How should I interpret these logs to identify the cause of the appcrash?
Fault bucket , type 0
Event Name: APPCRASH
Response: Not available
Cab Id: 0
Problem signature:
P1: InsightAnalysisEngine.exe
P2: 1.0.0.0
P3: 4f4dee84
P4: KERNELBASE.dll
P5: 6.1.7600.16850
P6: 4e211485
P7: c03d0000
P8: 0000b9bc
P9:
P10:
Attached files:
C:\Users\devservice\AppData\Local\Temp\WER44D1.tmp.appcompat.txt
C:\Users\devservice\AppData\Local\Temp\WER461A.tmp.WERInternalMetadata.xml
C:\Users\devservice\AppData\Local\Temp\WER462A.tmp.hdmp
C:\Users\devservice\AppData\Local\Temp\WER48E9.tmp.mdmp
These files may be available here:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_InsightAnalysisE_857bf71fb86d6845394e6281199ee78ad305d_cab_1cc34a1e
Analysis symbol:
Rechecking for solution: 0
Report Id: 8a13d73c-62b8-11e1-ab53-0050ba3279b5
Report Status: 4
Yet another which is equally mysterious:
Faulting application name: Engine.exe, version: 1.0.0.0, time stamp: 0x4f4dee84
Faulting module name: KERNELBASE.dll, version: 6.1.7600.16850, time stamp: 0x4e211485
Exception code: 0xc03d0000
Fault offset: 0x0000b9bc
Faulting process id: 0x1414
Faulting application start time: 0x01ccf6c528f9f803
Faulting application path:C:\projects\AnalysisEngine\Debug\Engine.exe
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: 8a13fe4c-62b8-11e1-ab53-0050ba3279b5
More specifically, what is Fault offset? In what ways this information is helpful?
The fault parameter values are as follows:
The exception offset can then be used with a map and/or a cod file to determine at what point it crashed.
A debugger attached to a running process will also allow you to see what is at that offset.
Note that the parameter values are very similar to the values reported for .Net runtime crashes.