How to analyze a memory dump on Windows after a blue screen error?

windows-7 memory black-screen-of-death dump
103,115

Solution 1

I would use Microsoft's debugging tool: WinDbg. It can read and automatically analyze memory dumps like yours. (The WinDbg command is aptly named: !analyze)

The tool is powerful, but quite complex. Here is a detailed HOW TO guide.

The same forum suggests BlueScreenView. I have not tried it; it's probably simpler to use, but does not give as detailed information.

update:

Is there any way to understand which particular driver has a problem?

After !analyze run k or kd. This will show the stack trace right before the crash. The stack trace is the list of function calls made right before the crash, with the most recent one at the top. You should at least be able to learn the filenames of the modules (DLL's) involved.

I suggest sharing the full results of !analyze and/or the memory dump with people who are are skilled at WinDbg and are interested in helping. The previously linked MajorGeeks forum looks like a good place.

Solution 2

There is a free tool called BlueScreenView it will analyze the dump files from c:\windows\minidump and will show a graphical windows ,so user can identify the errors

Share:
103,115
bublegumm
Author by

bublegumm

Updated on September 17, 2022

Comments

  • bublegumm
    bublegumm almost 2 years

    My computer running Windows 7 x64 crushes time to time. Could you please advise how to analyze the memory dump or point out possible cause and further troubleshooting steps?

    The computer has rebooted from a bugcheck. The bugcheck was: 0x0000003b (0x00000000c0000005, 0xfffff96000015de8, 0xfffff88007db9fb0, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 080210-24819-01.

    The quotation from the result of WinDbg run

    EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

    ...

    DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

    BUGCHECK_STR: 0x3B

    PROCESS_NAME: explorer.exe

    ...

    MODULE_NAME: win32k

    IMAGE_NAME: win32k.sys

    Is there any way to understand which particular driver has a problem?

  • bublegumm
    bublegumm almost 14 years
    Thanks! Do you have any ideas what is next step? I added results of WinDbg run
  • russds
    russds over 8 years
    That MajorGeeks Forum thread is great, offers a pretty good step by step on how to read a memory.dmp file.
  • 0xC0000022L
    0xC0000022L about 6 years
    Without some in-depth knowledge trying to make sense alone of the !analyze -v output (and BlueScreenView offers mostly that), is almost pointless. Suggesting to look at the call stack may be sensible on StackOverflow, but is a bit silly here. Besides, I've done my share of post-mortem Windows driver debugging and many of the cases are by far not as clear-cut as you make it sound.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Blue screen of death and memory dump hangs for hours
Should I use a "Small Memory Dump" or "Kernel Memory Dump?"
How can I dump the memory of a process in Windows 7?
How to dump memory image from linux system?
My Laptop is consuming all the RAM despite no programs open
Why is svchost.exe(netsvcs) taking so much RAM?
Computer not using all available RAM... Windows 7
Why is my computer using so much ram?
Windows 7 PC stuck in boot loop after RAM upgrade
Windows 7: Why is not all my memory usable?