*** Fatal System Error: 0x00000050
|
(0xAAAAAAAA,0x00000001,0x994F8C00,0x00000002)
|
|
Driver at fault:
|
*** ATMFD.DLL - Address 994F8C00 base at 994C4000, DateStamp 52158fac
|
.
|
Break instruction exception - code 80000003 (first chance)
|
|
A fatal system error has occurred.
|
Debugger entered on first try; Bugcheck callbacks have not been invoked.
|
|
A fatal system error has occurred.
|
|
Connected to Windows 8 9600 x86 compatible target at (Wed Nov 19 12:43:21.959 2014 (UTC + 1:00)), ptr64 FALSE
|
Loading Kernel Symbols
|
...............................................................
|
................................................................
|
.......................
|
Loading User Symbols
|
..............
|
Loading unloaded module list
|
.........
|
*******************************************************************************
|
* *
|
* Bugcheck Analysis *
|
* *
|
*******************************************************************************
|
|
Use !analyze -v to get detailed debugging information.
|
|
BugCheck 50, {aaaaaaaa, 1, 994f8c00, 2}
|
|
Probably caused by : ATMFD.DLL ( ATMFD+34c00 )
|
|
Followup: MachineOwner
|
---------
|
|
nt!RtlpBreakWithStatusInstruction:
|
81b0cef4 cc int 3
|
0: kd> .reload
|
Connected to Windows 8 9600 x86 compatible target at (Wed Nov 19 12:46:29.113 2014 (UTC + 1:00)), ptr64 FALSE
|
Loading Kernel Symbols
|
...............................................................
|
................................................................
|
.......................
|
Loading User Symbols
|
..............
|
Loading unloaded module list
|
.........
|
0: kd> !analyze -v
|
*******************************************************************************
|
* *
|
* Bugcheck Analysis *
|
* *
|
*******************************************************************************
|
|
PAGE_FAULT_IN_NONPAGED_AREA (50)
|
Invalid system memory was referenced. This cannot be protected by try-except,
|
it must be protected by a Probe. Typically the address is just plain bad or it
|
is pointing at freed memory.
|
Arguments:
|
Arg1: aaaaaaaa, memory referenced.
|
Arg2: 00000001, value 0 = read operation, 1 = write operation.
|
Arg3: 994f8c00, If non-zero, the instruction address which referenced the bad memory
|
address.
|
Arg4: 00000002, (reserved)
|
|
Debugging Details:
|
------------------
|
|
|
WRITE_ADDRESS: aaaaaaaa
|
|
FAULTING_IP:
|
ATMFD+34c00
|
994f8c00 8807 mov byte ptr [edi],al
|
|
MM_INTERNAL_CODE: 2
|
|
IMAGE_NAME: ATMFD.DLL
|
|
DEBUG_FLR_IMAGE_TIMESTAMP: 52158fac
|
|
MODULE_NAME: ATMFD
|
|
FAULTING_MODULE: 994c4000 ATMFD
|
|
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
|
|
BUGCHECK_STR: AV
|
|
PROCESS_NAME: csrss.exe
|
|
CURRENT_IRQL: 0
|
|
TRAP_FRAME: a5e6ae30 -- (.trap 0xffffffffa5e6ae30)
|
ErrCode = 00000002
|
eax=00000000 ebx=00000000 ecx=0000001c edx=00000002 esi=98f0dee0 edi=aaaaaaaa
|
eip=994f8c00 esp=a5e6aea4 ebp=a5e6aeac iopl=0 nv up ei pl nz na po nc
|
cs=0008 ss=0010 ds=0002 es=0023 fs=0030 gs=0023 efl=00010202
|
ATMFD+0x34c00:
|
994f8c00 8807 mov byte ptr [edi],al ds:0002:aaaa=??
