IIS Server - Help with IIS state log

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server > November 2004 > Help with IIS state log





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Help with IIS state log
Michael

2004-11-29, 5:53 pm

Randomly the iis admin service terminates unexpectedly. This
action cascades and shuts down the www service and ftp service. We
can restart them without incident. I am able to make them terminate
everytime I run the IISSTATE tool

I ran the iistate tool and below is the log but I don't know how to
interpret the log. Any help would be appreciated.

Opened log file 'C:\iisstate\output\IISState-2632.log'

***********************
Starting new log output
IISState version 3.3.1

Mon Nov 29 09:52:51 2004

OS = Windows 2000
Executable: inetinfo.exe
PID = 2632

Note: Thread times are formatted as HH:MM:SS.ms

***********************

IIS has crashed...
Beginning Analysis
DLL (!FunctionName) that failed: ntdll!DbgBreakPoint

Thread ID: 43
System Thread ID: 934
Kernel Time: 0:0:0.78
User Time: 0:0:0.46
*** WARNING: Unable to verify checksum for C:\inetpub\scripts\jrun.dll
*** ERROR: Symbol file could not be found. Defaulted to export
symbols for C:\inetpub\scripts\jrun.dll -
Thread Type: Other
# ChildEBP RetAddr
00 0310efac 77fb76aa ntdll!DbgBreakPoint
01 0310efb4 77fcfb72 ntdll!RtlpBreakPointHeap+0x26
02 0310efd4 77fcd020 ntdll!RtlpFindAndCommitPages+0x1f0
03 0310f00c 77fccdc1 ntdll!RtlpExtendHeap+0x9e
04 0310f1e8 78001532 ntdll!RtlAllocateHeap+0x3b6
05 0310f228 780014cf MSVCRT!_heap_alloc+0xeb
06 0310f230 780014b8 MSVCRT!_nh_malloc+0x10
07 0310f23c 10005948 MSVCRT!malloc+0xf
WARNING: Stack unwind information not available. Following frames may
be wrong.
08 0310f24c 1000416d jrun!HttpFilterProc+0x4078
09 0310f2fc 00000001 jrun!HttpFilterProc+0x289d
Closing open log file C:\iisstate\output\IISState-2632.log
Opened log file 'C:\iisstate\output\IISState-2632.log'

***********************
Starting new log output
IISState version 3.3.1

Mon Nov 29 09:53:00 2004

OS = Windows 2000
Executable: inetinfo.exe
PID = 2632

Note: Thread times are formatted as HH:MM:SS.ms

***********************

Thread ID: 0
System Thread ID: a6c
Kernel Time: 0:0:0.15
User Time: 0:0:0.0
Thread Type: Other
# ChildEBP RetAddr
00 0006f89c 7c5862e9 ntdll!ZwReadFile+0xb
01 0006f910 7c2e4cd9 KERNEL32!ReadFile+0x181
02 0006f93c 7c2e4b5f ADVAPI32!ScGetPipeInput+0x28
03 0006f9b8 7c2e6632 ADVAPI32!ScDispatcherLoop+0x4a
04 0006fbf4 01002884 ADVAPI32!StartServiceCtrlDispatcherA+0x7
d
05 0006fd30 01001e94 inetinfo!StartDispatchTable+0x2f1
06 0006ff70 01002fbf inetinfo!main+0x654
07 0006ffc0 7c59893d inetinfo!mainCRTStartup+0xff
08 0006fff0 00000000 KERNEL32!BaseProcessStart+0x3d

Thread ID: 1
System Thread ID: 588
Kernel Time: 0:0:0.0
User Time: 0:0:0.31
Thread Type: Other
# ChildEBP RetAddr
00 005dfd1c 7c599fe4 ntdll!ZwWaitForSingleObject+0xb
01 005dfd44 7c57b3db KERNEL32!WaitForSingleObjectEx+0x71
02 005dfd54 6e6f1685 KERNEL32!WaitForSingleObject+0xf
03 005dfd70 01002440 iisadmin!ServiceEntry+0x156
04 005dffa4 7c2e4e9b inetinfo!InetinfoStartService+0x2bd
05 005dffb4 7c57b388 ADVAPI32!ScSvcctrlThreadW+0xe
06 005dffec 00000000 KERNEL32!BaseThreadStart+0x52

Thread ID: 2
System Thread ID: 6e8
Kernel Time: 0:0:1.0
User Time: 0:0:0.375
Thread Type: Other
# ChildEBP RetAddr
00 0071fe5c 7c59a1af ntdll!ZwWaitForMultipleObjects+0xb
01 0071feac 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea
02 0071ff08 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153

03 0071ff24 6e5a5a7c USER32!MsgWaitForMultipleObjects+0x1d
04 0071ff7c 780085bc IisRTL!SchedulerWorkerThread+0xa7
05 0071ffb4 7c57b388 MSVCRT!_endthreadex+0xc1
06 0071ffec 00000000 KERNEL32!BaseThreadStart+0x52

Thread ID: 3
System Thread ID: 220
Kernel Time: 0:0:1.0
User Time: 0:0:0.328
Thread Type: Other
# ChildEBP RetAddr
00 0075fe5c 7c59a1af ntdll!ZwWaitForMultipleObjects+0xb
01 0075feac 77e119e6 KERNEL32!WaitForMultipleObjectsEx+0xea
02 0075ff08 77e11ace USER32!MsgWaitForMultipleObjectsEx+0x153

03 0075ff24 6e5a5a7c USER32!MsgWaitForMultipleObjects+0x1d
04 0075ff7c 780085bc IisRTL!SchedulerWorkerThread+0xa7
05 0075ffb4 7c57b388 MSVCRT!_endthreadex+0xc1
06 0075ffec 00000000 KERNEL32!BaseThreadStart+0x52

Thread ID: 4
System Thread ID: 5dc
Kernel Time: 0:0:0.15
User Time: 0:0:0.93
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

No remote call being made

# ChildEBP RetAddr
00 00bbfe24 77d37ba7 ntdll!ZwReplyWaitReceivePortEx+0xb
01 00bbff74 77d37b4c RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0
x74
02 00bbff78 77d35924 RPCRT4!RecvLotsaCallsWrapper+0x9
03 00bbffa8 77d358d6 RPCRT4!BaseCachedThreadRoutine+0x4f
04 00bbffb4 7c57b388 RPCRT4!ThreadStartRoutine+0x18
05 00bbffec 00000000 KERNEL32!BaseThreadStart+0x52

Thread ID: 5
System Thread ID: 5a0
Kernel Time: 0:0:0.15
User Time: 0:0:0.93
Thread Type: Possible ASP page. Possible DCOM activity
Executing Page: ASP.dll symbols not found. Unable to locate ASP page.
Continuing with other analysis.

No remote call being made

# ChildEBP RetAddr
00 00c3fe24 77d37ba7 ntdll!ZwReplyWaitReceivePortEx+0xb
01 00c3ff74 77d37b4c RPCRT4!LRPC_ADDRESS::ReceiveLotsaCalls+0
x74
02 00c3ff78 77d359c3 RPCRT4!RecvLotsaCallsWrapper+0x9
03 00c3ffa8 77d358d6 RPCRT4!BaseCachedThreadRoutine+0x11f
04 00c3ffb4 7c57b388 RPCRT4!ThreadStartRoutine+0x18
05 00c3ffec 00000000 KERNEL32!BaseThreadStart+0x52

Thread ID: 6
System Thread ID: 560
Kernel Time: 0:0:0.46
User Time: 0:0:0.140


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com