Home > Uncategorized > Software: Debugging Tools for Windows,.. The Rosetta Stone for BSODs.

Software: Debugging Tools for Windows,.. The Rosetta Stone for BSODs.

Looking at the event log on a client’s backup server, there are about 10 Server errors; BSODs… The server is set to write-over the previous dump file, so only the complete memory dump from the last crash was available. How do you read this DMP?

You use Debugging Tools for Windows, with the proper symbol set loaded. Still confused? Check out this forum thread explaining the whole process. Remember to click analyze -v. Note that the program told me I had the wrong symbol set multiple times; however, I was able to extract the following information that allowed me to conclude what was causing the BSOD:

  • Probably caused by : ntkrnlmp.exe ( nt!KiDispatchException+3a2 )
  • DEFAULT_BUCKET_ID: DRIVER_FAULT
  • BUGCHECK_STR: 0x8E
  • PROCESS_NAME: OneTouch.exe
  • MODULE_NAME: nt

What does this mean? Crash caused by ntkrnlmp.exe (module name is nt) {this is the NT kernal}. The process name that caused the nt kernal to crash is OneTouch.exe.

Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: