-software/

    - M

    --- PyGate Linux v1.5.15
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)
  • From John C.@3:633/10 to All on Sat May 30 04:20:27 2026
    Maria Sophia wrote:
    Every day I get crash logs such as these below.
    What do you normally use to read them?

    dir %LOCALAPPDATA%\CrashDumps\*
    05/29/2026 04:13 PM <DIR> .
    05/29/2026 04:13 PM <DIR> ..
    05/29/2026 04:13 PM 709,526,427 aloha.exe.244.dmp
    05/22/2026 05:12 PM 234,100,509 explorer.exe(1).4940.dmp
    05/22/2026 05:12 PM 234,104,853 explorer.exe.4940.dmp
    05/29/2026 11:31 PM 280,854,111 SystemSettings.exe.8232.dmp
    etc.

    Every day? Then I think you have a serious system issue.

    Looking it up, there's the official Microsoft tool, WinDbg & NirSoft CrashDumpViewer for example. Just curious what you use to view crash dumps?

    Nirsoft doesn't have an application named CrashDumpViewer AFAIK. They
    do, however, have AppCrashView:

    https://www.nirsoft.net/utils/app_crash_view.html

    Is that what you meant?

    --
    John C. I filter crossposts, various trolls & dizum.com. Doing this
    makes this newsgroup easier to read & more on-topic. Take back the tech companies from India & industry from China.


    --- PyGate Linux v1.5.15
    * Origin: Dragon's Lair, PyGate NNTP<>Fido Gate (3:633/10)