Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
- Copyright (c) Microsoft Corporation. All rights reserved.
- Loading Dump File [C:\Windows\Minidump\121813-45708-01.dmp]
- Mini Kernel Dump File: Only registers and stack trace are available
- Symbol search path is: *** Invalid ***
- ****************************************************************************
- * Symbol loading may be unreliable without a symbol search path. *
- * Use .symfix to have the debugger choose a symbol path. *
- * After setting your symbol path, use .reload to refresh symbol locations. *
- ****************************************************************************
- Executable search path is:
- *********************************************************************
- * Symbols can not be loaded because symbol path is not initialized. *
- * *
- * The Symbol Path can be set by: *
- * using the _NT_SYMBOL_PATH environment variable. *
- * using the -y <symbol_path> argument when starting the debugger. *
- * using .sympath and .sympath+ *
- *********************************************************************
- Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
- *** WARNING: Unable to verify timestamp for ntoskrnl.exe
- *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
- Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
- Product: WinNt, suite: TerminalServer SingleUserTS
- Built by: 7601.18247.amd64fre.win7sp1_gdr.130828-1532
- Machine Name:
- Kernel base = 0xfffff800`02e1b000 PsLoadedModuleList = 0xfffff800`0305e6d0
- Debug session time: Wed Dec 18 09:00:14.631 2013 (UTC - 7:00)
- System Uptime: 0 days 7:46:43.269
- *********************************************************************
- * Symbols can not be loaded because symbol path is not initialized. *
- * *
- * The Symbol Path can be set by: *
- * using the _NT_SYMBOL_PATH environment variable. *
- * using the -y <symbol_path> argument when starting the debugger. *
- * using .sympath and .sympath+ *
- *********************************************************************
- Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
- *** WARNING: Unable to verify timestamp for ntoskrnl.exe
- *** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
- Loading Kernel Symbols
- ...............................................................
- ................................................................
- .....................
- Loading User Symbols
- Loading unloaded module list
- ......
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- Use !analyze -v to get detailed debugging information.
- BugCheck 50, {14ef0000, 0, fffff960000c5ae0, 8}
- ***** Kernel symbols are WRONG. Please fix symbols to do analysis.
- *************************************************************************
- *** ***
- *** ***
- *** Your debugger is not using the correct symbols ***
- *** ***
- *** In order for this command to work properly, your symbol path ***
- *** must point to .pdb files that have full type information. ***
- *** ***
- *** Certain .pdb files (such as the public OS symbols) do not ***
- *** contain the required information. Contact the group that ***
- *** provided you with these symbols if you need this command to ***
- *** work. ***
- *** ***
- *** Type referenced: nt!_KPRCB ***
- *** ***
- *************************************************************************
- *** WARNING: Unable to verify timestamp for win32k.sys
- *** ERROR: Module load completed but symbols could not be loaded for win32k.sys
- *************************************************************************
- *** ***
- *** ***
- *** Your debugger is not using the correct symbols ***
- *** ***
- *** In order for this command to work properly, your symbol path ***
- *** must point to .pdb files that have full type information. ***
- *** ***
- *** Certain .pdb files (such as the public OS symbols) do not ***
- *** contain the required information. Contact the group that ***
- *** provided you with these symbols if you need this command to ***
- *** work. ***
- *** ***
- *** Type referenced: nt!_KPRCB ***
- *** ***
- *************************************************************************
- *************************************************************************
- *** ***
- *** ***
- *** Your debugger is not using the correct symbols ***
- *** ***
- *** In order for this command to work properly, your symbol path ***
- *** must point to .pdb files that have full type information. ***
- *** ***
- *** Certain .pdb files (such as the public OS symbols) do not ***
- *** contain the required information. Contact the group that ***
- *** provided you with these symbols if you need this command to ***
- *** work. ***
- *** ***
- *** Type referenced: nt!_KPRCB ***
- *** ***
- *************************************************************************
- Probably caused by : win32k.sys ( win32k+c5ae0 )
- Followup: MachineOwner
- ---------
- 0: kd> .reload
- Loading Kernel Symbols
- ...............................................................
- ................................................................
- .....................
- Loading User Symbols
- Loading unloaded module list
- ......
- 0: kd> !analyze -v
- *******************************************************************************
- * *
- * Bugcheck Analysis *
- * *
- *******************************************************************************
- PAGE_FAULT_IN_NONPAGED_AREA (50)
- Invalid system memory was referenced. This cannot be protected by try-except,
- it must be protected by a Probe. Typically the address is just plain bad or it
- is pointing at freed memory.
- Arguments:
- Arg1: 0000000014ef0000, memory referenced.
- Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
- Arg3: fffff960000c5ae0, If non-zero, the instruction address which referenced the bad memory
- address.
- Arg4: 0000000000000008, (reserved)
- Debugging Details:
- ------------------
- Could not read faulting driver name
- READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800030c8100
- 0000000014ef0000
- FAULTING_IP:
- win32k!memcpy+b0
- fffff960`000c5ae0 488b040a mov rax,qword ptr [rdx+rcx]
- MM_INTERNAL_CODE: 8
- CUSTOMER_CRASH_COUNT: 1
- DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
- BUGCHECK_STR: 0x50
- PROCESS_NAME: firefox.exe
- CURRENT_IRQL: 0
- TRAP_FRAME: fffff8800ac49370 -- (.trap 0xfffff8800ac49370)
- NOTE: The trap frame does not contain all registers.
- Some register values may be zeroed or incorrect.
- rax=ffb5ffffff000063 rbx=0000000000000000 rcx=00000000147cafc8
- rdx=0000000000725038 rsi=0000000000000000 rdi=0000000000000000
- rip=fffff960000c5ae0 rsp=fffff8800ac49508 rbp=fffff8800ac495e0
- r8=0000000000001578 r9=000000000000007b r10=ffffffffffffffff
- r11=00000000147ca9c8 r12=0000000000000000 r13=0000000000000000
- r14=0000000000000000 r15=0000000000000000
- iopl=0 nv up ei pl nz na po nc
- win32k!memcpy+0xb0:
- fffff960`000c5ae0 488b040a mov rax,qword ptr [rdx+rcx] ds:00000000`14ef0000=????????????????
- Resetting default scope
- LAST_CONTROL_TRANSFER: from fffff80002e2a12b to fffff80002e90bc0
- STACK_TEXT:
- fffff880`0ac49208 fffff800`02e2a12b : 00000000`00000050 00000000`14ef0000 00000000`00000000 fffff880`0ac49370 : nt!KeBugCheckEx
- fffff880`0ac49210 fffff800`02e8ecee : 00000000`00000000 00000000`14ef0000 00000000`00000000 00000000`14eefa00 : nt! ?? ::FNODOBFM::`string'+0x45955
- fffff880`0ac49370 fffff960`000c5ae0 : fffff960`0008d391 00000000`00000000 00000000`00000000 fffff900`c0828cd8 : nt!KiPageFault+0x16e
- fffff880`0ac49508 fffff960`0008d391 : 00000000`00000000 00000000`00000000 fffff900`c0828cd8 00000000`00000000 : win32k!memcpy+0xb0
- fffff880`0ac49510 fffff960`00087449 : 00000000`00000001 00000000`00000000 00000000`00000000 fffff880`0ac498e0 : win32k!vSrcCopyS32D32Identity+0x71
- fffff880`0ac49540 fffff960`001fa12c : fffff900`c0828cd8 fffff900`c079c028 fffff900`c3a62e90 fffff900`c06f7b10 : win32k!EngCopyBits+0x915
- fffff880`0ac49850 fffff960`0018fba8 : 00000000`34010e4e 00000000`00000000 00000000`00000000 00000000`74010ef5 : win32k!NtGdiBitBltInternal+0xc94
- fffff880`0ac49a30 fffff880`040e9321 : fffff8a0`11471000 00000116`0000055e fffff8a0`11eb7f10 fffff8a0`0e1f2610 : win32k!DxgkEngBltViaGDI+0x588
- fffff880`0ac49ba0 fffff880`040e5fbb : fffff8a0`40006300 fffff8a0`0000055e fffff880`0ac49f00 fffff880`0ac49f30 : dxgkrnl!DXGCONTEXT::Present+0x2d5d
- fffff880`0ac49ec0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : dxgkrnl!DxgkPresent+0x543
- STACK_COMMAND: kb
- FOLLOWUP_IP:
- dxgkrnl!DXGCONTEXT::Present+2d5d
- fffff880`040e9321 413bc6 cmp eax,r14d
- SYMBOL_STACK_INDEX: 8
- SYMBOL_NAME: dxgkrnl!DXGCONTEXT::Present+2d5d
- FOLLOWUP_NAME: MachineOwner
- MODULE_NAME: dxgkrnl
- IMAGE_NAME: dxgkrnl.sys
- DEBUG_FLR_IMAGE_TIMESTAMP: 51fa153d
- FAILURE_BUCKET_ID: X64_0x50_dxgkrnl!DXGCONTEXT::Present+2d5d
- BUCKET_ID: X64_0x50_dxgkrnl!DXGCONTEXT::Present+2d5d
- Followup: MachineOwner
- ---------
Add Comment
Please, Sign In to add comment