Hello,
When I was doing some test, I got the following bugcheck. It seems not
relating to my filter.
kd> !analyze -v
*************************************************
* Bugcheck Analysis
*
**************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by
try-except,
it must be protected by a Probe. Typically the address is just plain bad or
it
is pointing at freed memory.
Arguments:
Arg1: fffffff8, memory referenced.
Arg2: 00000000, value 0 = read operation, 1 = write operation.
Arg3: f76a2502, If non-zero, the instruction address which referenced the
bad memory
address.
Arg4: 00000000, (reserved)
Debugging Details:
READ_ADDRESS: fffffff8
FAULTING_IP:
termdd!IcaGetPreviousSdLink+8
f76a2502 8b410c mov eax,[ecx+0xc]
MM_INTERNAL_CODE: 0
IMAGE_NAME: termdd.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 41107b1c
MODULE_NAME: termdd
FAULTING_MODULE: f769f000 termdd
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x50
LAST_CONTROL_TRANSFER: from 8053225b to 804e3592
STACK_TEXT:
f696eee0 8053225b 00000003 fffffff8 00000000
nt!RtlpBreakWithStatusInstruction
f696ef2c 80532d2e 00000003 806ee298 c03ffffc nt!KiBugCheckDebugBreak+0x19
f696f30c 8053331e 00000050 fffffff8 00000000 nt!KeBugCheck2+0x574
f696f32c 80523f44 00000050 fffffff8 00000000 nt!KeBugCheckEx+0x1b
f696f378 804e1718 00000000 fffffff8 00000000 nt!MmAccessFault+0x6f5
f696f378 f76a2502 00000000 fffffff8 00000000 nt!KiTrap0E+0xcc
f696f404 f769fc2b ffffffec 8614b000 86a41358 termdd!IcaGetPreviousSdLink+0x8
f696f418 f7888bb8 00000000 8614b000 f696f448 termdd!IcaBufferError+0x1f
f696f428 f78885e7 86a41358 8614b000 00000001 TDTCP!OutBufError+0x12
f696f448 f76a32a0 86a41358 c00a0006 00000001 TDTCP!TdRawWrite+0x9b
f696f460 f76a32de 861ab278 00000002 f696f494 termdd!_IcaCallSd+0x30
f696f474 f32f89ce 86a4c20c 00000002 f696f494 termdd!IcaCallNextDriver+0x28
f696f4a0 f32f9b95 00000cf1 00000001 00000000 RDPWD!NM_SendData+0x88
f696f4d0 f32f8874 00000ce5 00000001 00000000 RDPWD!SM_SendData+0x127
f696f4f4 f3303900 e2a67420 f696f510 e263e3a8
RDPWD!ShareClass::SC_FlushPackage+0x34
f696f528 f32f5ff6 e2a67420 f696f704 f696f738
RDPWD!ShareClass::DCS_TimeToDoStuff+0xda
f696f560 f76a32a0 e263e3a8 e2a67420 8617a9f4 RDPWD!WD_Ioctl+0x17a
f696f578 f76a3612 86a4c1f8 00000005 f696f5dc termdd!_IcaCallSd+0x30
f696f598 f76a4274 8617a9e8 00000005 f696f5dc termdd!_IcaCallStack+0x42
f696f5bc f76a4c72 86adf2d8 00000005 f696f5dc termdd!IcaCallDriver+0x74
f696f5f4 f76a131d 86adf2d8 86d213f0 0038144f
termdd!IcaDeviceControlVirtual+0x188
f696f64c f76a1cfa 86adf2d8 86d213f0 86d21460
termdd!IcaDeviceControlChannel+0x2a1
f696f660 f76a1f92 86d213f0 86d21460 86f65c60 termdd!IcaDeviceControl+0x26
f696f678 804e37f7 86f54f10 86d213f0 86d213f0 termdd!IcaDispatch+0x13a
f696f688 bf96a66b e2a81010 00000000 00000000 nt!IopfCallDriver+0x31
f696f69c bf93a4b2 86f65c60 0038144f f696f704
win32k!CtxDeviceIoControlFile+0x7e
f696f6d4 bff62f21 86f65c60 0038144f f696f704 win32k!EngFileIoControl+0x27
f696f730 bff6c279 e1196bb8 00000000 e1278278
RDPDD!SCH_DDOutputAvailable+0x89
f696fba0 bf8ba3f4 e1278278 e1f22900 00000000 RDPDD!DrvSetPointerShape+0x5f5
f696fbfc bf8ba793 e1278278 e1f22900 00000000
win32k!WatchdogDrvSetPointerShape+0x52
f696fc94 bf8ba339 e1d03008 e1f228f0 00000000 win32k!vSetPointer+0x36f
f696fcc0 bf800dd2 86f43f78 e1d578f8 00000000 win32k!GreSetPointer+0x66
f696fcec bf800ee4 e2439568 f696fd14 bf8c1ed4
win32k!zzzUpdateCursorImage+0x1a1
f696fcf8 bf8c1ed4 e2439568 000007d0 0000040c
win32k!zzzCalcStartCursorHide+0xb1
f696fd14 bf8c011e 86a5a948 00000040 f696fd64
win32k!xxxSetProcessInitState+0xbe
f696fd30 bf8c1f9c 0000040c 00000c68 00000000
win32k!xxxUserNotifyProcessCreate+0x54
f696fd4c 804de7ec 0000040c 00000c68 00000000
win32k!NtUserNotifyProcessCreate+0x31
f696fd4c 7c90eb94 0000040c 00000c68 00000000 nt!KiFastCallEntry+0xf8
006cfe7c 75b61a4a 75b54f1a 0000040c 00000c68 ntdll!KiFastSystemCallRet
006cfed0 75b44a47 00000260 006cffd8 00000005
winsrv!NtUserNotifyProcessCreate+0xc
006cfff4 00000000 00000000 00000000 00000000
CSRSRV!CsrApiRequestThread+0x431
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
termdd!IcaGetPreviousSdLink+8
f76a2502 8b410c mov eax,[ecx+0xc]
FAULTING_SOURCE_CODE:
SYMBOL_STACK_INDEX: 6
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: termdd!IcaGetPreviousSdLink+8
FAILURE_BUCKET_ID: 0x50_termdd!IcaGetPreviousSdLink+8
BUCKET_ID: 0x50_termdd!IcaGetPreviousSdLink+8