Page 3 of 3 First 123
  1. #41
    niemiro's Avatar
    Join Date
    Mar 2012
    Location
    District 12
    Posts
    7,865

    re: BSOD Method and Tips

    Quote Originally Posted by Vir Gnarus View Post
    Ahh, that would be the case wouldn't it? Only problem now, is I can't change it back! Any change to the Misc. Options for the post is disregarded.
    It is very strange, isn't it? It doesn't appear to be that after all. For the time being, I have added an underscore before all anchor names to resolve the issue. If I ever figure out a better solution, I will remove those underscores.

    Richard


    • Ad Bot

      advertising
      Beep.

        
       

  2. #42

    Join Date
    Mar 2012
    Posts
    469

    re: BSOD Method and Tips

    Thanks, niemiro, even though it's something I should've bothered with. :)

    I'm still puzzled why it's not accepting any changes to the Misc. Options list. Anything I check/uncheck in it is reverted when I save changes.

  3. #43

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    Bump. Added new article and linked to it here under ERROR CODES. It's for 0x19 bugchecks. Planning on adding more command/extension explanations here sometime.

  4. #44

    Join Date
    Jul 2012
    Location
    Warsaw, Poland
    Posts
    131

    Re: BSOD Method and Tips

    Consider adding Defrag Tools Show to the Video section.

    m.g.

  5. #45

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    Bump. Added some commands, including descriptions I gave in an old post in another forum.

    @mgrzeg:

    Thanks, mate. I actually have not remembered to watch it yet, but it looks very promising. I'd like to see it first before I add it to the article, so I can give my own personal explanation if it.

  6. #46

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    Bump. Watched those Defrag shows, nice stuff. Added to article. Also updated a couple of things, not much.

    I have a feeling this article may be updated more on a per request basis than on personal initiative. I haven't been coming across any scenarios lately in tech support that I've felt is worth writing up on, but at the same time people PM me on some other tech support sites a good number of questions on explanations for stuff. So make a request to have me add to this article about something and I'll do so.

  7. #47

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    Bump. Big mistake on Driver Verifier. Gosh I feel sheepish thinking this way all this time.

    I originally thought IRP Logging on Driver Verifier was only available through live kernel debugging because I thought that it could only be done through the DC2WMIParser application to pull the logs. However I have incorrectly interpreted the function of both the application and the IRP Logging setting.

    There are two ways to IRP Log for a system. One is - after the client has turned IRP Logging on with Driver Verifier - to start running DC2WMIParser with the appropriate arguments: one to tell what file to dump it to; the other to specify how long to keep it running. Obviously this option is best only when the problematic symptom isn't a crash and it is something that can be reliably triggered, because DC2WMIParser has to be manually initiated. The other option is, of course, to have the system crash. The result is that the WMI information from the IRP logging is still retained, and is accessible through !verifier 0x100. It goes without saying that this information is not retained in minidumps.

    I will make the proper correction on the main article now. I reckon everyone who has set up instructions on how to run Driver Verifier should update their stuff accordingly. I apologize for the misconception. IRP Logging is an extremely valuable part of Driver Verifier in many situations, and to say it's inaccessible is to keep people away from such vital diagnostic information.
    niemiro, mgrzeg, Tekno Venus and 2 others say thanks for this.

  8. #48

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    Bump. Added TechEd 2013 videos link to Links O' Plenty. Lots of goodies!
    jcgriff2 says thanks for this.

  9. #49

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    Bump. Added !procdumpext to list of Windbg extensions in Links O' Plenty. This thing is a beast. The !dpx command alone is a great seller. Next time you decide you want to dump the raw stack of a thread, use !dpx instead of dps.

    Sorry, niemiro: your extension for dumping raw stacks has served me well for a long time, but it's going to be retired. Thanks for making it, though, it's been a major help to me!
    jcgriff2, niemiro and x BlueRobot say thanks for this.

  10. #50
    Tekno Venus's Avatar
    Join Date
    Jul 2012
    Location
    UK
    Age
    20
    Posts
    5,941
    • specs System Specs
      • Manufacturer:
        Custom Built
      • Motherboard:
        ASUS Z170I ITX
      • CPU:
        Intel Core i7 6700K
      • Memory:
        16GB DDR4
      • Hard Drives:
        500GB Samsung 850 EVO, 2TB Seagate HDD
      • Power Supply:
        450W Corsair SFX
      • Case:
        Silverstone SG13 ITX
      • Cooling:
        Corsair H60i
      • Display:
        Dell U2715H - 2160x1440 27 inch
      • Operating System:
        Windows 10 Pro x64

    Re: BSOD Method and Tips

    Have to agree with Vir, the ProcDump extension is awesome. I've been using it for a few months and it is so handy, especially with user mode dumps. The !deep command is useful too.
    jcgriff2 says thanks for this.


  11. #51
    niemiro's Avatar
    Join Date
    Mar 2012
    Location
    District 12
    Posts
    7,865

    Re: BSOD Method and Tips

    Quote Originally Posted by Vir Gnarus View Post
    Bump. Added !procdumpext to list of Windbg extensions in Links O' Plenty. This thing is a beast. The !dpx command alone is a great seller. Next time you decide you want to dump the raw stack of a thread, use !dpx instead of dps.

    Sorry, niemiro: your extension for dumping raw stacks has served me well for a long time, but it's going to be retired. Thanks for making it, though, it's been a major help to me!
    I don't mind at all! I personally have stopped using loads of my own tools. Times move on, somebody else makes a better alternative, etc. etc. It's really important not to be locked down to one tool, even for me and for something I have written myself. I am just very glad that it helped at all - in actual fact, it's one of my most used programs and it only took about an hour to write. Sometimes I write big programs and they don't get used: but they were not wasted: I've improved my coding skills on them, can probably recycle much of the code, and learned better what's useful and what's not.

