Open vwal opened 8 years ago
zanderz
commented
8 years ago Sorry about the BSODs. We have had similar reports from one other user and have been trying to reproduce it or get access to a .dmp file from a crashing machine, but have not been able to. If you could post a .dmp file in a private gist, it would be a huge help.
zanderz
commented
8 years ago Update: We were able to BSOD by installing BitDefender at the same time - do you happen to have that installed?
vwal
commented
8 years ago No, I have ESET Endpoint Security (the business version), and WinPatrol installed (as far as malware/protection software are considered). This is a new W10 install that I'm just finalizing, and I do have quite a lot of development software and utilities installed. Symantec Encryption Desktop, WebDrive, etc., etc.
In fact, I had Keybase installed for several days and the problem did not surface until yesterday, so something I installed very recently could be the culprit. One such thing is Symantec Encryption Desktop, which I installed the previous night. One of the crashes last night (that ended once I uninstalled Keybase and Dokan) was displayed by WhoCrashed, like so:
On Fri 2016-07-08 06:39:56 GMT your computer crashed
crash dump file: C:\Windows\memory.dmp
uptime: 00:50:45
This was probably caused by the following module: pgpfsfd.sys (PGPfsfd+0x23235)
Bugcheck code: 0x139 (0x3, 0xFFFFD000287F16E0, 0xFFFFD000287F1638, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\drivers\pgpfsfd.sys
product: Symantec Encryption Desktop
company: Symantec Corporation
description: PGP FSFD
Bug check description: The kernel has detected the corruption of a critical data structure.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: pgpfsfd.sys (PGP FSFD, Symantec Corporation).
Google query: Symantec Corporation KERNEL_SECURITY_CHECK_FAILUREOthers showed up like this:
On Fri 2016-07-08 05:47:11 GMT your computer crashed
crash dump file: C:\Windows\Minidump\070816-20765-01.dmp
uptime: 00:45:42
This was probably caused by the following module: ntoskrnl.exe (nt+0x1427A0)
Bugcheck code: 0x139 (0x3, 0xFFFFD000228417F0, 0xFFFFD00022841748, 0x0)
Error: KERNEL_SECURITY_CHECK_FAILURE
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: The kernel has detected the corruption of a critical data structure.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time. And one – whose minidump seems to have disappeared after I removed Dokan – indicted Dokan.
Once I will have taken an image of the now-functional system, I'll try reinstalling Keybase and see if the problem reappears. Symantec Encryption Desktop (formerly "PGP Desktop") has been problematic in the past. The previous iteration of my Workstation (under Windows 7) installation became corrupted when I tried to remove or upgrade Encryption Desktop at some point, and had to restore it from an image.
The MEMORY.DMP that indicates the problem with Encryption Desktop and the minidumps are binary.. I haven't tried to analyze dumps on Windows before (but yesterday decided to figure it out as the prospect of having to reinstall the system wasn't a fun one ;-). WhoCrashed was a great help in figuring out what happened; I'll make it's stack traces for the dumps available for you.
