Windows BSOD

From OpenZFS on OS X
Revision as of 05:50, 14 March 2019 by Lundman (Talk | contribs)

Jump to: navigation, search

Windows Crash Dumps

If you do managed to get a Blue Screen Of Death (BSOD), Windows should in theory write a crash dump file to:

C:\Windows\MEMORY.DMP

The dump file can be analyzed with WinDbg.exe

Debug builds of ZFSin include debugging symbols to assist in dump analysis which are located at:

C:\Program Files (x86)\OpenZFS On Windows\symbols\

WinDbg.exe at the Command Line

Once installed, WinDbg.exe can be run from a CMD.com or PowerShell terminal with Administrative privileges:

WinDbgX.exe -y ‘C:\Program Files (x86)\OpenZFS On Windows\symbols\’ -z C:\Windows\MEMORY.DMP

This will launch the application and you can perform dump analysis with:

kd> !analyze -v

To run the analysis in a single command:

WinDbgX.exe -y ‘C:\Program Files (x86)\OpenZFS On Windows\symbols\’ -z C:\Windows\MEMORY.DMP -c !analyze -v

WinDbg.exe in the GUI

Launch WinDbg.exe and set the Symbol path in:

Home: Settings Icon: Settings: Debugging Paths: Symbol path: C:\Program Files (x86)\OpenZFS On Windows\symbols\

Open the crash dump file with:

File: Open dump file: C:\Windows\MEMORY.DMP

Perform the analysis:

kd> !analyze -v

Debug Print Buffer

Windows features a circular debug print buffer which can also be written to disk:

2: kd> dt ZFSin!cbuf
0xffffe089`f0010000  "FFFFC1072DE87580: SPL: start.FFFFC1072DE87580: SPL: total ncpu 4

Note the first string, i.e. "0xffffe089`f0010000". Write the buffer out with the following:

kd> .writemem C:\Users\<your Windows username>\Desktop\cbuf.txt 0xffffe089`f0010000 L100000

Do not worry if you get a message about short write, it just means you have not yet filled the buffer.

This will include -EB- at the end of the buffer. Do not worry if the rest of the buffer has "@" (nul) symbols, it just means the buffer was not yet full.

Please provide the contents of the dump analysis and cbuf.txt in you ZFSin in your crash-related tickets.