none
How to know who is the originator of BSOD? RRS feed

  • Question

  • Hello Sir,

    I'm getting BSOD, so I would like to know who is the originator of this BSOD?
    How do I approach to get the originator of this BSOD?

    Scenario:
    KM Read buffered Io driver is deployed on my VM.
    As soon as I installed my UM driver, I got the BSOD.
    Again I restarted again BSOD.

    Third time it began. So kindly guide me to the procedure which can lead me
    to the exact location who is responsible for this BSOD.

    thanks
    regards
    matt

    Friday, July 5, 2013 5:43 AM

Answers

  • Setup a kernel space or full crash dump and capture the dump.  Then run Windbg on the dump and use !analyze -v to get an indication of what is going on.   Hopefully the !analyze -v will point to the problem, but BSOD's can be tricky.  For example, some component can overwrite a pointer in kernel memory that then later gets used causing a crash.  Anyway start with the !analyze -v and if you don't understand the output post it to the forum.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Friday, July 5, 2013 11:18 AM

All replies

  • Setup a kernel space or full crash dump and capture the dump.  Then run Windbg on the dump and use !analyze -v to get an indication of what is going on.   Hopefully the !analyze -v will point to the problem, but BSOD's can be tricky.  For example, some component can overwrite a pointer in kernel memory that then later gets used causing a crash.  Anyway start with the !analyze -v and if you don't understand the output post it to the forum.


    Don Burn Windows Filesystem and Driver Consulting Website: http://www.windrvr.com Blog: http://msmvps.com/blogs/WinDrvr

    Friday, July 5, 2013 11:18 AM
  • If you have a kernel debugger attached to the cm, you can run !analyze -v live when the bsod occurrs

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Friday, July 5, 2013 11:44 AM