Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: BSOD Analysis - Getting Started

18 Jul 2012   #11

Microsoft Windows 7 Pro 64-bit SP1
 
 

http://www.sevenforums.com/crashes-d...help-bsod.html

He fixed it himself apparently though

My System SpecsSystem Spec
.

20 Jul 2012   #12

Microsoft Windows 7 Home Premium 64-bit Service Pack 1
 
 

That's all I can do here. I've been trying to figure out this guy's crashing laptop, especially the hideous bit where it says "KERNEL_MODE_INPAGE_ERROR". That's as far as I'm gonna go.
(The second argument in the crash string says: 0xC0000185.)
My System SpecsSystem Spec
23 Jul 2012   #13

Microsoft Community Contributor Award Recipient

Windows 8.1 Pro with Media Center
 
 

Quote   Quote: Originally Posted by Jonathan_King View Post
Once installed, associate .dmp files with Windbg by entering the following in a command prompt:
Code:
"C:\Program Files (x86)\Debugging Tools for Windows (x64)\Debuggers\x64\windbg.exe" -IA
If Windbg is installed in a different location, change the command accordingly.
Running Windows 8 Release Preview, the path and command is
Code:
"C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\windbg.exe" -IA
Kari
My System SpecsSystem Spec
.


23 Jul 2012   #14

Microsoft Community Contributor Award Recipient

Windows 7 64-bit
 
 

From what Kari mentioned, this applies to the Windows 8 Release Preview WDK/SDK, not the OS itself. Even if you installed this newest kit on Windows 7 or older, this directory will also be used unless you specified otherwise in the installation.

I personally find it very strange that it also installed the x64 stuff in the x86 install redirect. It definitely had me searching for a while at first to discover it.
My System SpecsSystem Spec
23 Jul 2012   #15

Microsoft Community Contributor Award Recipient

Windows 7 64-bit
 
 

Quote   Quote: Originally Posted by HoneycombAG View Post
That's all I can do here. I've been trying to figure out this guy's crashing laptop, especially the hideous bit where it says "KERNEL_MODE_INPAGE_ERROR". That's as far as I'm gonna go.
(The second argument in the crash string says: 0xC0000185.)
Use !error in Windbg with that NTSTATUS error that was listed in the second argument to get a definition of what it meant. Whenever you see "C" followed by a bunch of zeroes and a small number, you can often consider it an NTSTATUS error code, which you can run through !error to get an explanation for it:

Code:
0: kd> !error C0000185
Error code: (NTSTATUS) 0xc0000185 (3221225861) - The I/O device reported an I/O error.
In this case, it's pretty esoteric. Your next step is to figure out what the I/O error was that got generated during the I/O (IRP). I think !analyze -v sometimes displays this error in its output, but not exactly sure.

In the thread you linked too, I'm not seeing a recent crashdump the OP provided that mentions that bugcheck. What crashdump are you referring too?
My System SpecsSystem Spec
24 Jul 2012   #16

Windows 8.1 Professional x64
 
 

Quote   Quote: Originally Posted by Vir Gnarus View Post
From what Kari mentioned, this applies to the Windows 8 Release Preview WDK/SDK, not the OS itself. Even if you installed this newest kit on Windows 7 or older, this directory will also be used unless you specified otherwise in the installation.

I personally find it very strange that it also installed the x64 stuff in the x86 install redirect. It definitely had me searching for a while at first to discover it.
Also had the same.

Though all I did was copy the files out of the x64 folder, and put them in the root of the debugger folder I made on C and went from there.
My System SpecsSystem Spec
24 Jul 2012   #17

Microsoft Community Contributor Award Recipient

Windows 7 64-bit
 
 

That should work. Windbg is a pretty portable item, as the most I can recall it'll ever look for are environment vars for symbols and whatnot. You may however lose certain preferences and workspace settings if you start moving it around, as I believe that's retained in the registry.
My System SpecsSystem Spec
07 Aug 2012   #18

Microsoft Community Contributor Award Recipient

Windows 8.1 Pro with Media Center
 
 

Willing to learn, however WinDBG just gives me this what ever I do even the symbol file path is set according to Jonathan's instructions:

Code:
Microsoft (R) Windows Debugger Version 6.2.8400.0 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [D:\Users\Kari\Desktop\dumps\Seven Forums\080312-33009-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available

Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path.           *
* Use .symfix to have the debugger choose a symbol path.                   *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is: 
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*                                                                   *
* The Symbol Path can be set by:                                    *
*   using the _NT_SYMBOL_PATH environment variable.                 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+                                    *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: LanManNt, suite: Enterprise TerminalServer SingleUserTS
Built by: 7601.17835.amd64fre.win7sp1_gdr.120503-2030
Machine Name:
Kernel base = 0xfffff800`01e1b000 PsLoadedModuleList = 0xfffff800`0205f670
Debug session time: Fri Aug  3 17:27:35.241 2012 (UTC + 2:00)
System Uptime: 1 days 18:17:24.224
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*                                                                   *
* The Symbol Path can be set by:                                    *
*   using the _NT_SYMBOL_PATH environment variable.                 *
*   using the -y <symbol_path> argument when starting the debugger. *
*   using .sympath and .sympath+                                    *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.................................
Loading User Symbols
Loading unloaded module list
....................
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck F4, {3, fffffa800f6962f0, fffffa800f6965d0, fffff80002199510}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

----- ETW minidump data unavailable-----
unable to get nt!KiCurrentEtwBufferOffset
unable to get nt!KiCurrentEtwBufferBase
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!KPRCB                                      ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!KPRCB                                      ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Either you specified an unqualified symbol, or your debugger   ***
***    doesn't have full symbol information.  Unqualified symbol      ***
***    resolution is turned off by default. Please either specify a   ***
***    fully qualified symbol module!symbolname, or enable resolution ***
***    of unqualified symbols by typing ".symopt- 100". Note that   ***
***    enabling unqualified symbol resolution with network symbol     ***
***    server shares in the symbol path may cause the debugger to     ***
***    appear to hang for long periods of time when an incorrect      ***
***    symbol name is typed or the network symbol server is down.     ***
***                                                                   ***
***    For some commands to work properly, your symbol path           ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: nt!_KPRCB                                     ***
***                                                                   ***
*************************************************************************
Probably caused by : wininit.exe

Followup: MachineOwner
---------
Symbol search path is: *** Invalid ***. What am I doing wrong? Notice I am running Windows 8 RP.
My System SpecsSystem Spec
07 Aug 2012   #19

Windows 7 Professional x64
 
 

Looks like no symbol path is set. Open a blank copy of Windbg, press Crtl-S, paste the symbol path, then exit Windbg, selecting "Yes" when asked to save workspace info.

EDIT: actually it looks like there may be a typo in your path. Repeat the process (as I described above) and make sure there are no leading spaces, etc.
My System SpecsSystem Spec
08 Aug 2012   #20

Microsoft Community Contributor Award Recipient

Windows 7 64-bit
 
 

The symbol path will most likely be blank in Windbg unless something is open with it (dump file, open process, etc.). If you just open Windbg by itself it won't show up anything.
My System SpecsSystem Spec
Reply

 BSOD Analysis - Getting Started




Thread Tools



Similar help and support threads for2: BSOD Analysis - Getting Started
Thread Forum
BSOD and Others analysis BSOD Help and Support
BSOD Analysis BSOD Help and Support
BSOD analysis? BSOD Help and Support
Please can any one help BSOD analysis BSOD Help and Support
Please help with BSOD analysis BSOD Help and Support

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 07:03 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33