[SOLVED] BSOD App issues

FredeGail

Windows Specialist
Joined
Jun 22, 2012
Posts
22
Location
Denmark
Hello guys!

I recently wanted to try the BSOD Collector Application. When I'm launching it, it'll tell you that the dump analysing has reach something like 46-47%, and it's basically just hanging there. I'm currently doing it with one dump file.
I ran the install.BAT file, placed the .exe in an empty folder with dumps, but it just does the same thing over and over! I have all the required installations also.

Here's my path: "C:\Program Files\Debugging Tools for Windows (x86)\kd". I tried with and without the "kd" at the end of the directory, but without it, it seems like it cannot find the kd.exe as it's given me errors telling it.

This tool looks so awesome, and I think it'll spare me a bunch of time!
Something is wrong in my procedure though.

Best Regards,
Frederik.
 
How long have you let it run at 46-47%? There is a rare case that is causing it to hang on some systems with the Kernel Debugger and take up to 7 minutes to finish one .dmp. A few things that may help track it down:
  1. What version of Windows are you running?
  2. What version of WinDbg do you have installed?
  3. Please download and run View attachment SysnativeBSODApps_0_9_9_10.zip.
  4. After the new download finishes running (or if it has not finished within 10 minutes), upload the compressed (zipped) folder SysnativeBSODApps from your user directory. Also upload one of the following as a .zip file:
    • The tmp directory from where the SysnativeBSODApps.exe ran if you had to interrupt it.
    • The outputDmps directory if SysnativeBSODApps finished running
 
Last edited:
Alrighty Mike!

I believe I kept it running for like 10min.

  1. 7 Home Professional SP1
  2. Window title says WinDbg:6.12.0002.633 X86
  3. Alright, still seems the same unfortunately. I'll just upload my whole folder, this includes the output, app, and tmp & crash dump.

Thanks mate.
Fred.
 

Attachments

  • Capture1.PNG
    Capture1.PNG
    46.2 KB · Views: 7
  • BSOD App.rar
    BSOD App.rar
    761 KB · Views: 3
Alright! While I'm running it, FYI I'm using your Environment Variable for an app you created back in the days. It's like an edit of the name, path. Showing this-
%SystemRoot%\system32;C:\Program Files\Debugging Tools for Windows (x86)

Removing the last path doesn't seem to be fixing it though, nevertheless it'll make your app unusable obviously.

Edit! Wauw it's working! It's kind of weird that it's just staying at the 46%, and then suddenly pops up. All I have ticked in the manager is the, the 3rd party driver name list. Though, it's working. Leaving it running fixes the issue. I may just have been choosing the wrong crash dumps to check on, hmm..

Thanks Mike!
 
Removing that path should not cause any issues. Have you tried running it with the Environment Variable path removed?

