New issue
Advanced search Search tips

Issue 475 attachment: special_pool475.txt (6.9 KB) 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
 
*** Fatal System Error: 0x00000050
                       (0xF77AF874,0x00000001,0x94AC4D33,0x00000002)

Driver at fault: 
***    win32k.sys - Address 94AC4D33 base at 94A00000, DateStamp 55635516
.
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows 7 7601 x86 compatible target at (Mon Jun 29 00:39:39.319 2015 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
...............................................................
................................................................
.........................
Loading User Symbols
..................
Loading unloaded module list
....
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 50, {f77af874, 1, 94ac4d33, 2}

Probably caused by : win32k.sys ( win32k!memmove+33 )

Followup: MachineOwner
---------

Assertion: *** DPC watchdog timeout
    This is NOT a break in update time
    This is most likely a BUG in an ISR
    Perform a stack trace to find the culprit
    The period will be doubled on continuation
    Use gh to continue!!

nt!KeAccumulateTicks+0x3c5:
82a7d9ec cd2c            int     2Ch
kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except,
it must be protected by a Probe.  Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: f77af874, memory referenced.
Arg2: 00000001, value 0 = read operation, 1 = write operation.
Arg3: 94ac4d33, If non-zero, the instruction address which referenced the bad memory
	address.
Arg4: 00000002, (reserved)

Debugging Details:
------------------


WRITE_ADDRESS:  f77af874 

FAULTING_IP: 
win32k!memmove+33
94ac4d33 f3a5            rep movs dword ptr es:[edi],dword ptr [esi]

MM_INTERNAL_CODE:  2

IMAGE_NAME:  win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP:  55635516

MODULE_NAME: win32k

FAULTING_MODULE: 94a00000 win32k

DEFAULT_BUCKET_ID:  WIN7_DRIVER_FAULT

BUGCHECK_STR:  0x50

PROCESS_NAME:  csrss.exe

CURRENT_IRQL:  1c

TRAP_FRAME:  8dce6fdc -- (.trap 0xffffffff8dce6fdc)
ErrCode = 00000002
eax=ff679284 ebx=f77af874 ecx=00000013 edx=00000000 esi=ff679238 edi=f77af874
eip=94ac4d33 esp=8dce7050 ebp=8dce7058 iopl=0         nv up ei pl nz ac po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010212
win32k!memmove+0x33:
94ac4d33 f3a5            rep movs dword ptr es:[edi],dword ptr [esi]
Resetting default scope

