Applies to:
Windows Server 2012 R2 Update 1
Windows 8.1 Update 1
Windows Server 2012 R2
Windows 8.1
Windows Server 2012
Windows 8.0
It's been years since I wrote the following two articles to force a blue screen (for you *nix admin’s, a “Kernel Panic”):
972110 How to generate a kernel dump file or a complete memory dump file in Windows Server 2003
Since then KB 969028 should have been updated with the hotfixes here:
List of kernel memory dump hotfixes for Windows Vista/Server2008 and Windows 7/Server2008R2
And Clint Huffman and I wrote the following article:
2860880 How to determine the appropriate page file size for 64-bit versions of Windows
http://support.microsoft.com/kb/2860880
Once I have some bandwidth, I'll be working on a new
”How to generate a kernel or a complete memory dump file in Windows Server 2012 and Windows Server 2012 R2”.
I’m planning to have two sections:
- Short (to the point or concise) version
- Long (detailed) version
Concise version:
They will be including Steve Parr's Dump Configurator as the concise version:
Debug Nugget: DumpConfigurator Utility
And all the caveats…
Detailed version:
It will include these hotfixes for Windows 8 and Windows Server 2012:
2853466 Windows does not create a memory dump file when a Stop error occurs in Windows 8 or Windows Server 2012
As of today, none for Windows 8.1 and Windows Server 2012 R2.
And there are tons of virtualization items:
In baremetal systems, we have:
Forcing a System Crash from the Keyboard
https://msdn.microsoft.com/en-us/library/ff545499.aspx
In Generation 1 Hyper-V based VM's, we have:
Some exceptional work by Andrew Richards and Mark Russinovich:
LiveKd v5.4
https://technet.microsoft.com/en-us/sysinternals/bb897415.aspx
which lead to "Taking a dump of a VM running on Hyper-V"
http://blogs.msdn.com/b/vimalsdesk/archive/2014/11/23/taking-a-dump-of-a-vm-running-on-hyper-v.aspx
In Generation 2 Hyper-V based VM's, we have:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\hyperkbd\Parameters
CrashOnCtrlScroll (dword)
Debug-VM
https://technet.microsoft.com/en-us/library/dn464280.aspx
And in VMWare based Windows Server VM's:
Converting a snapshot file to memory dump using the vmss2core tool (2003941)
What’s better to get a good data set? Is it NotMyfault, or the right CRTL-Scroll-Lock-Scroll-Lock, or Crash.exe or a NMI? We will discuss about that.
How about if the Scroll-Lock key is missing in my system? No problem, we will discuss about that too.
And when you are debugging a “Complete (kernel+memory) dump, how you could grab the memory that was paged out to the Pagefile, to see ‘everything’.
Stay tuned, about 1 month of work to get a comprehensive list of items to check and watch out for is coming soon…
Yong (룡)
