Code:
Windows 7 Kernel Version 7600 MP (6 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7600.16617.amd64fre.win7_gdr.100618-1621
Machine Name:
Kernel base = 0xfffff800`02c1d000 PsLoadedModuleList = 0xfffff800`02e5ae50
Debug session time: Wed Dec 22 17:59:26.572 2010 (GMT-5)
System Uptime: 0 days 6:38:15.601
Loading Kernel Symbols
...............................................................
................................................................
.........................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {ffffd96000084678, 8, ffffd96000084678, 7}
Could not read faulting driver name
Probably caused by : win32k.sys ( win32k!FreeObject+40 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: ffffd96000084678, memory referenced.
Arg2: 0000000000000008, value 0 = read operation, 1 = write operation.
Arg3: ffffd96000084678, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000007, (reserved)
Debugging Details:
------------------
Could not read faulting driver name
WRITE_ADDRESS: GetPointerFromAddress: unable to read from fffff80002ec50e0
ffffd96000084678
FAULTING_IP:
+5c23952f01badec4
ffffd960`00084678 ?? ???
MM_INTERNAL_CODE: 7
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x50
PROCESS_NAME: Garena.exe
CURRENT_IRQL: 0
TRAP_FRAME: fffff8800391a970 -- (.trap 0xfffff8800391a970)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=0000000000000004 rbx=0000000000000000 rcx=fffff900c1db5920
rdx=0000000000000004 rsi=0000000000000000 rdi=0000000000000000
rip=ffffd96000084678 rsp=fffff8800391ab08 rbp=00000000320115bf
r8=fffff900c22a9d30 r9=000000000000001f r10=fffffa8004610160
r11=fffff900c1f2b010 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe nc
ffffd960`00084678 ?? ???
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002d0c849 to fffff80002c8d740
STACK_TEXT:
fffff880`0391a808 fffff800`02d0c849 : 00000000`00000050 ffffd960`00084678 00000000`00000008 fffff880`0391a970 : nt!KeBugCheckEx
fffff880`0391a810 fffff800`02c8b82e : 00000000`00000008 fffffa80`04610160 00000000`00000a00 fffff900`c0000410 : nt! ?? ::FNODOBFM::`string'+0x40e0b
fffff880`0391a970 ffffd960`00084678 : fffff960`000c4da0 fffff900`c1f2b010 00000000`00000000 0000001f`00000000 : nt!KiPageFault+0x16e
fffff880`0391ab08 fffff960`000c4da0 : fffff900`c1f2b010 00000000`00000000 0000001f`00000000 00000000`00000000 : 0xffffd960`00084678
fffff880`0391ab10 fffff960`001fbddc : 00000000`00000004 fffff880`0391abc0 00000000`00000000 00000000`00000000 : win32k!FreeObject+0x40
fffff880`0391ab40 fffff960`000c7642 : fffff880`0391abc0 00000000`00000000 00000000`00000000 ffffffff`e4051412 : win32k!bDeleteDCInternalWorker+0x198
fffff880`0391aba0 fffff960`00086558 : 00000000`320115bf fffff880`0391aca0 00000000`00000000 00000000`7efdb000 : win32k!bDeleteDCInternal+0x56
fffff880`0391abf0 fffff800`02c8c993 : fffffa80`023b7b60 fffff880`0391aca0 00000000`04260340 fffffa80`03237de0 : win32k!NtGdiDeleteObjectApp+0x120
fffff880`0391ac20 00000000`74292dd9 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0008ebf8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x74292dd9
STACK_COMMAND: kb
FOLLOWUP_IP:
win32k!FreeObject+40
fffff960`000c4da0 eb16 jmp win32k!FreeObject+0x58 (fffff960`000c4db8)
SYMBOL_STACK_INDEX: 4
SYMBOL_NAME: win32k!FreeObject+40
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: win32k
IMAGE_NAME: win32k.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 4cbe5d3e
FAILURE_BUCKET_ID: X64_0x50_win32k!FreeObject+40
BUCKET_ID: X64_0x50_win32k!FreeObject+40
Followup: MachineOwner
---------