Copyright 2009 cbs interactive. All rights reserved

Yüklə 29,98 Kb.

Pdf görüntüsü

tarix	08.10.2017
ölçüsü	29,98 Kb.
	#3757

Page 1

For more downloads and a free TechRepublic membership, please visit

http://techrepublic.com.com/2001-6240-0.html

Version 1.0

December 18, 2009

How do I use WinDBG Debugger to

troubleshoot a Blue Screen of Death?

By

Jacky Howe

Have you ever wondered how to obtain extra information from the infamous

Blue Screen of Death

(BSOD) that will

sometimes show up and give you a cryptic, Stop: 0x00000000 error message, before flashing off the screen. The

error message is trying to point you to a fatal operating system error that could be caused by a number of

problems.

Microsoft's WinDBG will help you to debug and diagnose the problem and then lead you to the root cause so you

can fix it.

Steps in a nutshell

The first step is to create and capture the memory dump, associated with the BSOD you are trying to

troubleshoot.

The second step is to install and configure WinDBG and the Symbols path to the correct Symbols folder.

We can then use WinDBG to Debug and analyze the screen dump, and then get to the root cause of the

problem.

Create memory dump

Keep in mind that if you are not experiencing a blue screen fatal system error, there will be not memory dump to

capture.

1. Press the WinKey + Pause

2. Click Advanced and under Start up and Recovery select Settings.

3. Uncheck Automatically restart.

4. Click on the dropdown arrow under Write debugging information.

5. Select Small memory dump (64 KB) and make sure the output is %SystemRoot%\Minidump.

6. Restart the PC normally as this will allow the System to error and Blue Screen and then create the Minidump.

The location of the Minidump Files can be found here:

C:\WINDOWS\Minidump\Mini000000-01.dmp

To download and install the Windows debugging tools for your version of Windows, visit the

Microsoft Debugging

Tools Web

How do I: How do I use WinDBG Debugger to troubleshoot a Blue Screen of Death?

Page 2

For more downloads and a free TechRepublic membership, please visit

http://techrepublic.com.com/2001-6240-0.html

Follow the prompts, and when you install, take note of your Symbols location, if you accept the default settings. I

normally create a folder first and then direct the install to that folder because I use WinDBG for two Operating

Systems, XP and Vista and want to keep them separate and organized.

This

Microsoft Support Knowledge Base

article will explain how to read the small memory dump files that Windows

creates for debugging purposes.

Setting up and using WinDBG

1. Click Start | All Programs | Debugging Tools for Windows, and open WinDBG. Select File | Symbol file path and

modify it to suit your situation, then copy and paste it into the box and click OK. I suggest:

SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

Or if you are using different Symbols:

SRV*c:\Vistasymbols*http://msdl.microsoft.com/download/symbols

SRV*c:\XPsymbols*http://msdl.microsoft.com/download/symbols

Figure A

Symbol Path

2. Close the workspace and save the Workspace information. This should lock in the Symbol path.

Figure B

Workspace

3. Open WinDBG and select File and select Open Crash Dump then navigate to the minidump file created earlier,

highlight it and select Open.

How do I: How do I use WinDBG Debugger to troubleshoot a Blue Screen of Death?

Page 3

For more downloads and a free TechRepublic membership, please visit

http://techrepublic.com.com/2001-6240-0.html

Click on:

! analyze -v

Under Bugcheck Analysis.

Figure C

! analyze -v

Tips! If you look to the bottom of the screen you will see kd> to the right of that type in !analyze -v or .lastevent,

and press the Enter key, it will show you the exception record and stack trace of the function where the exception

occurred.

You can also use the .exr, .cxr and .ecxr commands to display the exception and context records.

When working with Drivers you can use kd> lm tn to get extra information.

[Ctrl]+[A] will let you copy the information and paste it into notepad.

Figure D

kd>

For example, look to the bottom of the page for information similar to what is shown in Figure E.

How do I: How do I use WinDBG Debugger to troubleshoot a Blue Screen of Death?

Page 4

For more downloads and a free TechRepublic membership, please visit

http://techrepublic.com.com/2001-6240-0.html

Figure E

Stack trace

Conclusion

The problem creating the BSOD was caused by the installed dialer software for a USB modem. It turned out that

uninstalling the software didn't resolve the problem.

The answer to the problem was achieved by using the WinDBG tool to Debug and analyze the memory dump file.

The fix was to rename the C:\Windows\System\fldevice.sys driver to C:\Windows\System\fldevice.sys.old.

Windows was still referencing the file even though the software had been uninstalled. This tool is invaluable and

will help you to resolve the problems that you may encounter when you get a BSOD.

Stay on top of the latest XP tips and tricks with TechRepublic's Windows XP newsletter, delivered every

Thursday.

Automatically sign up today!

How do I: How do I use WinDBG Debugger to troubleshoot a Blue Screen of Death?

Page 5

For more downloads and a free TechRepublic membership, please visit

http://techrepublic.com.com/2001-6240-0.html

Additional resources

TechRepublic's

Downloads RSS Feed

Downloads Weekly Update

newsletter

Check out all of TechRepublic's

free newsletters

Catch up with all the

How do I

articles on TechRepublic.

Version history

Version: 1.0

Published: December 18, 2009

Tell us what you think

TechRepublic downloads are designed to help you get your job done as painlessly and effectively as possible.

Because we're continually looking for ways to improve the usefulness of these tools, we need your feedback.

Please take a minute to

drop us a line

and tell us how well this download worked for you and offer your

suggestions for improvement.

Thanks!

—

The TechRepublic Downloads Team

Yüklə 29,98 Kb.

Dostları ilə paylaş: