|
I am trying to troubleshoot a blue screen problem in Windows 10. I enabled Driver Verifier, and it immediately raised the bug check DRIVER_VERIFIER_DETECTED_VIOLATION.
Where do I go on the system to find out what the error is?
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
Windows 10 is still the same Windows Runtime based operating system, most of the things come from Win32 and a few cover ups to provide a Metro look and feel.
May the following threads help you:
https://msdn.microsoft.com/en-us/library/windows/hardware/dn457995%28v=vs.85%29.aspx[^]
http://answers.microsoft.com/en-us/windows/forum/windows_8-performance/windows-8-driververifierdetectedviolation-caused/09c53a43-4feb-4d48-aa5d-5c625d23bd32?auth=1[^]
From the MSDN documentation, the error message is due to a memory-leak (did you write that driver?)
Quote: Driver Verifier generates Bug Check 0xC4: DRIVER_VERIFIER_DETECTED_VIOLATION with a parameter 1 value of 0x62 when a driver unloads without first freeing all of its pool allocations. Unfreed memory allocations (also called memory leaks) are a common cause of lowered operating system performance. These can fragment the system pools and eventually cause system crashes.
When you have a kernel debugger connected to a test computer running Driver Verifier, if Driver Verifier detects a violation, Windows breaks into the debugger and displays a brief description of the error.
So, the solution (in my opinion) can be to fix the memory-leaks in those drivers.
List of the bugs can be found here: https://msdn.microsoft.com/en-us/library/windows/hardware/ff560187(v=vs.85).aspx[^], it may help you checking which bug it was (since you haven't shared the bug code).
Note: The table provided there (in MSDN document provided above) has 5 rows, make sure you can view all 5 to determine the cause of bug or error.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
First, thank you very much for your reply.
Windows 10 blue screens do not list any bug check code information like all prior Windows did.
Therefore, I do not know the bug code.
And that's what I'm asking: Where to go on the system to find the code?
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
Right, sorry for missing that important and valid point there. Actually, everything in the operating system is logged, somewhere. So, if Windows itself doesn't show anything (it is mainly because, most users aren't concerned with resolving those problems, like you are concerned, they just take it to a hardware repair center). Same in these cases, the logs are shown in the DMP files (I would say, that the Dump file, where Windows dumps everything that it has about that crash report).
Although they are not used, or viewed by the consumers, they are meant to be uploaded and shared with Microsoft developers directly, you won't be able to get anything useful, but if you want. You can get the files right in C:\Windows\Minidump or inside the C:\Windows, there will be a file MEMORY.DMP. Use it, to see if you can get to to any use of yours in debugging the error.
For more on that topic, BSOD, read this Microsoft answers thread: http://answers.microsoft.com/en-us/windows/wiki/windows_10-update/blue-screen-of-death-bsod/1939df35-283f-4830-a4dd-e95ee5d8669d[^]
Maybe helpful:
http://superuser.com/questions/148114/where-are-blue-screen-of-death-events-logged-on-windows-xp-and-how-can-i-view-th[^]
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
Thanks for following up. I think you have solved my problem. The reason I wasn't able to find the MEMORY.DMP file is that it did not create one. And the reason it didn't create one is given in the first link you provided.
Namely, the page file must be located on the boot drive for the memory dump to work, and I currently have my page file on another drive.
So I'll move the page file and wait for the BSOD to happen again.
Thanks again!
The difficult we do right away...
...the impossible takes slightly longer.
|
|
|
|
|
Great that your problem got (almost) solved, Richard!
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
Go to the system advanced and in start up and recovery set the machine to produce a memory dump, you can chose full or mini. Mini is OK ish, in which case its written to system\minidumps as a dmp file with the date/time in the name. If you chose full dump its written to \system\memory.dmp and overwrites any existing one.
To look at the contents use windbg, and open the file.
Then run !analyze -v from the command line (bottom of windbg window) and it will do an autoanalyse. Be careful, these aren't always accurate and often blame the wrong component.
Now you need to debug the issue. Commands like !poolused can hep you find drivers that are using excessive memory, !thread and .thread are very useful to switch to any thread in the system so you can look at each threads stack and wait times.
In fact what you can do with windbg is immense, its got a massive and powerful command set. There is a doc that comes with windbg on basic debugging practices, it is very worth reading.
|
|
|
|
|
Have to jump into the pool. Today's routers suck for statistics, and I need to know who is using my bandwidth.
cg
Charlie Gilley
<italic>Stuck in a dysfunctional matrix from which I must escape...
"Where liberty dwells, there is my country." B. Franklin, 1783
“They who can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” BF, 1759
|
|
|
|
|
I have a pretty much brand new system with 16GB DDR4 memory on which I have Win 7 32bit OS. I made a RAMDisk (using Dataram RAMDisk) of 8GB on which I keep windows paging file.
I ran DiskBench tool and ran file creation with the following settings
Create Two files
Block Size - 256KB
Number of blocks - 30
The above values replicate the writing that I usually do on this PC most of the time.
Here are the results-
RAMDisk - ~9MB/s
Spinning drive - ~97MB/s
SSD - ~441MB/s
I am confused about the RAMDisk performance as I expect it to be the faster among the three by far. Any ideas?
thanks
PKNT
|
|
|
|
|
Even though you wrote that you keep paging file in the RAM disk, one question is, do you have enough available RAM for the RAMDisk? The performance would be catastrophic if the OS is paging anyway.
