Entries:
Comments:
Posts:

Loading User Information from Channel 9

Something went wrong getting user information from Channel 9

Latest Achievement:

Loading User Information from MSDN

Something went wrong getting user information from MSDN

Visual Studio Achievements

Latest Achievement:

Loading Visual Studio Achievements

Something went wrong getting the Visual Studio Achievements

Defrag Tools: #57 - New Job, New Systems, 2 Questions and 2 Crashes

Download

Right click “Save as…”

In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen talk about Andrew's new job, configuring new systems with SSDs and HDDs, answer two questions from a viewer (Barry), and debug two crashes.

[So why is the audio weird in this episode? Well, Andrew accidently hit mute on his mic just before recording. Kaitlin came to the rescue and used the audio from Chad's mic, fixing the levels for hours - Thx Kaitlin]

Resources:
Debugging Tools for Windows
SkyDrive - procdumpext.dll

Timeline:
[00:00] - Andrew's new job - "Send to Microsoft"
[01:53] - How we'd set up machines with SSDs and HDDs
[04:30] - Making a folder on C: (SSD) that redirects to another drive (HDD)
[05:00] - Mount Point via Disk Management
[06:08] - Symbolic Link - mklink /d Link Target
[08:25]Question #1 - "Application Hang" (Event ID 1002)
[08:25]Windows Error Reporting LocalDumps
[12:13]Question #2 - "User reported a hang"
[15:48]Crash #1 - NULL Pointer
[17:30] - Unassemble (backwards and forwards) - ub @rip and u @rip
[17:30] - List module - lmvm <module>
[24:08]Crash #2 - Unloaded Module
[24:39] - List (Unloaded) modules - lm
[25:30] - List Stacks with Unloaded modules - !procdumpext.seek Unloaded
[27:29] - Email us your issues at defragtools@microsoft.com

Window Error Reporting LocalDumps - create Full Dump:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps]
"DumpFolder"="\"C:\\dumps"
"DumpType"=dword:00000002
"DumpCount"=dword:0000000a

Tags:

Follow the Discussion

  • MagicAndre1981Magic​Andre1981 xperf addicted

    don't RAID0 2 SSDs. The access time goes down and this is the important improvement over traditional HDDs.

    Also only the very newest Intel boards support TRIM in RAID mode!

    [06:08] - Symbolic Link - mklink /d Link Target

    use this tool, which his easier:

    http://bitsum.com/junctionmaster.php

     

  • Congrats Andrew... You deserve it... I hope you will still help out your viewers if we send you our crashes as well. 

    MagicAndre...I always appreciate when you suggest your tools, you seem to find good ones.  If you have anymore suggestions for great tools like WSCC and junction master, please post a comment with a few tools suggestions...thanks

     

  • What's the Pro/Cons of configuring prodump vs the reg tweeks for saving dumps?

  • MagicAndre1981Magic​Andre1981 xperf addicted

    @s3curityConsult

    I'll do this.

    @Ytterbium

     

    you have a better flexibility with WER. You can configure this per application and generate small dumps by default but full dumps of only 1 program you are interested. You can also put the dumps into different folders.

  • Was there something weird with the microphones? Every time Andrew spoke, there was a bunch of background noise (like he was stood next to a noisy air conditioner) and then he dropped out every time someone else spoke.

  • MagicAndre1981Magic​Andre1981 xperf addicted

    @JohnLudlow:

    look at the text between the [] under the description Wink

  • Ah probably should have looked at that first.  Thanks!

    And well done Kaitlin

  • @MagicAndre19‚Äč81

    I set Procdump as per Andrews instructions before, you can point it to whatever folder you want.  I guess you can configure different dumps with procdump?

    I guess a dump is as dump.

  • MagicAndre1981Magic​Andre1981 xperf addicted

    @Ytterbium:

     

    WER can be configured per application, AeDebug only globally or all.

    With WER I can configure Windows to create minis for all and full for some selected applications.

  • RonaldRonald

    What's the meaning of "Unloaded" : does it mean that the dll is no more mapped into the process' address space ? If so how does Windbg knows what dll was there in the past ?

  • @JohnLudlow:

    yeah... it sounds like his mic was dead and he was being heard from Chad or Larry's.

     

  • Andrew Richardswindev Andrew Richards

    Correct, the DLL is no longer mapped in to the process VA Space. The kernel keeps a record of the modules ever loaded, and the dump is written with this metadata. .dumpdebug will show you the record in the dump metadata streams.

  • My machines have 16gb of ram so I cannot choose complete memory dump correct?  I remember reading somewhere that if you have more than 4 gb of ram than you can not choose complete memory dump, is this still true for win8 and win8.1?  Another problem, I have noticed is that windows 8.1 and server2012 r2 do not allow you to upgrade and keep your applications, I know that this is not your guys domain, but it is annoying, I am working on a way to allow it to keep my programs installed since I cannot get access to my Adobe desktop apps anymore since the creative cloud garbage has taken over, i dont want to lose my master collection.

  • MagicAndre1981Magic​Andre1981 xperf addicted

    @S3curityPlu5:

    http://www.osronline.com/article.cfm?article=545

    Use the registry to change the dump type to complete.

Remove this comment

Remove this thread

close

Comments Closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums,
or Contact Us and let us know.