vwal
commented
8 years ago Steve, here's the link to the gist:
-----BEGIN PGP MESSAGE-----
Version: Keybase OpenPGP v2.0.53
Comment: https://keybase.io/crypto
wcBMA71sO/sh7gooAQgA2qRFq5yfmE4tTs83NDzZHVOBVb7IDgUE3gohhh2cS5ZW
smT2Yz1ABWtxsR/r+VhgmFlQnQIXlOy2mQiHa267MCjczSoDBCh6cGJNKdfyBkz5
jxvDCUkt69YZAYVdkO5jJJh5/a9EoPpGoX0usTaidJc8bA49erWGVcbDQUH+9ls2
NIcGUd3wBk+pgUdhIUrYw1cfsOyJpnhO4FIdo0k78Qi1eGNnU93jH/59mo2pEQzX
E9SHDm6yI9ODfK50bd6LNwJ3i5fxy4ktb/Cdfvn0hHkUWkzt/bN43MGVGXiynKKp
Ysc5ulR4tsRwEfWCkuBAiIP47sdTiYhONSPWprCKu8HBTANe1eiTCEL1FwEP/1Ez
CqSJPGGBnsCbqb715QXDDACIDVGI6FGbUbu8S7j+ny4npLPXqqWk+iONDk1odXdu
5xgEu+jbUkn13RzzPA1SP6LpyQaMyWy0tMeXf8wqf8o/wM+rVLvs8zoXhE6iSUas
jazFzVJ85UqFTR+SQJCMi5xtL2FXhKTRPC+8dzR1ADwIkyiX0uof+8C72PFxNokp
Xh3OdsPed160zmHEJYJgWCOwT+uA28KNJZLbztLZe1iL0F9pFUqOv4yinEfunCrx
uFrgsEu0wkYvwnpwG+Y/KPeNfGR8QI9sQMxA9Xt+KKBZlzJAO3zaRaREfrDpLynu
meZB+eFSFlElAzx5pkvEzkVCnTDuJO4hj+4HR9XlIIC7Ii35bBWGJZesXSs7g72O
AnOnBDT7bS9K5iqUJ+wvktqG1Udg1hQln3f/e2hu9Uj5F6OMOl10NXghpNrq2D2D
kgwIkFfIQ4Hsw76SrV03idC7vwRXyxpGGCadQN6Jk1WB/V21i1ZfIYvjgoJ1CtDO
7SIEu4hMtQ3g6yunmcqD+1V+bmNL5aunh1tVTe152TKmNL0iMxMr/hAezncavRBV
NO6whPhqtykSBDRzym96UXzXWrehol8ogE3kh+3RoKjVKFrxkZuHakUz+F4CUDNz
w0ICv+h+LTOUR136Tl4qQOh7CICDJSW/uc1k62Z9wcFMA3P68eSVYhKfAQ//av1w
dXpfkfPHqzNBxqv8c8wWF9NUak8LheeXZZZoi5U16qjqsPOzIFljTLVXs01h+uJ1
naDjpLWlXBSb35/ZCY67gUs13TMt09OSClVFr4V0GCHVq6j4M+DHcldBu/eMBjgn
sY2XdzMrJ4vIRUu8gWOCTDPDZnqFYX1FQNKBhPum1BfnqXf+vYdJdy2xvZWmdscW
yTdbwXcUcByvaUwRdZmUa/NSW8OU0u7SaNyqzHbNfRn6GdTuBmt0qwc0uAHCk5eq
oFA+q3Pi2KAX40QrmZTDBuEEorbxBH2iMRF1geajnXmE+HIk1e43hjm2uA8VQcNL
4jbCS2s++i26XlCGOu2s/Yk5l/zISYwmfRljnWtDQazllLwf8f3WUVtbt+Hv3WBJ
bD4y+p56yrFmkVgZO9kp0cP5SfiS3HrGyFNnXccX+fWKfC/3Fu2mnz1HJn1OqrSz
4hVHOliozKJI5iAMxSRmkjBUYUPW+jhP0iFQ5wf2sPbXpc4HtunU3OXhWytomUsg
vHr7vOvFQfxnj2uqJkdNhgmDe/+PkwEs0yof9XvM6i+Nv/QuCsmHsljq+P6g4G8U
6WAhtT+B8tPWU9JRy+TMpQrs4G1ktGaeJ7+3sF75Ku6Q9lcGA23hqChVNDN3IdxP
bJapDApkwMPuazoDIWf8RiZQd5Ab+6d7/91xozXSwesBiY8R1Q6rz/cwFgNhCLkx
k2kofvyRFqIvqGJPt/L/NtPC3WEhf74wX0vzi+aZATaPGtNpEZPFBO38NSuY3JX6