LAST_CONTROL_TRANSFER:  from 82a7ceb3 to 82a7d9ec

STACK_TEXT:  
8dce6a00 82a7ceb3 0002625a 00000000 00035800 nt!KeAccumulateTicks+0x3c5
8dce6a40 82a7cd60 82e300a8 a4da245f 00000000 nt!KeUpdateRunTime+0x145
8dce6a98 82a7c563 00000002 00000002 000000d1 nt!KeUpdateSystemTime+0x613
8dce6a98 82e300a8 00000002 00000002 000000d1 nt!KeUpdateSystemTimeAssist+0x13
8dce6b1c 82e1eb8c 00001000 00000000 8dce6b7c hal!READ_PORT_USHORT+0x8
8dce6b2c 82e1ecf5 82ae1582 3dae1bc3 00000065 hal!HalpCheckPowerButton+0x2e
8dce6b30 82ae1582 3dae1bc3 00000065 00000000 hal!HaliHaltSystem+0x7
8dce6b7c 82ae2029 00000003 c0603dd8 f77af874 nt!KiBugCheckDebugBreak+0x73
8dce6f40 82a8fff9 00000050 f77af874 00000001 nt!KeBugCheck2+0x68b
8dce6fc4 82a42a88 00000001 f77af874 00000000 nt!MmAccessFault+0x104
8dce6fc4 94ac4d33 00000001 f77af874 00000000 nt!KiTrap0E+0xdc
8dce7058 94ab7ea7 f77af874 ff679238 0000004c win32k!memmove+0x33
8dce707c 94aacdc3 00000011 190f3c96 fda2b000 win32k!vSrcCopyS32D32Identity+0x5b
8dce72bc 94abc179 fda2b010 ff679010 8dce7624 win32k!EngCopyBits+0x60a
8dce7334 94be7c21 fda2b010 ff679010 00000000 win32k!EngBitBlt+0x4f2
8dce7444 94be7c65 fda2b010 ff679010 00000000 win32k!PanBitBlt+0xf6
8dce7478 94ad81c2 fef10db8 ff679010 8dce7624 win32k!PanCopyBits+0x27
8dce74c0 94ac8206 94be7c3e 8dce7750 fef10db8 win32k!OffCopyBits+0x7d
8dce7764 94ad820d fef10db8 ff679010 00000000 win32k!SpBitBlt+0x252
8dce7798 94ad7a0d fef10db8 ff679010 00000000 win32k!SpCopyBits+0x27
8dce7880 94a3e2b5 fef7ef68 94c225f0 fef7ef68 win32k!NtGdiBitBltInternal+0x6ab
8dce78c0 94a531dd d701081f ffff8088 ffff821a win32k!BitBltSysBmp+0x45
8dce793c 94aa85ea fcc00618 d701081f 0000100c win32k!xxxDrawCaptionBar+0x471
8dce7960 94aafeb0 0000100c 00000000 00000000 win32k!xxxDWP_DoNCActivate+0xd6
8dce79dc 94a897a7 fcc00618 00000086 00000000 win32k!xxxRealDefWindowProc+0x7fe
8dce7a00 94a9f1fe fcc00618 00000086 00000000 win32k!xxxDefWindowProc+0x10f
8dce7a7c 94a9f177 fcc00618 00000086 00000000 win32k!xxxDesktopWndProcWorker+0x75
8dce7a9c 94abb953 fcc00618 00000086 00000000 win32k!xxxDesktopWndProc+0x4e
8dce7adc 94abba25 fcc00618 00000086 00000000 win32k!xxxSendMessageTimeout+0x1ac
8dce7b04 94b4e147 fcc00618 00000086 00000000 win32k!xxxSendMessage+0x28
8dce7b30 94b4da20 fcc00618 00000000 00000000 win32k!xxxFlashWindow+0xf8
8dce7b58 94aacfdd fcc00618 00000118 0000fff8 win32k!xxxSystemTimerProc+0x126
8dce7b88 94aa1982 fa9b6fb8 fe55edd0 94c2bea0 win32k!xxxDispatchMessage+0x119
8dce7bc8 94a16207 fe55edd0 94c2bea0 00000004 win32k!xxxHandleDesktopMessages+0xaa
8dce7c04 94a1e0c1 94f8eff8 00000001 94c2bea0 win32k!xxxDesktopThread+0x1bb
8dce7c18 94ad51bd 00000004 0083f9dc 8dce7c34 win32k!xxxCreateSystemThreads+0x54
8dce7c28 82a3f8a6 00000004 0083fa1c 77c87074 win32k!NtUserCallNoParam+0x1b
8dce7c28 77c87074 00000004 0083fa1c 77c87074 nt!KiSystemServicePostCall
0083f9cc 75be19e4 75be285f 00000004 00000000 ntdll!KiFastSystemCallRet
0083f9d0 75be285f 00000004 00000000 77c45e8a winsrv!NtUserCallNoParam+0xc
0083f9dc 77c45e8a 00000000 7752b471 00000000 winsrv!StartCreateSystemThreads+0x12
0083fa1c 77ca396e 75be284d 00000000 00000000 ntdll!__RtlUserThreadStart+0x28
0083fa34 00000000 75be284d 00000000 00000000 ntdll!_RtlUserThreadStart+0x1b


STACK_COMMAND:  kb

FOLLOWUP_IP: 
win32k!memmove+33
94ac4d33 f3a5            rep movs dword ptr es:[edi],dword ptr [esi]

SYMBOL_STACK_INDEX:  b

SYMBOL_NAME:  win32k!memmove+33

FOLLOWUP_NAME:  MachineOwner

FAILURE_BUCKET_ID:  0x50_VRF_win32k!memmove+33

BUCKET_ID:  0x50_VRF_win32k!memmove+33

Followup: MachineOwner
---------