I found something interesting in the previous .dmp; the module list was incomplete in your kernel output:
Code:
start             end                 module name
fffff880`00f06000 fffff880`00f5d000   ACPI     ACPI.sys     Sat Nov 20 10:19:16 2010 (4CE79294)
fffff880`08962000 fffff880`089aa000   afcdp    afcdp.sys    Thu Nov 18 17:20:02 2010 (4CE55232)
fffff880`0429e000 fffff880`04327000   afd      afd.sys      Wed Dec 28 04:59:20 2011 (4EFA9418)
fffff880`05462000 fffff880`05478000   AgileVpn AgileVpn.sys Tue Jul 14 02:10:24 2009 (4A5BCCF0)
fffff880`0137d000 fffff880`01388000   amdxata  amdxata.sys  Fri Mar 19 17:18:18 2010 (4BA3A3CA)
fffff880`0b314000 fffff880`0b31f000   asyncmac asyncmac.sys Tue Jul 14 02:10:13 2009 (4A5BCCE5)
fffff960`00950000 fffff960`009b1000   ATMFD    ATMFD.DLL    unavailable (00000000)
fffff880`04831000 fffff880`04838000   Beep     Beep.SYS     Tue Jul 14 02:00:13 2009 (4A5BCA8D)
fffff880`04ac0000 fffff880`04be0000   BHDrvx64 BHDrvx64.sys Thu May 17 04:16:36 2012 (4FB45F84)
fffff880`04aaf000 fffff880`04ac0000   blbdrive blbdrive.sys Tue Jul 14 01:35:59 2009 (4A5BC4DF)
fffff880`07b98000 fffff880`07bb6000   bowser   bowser.sys   Wed Feb 23 05:55:04 2011 (4D649328)
fffff880`049c9000 fffff880`049f7000   ccSetx64 ccSetx64.sys Fri Nov 04 23:05:25 2011 (4EB461A5)
fffff960`00670000 fffff960`00697000   cdd      cdd.dll      unavailable (00000000)
fffff880`0499f000 fffff880`049c9000   cdrom    cdrom.sys    Sat Nov 20 10:19:20 2010 (4CE79298)
fffff880`00cc5000 fffff880`00d85000   CI       CI.dll       Sat Nov 20 14:12:36 2010 (4CE7C944)
fffff880`01998000 fffff880`019c8000   CLASSPNP CLASSPNP.SYS Sat Nov 20 10:19:23 2010 (4CE7929B)
fffff880`00c67000 fffff880`00cc5000   CLFS     CLFS.SYS     Tue Jul 14 01:19:57 2009 (4A5BC11D)
fffff880`0145e000 fffff880`014d0000   cng      cng.sys      Sat Jun 02 05:25:51 2012 (4FC987BF)
fffff880`05452000 fffff880`05462000   CompositeBus CompositeBus.sys Sat Nov 20 11:33:17 2010 (4CE7A3ED)
fffff880`0650d000 fffff880`0651b000   crashdmp crashdmp.sys Tue Jul 14 02:01:01 2009 (4A5BCABD)
fffff880`04a0e000 fffff880`04a91000   csc      csc.sys      Sat Nov 20 10:27:12 2010 (4CE79470)
fffff880`04a91000 fffff880`04aaf000   dfsc     dfsc.sys     Sat Nov 20 10:26:31 2010 (4CE79447)
fffff880`04ea0000 fffff880`04eaf000   discache discache.sys Tue Jul 14 01:37:18 2009 (4A5BC52E)
fffff880`01fea000 fffff880`02000000   disk     disk.sys     Tue Jul 14 01:19:57 2009 (4A5BC11D)
fffff880`064b3000 fffff880`064d5000   drmk     drmk.sys     Tue Jul 14 03:01:25 2009 (4A5BD8E5)
fffff880`0651b000 fffff880`0652e000   dump_dumpfve dump_dumpfve.sys Tue Jul 14 01:21:51 2009 (4A5BC18F)
fffff880`04838000 fffff880`0498c000   dump_iaStor dump_iaStor.sys Tue Sep 14 03:23:32 2010 (4C8ECE94)
fffff880`0652e000 fffff880`0653a000   Dxapi    Dxapi.sys    Tue Jul 14 01:38:28 2009 (4A5BC574)
fffff880`054ea000 fffff880`055de000   dxgkrnl  dxgkrnl.sys  Sat Nov 20 10:50:50 2010 (4CE799FA)
fffff880`05400000 fffff880`05446000   dxgmms1  dxgmms1.sys  Sat Nov 20 10:49:53 2010 (4CE799C1)
fffff880`04e00000 fffff880`04e7a000   eeCtrl64 eeCtrl64.sys Wed May 16 02:36:03 2012 (4FB2F673)
fffff880`0b33d000 fffff880`0b35e000   ENG64    ENG64.SYS    Wed Apr 25 11:29:25 2012 (4F97C3F5)
fffff880`04e7a000 fffff880`04ea0000   EraserUtilRebootDrv EraserUtilRebootDrv.sys Wed May 16 02:36:03 2012 (4FB2F673)
fffff880`08e00000 fffff880`08ffe000   EX64     EX64.SYS     Wed Apr 25 11:27:28 2012 (4F97C380)
fffff880`013d4000 fffff880`013e8000   fileinfo fileinfo.sys Tue Jul 14 01:34:25 2009 (4A5BC481)
fffff880`01388000 fffff880`013d4000   fltmgr   fltmgr.sys   Sat Nov 20 10:19:24 2010 (4CE7929C)
fffff880`017f4000 fffff880`017fe000   Fs_Rec   Fs_Rec.sys   Thu Mar 01 04:41:06 2012 (4F4EEFD2)
fffff880`01dc5000 fffff880`01dff000   fvevol   fvevol.sys   Sat Nov 20 10:24:06 2010 (4CE793B6)
fffff880`01c2f000 fffff880`01c79000   fwpkclnt fwpkclnt.sys Sat Nov 20 10:21:37 2010 (4CE79321)
fffff880`089aa000 fffff880`089b3000   gdrv     gdrv.sys     Fri Mar 13 04:22:29 2009 (49B9D175)
fffff800`03015000 fffff800`0305e000   hal      hal.dll      Sat Nov 20 14:00:25 2010 (4CE7C669)
fffff880`050d8000 fffff880`050fc000   HDAudBus HDAudBus.sys Sat Nov 20 11:43:42 2010 (4CE7A65E)
fffff880`05015000 fffff880`05071000   HdAudio  HdAudio.sys  Sat Nov 20 11:44:23 2010 (4CE7A687)
fffff880`04fe2000 fffff880`04ff3000   HECIx64  HECIx64.sys  Wed Oct 20 01:33:43 2010 (4CBE2AD7)
fffff880`06573000 fffff880`0658c000   HIDCLASS HIDCLASS.SYS Sat Nov 20 11:43:49 2010 (4CE7A665)
fffff880`0658c000 fffff880`06594080   HIDPARSE HIDPARSE.SYS Tue Jul 14 02:06:17 2009 (4A5BCBF9)
fffff880`06565000 fffff880`06573000   hidusb   hidusb.sys   Sat Nov 20 11:43:49 2010 (4CE7A665)
fffff880`07acf000 fffff880`07b98000   HTTP     HTTP.sys     Sat Nov 20 10:24:30 2010 (4CE793CE)
fffff880`01e92000 fffff880`01e9b000   hwpolicy hwpolicy.sys Sat Nov 20 10:18:54 2010 (4CE7927E)
fffff880`01229000 fffff880`0137d000   iaStor   iaStor.sys   Tue Sep 14 03:23:32 2010 (4C8ECE94)
fffff880`010c0000 fffff880`011de000   iaStorV  iaStorV.sys  Fri Jun 11 02:46:19 2010 (4C11875B)
fffff880`0b200000 fffff880`0b281000   IDSvia64 IDSvia64.sys Fri May 25 02:08:33 2012 (4FBECD81)
fffff880`04be0000 fffff880`04bf6000   intelppm intelppm.sys Tue Jul 14 01:19:25 2009 (4A5BC0FD)
fffff880`04800000 fffff880`04831000   Ironx64  Ironx64.SYS  Tue Nov 15 03:00:53 2011 (4EC1C7D5)
fffff880`0f61a000 fffff880`0f629000   kbdclass kbdclass.sys Tue Jul 14 01:19:50 2009 (4A5BC116)
fffff880`06595000 fffff880`065a3000   kbdhid   kbdhid.sys   Sat Nov 20 11:33:25 2010 (4CE7A3F5)
fffff800`00bad000 fffff800`00bb7000   kdcom    kdcom.dll    Sat Feb 05 17:52:49 2011 (4D4D8061)
fffff880`0f638000 fffff880`0f67b000   ks       ks.sys       Sat Nov 20 11:33:23 2010 (4CE7A3F3)
fffff880`017c8000 fffff880`017e3000   ksecdd   ksecdd.sys   Sat Jun 02 04:50:23 2012 (4FC97F6F)
fffff880`0196e000 fffff880`01998000   ksecpkg  ksecpkg.sys  Sat Jun 02 05:27:11 2012 (4FC9880F)
fffff880`064d5000 fffff880`064da200   ksthunk  ksthunk.sys  Tue Jul 14 02:00:19 2009 (4A5BCA93)
fffff880`065a3000 fffff880`065b9000   LHidFilt LHidFilt.Sys

It just stops there for some reason. You may have a corrupted symbols cache on your system. Have you tried clearing the directory that you store your symbols in?
 
Yeps I tried without those.

Correct me if I'm wrong but is the symbol cache stored in C:\Program Files\Debugging Tools for Windows (x86)\sym\? I never really tried deleting the actual cache.

Nice found!
 
Strange. Not sure why the kd output is incomplete then...

Also, I am not sure what effect deleting sym would have. Probably not a great idea since it is part of the tools. The only place I clear the cache is c:\symbols by deleting the c:\symbols directory.
 
Strange, deleting the symbol cache doesn't make any effect either. I will try to do a clean install of Windbg and the BSOD App, and let you know how it turns out. ;)

Thanks for your help & time!

- fred.
 
Alright, report back whether re-installing helps. I have another test case available if needed: View attachment SysnativeBSODApps_0_9_9_10.zip

The kd output is stored in a file instead of in memory in the new diagnostic application provided above. That will determine whether there is something wrong with the kd output or if there is something wrong with how it is stored.
 
Have you tried the 0.9.9.11 version? If so, can you upload a .zip of the directory the SysnativeBSODApps.exe are running in as before?

It may also help to get a .zip of the SysnativeBSODApps directory that is in your user profile.


Please refer to Problems/Questions about the BSOD dump processing apps for instructions pertaining to what to include. The instructions have been updated.
 
Last edited:
How is your Internet connection?

Where is your local symbol cache?

c:\symbols ?

Does that dump run fully in Windbg GUI using kd> commands:

Code:
!analyze -v;r;kv;lmtn;lmtsmn;.bugcheck;!sysinfo cpuinfo;!sysinfo machineid; !sysinfo cpuspeed; !sysinfo smbios .logclose;q
 
Hello guys.

Thanks for your inputs but I believe the problem has fixed itself! It's an older version, I will try to run the newest version in another folder, and see if it'll act normal. It takes about 20-25 sec. to gather all the files. Amazing.

Thank you again.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top