Also I don't believe that it would make sense to use RAM for paging file. The purpose of the paging file is basically to provide additional space if RAM is exhausted. I believe it would be better to let the OS use it for file caching etc.
|
|
|
|
|
Sorry if I am not clear, but I am using 32 bit OS, so you can access only about 3GB of RAM for OS. Since I already have 16GB of memory installed which is not being utilized, I made a 8GB RAMDisk using the unutilized RAM which I use for paging file.
PKNT
|
|
|
|
|
Kiran Satish wrote: I have a pretty much brand new system with 16GB DDR4 memory on which I have Win
7 32bit OS. That almost equals my setup, but with DDR3 and a laptop CPU
Kiran Satish wrote: I made a RAMDisk (using Dataram RAMDisk) of 8GB on which I keep windows paging
file. Ehr.. aight, we have a paging file because PC's have a limited amount of memory, and lots of harddisk space. The only reason to put something in "virtual memory" is because it is too expensive to put it in real memory (aka, hardware RAM).
Putting the page-file on a RAM-disk defeats the purpose of having a page-file. I also have an SSD, and did not believe there should be a page-file with 16Gb worth o' memory. I have had recommendations here to do otherwise and am happy to have followed the advice.
Kiran Satish wrote: Any ideas? Having created my own ram-disk[^], I would say that performance is limited in a number of ways. One of those is the limitation of the speed of your memory; virtual memory is slower than blocks of data pinned into physical memory. Did that make my RAM-disk faster? No, it is limited by the driver itself, bottlenecking at 48 Mb/s, which is actually rather impressive.
Works nice if the RAM-disk leaves at least 6 Gb of free working memory; it is fast in terms of access, making up for the lack in terms of transfer, and thus doing nice when manipulating lots of small files. Like compiling and building a project
Bastard Programmer from Hell
If you can't read my code, try converting it here[^]
|
|
|
|
|
it's probably a stupid question but when packets are sent to a router that is for example at 192.168.1.1 on the LAN with a destination 192.168.1.4
the router searches a lookup table for the MAC associated with 192.168.1.4 and sends the frame just there and doesnt forward it to all connected devices
so does that count as a switch ?
|
|
|
|
|
well it wouldn't be the router searching the ARP table. The sending client would do the lookup in its own ARP table. If it didn't have an address for x.x.1.4, it would do an ARP broadcast to get it.
I don't think the router has a role in this situation. Why? because if the default route is 192.168.1.1 then it is probably already on that subnet. The client is going to realize the destination is on the same subnet using the subnet mask.
If the router had an integrated switch, the switch would be involved in forwarding the frame. Anyways my $0.02
|
|
|
|
|
no I'm not talking about lan communication
suppose you send a packet to codeproject from your pc.
its trip will be (with all address change of course) 192.168.1.4->192.168.1.1(def.gate.)->10 more machines->codeproject
say your external ip is 100.100.100.100
when its reply gets at 100.100.100.100 your router is in charge of sending it to x.x.x.4...I'm talking about this bit
|
|
|
|
|
My knowledge is a bit rusty, but routing and switching occur at different protocol levels. Routing is on the network layer (like IP) and switching on the link layer (e.g.: Ethernet)
I guess you are talking about a router with multiple LAN ports. I don't think there are any more unmanaged switches around, where packets are unconditionally sent out on all ports; the switch knows what devices are on which port, and will only transmit on the appropriate one (it will have to use address resolution if it doesn't know the MAC address, but this only happens once, or when the device is moved to another port)
If the destination IP address is not on the local network, the router will naturally forward it to the WAN side.
And it is not a stupid question
|
|
|
|
|
I guess you are right. A Router must be a Switch with ARP lookup logic to determine which port to switch to.
|
|
|
|
|
Hi All,
I am setting up tablet for our customer.
It has 3 network interfaces: WiFi, LET/4G/Phone network and a slow but (allegedly) reliable IP radio network.
I want to make sure the Radio network is ONLY used by my application (and NO OTher App use it for "internet" acceess)
I try to call (as admin) the ROUTE (DOS) command with ROUTE DELETE AND ROUTE ADD.
route DELETE 0.0.0.0 192.168.128.1
route ADD 10.104.8.22 192.168.128.1 metric 9999
route ADD 164.112.43.3 192.168.128.1 metric 9999
However, this radio is a USB (external) radio, and everytime it got disconnected / reconnected my radio setting is gone!
How could I make sure the settings sticks?!
|
|
|
|
|
no worries, our customer's sys admin told me!!! -p settings!
as in
route DELETE 0.0.0.0 192.168.128.1 -p
route ADD 10.104.8.22 192.168.128.1 metric 9999 -p
route ADD 164.112.43.3 192.168.128.1 metric 9999 -p
|
|
|
|
|
beat me to it by 43 mins
|
|
|
|
|
Good try!
|
|
|
|
|
In fact I still have a problem...
The ROUTE ADD is persistent!
But ROUTE DELETE is not, every time I reconnect my Internet USB IP Radio (Motorola APX Series) The Gateways is added back !
Any idea?
|
|
|
|
|
well, you only need the '-p' option on the ROUTE ADD lines
as for the delete one 'coming back' .... hmmm - what happens if you do
ROUTE -f
which flushes the routing cache
|
|
|
|
|
It doesn't fixes it...
I suspect what happen is something done by the Motorola USB Radio driver....
Any idea what kind of system (Win32!) call I should do to watch and update the route table?!
|
|
|
|
|
NotifyRouteChange[^]
And
NotifyRouteChange2[^]
Are what you are looking for.
A quick Google found them (Search String: win32 routing table update event)
What do you get when you cross a joke with a rhetorical question?
The metaphorical solid rear-end expulsions have impacted the metaphorical motorized bladed rotating air movement mechanism.
Do questions with multiple question marks annoy you???
|
|
|
|