Windows Server 2012 R2 - Analyze dumps with WinDBGSometimes the thing go bad and server crashes unexpectedly. When this happens, we see a blue screen of death – while the system makes kernel or memory dump for us for further analysis.

But how to analyze dump and find out the reason of BSOD? Here in this little tip we will try to find a faulty device with help of windows debugger – WinDBG

We will use these useful commands for Windows Server 2012 R2 – Analyze dumps with WinDBG:

!drvobj
!devobj
!podev
!devstack
Now – to the dump. We open the dump with WinDBG and see such description:

Now we issue !analyze -v command, of course, because this information is not enough:

This is better. Now we can see, that the faulting module is tsusbhub, it is PnP Fatal Error, and the arguments we need for further investigation. It is time to use !devobj and !devstack commands:

Do you see this? Yes, it is our Device Object List! And we have three devices, that are listed in our dump – this is the cause of tsusbhub to crash with BSOD. Let’s do the examination of these devices:

Here it is: we were looking for this string USB\VID_046d&PID_0843&REV_0013\3&2dcee32&0&046d&0843&0013

Google it, and you will find, that our faulty device is Logitec Webcam C930! So we have found the cause of BSOD!

Resources:

Debugger commands (!drvobj, !devobj, !podev, !devstack) that make my life easier