Occasionally, my Windows XP SP2 laptop has had the Blue Screen of Death appear unexpectedly. It doesn’t occur when any particular application is running, and nothing ever is written to the event logs. Of course I’m never at the computer when this happens, so I haven’t been able to see what messages and parameters are shown on the BSOD. I have debugging information written to a small memory dump (aka mini dump), but without special tools, these dump files are indecipherable.
I decided to try using the Windows Debugging Tools to figure out the cause of these errors. I needed to make sure I downloaded the proper version for both my processor (32 or 64-bit) and operating system. I also needed a copy of the i386 directory from my Windows XP SP2 install CD, which I copied to my hard drive as c:\i386\. I could have downloaded the appropriate symbol files for my OS and processor, but I chose to use the symbols on Microsoft’s web site instead.
Once I had the tools installed, I launched a command prompt and switched to the debugging tool installation directory, which for me was c:\Program Files\Debugging Tools for Windows\. Next, I lauched the graphical debugger my entering the following command (as all one line):
windbg -y srv*C;\symbols*http://msdl.microsoft.com/download/symbols -i c:\i386 -z c:\windows\minidump\mini012808-01.dmp
What this command did was:
- launch the windbg debugger
- Used the symbols files found at http://msdl.microsoft.com/download/symbols
- Used the Windows XP installation files I copied to my hard drive at c:\i386
- Analyzed the mini dump file located at c:\windows\minidump\mini012808-01.dmp
This lauched the debugger gui, which loaded the following screen
As you can see, the analysis states that the problem was likely caused by hsfhwazl.sys. I had no idea what that file was, but it’s .sys extension led to believe it was a device driver. A quick search found the file was a part of the Conexant Softk56 modem driver. I don’t think I’ve ever used the modem in this laptop, and the modem surely wasn’t in use when the most recent blue screens occurred.
I’ve now updated to the most recent version of the modem driver, and I hope I won’t be seeing the BSOD anytime in the near future. I figure it took me all of about twenty minutes to download the debugger, analyze the mini dump files, and resolve the problem.
For more information on how to read the small memory dump files that Windows creates for debugging, see KB 315263.
January 31, 2008 at 11:13 am
Any idea why one needs to copy (use) the i386 folder when running the debugger? What happens if one omits it?
January 31, 2008 at 11:50 am
[...] Howto: Use the Windows Debugging Tools to analyze a crash dump (BSOD) [...]
April 22, 2008 at 12:34 pm
[...] system hm, versuch mal mit WinDBG das Crashdump zu analysieren. Hierfür gibt es eine Hilfreiche Anleitung in Englischer sprache! benötigt wird WinDBP und Symbols __________________ Mein System Wer [...]
July 10, 2008 at 8:26 am
The Microsoft debugging tool is quite useful when trying to understand a BSOD or a Windows crash. However, too often it generates false negatives which impacts the tool’s effectiveness. Many time have I used the tool to diagnoze computer problems, only to be led an endless road of driver updates and configurations changes, to make a PC happy again
January 17, 2009 at 5:34 am
can any one tell me ……that how to use this tool on windows vista….are all thesteps same ???
Kindly help.
February 3, 2009 at 3:13 am
[...] herausfindest, welcher Treiber/Problem im System hängt. Eines der Tools ist WinDbg von Microsoft. Howto: Use the Windows Debugging Tools to analyze a crash dump (BSOD) the back room tech How to solve Windows system crashes in minutes – Network World Bei den Links is leider Werbung [...]
February 19, 2009 at 1:03 pm
what exactly windows debugging tools do . what is the basic idea behind it ..explain me as if i am 12yr old kid with steps in detail .how to use them and when to use them
March 19, 2009 at 7:12 am
Simply wonderful. I fixed my long time enemy using your guide in 30 minutes! thank you so much. lets hope i never get the BSOD on my comp again.
May 10, 2009 at 4:08 pm
In the event of a crash, the Windows Debugging Tools may be your only correct approach. However, in many situations, we jump in without thinking rationally about the error.
Programmers are “funny” that way when it comes to the way we react to programming problems.
What kind of debugger are you? – check out http://blog.vkistudios.com/index.cfm/2009/5/6/Tips-Tricks-Traps-and-Tools–3b-of-many-The-Art-of-Troubleshooting-almost-Anything
Debugging: Most of it is all in the mind … (Yogi Berra?
Brian Katz – VKI Studios
May 26, 2009 at 1:12 pm
[...] i would consult this guide just to be sure and post the results of the crash dump analysis. Howto: Use the Windows Debugging Tools to analyze a crash dump (BSOD) the back room tech it does not take long to do __________________ Phenom II 920 :: ASUS M3N72-D (750a) :: ASUS 8800 [...]
November 6, 2009 at 5:00 am
There is a bug in the command line
windbg -y srv*C;\symbols…
Shoould read
windbg -y srv*C:\symbols…
(colon in stead of semicolon.
The full command line becomes
windbg -y srv*C:\symbols*http://msdl.microsoft.com/download/symbols -i c:\i386 -z c:\windows\minidump\mini012808-01.dmp
Best regards
November 17, 2009 at 7:20 am
[...] Howto: Use the Windows Debugging Tools to analyze a crash dump (BSOD) – How to use the Windows Debugging Tools to analyze a crash dump [...]