Defrag Tools #179 - Manually Generating a Crash Dump

Sign in to queue

The Discussion

  • User profile image
    Brian Catlin

    Sound is out of sync with the video at about half way through the video

  • User profile image
    Brian Catlin

    NMI is NOT the highest priority interrupt. The x86/x64 interrupt architecture has changed significantly over the last 20 years, and there is no longer an NMI pin on the CPU. According to the Intel 64 and IA-32 Architectures Software Developer's Manual, Volume 3a, System Programming Guide, Part 1 (https://www.intel.com/Assets/en_US/PDF/manual/253668.pdf), in chapter 6.9, you'll see that NMI is third in the hierarchy (and below SMI). Clearly, the term "non-maskable" has a different meaning to the current generation of Intel designers.

  • User profile image
    ChadBeeder

    @Brian Catlin: Hmm, I looked through the video again and didn't notice any A/V sync problems.

    Yes, you're right, there are higher interrupt levels than NMI, but NMI is pretty much the highest you can get for purposes of breaking into the debugger or triggering a crash dump.

    Raymond Chen wrote a fun blog post some years back about how you could generate an NMI on any system with ISA slots by using a ball-point pen. Sadly (?) it's not this simple on modern PCs.

  • User profile image
    Chris​Kanemoto

    Thanks guys - FWIW I watched the full episode and didn't spot any lip-sync issues

  • User profile image
    kingkappa

    Thanks for the tutorial - Cheers

  • User profile image
    Niels

    If the user set CrashOnCtrlScroll before, that takes priority over the custom keys.
    If you add the following to the CrashOnLCtrlTildeTilde.reg, it removes the CrashOnCtrlScroll entry, so the .reg works as expected.

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters]
    "CrashOnCtrlScroll"=-

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters]
    "CrashOnCtrlScroll"=-

  • User profile image
    Bruce Mackenzie

    FYI - You no longer need to setup the NMICrashDump registry parameter as of Windows Server 2012. So out of the box, you can crash a Windows 2012 server without configuring the parameter and rebooting. The same is true for the new PowerShell cmdlet Debug-VM -InjectNonmaskableInterrupt on Windows 2012 R2, you can crash VMs running 2012 or later without configuring the NMICrashDump parameter. Here's the article:

    https://support.microsoft.com/en-us/help/2750146/nmi-hardware-failure-error-when-an-nmi-is-triggered-on-windows-8-and-windows-server-2012

  • User profile image
    ChadBeeder

    @Bruce Mackenzie: Great information. I deal more with client systems, so that had escaped my notice. Thanks!

  • User profile image
    ScottyKarate

    Great show!  On the topic of keyboard scan codes, I stumbled across this document a few years back while trying to make my Caps Lock key behave like the left Windows key.  I use an IBM Model M keyboard that pre-dates the Windows key but wanted Win key functionality and clicky goodness.  The linked doc has a lot of good low level information.

    Here's the reg hack I came up with.  Works like charm.

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
    "Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,5c,e0,3a,00,00,00,00,00

Add Your 2 Cents