Windows 10: Install and Configure WinDBG for BSOD Analysis  

Page 3 of 7 FirstFirst 12345 ... LastLast

  1. Posts : 5,007
    Windows 10 Pro X64 15063.138
       23 Jun 2016 #20

    The images still refer to Windows 8.1, not Windows 10.
      My ComputersSystem Spec


  2. Posts : 20,786
    64-bit Windows 10 Pro build 16199
       23 Jun 2016 #21

    All updated now.
      My ComputersSystem Spec


  3. Posts : 5,007
    Windows 10 Pro X64 15063.138
       27 Jun 2016 #22

    Great job Shawn, Looks great now.
      My ComputersSystem Spec


  4. Posts : 602
    7 and 10 on various machines
       06 Jul 2016 #23

    Ok Colin mate I have just installed this 10 and got to the test file but it cannot open because of some error.
      My ComputerSystem Spec


  5. Posts : 11,520
    Windows 10 Pro
       06 Jul 2016 #24

    John, could you try to open a dump from the BSOD forum, please let it load and use the !analyze -v command, close it and open it again. Do this a few times please so all symbols required are downloaded.
    Please let us know what you get (copy/paste the output in code tags) so we can get your symbol problems gone
      My ComputersSystem Spec

  6.    06 Jul 2016 #25

    ICIT2LOL said: View Post
    Ok Colin mate I have just installed this 10 and got to the test file but it cannot open because of some error.
    Sounds like the same thing that happened a month ago John,

    ICIT2LOL said: View Post
    Ok just installed the kit onto my 10 machine but it will not open that test BSOD file. What now??
    derekimo said: View Post
    That was zipped with 7-zip, you should be able to open this one,

    Attachment 82489
    ICIT2LOL said: View Post
    Thanks Derek it worked fine even though I did have 7-zip installed for the other try anyway at least it is working.
    derekimo said: View Post
    You're welcome John, you would have needed to right click on it and use the 7zip context menu options instead of just clicking on it.

    As you say, at least it's working.
    I changed the file in the tutorial to a regular zip to avoid this in the future.
      My ComputerSystem Spec


  7. Posts : 602
    7 and 10 on various machines
       06 Jul 2016 #26

    Yes Derek it was exactly the same thing. I shall try the new link.
      My ComputerSystem Spec


  8. Posts : 602
    7 and 10 on various machines
       06 Jul 2016 #27

    axe0 said: View Post
    John, could you try to open a dump from the BSOD forum, please let it load and use the !analyze -v command, close it and open it again. Do this a few times please so all symbols required are downloaded.
    Please let us know what you get (copy/paste the output in code tags) so we can get your symbol problems gone
    Ok it is working with the test link and I shall see what I get for a posted BSOD dump.

    Now my problem with reading these dumps is that I seem to see things that are blatantly obvious like graphics drivers but more often than not get pulled up for some other feature that I do see but cannot attach any relevance to it.
      My ComputerSystem Spec

  9.    06 Jul 2016 #28

    ICIT2LOL said: View Post
    Yes Derek it was exactly the same thing. I shall try the new link.
    ICIT2LOL said: View Post
    Ok it is working with the test link.


    The rest of what you said can be learned if you focus on this here John,

    WinDBG - The Basics for Debugging Crash Dumps in Windows 10 - Windows 10 Forums

    That is part 3 I linked directly, it has 3 steps, focus on the first two for now.
      My ComputerSystem Spec


  10. Posts : 602
    7 and 10 on various machines
       06 Jul 2016 #29

    Thanks Derek I shall have to get into that and what Martijn wanted I opened this dump three times and each time it got quicker because the initial opening of a dump takes ages - I hope this is what is needed.
    Code:
    Microsoft (R) Windows Debugger Version 10.0.10586.567 AMD64
    Copyright (c) Microsoft Corporation. All rights reserved.
    
    
    
    
    Loading Dump File [C:\Users\John\AppData\Local\Temp\Temp1_DESKTOP-REO3G45-2016_06_30_152907_92.zip\062816-13671-01.dmp]
    Mini Kernel Dump File: Only registers and stack trace are available
    
    
    Symbol search path is: srv*
    Executable search path is: 
    Windows 10 Kernel Version 10586 MP (4 procs) Free x64
    Product: WinNt, suite: TerminalServer SingleUserTS
    Built by: 10586.420.amd64fre.th2_release_sec.160527-1834
    Machine Name:
    Kernel base = 0xfffff801`8ee07000 PsLoadedModuleList = 0xfffff801`8f0e5cf0
    Debug session time: Wed Jun 29 07:25:01.179 2016 (UTC + 10:00)
    System Uptime: 0 days 0:00:49.988
    Loading Kernel Symbols
    .
    
    
    Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
    Run !sym noisy before .reload to track down problems loading symbols.
    
    
    ..............................................................
    ................................................................
    ............................................
    Loading User Symbols
    Loading unloaded module list
    ..........
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    
    Use !analyze -v to get detailed debugging information.
    