    I shall have a look at this !dpx command when I get home to see what this magic really is. But it sounds amazing and I really look forward to being able to use it in the future. Thank you for finding it.

    Let me say that I'm really happy that I've managed to help at all over the last couple of months. However, let me say also that I have not forgotten how to code these extensions, or lost my empty templates. If you ever think of something which could help you, just give me a shout and I'll see what I can do.

    Richard
    Vir Gnarus, x BlueRobot and jcgriff2 say thanks for this.

  12. #52

    Join Date
    Jul 2012
    Location
    Warsaw, Poland
    Posts
    131

    Re: BSOD Method and Tips

    Niemiro, you can see the !dpx in action watching latest 'Defrag Tools' episode: Defrag Tools: #54 - IE Favorites Crash | Defrag Tools | Channel 9
    I hope that Andrew Richards publishes more of his extensions

    m.g.
    niemiro, x BlueRobot and jcgriff2 say thanks for this.

  13. #53

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    That's where I found out about this thing, myself!

    @Niemiro:

    There's actually one thing of interest. I've noticed that the purpose of the !dpx command is to consolidate output of dps, dpu, dpa and dpp commands. Yet I did notice in particular in one occasion where I used it once, skimmed through it, then used dpu (dump unicode) afterwards on the same memory range and it actually pulled up items of interest that were not shown in the !dpx output. I know that just about anything can be interpreted as unicode so I would figure the !dpx extension would try to see them as anything else first before considering them as unicode, but I found it odd that it personally didn't find any unicode of value in the memory range, but dpu found two strings of very important items (namely directory strings)! I'm wondering why that was.

    The memory dump in question is the last kernel dump linked here, post #33. I switched context to the hung proc (#3), used !thread on it to get limit and base on the thread stack, then used those values to dump with !dpx and dpu and other variants. dpu came up with two directory strings into Chrome and K-Lite Codec directories which !dpx did not pick up.

    I'm thinking Andrew placed some filters on what he believes to be "potentially valid" strings which may be filtering out such output.
    x BlueRobot, jcgriff2 and niemiro say thanks for this.

  14. #54
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,872

    Re: BSOD Method and Tips

    The new .DLL is absolutely brilliant
    Machines Can Think

    We don't make mistakes; we just have happy accidents.

  15. #55
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,872

    Re: BSOD Method and Tips

    Could I request this blog to be added? Gustavo Duarte

    It does a really good job of explaining the internals of an operating system (Windows and Linux).
    Machines Can Think

    We don't make mistakes; we just have happy accidents.

  16. #56
    x BlueRobot's Avatar
    Join Date
    May 2013
    Location
    Minkowski Space
    Posts
    1,872

    Re: BSOD Method and Tips

    Another simple request, this forum seems to provide some more advanced information on debugging, mostly malware orientated though, but interesting nonetheless - KernelMode.info ? Index page
    Machines Can Think

    We don't make mistakes; we just have happy accidents.

  17. #57

    Re: BSOD Method and Tips

    As Vir's IT interests have changed a bit, and since I offered to take care of/add to any thread(s) he has made, I figured I'd finally start off with this one because I quickly noticed a few things that should be added (Carrona/Sysnative DRT were never added to links?!). I am definitely going to be adding a lot of things to the BSOD Information forum from this point on.
    Last edited by Patrick; 03-12-2014 at 09:45 AM.
    niemiro, satrow, Vir Gnarus and 1 others say thanks for this.

  18. #58

    Join Date
    Mar 2012
    Posts
    469

    Re: BSOD Method and Tips

    I see you already went quickly to work on this. Thanks Patrick! Btw, the reason I didn't add the DRT under databases is because I already assumed that if you're on this site, you know about the DRTs! Though for outsiders linking to the article I reckon that won't work so well. Thanks for clearing that up for me!

  19. #59

    Re: BSOD Method and Tips

    Btw, the reason I didn't add the DRT under databases is because I already assumed that if you're on this site, you know about the DRTs! Though for outsiders linking to the article I reckon that won't work so well.
    I actually assumed that was the case!

  20. #60
    blueelvis's Avatar
    Join Date
    Apr 2014
    Location
    India
    Posts
    969
    • specs System Specs
      • Manufacturer:
        Toshiba
      • CPU:
        Intel Core i5 @ 2.4 GHz 2nd Generation
      • Memory:
        8 GB @ 1600MHz Dual Channel B)
      • Graphics:
        Intel HD 3000 B)
      • Hard Drives:
        Hitachi 1TB 7200 RPM & WD 500 GB
      • Cooling:
        There is some fan inside but it keeps whirring <_<
      • Display:
        1366x768
      • Operating System:
        Windows 8.1 Embedded Industry Pro

    Re: BSOD Method and Tips

    Hi Patrick,

    Found this great book on Assembly Language Book :-

    https://courses.engr.illinois.edu/ec.../artofasm.html

    This could be added to the first post ^_^
    x BlueRobot says thanks for this.
    Ever wanted to learn to debug BSODs? PM me now!

    Feel free to PM me in case I haven't replied within 48 Hours ^_^. Anything else? Still feel free to PM me :thumbsup2:

Page 3 of 3 First 123

Similar Threads

  1. Windows 8 to Feature New OEM Activation Method
    By zigzag3143 in forum Microsoft News
    Replies: 2
    Last Post: 08-05-2012, 03:57 PM
  2. Replies: 0
    Last Post: 07-22-2012, 04:27 PM
  3. BSOD Method & Tips by Vir Gnarus
    By jcgriff2 in forum BSOD Processing Apps Download | Information | Discussions
    Replies: 0
    Last Post: 07-01-2012, 06:23 PM

Log in

Log in