Debug My Minidumps!

Kidfork

Kidfork

New Member
Hello,
I have attached 2 Minidumps from today and i would be very happy if someone could diagnostic the problem.
 

Attachments

My Computer

System One

  • CPU
    AMD Athlon(tm) 5000+ Dual Core 2.6Ghz
    Motherboard
    ASUS M2N68-AM SE2
    Memory
    4GB CRUCIAL DDR2 EEC DUAL CHANNEL
    Graphics card(s)
    ATI RADEON HD 4350 512DDR2
    Screen Resolution
    1024x768
    Hard Drives
    320GB SATA 40 GB IDE
    Mouse
    I
    Keyboard
    Logitect
    Internet Speed
    DSL 1.5Mbs/per sec
See below
 
Last edited:

My Computer

System One

  • Manufacturer/Model
    Self Built
    CPU
    i7 3770K HT ON 4.7GHz
    Motherboard
    P8Z68 Deluxe Gen 3
    Memory
    8GB G.Skill Ripjaws X 2133mhz
    Graphics card(s)
    2x Gigabyte GTX 670 OC WindForce SLI
    Sound Card
    X-FI Forte + ATH-AD900
    Monitor(s) Displays
    x2 Dell U2410 / 58" Samsung / "40 Sony
    Screen Resolution
    1920*1200 / 1920x1080
    Hard Drives
    2x Intel 520 240GB * Crucial M4 128GB * 2x Samsung F3 1TB (RAID 0) * 2x WD Caviar Blacks 2TB (RAID 0)
    PSU
    Corsair AX1200W
    Case
    Lian Li PC-V1020A
    Cooling
    NH-D14: 3x140mm Gelid Wing 14: Sunbeam Rheobus Extreme
    Mouse
    Razer Imperator + Thermaltake Theron
    Keyboard
    Topre Realforce // Ducky Shine Cherry MX Black
    Other Info
    Laptop Specs: Clevo Sager P170HM // 17.3 Matte 1920x1200 // i7 2720QM // 8GB 1333mhz // Dedicated GTX 485M // 240GB Intel 520 + 750GB + Blu-Ray // Samsung Story 2TB USB 3.0
Bugchecks -

0x1 (0x815f44d3, 0x0, 0x96, 0x0), probable cause listed as NT Kernel
0x50 (0xe87b2dbb, 0x0, 0x82087d17, 0x2), p/c = NT Kernel
0x18 (0xee657645, 0x83c3fa00, 0x2, 0x8303b63f), p/c = unknown image

Varying bugchecks usually point to hardware as the cause. That may be the case here. However, you have drivers that need to be updated:
Code: 
[B][FONT=Lucida Console]NVIDIA video[/FONT][/B]
[FONT=Lucida Console]nvlddmkm.sys Thu Oct 12 12:10:18 2006 (452E68EA)[/FONT]
 
[B][FONT=Lucida Console]VIA Audio WDM [/FONT][/B]
[FONT=Lucida Console]ac97via.sys Mon Nov 22 15:29:55 2004 (41A24C43)[/FONT]
 
[FONT=Lucida Console][B]VIA PCI 10/100Mb Ethernet[/B] [/FONT]
[FONT=Lucida Console]fetnd5.sys Tue Feb 14 00:55:24 2006 (43F170CC)[/FONT]
 
[FONT=Lucida Console][B]Agere V.92 Data+Fax Modem[/B] [/FONT]
[FONT=Lucida Console]ltmdmnt.sys Wed Mar 08 09:23:07 2006 (440EE8CB)[/FONT]


Based on the timestamps of the NT and DirectX Kernels, you have not had any Windows Updates since SP1. Windows Updates must be allowed to install.
Code: 
[FONT=Lucida Console]nt       ntkrnlmp.exe Sat Jan 19 00:30:50 2008 (47918B0A)[/FONT]
[FONT=Lucida Console]dxgkrnl  dxgkrnl.sys  Sat Jan 19 00:36:36 2008 (47918C64)[/FONT]


Allow Windows Updates to come in, update the drivers and see if BSODs persist.

Regards. . .

jcgriff2

.
 

