Sysnative BSOD Apps - Suggestion (Performance)

A few others were reporting CPU usage up to 100% with four cores, which was causing the system to reach high temperatures. I did some cleaning up of the apps and reduced them so they are now very lightweight. On my five test systems, the apps rarely exceed 10% of a core and usually run around 2-5% on any one core. kd.exe was typically what was causing the spike to 100% on four cores since it tends to use a full core itself at times.

What % CPU usage do you see for SysnativeBSODApps.exe alone?
 
writhziden said:
What % CPU usage do you see for SysnativeBSODApps.exe alone?
Click to expand...

Very low - <10%

CMD is the culprit, utilizing up to 50%.

I tried Camtasia Studio to record Process Monitor, but for some reason the video did not come out very well at all. Could have been heat issue.
 
This is a KD.exe issue then, the added CPU on top of the KD process is from the apps, but if that's the work of cmd.exe which initializes KD.exe, then KD is to blame. WinDbg is also a command line utility for debugging. I'm curious, can you try WinDbg or is WinDbg not supported by these apps? In relation to KD.exe and WinDbg.exe I'd like to see which has a lower processor usage consumption out of the two.

It could even determine whether to ditch KD altogether.. Or leave the option, but inform users of the differences and advantages..
 
It is KD -- sorry for mix-up in prior post.

KD is actually listed as a child process of CMD in Process Explorer.
 
Thanks John.

It's great to see what a low footprint the apps have now. :-}


Ace, I doubt WinDbg would be any different than kd.exe since it is just a GUI for using kd.exe commands. I haven't tested myself, but that is my hypothesis. I may check it out tomorrow morning.
 
From my knowledge, and I've only really worked exclusively with Windbg, is that Windbg has slightly different commands though. Unless these are really definitions or macros for some basic KD commands. I just tested though and WinDbg is not a direct user interface for kd.exe, unless, what Microsoft did is they incorporated the libraries that are used with kd.exe in a GUI version of exactly what kd.exe does in the background? I'd have to open up another debugger to see what's going on to see any differences though, unless there's a link that can elaborate on this for me.

I actually don't have much knowledge on kd.exe. But I still allowed my old (and discontinued) app "AutoBlue" to use both. When I used to use that though I still used WinDbg..
 
Wow! I didn't know that... It is true. The beauty of dll's :)
The thread 0x1c78 has exited with code 0 (0x0).
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\clbcatq.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\Windows.Globalization.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\BCP47Langs.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\symsrv.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\profapi.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\wininet.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\iertutil.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\secur32.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\sspicli.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\ws2_32.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\nsi.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\winhttp.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\IPHLPAPI.DLL'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\winnsi.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\mswsock.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\dnsapi.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\urlmon.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\oleaut32.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Program Files\Bonjour\mdnsNSP.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\rasadhlp.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Windows\System32\FWPUCLNT.DLL'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winext\ext.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winxp\exts.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winext\kext.dll'. Cannot find or open the PDB file.
'windbg.exe' (Win32): Loaded 'C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\winxp\kdexts.dll'. Cannot find or open the PDB file.
The thread 0x1ea8 has exited with code 0 (0x0).
Click to expand...

Perhaps one could take the functionality of these dll's and do something else with them as well. I think i'll be looking into that... I'm assuming those are kd extensions that kd uses as well.

I'm familiar with quite a few of these other libraries though that it seems to be dependent on.

Perhaps WinDbg has improved and added onto the functionality or power of KD though since it's a much more recent debugger than KD is. KD is old isn't it?
 
Last edited:
AFAIK, KD has been changed - same as Windbg.

i.e., kd v6.11 is not the same as kd v6.12, 6.2.8229, etc... -- same as Windbg versions.
 
jcgriff2 said:
AFAIK, KD has been changed - same as Windbg.

i.e., kd v6.11 is not the same as kd v6.12, 6.2.8229, etc... -- same as Windbg versions.
Click to expand...