L5sMVSkNnlrUWOG98QFzauVByGm9YXlgLZ39xaLS5RyMDlNRL7BBIF4K7Z5nb/4i
AG9k/iVtA3V9PVnn3aembJaI512vIz81A7+nmz679gcYPc6amW4RDlXDGm9sGtKp
0eID/dyeSmOkLXGHPxWC6NpVhvbYtd2gYcySstR0plX4xMaDiGOdzJeFe0Pts+Y4
jwDyE41wXSWLK33e87GOsJMgdtKXnZd1SxEs2/DsosLJm6zjVR1JLJlspyc4Q5/S
6h9+vgrEH4RAEhuVpocJkzKJCozRJ0BvLGuIalboFCWXY5YYC8ImMwLFibC0+tVW
pzsQZwmKutZVCqchrlEMZEVcRykzaqCYZeZpuceWoSwN45M7mk2G226NLfij/HA1
+ObDjYscd4sAPJxpAToUoJ0xd2WP4H7LQOw1U/QxtfXITeN0R1TkH3+psV/O1/1l
012NnoNVr7czlcPqyL9xbQo9PpGOGV8cBe8T+Wf58PGjrhcnFVtsZAM5k7sYLg2/
gw4IX6YN1MwGstdP5WxAHkpqkSt2lF/VqScnhlNfRjyzFG8SH/1or/JegpElVMO7
r4v173Id+NtPF2+cSy5Jgnn167fBG++98GiMwbZVz6TUu7/8KadmFzDPjB6Vbh8G
WKnEjS5T/a6wv4aQg9sIB5HQwEX1DRt5rKw42T0BPcPPpgKApmEi2TO3FdxUYjjV
7cI2aSFZS5SIKmOEYC6J/sSkVtAGc2swPsVglcnkzvpQm0YeG6urE+Ze9njCOPVn
i6N7bTwPQ15TlbQdd0KKhzJ5v3S5QcCdaXkvwfRUa1e+/PIyJSEzcbmcFA==
=iVIg
-----END PGP MESSAGE-----
Thanks for that additional information. The reason the .dmp file is so helpful is because windbg can associate the stacktrace entries it contains with source code locations via driver debug symbols, ideally with enough detail to be able to fix it.
vwal
commented
8 years ago The above reference gist only contained the WhoCrashed analysis of the dumps. The full kernel dump file is ~1.4GB. If you send me an email, I'll make it available for you off-GitHub.
zanderz
commented
8 years ago Email enclosed - thanks again
-----BEGIN PGP MESSAGE----- Version: Keybase OpenPGP v2.0.53 Comment: https://keybase.io/crypto
wcFMA3P68eSVYhKfARAAsZ+4neVVhXkmycCIe4YL46s9vq9GuD+q/z5zgI/jcIPE 4XW+hvkc+MM1WQKusqv/+EDNNROnFpY9G51KLsIIbYQgbzYtlD3FQ9F1vrMechqP HtKteywP+jTS0vNv459biIfxzCAqsLhXuGExe2DXk1b4D2GSFe3Ic0Bd69Cha0m8 aIpx/S1/ivQcqw5ODuSpMHEd0LIp5Hc39OOfbj2wyze24ASnZkoEXWAs8A/bKSvQ 6Md4SM2kInRhh458XAS+9XFvqjt6Z1xgfd5t4xnTLLM4Erym68g8QIAFHOcWgKWp qGqHqVGr7CryUMi60qNAEBDjGFaja0YRxMq2xzVBbSWE6yM/zyS0S7a8V5ZgB0ba cgn2iv6kKuq4QDSYtAvBZMLSvHPtjNasXNzPoejdvcCC3leTBziUPnCn9p7cCZ21 Ne5p3VTKflc6TJb8QR1BphGpSRz3jdP8EJl7TCaFaRfq6Iu2ao/pmURLcDCVtwNW