Windows® 2000 Device Driver Book: A Guide for Programmers, Second Edition, The

Analyzing a Crash Dump

When a crash occurs, Windows 2000 can save the state of the system in a dump file. To enable this feature, the System Control Panel applet (Advanced tab, Startup and Recovery) must be configured. Crash dumps allow an immediate reboot of the system without losing the state of memory at the moment of failure. This section explains how to analyze a system crash dump.

Goals of the Analysis

With WinDbg and a crash dump file, the state of the failed system can be examined. It is possible to find out almost as much information as if it were still running or if a live debugger were attached at the moment of failure. This kind of forensic pathology can help develop a convincing explanation of what led to the crash. Some of the ...

Get Windows® 2000 Device Driver Book: A Guide for Programmers, Second Edition, The now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows® 2000 Device Driver Book: A Guide for Programmers, Second Edition, The by Art Baker, Jerry Lozano

Analyzing a Crash Dump

Goals of the Analysis

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly