Jump to content
Forum²

Recommended Posts

Posted

In Windows 2008, it causes frequent crash of windows resulting in blue screen. On debugging the crash dump file, it shows VISTA_DRIVER_FAULT and points to a process that belongs to our application. On collecting crash dump two times, it showed two different processes that belong to our application.

 

From the stack trace, I am unable to get much information other than some kernel related symbols. How do I proceed to check what is the cause of the problem from the crash dump? The following is the output of the stack trace. The process NodeScann in the trace belongs to our application.

 

How do I use the dump to find out exact cause of the dump. I tried loading all the pdb files of our application etc, but unable to get any info from the stack trace.

 

Thanks

Praks

 

 

*******************************************************************************

* *

* Bugcheck Analysis *

* *

*******************************************************************************

 

CRITICAL_OBJECT_TERMINATION (f4)

A process or thread crucial to system operation has unexpectedly exited or been

terminated.

Several processes and threads are necessary for the operation of the

system; when they are terminated (for any reason), the system can no

longer function.

Arguments:

Arg1: 0000000000000003, Process

Arg2: fffffa800680ba30, Terminating object

Arg3: fffffa800680bd10, Process image file name

Arg4: fffff8000199ddb0, Explanatory message (ascii)

 

Debugging Details:

------------------

 

Page 12f940 not present in the dump file. Type ".hh dbgerr004" for details

 

PROCESS_OBJECT: fffffa800680ba30

 

IMAGE_NAME: _

 

DEBUG_FLR_IMAGE_TIMESTAMP: 0

 

MODULE_NAME: _

 

FAULTING_MODULE: 0000000000000000

 

PROCESS_NAME: NodeScann

 

BUGCHECK_STR: 0xF4_NodeScann

 

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

 

CURRENT_IRQL: 0

 

LAST_CONTROL_TRANSFER: from fffff80001a22982 to fffff8000169a640

 

STACK_TEXT:

fffff880`03baeb08 fffff800`01a22982 : 00000000`000000f4 00000000`00000003 fffffa80`0680ba30 fffffa80`0680bd10 : nt!KeBugCheckEx

fffff880`03baeb10 fffff800`019d00ab : ffffffff`ffffffff fffffa80`06229500 fffffa80`0680ba30 fffffa80`057abb30 : nt!PspCatchCriticalBreak+0x92

fffff880`03baeb50 fffff800`01953698 : ffffffff`ffffffff 00000000`00000001 fffffa80`0680ba30 00000000`00000008 : nt! ?? ::NNGAKEGL::`string'+0x17ad6

fffff880`03baeba0 fffff800`016998d3 : fffffa80`0680ba30 fffff880`ffffffff fffffa80`06229500 fffffa80`0625bfe0 : nt!NtTerminateProcess+0xf4

fffff880`03baec20 00000000`773d15da : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13

00000000`0444e808 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x773d15da

 

 

STACK_COMMAND: kb

 

FOLLOWUP_NAME: MachineOwner

 

FAILURE_BUCKET_ID: X64_0xF4_NodeScann_IMAGE__

 

BUCKET_ID: X64_0xF4_NodeScann_IMAGE__

 

Followup: MachineOwner

Posted

Thanks for the link. Since the dump file is not giving much information using windbg, this also shows very little. It could not show the drivers affecting the crash etc. All I could see is the blue screen using blue screen view.

 

Can you please upload the DMP file?

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted

Is that ok if I make it available from an http or ftp location for you to download?

 

yes.

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted

I have no idea.

 

The only thing that I can read is "CRITICAL_OBJECT_TERMINATION" which means nothing to me!

 

You could use WinDbg but honestly I don't think you will find something more...

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Posted

I have no idea.

 

The only thing that I can read is "CRITICAL_OBJECT_TERMINATION" which means nothing to me!

 

You could use WinDbg but honestly I don't think you will find something more...

 

Yes. I have already used windbg and could not get much information. All I could see is the kernel stack information and the process name and nothing more.

Posted
I assume you can see nothing in event viewer...

--------------------------------------------------------

Tu peux aussi crire en franais.

Du kannst auch auf Deutsch schreiben.

Puoi scrivere anche in italiano.

--------------------------------------------------------

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...