rINrcQkMtvbw+zgJT0katx8lDXofwjd/ol0IrpcUuK6z90w+V49vU3CJGfa/qFgL F7Fr1SysHdQsbcHunD1r7bqi2ZnWJ/+QBKyVQlhQXtyfR7csu8q4CJpwhvRn+G12 h2mw6ed0eZAUeCCV5bT3j5od36VLL7oPNbBDdPmbXJZ24tngqsuca9fOwgopABjB wEwDvWw7+yHuCigBCADE2swH/gKjgtXHW8kwZwS62nm9SqI0jAq35999iDLaVfzS 4ArIqSBlT5NaGGjQLSswzIGPlKV8ZXwczOe7Em5OWXJYTnWKhpo27+h/MMuMxZvg lg7qDFLY3o0r4E+CYVrTaYfxRL4glhVpO3vDssVN2cV98CCDA//nBEi/ylB5D8H+ yWfBUmFQDEwKNVfUUZlnROMiE7q1u8a/YmrHTKcO+6ZDhEXPVZPGWQVM7eWJ1chZ qbjD6mNhxla5EQY0z56C0gC+1ji1ozkiQTB8i4pospFs7nFGz3yyQ1Sj3MPRXlhh ASn3ZqpTnimGHza0R4pxb82AkXLAM/4pUXJhG4HtwcFMA17V6JMIQvUXAQ/6AoBR iHAmImUXvXnXd/WSbm84jr+QascMGrElWvui/9CIfme2zuVUxt7ajIpxmDod3Iwd F8mcxpfVu2utM1d+CEW17I+W9yUljQiCDtsqHXg4W/8NmD6i4CZdqjT/kZAQ4a5u gqa8q+nTeVoKA6NizDAK7JI1E1mL1mi6aAoOoIyDVs3xChWd4cApEkOwvhOgMPBI O/3u864RMgjWqXtsFy3lFE/XKSb/eAQ+8wZmK5lu9UkOY7AA8RZ0R+zwuvNPILzB RzwhtypmPoIc/8PcFlPX/RLQzVHwJhPkvF6Cp2GhNoFv1IJBoWgsX1pqdsbpWe7V fFrr9SwdIRBkkqgE7WqkRY5E0tQhLwKzxGeuObVjFw1fuOAs2UbUfN0NXMpNiznW V3tYoO5/y30MJedXi+1pned2kz6+XiJJ3U7JKus+b81/+ND7VAd8SZDYky8UxTxl vo1e08e2xUYJZ4t0IdBHHxmax0AfRZQGAc92+vA5i6eRppBUrNxOvoJcFmpeqzPQ Vp2fdQZAcnSvtzmBqOG4JdOdj+R34Sjkq/8ZBv/cZrHIhOkQaSXqAuhfEcNiUpD1 +C0XuZ/Tr92UGxV7xEoNXueD6WdEv8Q66OqoYJq/LH/ZKIkeT+XB2+4tc0Qxc+xX 6qcs3vOgD7Gnv5rbNCyKqAF9Sl+PmRQnx00U27TSwLwBiGFQiBAdUqSD6En2cV3n AmpRzZcan4qLpMq2c6gXbW0xEuuCIuHJ0rT7u/XiQbRBH9c0KAFsGVGx8Hp3zi+L hnrLDvijvh6HxjmKcyCwUOUHcQvivsvZbaSbW9Pcou10YRa1p0ygQDo4RhJMW2TI yxjGHU3e1frB5zGhG5OngfB/4Rp5KPpIL+7AR2vlKsNlNb9mx6d/qRdGQSZS9Tec xUboTZD6un0gfiM718Ia/3u+Lysq6+IXggP9awzgeeUFhovSOy3OvEC5GX/3VFn6 b1+pQHC/gjwkb2tks4qUCG0xcMbWensgrKb1IL2ZrUjep5qfloDtn2oJlB0YuRvC idNCNUcd2NGfEC0IlSSOCFRWTbYYPXu4ZMixTr41smfgv8Qpqx/PBs1+4AQMg2nW xKkmyFN0zhRfE9ePvFfclK31ZOfNLVHQga52SXaq7eVqV8C6XhGE9aRsL8onLcs6 l8BBcApCA0EX20/g33+GzoMDRUb0PlTRQDPeMQ== =xRRn -----END PGP MESSAGE-----
taruti
commented
8 years ago @vwal
A new release ( https://prerelease.keybase.io/windows/Keybase_1.0.16-20160803133001%2B64450b3.386.exe ) should have fixed this.