My Computer

System One

  • Manufacturer/Model
    HP dv7-1020us
    CPU
    Intel P7350 Core2 Duo @2GHz
    Memory
    4096mb DDR2 SDRAM
    Graphics card(s)
    NVIDIA GeForce 9600M GT
    Sound Card
    IDT
    Hard Drives
    Fujitsu 320gb SATA HDD 5400RPM
    Mouse
    Logitech USB
    Internet Speed
    Intel 5100
jcgriff2,

mate I'm curious, where did you get that info from? :huh:
 

My Computer

System One

  • Manufacturer/Model
    Self Built
    CPU
    i7 3770K HT ON 4.7GHz
    Motherboard
    P8Z68 Deluxe Gen 3
    Memory
    8GB G.Skill Ripjaws X 2133mhz
    Graphics card(s)
    2x Gigabyte GTX 670 OC WindForce SLI
    Sound Card
    X-FI Forte + ATH-AD900
    Monitor(s) Displays
    x2 Dell U2410 / 58" Samsung / "40 Sony
    Screen Resolution
    1920*1200 / 1920x1080
    Hard Drives
    2x Intel 520 240GB * Crucial M4 128GB * 2x Samsung F3 1TB (RAID 0) * 2x WD Caviar Blacks 2TB (RAID 0)
    PSU
    Corsair AX1200W
    Case
    Lian Li PC-V1020A
    Cooling
    NH-D14: 3x140mm Gelid Wing 14: Sunbeam Rheobus Extreme
    Mouse
    Razer Imperator + Thermaltake Theron
    Keyboard
    Topre Realforce // Ducky Shine Cherry MX Black
    Other Info
    Laptop Specs: Clevo Sager P170HM // 17.3 Matte 1920x1200 // i7 2720QM // 8GB 1333mhz // Dedicated GTX 485M // 240GB Intel 520 + 750GB + Blu-Ray // Samsung Story 2TB USB 3.0
smarteyeball said:
jcgriff2,

mate I'm curious, where did you get that info from? :huh:
Click to expand...

Hi -

When running the Windbg GUI and it comes time to click on !analyze -v -- DON'T.

Instead look at the bottom of the Windbg screen and you'll see kd>

Copy/paste the following into the kd> command line

Code: 
[FONT=Lucida Console][SIZE=3]!analyze -v;r;kv;lmtn[/SIZE][/FONT]


The added parms will provide you with a loaded driver listing.

Regards. . .

jcgriff2

.
 

My Computer

System One

  • Manufacturer/Model
    HP dv7-1020us
    CPU
    Intel P7350 Core2 Duo @2GHz
    Memory
    4096mb DDR2 SDRAM
    Graphics card(s)
    NVIDIA GeForce 9600M GT
    Sound Card
    IDT
    Hard Drives
    Fujitsu 320gb SATA HDD 5400RPM
    Mouse
    Logitech USB
    Internet Speed
    Intel 5100
Just to add to what jcgriff is saying, those 3 processes (bittorrent.exe and whatever) may have been running at the time of each crash, but they are user-mode code and cannot directly cause a BSoD without a kernel-mode driver's involvement. To put it another way, they were requestors whose requests were being processed by the OS when the OS crashed.

A transition down into k-mode is known as a "mode switch" - it's the same thread but it's now running in privileged (kernel) mode. That's different to a "context switch" where the OS actually picks a different thread to run.

The fact that a bittorrent.exe thread can run in kernel-mode even though bittorrent.exe is not kernel-mode code is not particularly intuitive at first :)
 

My Computer

System One

Thanks guys. Windbg and reading crash dumps is still new territory for me and it always helps being pointed in the right direction.

So to clarify, in the OPS's case, those applications were requesting functions yet it was the OS that failed to process the requests correctly which resulted in a BSoD.

Generally speaking, this could either be because of a badly written driver requesting invalid / unavailable resources or faulty hardware?
 

My Computer

System One

  • Manufacturer/Model
    Self Built
    CPU
    i7 3770K HT ON 4.7GHz
    Motherboard
    P8Z68 Deluxe Gen 3
    Memory
    8GB G.Skill Ripjaws X 2133mhz
    Graphics card(s)
    2x Gigabyte GTX 670 OC WindForce SLI
    Sound Card
    X-FI Forte + ATH-AD900
    Monitor(s) Displays
    x2 Dell U2410 / 58" Samsung / "40 Sony
    Screen Resolution
    1920*1200 / 1920x1080
    Hard Drives
    2x Intel 520 240GB * Crucial M4 128GB * 2x Samsung F3 1TB (RAID 0) * 2x WD Caviar Blacks 2TB (RAID 0)
    PSU
    Corsair AX1200W
    Case
    Lian Li PC-V1020A
    Cooling
    NH-D14: 3x140mm Gelid Wing 14: Sunbeam Rheobus Extreme
    Mouse
    Razer Imperator + Thermaltake Theron
    Keyboard
    Topre Realforce // Ducky Shine Cherry MX Black
    Other Info
    Laptop Specs: Clevo Sager P170HM // 17.3 Matte 1920x1200 // i7 2720QM // 8GB 1333mhz // Dedicated GTX 485M // 240GB Intel 520 + 750GB + Blu-Ray // Samsung Story 2TB USB 3.0
smarteyeball said:
...
So to clarify, in the OPS's case, those applications were requesting functions yet it was the OS that failed to process the requests correctly which resulted in a BSoD.
Click to expand...

