Defrag Tools #136 - Debugging User Mode Crash Dumps Part 2

Sign in to queue

Description

In this episode of Defrag Tools, Andrew Richards and Chad Beeder use Debugging Tools for Windows (WinDbg) to dig into a few more application crashes which have occurred on Andrew's computer.

[00:00] - Intro (summertime in the Pacific Northwest)
[02:24] - Dump #1: Windows Store application (hosted by WWAHost.exe)
[03:28] - Exception c000027b - Stowed Exception. Use !pde.err to look at it.
[04:52] - !analyze -v answers most of these questions for you
[05:32] - !pde.dse to display stowed exceptions
[08:30] - How exceptions get stowed (RoOriginateLanguageException)
[10:17] - Sometimes we have the stack which threw the exception. If so, use !dpx to search for evidence of what caused the problem.
[12:26] - Dump #2 - a BackgroundTaskHost crash.
[13:29] - Some data looks like ASCII - use .formats to see it.
[15:30] - Use !dumpccw (dump COM Callable Wrapper) on the NestedException and !pe to Print Exception (MusicDeal crash on a DataLayer call)
[18:20] - !pde.bgtask to find all the background tasks (only works if you are Microsoft internal)
[19:06] - Dump #3 - another BackgroundTaskHost crash.
[19:30] - Use PDE to drill down from "general exception" to find the real problem - a web exception caused by DNS failure
[22:00] - Dump #4 - Solitaire
[23:48] - It was an error thrown by the XAML interpreter
[25:36] - In XAML errors, the call stack is relevant. Search the stack for the error message.
[27:50] - PDE's !dpx -dt finds the CRestrictedError class and give more error details (such as an HRESULT)
[29:35] - Use !pe to print the CLR exception. A task was canceled while waiting for a web call to return.
[33:47] - For the WMI dump analysis, see Defrag Tools #120
[34:11] - Email us your issues at defragtools@microsoft.com.

Embed

Download

Download this episode

The Discussion

Add Your 2 Cents