[07:17] - Configuring your system for a memory dump

please also explain what the new "Automatic dump" option under Windows 8 does in the next episodes

Win7 got a hotfix to create dumps without page file:

A hotfix is available that enables a Windows 7-based computer to create a memory dump file without a page file
http://support.microsoft.com/kb/2716542/en-us

But for me the fix doesn't work.

[15:40] - Looking up bug check descriptions

I'm using this site:

http://msdn.microsoft.com/en-us/library/hh994433%28v=vs.85%29.aspx

Btw, there are still some bugchecks missing which are only listed in the bugcodes.h from the WDK. Will those one be published? If not, why?

posted by MagicAndre1981

posted by windev

What are the values for a 64-bit x64 system?

I agree with Andrew that was an awesome demo. Can't wait for more!!!

posted by dcrearer

I haven't tried the KB 2716542 hotfix to allow memory dumps without a page file, but based on what I can see about it, you may also need to set "DedicatedDumpFile" in the registry to get it to work. (See KB 969028 for details on DedicatedDumpFile.) I would not recommend running without a page file in most cases, however. This is really intended for specialized systems (i.e. embedded systems) which run a limited set of applications with known memory requirements.

I'm not sure about the bugchecks which are listed in bugcodes.h but not documented. I'd guess that they aren't widely used (or deprecated in current Windows versions), or they may only be used in checked or internal debug builds of Windows. In any event, it's highly unlikely you'd see them in real-world scenarios.

posted by ChadBeeder

We will do more episodes on debugging. Thanks for watching!

posted by ChadBeeder

ChadBeeder wrote

@MagicAndre1981: This episode was taped before Windows 8 official release. We may talk more about the Windows 8 "Automatic memory dump" setting in the future, but for now there is a pretty good blog post from the Windows Server Core Team which goes into detail about this feature.

I haven't tried the KB 2716542 hotfix to allow memory dumps without a page file, but based on what I can see about it, you may also need to set "DedicatedDumpFile" in the registry to get it to work. (See KB 969028 for details on DedicatedDumpFile.) I would not recommend running without a page file in most cases, however. This is really intended for specialized systems (i.e. embedded systems) which run a limited set of applications with known memory requirements.

I'm not sure about the bugchecks which are listed in bugcodes.h but not documented. I'd guess that they aren't widely used (or deprecated in current Windows versions), or they may only be used in checked or internal debug builds of Windows. In any event, it's highly unlikely you'd see them in real-world scenarios.

I've already read the blog post, but other users not. So you should also explain it here.

I must say I've reduced the size of the page file to 2048 - 4096 MB. Does the fix only work for Systems without a pagefile or does it also work for smaller page files? I don't want to waste 16GB of space on my SSD.

the bugchecks that are missing are mostly ones which were added since Vista. From 0x13x and 0x14x there are a lot of undocumented bugchecks.

posted by MagicAndre1981

Yeah, it looks like the people in charge of maintaining the debugger help file haven't gotten around to documenting all those newer bugchecks. Bugcodes.h contains the most definitive list of codes used by Windows components. Of course, third-party drivers are free to use any bugcheck code they want.

posted by ChadBeeder

ChadBeeder wrote

@MagicAndre1981: Did you try adding the DedicatedDumpFile setting?

yes, but this makes it even worse. Now the Dedicated dump is 16GB and I have still my normal pagefile. So this is no option.

ChadBeeder wrote

Yeah, it looks like the people in charge of maintaining the debugger help file haven't gotten around to documenting all those newer bugchecks. Bugcodes.h contains the most definitive list of codes used by Windows components.

will they ever add those missing bugchecks to the documentation? Have you asked them?

posted by MagicAndre1981

posted by ChadBeeder

I've seen some of them and the only useful information came from !analyze -show BUGCHECKNUMBER in WinDbg. The next confusing thing is that the new bugcodes.h no longer contains the MessageText with some information. What I want to know is thebugcheck VHD_BOOT_HOST_VOLUME_NOT_ENOUGH_SPACE (136). Can I see from the parameters, how much free space I need to boot the VHD?

Can you also ask the Debugger Team 2 things?

1.) Sometimes I have the issue that the text is displayed twice:

this happens randomly after stopping a former debug session with SHIFT+F5.

2.) the new Dbghelper DLLs are slow to process the PDBs. It takes much longer to load them with the new DLLs from Win8 SDK. replacing them with old ones fixes the slow loading. I noticed this most when using xperfview.

posted by MagicAndre1981

#1 - This happens when a Event or Output Callback from an extension is not behaving. Try loading with Windbg -WX to see if it goes away.

#2 - This might relate to the new inline support. Can you collect a xPerf of the two scenarios?

posted by windev

#2 which flags should I capture? Here is also an user who has this issue:

http://randomascii.wordpress.com/2012/10/04/xperf-symbol-loading-pitfalls/

posted by MagicAndre1981