Geek Answers Handbook

How can I analyze the BSOD and the error information it will provide me?

Well, fortunately, I did not write many applications that cause BSOD, but I just wonder about the usefulness of the information on this screen. Does it contain any useful information that can help me find an error in my code? If so, what do I need, exactly?

And then the system will restart and probably wrote some error log or other information to the system. Where is it, what does it contain, and how to use it to improve my code?

I really got BSOD in the past when I interacted with the PBX system, where the amount of documentation for this driver was simply missing, so I had to do some trial and trial encoding. Fortunately, now I work in another company and do not see any BSOD as a result of my code.

+7
bsod
source share
2 answers

If you want a fairly simple way to find out the reason for the OS crash, which will work ~ 90% of the time - provided that you have a crash dump, try the following:

  • Download WinDbg as part of the debugging tool package for Windows . Please note that you only need to install the component called Debugging Tools for Windows.
  • Launch WinDbg
  • Select "Open Crash Dump" from the file menu
  • When the dump file is loaded, type analyze -v and press enter
  • WinDbg will automatically analyze the failure and provide a wealth of information about the state of the system at the time of the failure. Usually he can tell you which module was faulty and what type of error caused the failure. You should also get a stack trace that may or may not be useful to you.
  • Another useful command is kb which prints a stack trace. In this list, find the line containing .sys . This is usually the driver that caused the failure.

Note that you will need to configure the characters in WinDbg if you want the stack trace to give you function names. To do this:

  • Create a folder, for example, the characters C: \
  • In WinDbg, open File → Symbol Path
  • Add: SRV*C:\symbols*http://msdl.microsoft.com/download/symbols

This will cache character files from Microsoft servers.

If automated analysis is not enough, WinDbg provides many commands that let you pinpoint what happened during the crash. The help file is a good place to start in this scenario.

+6
source share

Generally speaking, you cannot cause OS crashes or error checking from your application code. However, if you are looking for general tips and stuff, I recommend the NTDebugging blog . Most of the stuff goes over my head.

What happens when the OS crashes, it writes a core dump file, depending on the current flags, etc., you will get more or less information in it. You can load the dump file into windbg or some other debugger. Windbg has a useful !analyze Analyze command that will look at the dump file and give you hints on the bucket that crashed and potential criminals. Also check the windbg documentation for a common reason for error checking and what you can do to resolve it.

+3
source share

More articles:


All Articles