Windows system >> Windows Vista System Tutorial >> Windows Vista Tutorialzh

Deep understanding of Vista: improved troubleshooting

  
                  

Because of the device driver error, hardware problem, or the operating system itself, when the system encounters an unrecoverable kernel mode error, Windows will display the notorious "blue screen of death", and then forcibly terminate the system. To prevent data conflicts on the disk, some or all of the physical memory is written to a crash dump file depending on the system configuration. Memory dump files are useful because when we restart the system after a crash, Microsoft's Online Fault Analysis Service (OCA) can analyze it to find the source of the problem. If you want, you can use the Microsoft Debugging Tools for Windows to perform fault analysis yourself.

Pot Basin Commentary: For information on how to use the Debug tool to analyze system faults, you can refer to Zhang Yinkui's Webcast.

However, in the old version of Windows, the support of the crash dump file can be enabled until the session manager process (%Systemroot%Sys­tem32Smss.exe) initializes the page file. That is to say, before this, if a serious system failure occurs and the system is blue screen, the dump file will not be generated. A large number of device drivers are initialized before the Smss.exe process starts, so early system failures do not trigger the creation of dump files, so it is very difficult to troubleshoot these faults.

Pot Basin Commentary: For an introduction to the Windows 2000/XP startup process, you can refer to Zhang Yinkui's Webcast.

And Windows Vista greatly advanced the time it takes to create a dump file. Now, after all drivers with boot type "boot" are started, support for dump files can be initialized before all drivers with boot type "system" are started. With this improvement, when we encounter a crash in the system boot phase, Microsoft OCA services can help diagnose this problem. Moreover, Windows Vista fills the dump file with a 64KB block level, while the older version of Windows is in 4KB. Such a large-capacity memory dump file can be generated at ten times the speed.

Potasian comment: The boot type is "boot", which refers to the driver loaded by ntldr or the boot manager. These drivers are important, and Windows will not be able to continue booting if it is not started. The startup type is "system", which refers to the driver that is started during kernel initialization.

In Windows Vista, application troubleshooting has also been greatly improved. In older versions of Windows, when an application fails, an unhandled exception handler is executed to handle this exception that cannot be handled properly. The exception handler loads the Microsoft Application Error Reporting (AER) process (%Systemroot% System32Dwwin.exe) and displays a dialog box prompting the program to go wrong and asking if you need to send the error report to Microsoft. However, if the process crashes and the main thread's stack is destroyed, the exception handler will crash at execution time, causing its process to be terminated by the kernel. As a result, the program window flashes past and no error reporting dialog is displayed.

Windows Vista removes error handling from the context of the crash process and handles it with a new service, the Windows Error Reporting (WER) service. The service runs in the service host process and is implemented as a DLL file (%Sys­temroot%System32Wersvc.dll). When the application fails, it still executes the exception handler, but the exception handler sends a message to the WER service, and the WER service loads the WER error reporting process (%Systemroot%System32 Werfault.exe) to display the error report. Dialog. If the exception handler crashes because the main thread's stack is corrupted, the exception handler will repeatedly execute the crash, crash execution, and finally consume all the stack space of the thread. When the kernel is in this state, it will serve the WER. Send a fault notification message.

Potasian commentary: The service host process refers to the svchost process.

We can see a comparison of the two implementation methods in the following four images. These images show the relationship between the Accvio.exe process and the error reporting process. The Accvio.exe process is a fault test program that can trigger an application crash. The new error handling mechanism in Windows Vista means that applications no longer silently stop, preventing us from sending bug reports to Microsoft to help software developers improve their products.

Windows XP Application Error Handling

Windows XP Error Report Dialog Box

Windows Vista Application Error Handling
>

Windows Vista Error Report Dialog Box

Pot Basin Comments: As can be seen from Figure 1, the Windows XP error reporting process dwwin is initiated by the application that generated the error, if The application's main thread stack is corrupted and can cause an error report to not pop up. And Figure 3 shows that Windows Vista's error reporting process WerFault is started by the svchost process (actually loaded by the WER service in the svchost process). This relatively independent mechanism ensures that application errors can be captured by the system. .

Windows Vista Tutorialzh
Windows system
Vista Tips: Using Disk Manager to Adjust Hard Disk Partition

In Windows systems prior to Vista, such as Windows XP, once the partition is set up, it is very diff
Analysis of Win Vista compatibility issues and incomplete resolution

Newly available operating systems, compatibility with other software is generally not perfect, espec
How to dual-boot WinXP and Vista

If you think that installing a Windows operating system is not enough, or if you feel that there is

Vista system added a virtual scanner to remove

If you add a virtual scanner (Figure 1) to the scanner and camera in the Vista system control panel,
Vista memory shortage solution

                  The pseudo-techniques about Windows Vista are really more and more, although I can
Realizing the shared memory of the graphics card in the Vista system

The memory problem with the video card under Windows Vista has been bothering me. My graphics card i
  • Windows Vista FAQ
  • Windows Vista system basics
  • Windows Vista Tutorialzh

    • Windows XP taskbar suspended animation solution

    Win users new benefits: Win10 will be compatible with iOS application

    WXGA is still the most popular screen resolution

    Windows Server 2008 Recycle Bin can't clear the fault Solution

    Vista built-in game for no reason to lose the solution in Windows Vista, just like

    Win7 full control panel used to know how to use

    How to get your official microsoft account with Win10 official version?

    Let Windows 7 system lose weight 3GB

    Microsoft's official blog introduces the new features of IE10 in the WINDOWS 8 customer preview version

    A picture lets you see the design shift of Microsoft from Win8 to Win10

  • Windows XP System Tutorial
  • Windows 7 System Tutorial
  • Windows 8 System Tutorial
  • Windows 10 System Tutorial
  • Windows 2003 System Tutorial
  • Windows 2008 System Tutorial
  • Windows Vista System Tutorial
  • Windows tutorial synthesis
  • Windows Server System Tutorial
  • Linux system Tutorial
  • Computer software Tutorial
  • Windows NT Tutorial
    • Copyright © Windows knowledge All Rights Reserved