Reputation: 61
How does windbg classify crashes broadly and which term in result of "!analyze -v" indicates this?
Can you give me details of all the terms that are useful to understand properly the issue with crash after we use "!analyze -v"? Which term indicates what like The FAULTING_IP field shows the instruction pointer at the time of the fault.
I am not getting it anywhere with proper description.
Upvotes: 0
Views: 43
Answers (1)
Reputation: 63183
It is BUCKET_ID that categorizes the issue, and Microsoft has a big internal database to reveal typical issues,
The BUCKET_ID field shows the specific category of failures that the current failure belongs to. This category helps the debugger determine what other information to display in the analysis output.
If you are connected to the internet, the debugger attempts to access a database of crash solutions maintained by Microsoft. This database contains links to a tremendous number of Web pages that have information about known bugs. If a match is found for your problem, the INTERNAL_SOLUTION_TEXT field will show a URL that you can access for more information.
https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/using-the--analyze-extension
If you need to investigate on non typical issues, things like STACK_COMMAND might be your friend.
However, dump analysis on native crashes is never an easy task, and corrupt memory can further mess up the situation.
So you should buy services from either Microsoft or other service providers.
Upvotes: 1
Related Questions
- Analysing crash dump in windbg
- WinDbg crash dump analysis of FAST_FAIL_FATAL_APP_EXIT
- Want to know what allth terms in windbg output of "!analyze -v" indicates?
- Windows crash dump analysis
- How to Find Crash in Windbg Log?
- Analysis of application crash dump
- How to determine cause of crash from windbg output?
- Analyzing Crash in WinDbg
- analyzing the crash dump with __except
- Help needed:Analyze the dump file in WinDbg