|
Resetting default scope
|
|
LAST_CONTROL_TRANSFER: from 81b8dcbe to 81b0cef4
|
|
STACK_TEXT:
|
a5e6a84c 81b8dcbe 00000003 1252dd9b 00000065 nt!RtlpBreakWithStatusInstruction
|
a5e6a8a0 81b8d7d8 81c1d138 a5e6ac9c a5e6ad10 nt!KiBugCheckDebugBreak+0x1f
|
a5e6ac70 81b0bab6 00000050 aaaaaaaa 00000001 nt!KeBugCheck2+0x676
|
a5e6ac94 81b0b9ed 00000050 aaaaaaaa 00000001 nt!KiBugCheck2+0xc6
|
a5e6acb4 81b2a84b 00000050 aaaaaaaa 00000001 nt!KeBugCheckEx+0x19
|
a5e6ad10 81a54fa5 a5e6ae30 aaaaaaaa a5e6ad88 nt! ?? ::FNODOBFM::`string'+0x5489
|
a5e6ad98 81b1fff5 00000001 aaaaaaaa 00000000 nt!MmAccessFault+0x735
|
a5e6ad98 994f8c00 00000001 aaaaaaaa 00000000 nt!KiTrap0E+0xf1
|
WARNING: Stack unwind information not available. Following frames may be wrong.
|
a5e6aeac 994f0ab6 aaaaaaaa 98f0dee0 00000004 ATMFD+0x34c00
|
a5e6b5c4 994f437c a5e6b818 a5e6b85c a5e6b83c ATMFD+0x2cab6
|
a5e6b6a4 994e364b a5e6b818 a5e6b85c a5e6b83c ATMFD+0x3037c
|
a5e6b7b0 994e36fe a5e6b85c 00000000 a5e6b83c ATMFD+0x1f64b
|
a5e6b7d4 994d6e2e 88e35020 99508268 a5e6b818 ATMFD+0x1f6fe
|
a5e6b944 994d6b52 ffffffff a5e6bac0 98ffd280 ATMFD+0x12e2e
|
a5e6b994 994c7f11 ffffffff a5e6bac0 00000000 ATMFD+0x12b52
|
a5e6b9e8 94367f3a 9407e010 941cccf0 00000001 ATMFD+0x3f11
|
a5e6ba44 9436883d 9407e010 941cccf0 00000001 win32k!PDEVOBJ::QueryFontData+0x5c
|
a5e6ba7c 943686f1 941cccf0 00000042 a5e6bac0 win32k!ulCallAndConvertFontOutput+0x2a
|
a5e6bb0c 94368908 00000061 00000001 a5e6bc9c win32k!xInsertMetricsPlusRFONTOBJ+0x185
|
a5e6bb20 942c3294 88f10adc 00000061 00000000 win32k!RFONTOBJ::bInsertMetricsPlus+0x25
|
a5e6bb50 942c2fe9 0000001a 00000104 88f108a0 win32k!RFONTOBJ::bGetGlyphMetricsPlus+0x149
|
a5e6bba0 943a6259 a5e6bc80 a5e6bc9c 00000008 win32k!ESTROBJ::vCharPos_H3+0xa1
|
a5e6bc1c 942c379b 94041068 0000001a a5e6bc80 win32k!ESTROBJ::vInit+0x889
|
a5e6be50 942c39e8 0000001a ffffffff a5e6be94 win32k!GreGetTextExtentExW+0x17d
|
a5e6bf2c 81b1cb27 080107dc 00e21d80 0000001a win32k!NtGdiGetTextExtentExW+0x16b
|
a5e6bf2c 77056ce4 080107dc 00e21d80 0000001a nt!KiSystemServicePostCall
|
00d7eb20 00000000 00000000 00000000 00000000 ntdll!KiFastSystemCallRet
|
|
|
STACK_COMMAND: kb
|
|
FOLLOWUP_IP:
|
ATMFD+34c00
|
994f8c00 8807 mov byte ptr [edi],al
|
|
SYMBOL_STACK_INDEX: 8
|
|
SYMBOL_NAME: ATMFD+34c00
|
|
FOLLOWUP_NAME: MachineOwner
|
|
FAILURE_BUCKET_ID: AV_ATMFD+34c00
|
|
BUCKET_ID: AV_ATMFD+34c00
|
|
Followup: MachineOwner
|
---------
|
|
|