    
    BugCheck 50, {ffffcfffd8a8e950, 2, fffff80019aa31de, 2}
    
    
    
    
    Could not read faulting driver name
    Probably caused by : memory_corruption
    
    
    Followup:     memory_corruption
    ---------
    
    
    3: kd> !analyze -v
    *******************************************************************************
    *                                                                             *
    *                        Bugcheck Analysis                                    *
    *                                                                             *
    *******************************************************************************
    
    
    PAGE_FAULT_IN_NONPAGED_AREA (50)
    Invalid system memory was referenced.  This cannot be protected by try-except.
    Typically the address is just plain bad or it is pointing at freed memory.
    Arguments:
    Arg1: ffffcfffd8a8e950, memory referenced.
    Arg2: 0000000000000002, value 0 = read operation, 1 = write operation.
    Arg3: fffff80019aa31de, If non-zero, the instruction address which referenced the bad memory
    	address.
    Arg4: 0000000000000002, (reserved)
    
    
    Debugging Details:
    ------------------
    
    
    
    
    Could not read faulting driver name
    
    
    DUMP_CLASS: 1
    
    
    DUMP_QUALIFIER: 400
    
    
    BUILD_VERSION_STRING:  10586.420.amd64fre.th2_release_sec.160527-1834
    
    
    SYSTEM_MANUFACTURER:  System manufacturer
    
    
    SYSTEM_PRODUCT_NAME:  P5K3 Deluxe
    
    
    SYSTEM_SKU:  To Be Filled By O.E.M.
    
    
    SYSTEM_VERSION:  System Version
    
    
    BIOS_VENDOR:  American Megatrends Inc.
    
    
    BIOS_VERSION:  1206   
    
    
    BIOS_DATE:  04/16/2009
    
    
    BASEBOARD_MANUFACTURER:  ASUSTeK Computer INC.
    
    
    BASEBOARD_PRODUCT:  P5K3 Deluxe
    
    
    BASEBOARD_VERSION:  Rev 1.xx
    
    
    DUMP_TYPE:  2
    
    
    BUGCHECK_P1: ffffcfffd8a8e950
    
    
    BUGCHECK_P2: 2
    
    
    BUGCHECK_P3: fffff80019aa31de
    
    
    BUGCHECK_P4: 2
    
    
    READ_ADDRESS: fffff8018f185520: Unable to get MiVisibleState
     ffffcfffd8a8e950 
    
    
    FAULTING_IP: 
    dxgkrnl!DxgkDestroyAllocationHelper+ce
    fffff800`19aa31de 0f9280000000b8  setb    byte ptr [rax-48000000h]
    
    
    MM_INTERNAL_CODE:  2
    
    
    CPU_COUNT: 4
    
    
    CPU_MHZ: 965
    
    
    CPU_VENDOR:  GenuineIntel
    
    
    CPU_FAMILY: 6
    
    
    CPU_MODEL: f
    
    
    CPU_STEPPING: 7
    
    
    CPU_MICROCODE: 6,f,7,0 (F,M,S,R)  SIG: 6A'00000000 (cache) 6A'00000000 (init)
    
    
    CUSTOMER_CRASH_COUNT:  1
    
    
    DEFAULT_BUCKET_ID:  CODE_CORRUPTION
    
    
    BUGCHECK_STR:  AV
    
    
    PROCESS_NAME:  LogonUI.exe
    
    
    CURRENT_IRQL:  0
    
    
    ANALYSIS_SESSION_HOST:  DESKTOP-9I73FSG
    
    
    ANALYSIS_SESSION_TIME:  07-07-2016 12:58:26.0804
    
    
    ANALYSIS_VERSION: 10.0.10586.567 amd64fre
    
    
    TRAP_FRAME:  ffffd00020a8e5b0 -- (.trap 0xffffd00020a8e5b0)
    NOTE: The trap frame does not contain all registers.
    Some register values may be zeroed or incorrect.
    rax=ffffd00020a8e950 rbx=0000000000000000 rcx=ffffd00020a8e950
    rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
    rip=fffff80019aa31de rsp=ffffd00020a8e740 rbp=ffffd00020a8e840
     r8=0000000000000000  r9=0000000000000001 r10=0000000000000000
    r11=fffff80019a323c3 r12=0000000000000000 r13=0000000000000000
    r14=0000000000000000 r15=0000000000000000
    iopl=0         nv up ei ng nz na po cy
    dxgkrnl!DxgkDestroyAllocationHelper+0xce:
    fffff800`19aa31de 0f9280000000b8  setb    byte ptr [rax-48000000h] ds:ffffcfff`d8a8e950=??
    Resetting default scope
    
