THE OFFICIAL BLOG OF THE SBS "DIVA"

Now here's an interesting situation... I have a new server I'm moving to and I've been letting it "bake" as an HyperV hosted SBS box for a few days and I noticed that it blue screened (the SBS, not the HyperV parent) on me.  So we pull out our handy dandy Peter Gallagher blog post and we set up the debugging items we need:

1. Downloaded and installed the current "Debugging Tools for Windows 32-bit version" from http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx, choose "typical".
2. Launch the debugger via Start -> All Programs -> Debugging Tools for Windows -> WinDbg
3. Set the symbol file path:  File -> Symbol File Path.  From http://www.microsoft.com/whdc/devtools/debugging/debugstart.mspx: For example, to download symbols to c:\websymbols, you would add the following to your symbol path:  SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols.  I simply copied and pasted SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols into the Symbol Search Path and then created a directory called "websymbols" on the root of the C drive.  You don't have to create the folder, the debugger *should* create it for you when it connects.
4. I placed the check next to "Reload" and clicked OK.
5. Load the dump file:  click File -> Open Crash Dump and browsed to the memory.dmp
6. Clicked Yes to "Save Information for Workspace"
7. Sit back and wait. 
8. Take a quick look in c:\websymbols, you should see some stuff (symbols) appearing in this folder
9. After some time (one minute to 5 minutes, ymmv), the debugger will be done loading and you will see "0:  kd>" in the small grey window at the bottom left of the screen.

Note the debugger does not *have* to be installed on the server itself.  All you have to do is have local access to the dump file.  You could copy the dump file to a Windows XP workstation and install the debugging tools on the workstation rather than the server.

So I get the dump file off the box and while the problems resolution section says "oh its a driver" , that's nice folks but which one?

And this is in the child, not the parent that gave me this issue?

Now to be fair this is bog standard, no updates, no SP2 which I consider to be bare minimum patching, so I will up' this to SP2 and let it bake a few more days and just make sure all is well.

But when I run that dmp file through the debugging tools I get this:

Microsoft (R) Windows Debugger Version 6.11.0001.402 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Loading Dump File [C:\Users\Susanb\Documents\Mini110209-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows Server 2008/Windows Vista Kernel Version 6001 (Service Pack 1) MP (4 procs) Free x64
Product: LanManNt, suite: SmallBusiness TerminalServer SmallBusinessRestricted SingleUserTS
Built by: 6001.18000.amd64fre.longhorn_rtm.080118-1840
Machine Name:
Kernel base = 0xfffff800`01646000 PsLoadedModuleList = 0xfffff800`0180bdb0
Debug session time: Mon Nov  2 04:07:44.800 2009 (GMT-8)
System Uptime: 4 days 9:16:25.609
Loading Kernel Symbols
...............................................................
.............................................................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {fffffa7fbe40b280, 2, 0, fffffa8011f9ba17}

Probably caused by : ataport.SYS ( ataport!RefPdoWithTag+33 )

Followup: MachineOwner
---------

As I go to investigate if SP2 has a newer ataport.sys, I'm installing all the other patches first as it won't offer up SP2 without all other important patches installed first.