Yup. The actual process that's running at the time (notepad, calc, photoshop, bittorrent... whatever) is almost always irrelevant.

You're more likely to see a bittorrent client as the current process when a BSoD ("bugcheck" is the formal name) in the network stack occurs, for example, simply because Notepad rarely does networking. That still doesn't mean that the bittorrent client was responsibe - it makes (networking) requests that expose a problem somewhere in the kernel-mode networking componentry.

smarteyeball said:
Generally speaking, this could either be because of a badly written driver requesting invalid / unavailable resources or faulty hardware?
Click to expand...

Yes. The challenge is to work out which particular kernel-mode component- or the hardware - is the source of the bad data which caused the crash. It's a bit like looking at a photo of an in-progress multiple car pile-up and trying to gauge which car is the real culprit. A minidump is not even a full photo. It's more like a sparse verbal description of each car's position at the time. That still might be enough for some old copper who's seen it all to just point at one of the cars and go "book 'em Danno" (no, I'm not implying jcgriff is old ;))! Ridiculous Analogies 'R' Us!
 

My Computer

System One

Thanks mate. At this stage, it would be easier for me to identify a car in a pile up ;)

So if the Faulting IP was ntoskrnl.exe for example, it's still a bad driver or h/w or BIOS that is tripping up ntoskrnl.exe? I've been trying to backtrace a regular BSoD in Seven (7077) and I'm getting nowhere fast. Not having symbols dosen't help either ;)

What about when Windbg shows "thisdriverhere.sys" as the culprit. Is it still the case of backtracing other processes/requests leading up to a crash, or is"thisdriverhere.sys" really the one at fault?


My aplogies to the OP for hijacking this thread :o
 

My Computer

System One

  • Manufacturer/Model
    Self Built
    CPU
    i7 3770K HT ON 4.7GHz
    Motherboard
    P8Z68 Deluxe Gen 3
    Memory
    8GB G.Skill Ripjaws X 2133mhz
    Graphics card(s)
    2x Gigabyte GTX 670 OC WindForce SLI
    Sound Card
    X-FI Forte + ATH-AD900
    Monitor(s) Displays
    x2 Dell U2410 / 58" Samsung / "40 Sony
    Screen Resolution
    1920*1200 / 1920x1080
    Hard Drives
    2x Intel 520 240GB * Crucial M4 128GB * 2x Samsung F3 1TB (RAID 0) * 2x WD Caviar Blacks 2TB (RAID 0)
    PSU
    Corsair AX1200W
    Case
    Lian Li PC-V1020A
    Cooling
    NH-D14: 3x140mm Gelid Wing 14: Sunbeam Rheobus Extreme
    Mouse
    Razer Imperator + Thermaltake Theron
    Keyboard
    Topre Realforce // Ducky Shine Cherry MX Black
    Other Info
    Laptop Specs: Clevo Sager P170HM // 17.3 Matte 1920x1200 // i7 2720QM // 8GB 1333mhz // Dedicated GTX 485M // 240GB Intel 520 + 750GB + Blu-Ray // Samsung Story 2TB USB 3.0
The "!analyze" extension is a small automated analysis engine which is invoked whenever WinDBG opens up a dump which looks like a crash (not all dumps are generated at crash-time), or whenever the user manually issues the !analyze command. In other words, it's not really WinDBG which is analysing the dump - it's the "!analyze" debugger extension. It does its best, but there is so much complexity down there that it cannot possibly hope to always be right.

In particular, hardware problems will generally throw its analysis completely off. Yes, the direct cause of the crash may be an NTOSKRNL routine touching memory it shouldn't have, but if that's caused by borked hardware it is almost impossible to figure that out from a minidump. A full kernel dump may reveal more, but that requires expert analysis by a Real Live Human which can take hours or even days, and even then there's no guarantee that broken hardware will be conclusively fingered as the cause, much less of figuring out precisely which hardware is faulty. Those investigations require hardware troubleshooting toys.