    
    LAST_CONTROL_TRANSFER:  from fffff8018ef765c1 to fffff8018ef497a0
    
    
    STACK_TEXT:  
    ffffd000`20a8e358 fffff801`8ef765c1 : 00000000`00000050 ffffcfff`d8a8e950 00000000`00000002 ffffd000`20a8e5b0 : nt!KeBugCheckEx
    ffffd000`20a8e360 fffff801`8ee72621 : 00000000`00000002 00000000`00000000 ffffd000`20a8e5b0 ffffe000`4e1e6700 : nt! ?? ::FNODOBFM::`string'+0x1e3c1
    ffffd000`20a8e450 fffff801`8ef52abc : ffffd000`50488180 00000000`00000001 ffffd000`5048eb40 ffffe000`4e1e6700 : nt!MmAccessFault+0x5f1
    ffffd000`20a8e5b0 fffff800`19aa31de : ffffe000`4e523840 ffffd000`50488180 ffffd000`50494bc0 00000000`00000000 : nt!KiPageFault+0x13c
    ffffd000`20a8e740 fffff800`19b574b9 : 00000000`00000020 00000265`203ccf08 00000094`e937eb70 ffffc001`2f496d70 : dxgkrnl!DxgkDestroyAllocationHelper+0xce
    ffffd000`20a8eba0 fffff801`8ef540a3 : 00000000`00000020 00000000`00000020 00000000`00000000 00000265`203ccf08 : dxgkrnl!DxgkDestroyAllocation+0xd9
    ffffd000`20a8ec40 00007ffd`9fcb4424 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
    00000094`e937e8b8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x00007ffd`9fcb4424
    
    
    
    
    STACK_COMMAND:  kb
    
    
    CHKIMG_EXTENSION: !chkimg -lo 50 -db !dxgkrnl
    2 errors : !dxgkrnl (fffff80019aa31df-fffff80019aa33df)
    fffff80019aa31d0  04  00  00  45  8b  fc  45  8d  75  02  41  83  fc  41  0f *92 ...E..E.u.A..A..
    ...
    fffff80019aa33d0  38  ff  15  29  3d  fd  ff  85  c0  75  1b  48  8d  4e  38 *55 8..)=....u.H.N8U
    
    
    MODULE_NAME: memory_corruption
    
    
    IMAGE_NAME:  memory_corruption
    
    
    FOLLOWUP_NAME:  memory_corruption
    
    
    DEBUG_FLR_IMAGE_TIMESTAMP:  0
    
    
    MEMORY_CORRUPTOR:  STRIDE
    
    
    FAILURE_BUCKET_ID:  MEMORY_CORRUPTION_STRIDE
    
    
    BUCKET_ID:  MEMORY_CORRUPTION_STRIDE
    
    
    PRIMARY_PROBLEM_CLASS:  MEMORY_CORRUPTION_STRIDE
    
    
    TARGET_TIME:  2016-06-28T21:25:01.000Z
    
    
    OSBUILD:  10586
    
    
    OSSERVICEPACK:  0
    
    
    SERVICEPACK_NUMBER: 0
    
    
    OS_REVISION: 0
    
    
    SUITE_MASK:  272
    
    
    PRODUCT_TYPE:  1
    
    
    OSPLATFORM_TYPE:  x64
    
    
    OSNAME:  Windows 10
    
    
    OSEDITION:  Windows 10 WinNt TerminalServer SingleUserTS
    
    
    OS_LOCALE:  
    
    
    USER_LCID:  0
    
    
    OSBUILD_TIMESTAMP:  2016-05-28 13:59:07
    
    
    BUILDDATESTAMP_STR:  160527-1834
    
    
    BUILDLAB_STR:  th2_release_sec
    
    
    BUILDOSVER_STR:  10.0.10586.420.amd64fre.th2_release_sec.160527-1834
    
    
    ANALYSIS_SESSION_ELAPSED_TIME: 1e5b
    
    
    ANALYSIS_SOURCE:  KM
    
    
    FAILURE_ID_HASH_STRING:  km:memory_corruption_stride
    
    
    FAILURE_ID_HASH:  {574dbc1b-92cb-fb09-cb7a-cacc1bb2c511}
    
    
    Followup:     memory_corruption
      My ComputerSystem Spec


 
Page 3 of 7 FirstFirst 12345 ... LastLast

Related Threads
Is it possible to configure the Server Ports in the outlook e-mail app? I use AT&T for e-mail, and my mail account requires that I use server port 995 (incoming) and 465 (outgoing). I can create a new POP3 service for AT&T and setup everything up...
Solved Need Help with setting up Windbg in BSOD Crashes and Debugging
I seem to be suffering from a severe lack of knowledge and experience in this area. I am trying to read dump file created by Windows 10 but keep seeing errors about ntoskrnl.exe and symbol errors. I have gone through the tutorial by Golden. I...
Working on several projects at one time, and using primarily laptops with not that great support for virtualization, so I am loathe to install a basic Win 7 in virt jsut to be able to use hte Win 7 AIK. In a past tutorial, Kari mentioned that the...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 06:32.
Find Us