I don't know what i'm thinking then, because I just seen for myself that they use basically the same libraries... :banghead:

This means this is really just one project, with a GUI binary and a command line binary by Microsoft corp.

I tried debugging kd.exe by attaching it's process to an external debugger:
Code: 
CommandLine: "C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\kd.exe"
Symbol search path is: symsrv*symsrv.dll*C:\localsymbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
ModLoad: 000007f6`75340000 000007f6`75361000   kd.exe  
ModLoad: 000007f8`bd3e0000 000007f8`bd59e000   ntdll.dll
ModLoad: 000007f8`bb390000 000007f8`bb4c6000   C:\Windows\system32\KERNEL32.DLL
ModLoad: 000007f8`ba410000 000007f8`ba503000   C:\Windows\system32\KERNELBASE.dll
ModLoad: 000007f8`bacd0000 000007f8`bad75000   C:\Windows\system32\msvcrt.dll
ModLoad: 000007f8`98240000 000007f8`985a9000   C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\dbgeng.dll
ModLoad: 000007f8`bcb80000 000007f8`bcc5e000   C:\Windows\system32\ADVAPI32.dll
ModLoad: 000007f8`9bd50000 000007f8`9bec0000   C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x64\dbghelp.dll
ModLoad: 000007f8`b7fe0000 000007f8`b7fe9000   C:\Windows\SYSTEM32\VERSION.dll
ModLoad: 000007f8`bd260000 000007f8`bd3a0000   C:\Windows\system32\RPCRT4.dll
ModLoad: 000007f8`bad80000 000007f8`badc8000   C:\Windows\SYSTEM32\sechost.dll

There's some libraries I think I may want to take a look at...

With that said though, theoretically, without having tested for myself, KD.exe should run with less resources than WinDbg because if they are in fact the same thing, then the overhead will be on the GUI version because it includes other Win32 API's used to draw the form on the desktop environment. Instead of being all command line based, you now have to manage events for each object on that form as well. Much more threads than the command line version presumably; more CPU required.

Has anybody seen disadvantages of using KD.exe over WinDbg.exe other than the GUI and command line differentiation? :confused2: Speaking moreso to people that have more knowledge using these debuggers for crash dump analysis than myself.
 
Last edited:
Tekno Venus said:
jcgriff2 said:
Here is a 6.1 MB MP4 file showing a 2 dump run.

https://www.sysnative.com/temp/BSODapp_2.6.1.9.mp4

Link will expire soon......
Click to expand...
John, are you using online or local symbols? And what version of WinDbg/kd are you using for the apps? Just that run seems very slow for two dumps, I use 6.11 for the apps with local symbols and it is far faster.
Click to expand...

That run was LOCAL SYMBOLS only; kd v6.2.8229

I agree 6.11 runs faster, but the output can be deceiving when running specifically Windows 8 dumps.
 
Could you attach those two dumps please? That seems slow, even for 6.2. I run 6.11 in the app, but have both installed for comparison and reference.
 
John, is dump processing normally that slow for you? I notice Camtasia is taking up 48% of CPU, is that why it was so slow do you think? Those dumps took 25 seconds with kd version 6.2.9200, local symbols, on my system.

ProcExp video -
www.sysnative.com/teknovenus/bsodapps.avi


Mike - Look how low the CPU usage for the apps is! :D
 
Tekno Venus said:
John, is dump processing normally that slow for you?
Click to expand...

Yes... especially with kd 6.2 - even with ALL local symbols.

Tekno Venus said:
I notice Camtasia is taking up 48% of CPU, is that why it was so slow do you think?
Click to expand...

No. Same results with Camtasia OFF.

My system specs - HP dv7-1020us

Read More:
 
Not yet. I've got 6.11, 6.12 an 6.2.8229 installed now.

6.2.9200 will have to wait.
 
OK. Let me know what happens when you try it. I have 6.11 and 6.2.9200 installed. I run the apps with 6.11 and then check individual dumps with 6.2 afterwards.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top