Fortunately, there's a fairly simple rule-ofthumb procedure to follow:

  1. If !analyze pinpoints a 3rd-party (not-of-the-OS) driver, it is almost invariably a correct diagnosis.
  2. If !analyze says that an OS driver is at fault, and yet the output of the K (stack unwind) command reveals 3rd-party drivers in that thread's stack, those drivers are possibly to blame and they should be updated or removed as a test.
  3. If !analyze points at the OS, and K doesn't reveal any 3rd-party drivers, it's difficult to draw conclusions from that particular minidump. Using 'lmt' to list the dates of all loaded drivers and then updating or removing the oldest is one good approach, but that is more "shotgun" than deterministic.
If your situation fits into (3) above, I'd be happy to take a look at a dump for you, but odds are I may not be able to tell you anything you don't already know - especially without symbols :)
 

My Computer

System One

H2SO4 said:
If your situation fits into (3) above, I'd be happy to take a look at a dump for you, but odds are I may not be able to tell you anything you don't already know - especially without symbols :)
Click to expand...

I've had crashes that fit into all 3 of those categories, lol :rolleyes:

However, it's the one in category 3 that's not pointing to any 3rd party driver that's giving me real grief. Unfortunately most of the driver dates are the same as it's a new build, so culling the oldest makes it a bit difficult :p

If it was a conclusive h/w error then I'd expect Vista to be crashing all the time as well, but It's been quite a while since Vista has had a BSoD and that was only while stabilising the Overclock.

I'll keep plugging away it, but I'll probably take you up on your offer. It's highly possible that I'm overlooking something simple, with or without symbols. I'll probably start a new thread though, and let the OP have his back :)
 

My Computer

System One

  • Manufacturer/Model
    Self Built
    CPU
    i7 3770K HT ON 4.7GHz
    Motherboard
    P8Z68 Deluxe Gen 3
    Memory
    8GB G.Skill Ripjaws X 2133mhz
    Graphics card(s)
    2x Gigabyte GTX 670 OC WindForce SLI
    Sound Card
    X-FI Forte + ATH-AD900
    Monitor(s) Displays
    x2 Dell U2410 / 58" Samsung / "40 Sony
    Screen Resolution
    1920*1200 / 1920x1080
    Hard Drives
    2x Intel 520 240GB * Crucial M4 128GB * 2x Samsung F3 1TB (RAID 0) * 2x WD Caviar Blacks 2TB (RAID 0)
    PSU
    Corsair AX1200W
    Case
    Lian Li PC-V1020A
    Cooling
    NH-D14: 3x140mm Gelid Wing 14: Sunbeam Rheobus Extreme
    Mouse
    Razer Imperator + Thermaltake Theron
    Keyboard
    Topre Realforce // Ducky Shine Cherry MX Black
    Other Info
    Laptop Specs: Clevo Sager P170HM // 17.3 Matte 1920x1200 // i7 2720QM // 8GB 1333mhz // Dedicated GTX 485M // 240GB Intel 520 + 750GB + Blu-Ray // Samsung Story 2TB USB 3.0
Hi guys I have a similar problem, I bought a new laptop and I get a irql_not_less_or_equal BSOD about once 2-3 days. I tried debugging the minidump using your advices but the debugger says that is mising the right symbols. My os is win 7 rc x64 but the BSOD appears on vista too...i'll attach the minidump maybe someone can help me. Thanks in advance !

View attachment minidump.zip
 

My Computer

System One

cipicu86 said:
Hi guys I have a similar problem, I bought a new laptop and I get a irql_not_less_or_equal BSOD about once 2-3 days. I tried debugging the minidump using your advices but the debugger says that is mising the right symbols. My os is win 7 rc x64 but the BSOD appears on vista too...i'll attach the minidump maybe someone can help me. Thanks in advance !

View attachment 12569
Click to expand...

So far, there's nothing to link your problem to this post, other than the colour of the bluescreen. You should start your own thread with a description of the relevant details.

Your minidump shows you running the following OS: "Windows 7 Kernel Version 7100 MP (2 procs) Free x64". The MS symbol server doesn't provide symbols for the kernel and for other Win7 binaries at this stage, so debugging dumps is next to impossible. I have reasons to suspect it might be linked to your NIC driver or any 3rd-party firewalls you might be running... maybe. That link is very tenuous.

There's no guarantee that your Vista BSoD is caused by the same thing, but if you do end up starting your own thread, you'd be better off to include the Vista minidump.
 

My Computer

System One

You must log in or register to reply here.
Back
Top