Please comment on whether this still exists for you.
vwal
commented
8 years ago @taruti
Thanks; I'll give it a try. The problem did, however, go away after I removed Symantec Encryption Desktop from the system – apparently it and Keybase filesystem were somehow incompatible. Was the memory dump I provided useful in determining what was happening?
m4dc4p
commented
8 years ago @taruti Just installed that release and my computer (Win 10 x 64) immediately BSOD'ed. I have BitDefender installed, FWIW. WhoCrashed did not pinpoint Keybase but prior to installing Keybase, I had never had a BSOD.
Glad to provide any additional information if you'd like.
taruti
commented
8 years ago @vwal, after the crashdumps from multiple users there was an issue with Symantic and Dokan (filesystem driver used by kbfsdokan) found and fixed in the new version.
@m4dc4p Apparently not all issues were fixed - most of the testing was done with Symantec.
@zanderz Can you check whether you can reproduce an issue with Win10 x64 and BitDefender?
aaomidi
commented
7 years ago Happened to me too. Removed dokan and KBFS.
Will update if this solves the issue.
dhruv-m-patel
commented
7 years ago This happened to me. At first my machine became significantly slow after updating keybase app and then when I completely shut down the machine and tried starting it again later, my machine was struggling to get graphics to work and would not be able to load the desktop at all.
I ended up reinstalling windows 10 to see if it could be fixed with that. So, it went fine but then again when I installed the keybase app, that started happening again and as soon as I uninstalled app, everything was back to normal.
taruti
commented
6 years ago @dhruv-m-patel can you please do a Keybase log send? What other filesystem drivers, or AV do you have installed?
dhruv-m-patel
commented
6 years ago As I mentioned I reinstalled windows. Then after I had ran windows update and it got appropriate drivers for my machine. The filesystem is NTFS. I can't do keybase log send as I have uninstalled the app already after noticing problems, and then after I had no issues.
ferstp
commented
6 years ago The same, seems unusable in Windows at the moment. On Linux boxes no such problem. For lack of time, for the moment: uninstalling keybase on the Windows machine and stopping to use it everywhere ...
zanderz
commented
6 years ago If the filesystem driver is causing conflicts, it should work to uninstall Dokan and access kbfs with keybase fs commands. Most likely it is some AV suite or other filesystem driver causing conflicts; many of us use Keybase on WIndows 10 without issue.
ferstp
commented
6 years ago Looks like the reason was a harddisk slowly going away ... Maybe after some time I shall try to install keybase on the new SSD on that laptop ...
2017-10-16 15:46 GMT+02:00 Steve Sanders notifications@github.com:
If the filesystem driver is causing conflicts, it should work to uninstall Dokan and access kbfs with keybase fs commands. Most likely it is some AV suite or other filesystem driver causing conflicts; many of us use Keybase on WIndows 10 without issue.
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/keybase/client/issues/3382#issuecomment-336891640, or mute the thread https://github.com/notifications/unsubscribe-auth/AGGNA3gOYc4Vq14pVf6JqDfdcQV801hOks5ss15TgaJpZM4JH4ep .
atocyo
commented
6 years ago Similar, BSOD after uninstall ("KERNEL_SECURITY_CHECK_FAILURE")
zanderz
commented
6 years ago @atocyo do you have the latest fall preview of win10? Do you get a BSOD even without Dokan drivers installed?
Today Windows 10 Pro system started bluescreening right and left; essentially any file system operation would result in a bluescreen ("KERNEL_SECURITY_CHECK_FAILURE"). Several hours later, and with help of WhoCrashed I eventually pinpointed Dokan driver to be at fault. Keybase filesystem was the only Dokan app I had installed. Once I removed Keybase and Dokan, the problem went away. I can't say I wasn't warned (you have a clear warning that the Windows client is very experimental)...