Got this while copying a display driver over firewire. I did a complete
dump and I’ll put it up for someone to grab if it’s needed.
The target system froze in the middle of copying the driver, and when I
hit ctrl-break to break into the system, I got the bugcheck.
This is with version 6.1.0009.0 on a Uniprocessor WinXP + SP1 machine. The
fault seems to be in kd1394.dll.
The copying has worked many times before, so this may just be one of those
hard-to-reproduce/rare bugs :\
sean
KD: Accessing ‘D:\kernel\build\chk_w2k\i386\phmdisp.dll’
(\SystemRoot\System32\phmdisp.dll)
File size 140K…Break instruction
exception - code 80000003 (first chance)
A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.
A fatal system error has occurred.
Connected to Windows XP 2600 x86 compatible target, ptr64 FALSE
Loading Kernel Symbols
…
Loading unloaded module list
…
Loading User Symbols
…
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 50, {ff423000, 1, fc9bbad5, 0}
Probably caused by : kd1394.dll ( kdcom!Dbg1394_ReadPacket+c5 )
Followup: MachineOwner
nt!RtlpBreakWithStatusInstruction:
805103fa cc int 3
kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by
try-except,
it must be protected by a Probe. Typically the address is just plain bad
or it
is pointing at freed memory.
Arguments:
Arg1: ff423000, memory referenced.
Arg2: 00000001, value 0 = read operation, 1 = write operation.
Arg3: fc9bbad5, If non-zero, the instruction address which referenced the
bad memory
address.
Arg4: 00000000, (reserved)
Debugging Details:
WRITE_ADDRESS: ff423000 Nonpaged pool
FAULTING_IP:
kdcom!Dbg1394_ReadPacket+c5
fc9bbad5 f3a5 rep movsd
MM_INTERNAL_CODE: 0
IMAGE_NAME: kd1394.dll
MODULE_NAME: kdcom
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x50
LAST_CONTROL_TRANSFER: from 805258ca to 805103fa
STACK_TEXT:
f6fd9f58 805258ca 00000003 fc9bb000 ff423000
nt!RtlpBreakWithStatusInstruction
f6fd9fa4 80526160 00000003 806c7fac c03fd08c nt!KiBugCheckDebugBreak+0x19
f6fda370 805266db 00000050 ff423000 00000001 nt!KeBugCheck2+0x46d
f6fda390 8051c756 00000050 ff423000 00000001 nt!KeBugCheckEx+0x19
f6fda3dc 804dcc5e 00000001 ff423000 00000000 nt!MmAccessFault+0x6cf
f6fda3dc fc9bbad5 00000001 ff423000 00000000 nt!KiTrap0E+0xb8
f6fda474 fc9bc07f ffd01000 f6fda49c f6fda530 kdcom!Dbg1394_ReadPacket+0xc5
f6fda4ac 8065a054 0000000b f6fda530 f6fda514 kdcom!KdReceivePacket+0x77
f6fda524 8065a232 00000f60 00400040 f6fda4d4 nt!KdReadRemoteFile+0xc4
f6fda594 805d9f35 00002000 00000080 00000005 nt!KdPullRemoteFile+0xe6
f6fda73c 805bf846 f6fda788 00000000 00000000 nt!MmLoadSystemImage+0x1fc
f6fda900 804da140 0000001a e16648a0 0000001c
nt!NtSetSystemInformation+0x8c5
f6fda900 8050f72d 0000001a e16648a0 0000001c nt!KiSystemService+0xc4
f6fda984 bf82a23d 0000001a e16648a0 0000001c
nt!ZwSetSystemInformation+0x11
f6fdaae4 bf80475d e17fb2c0 00000000 00000001 win32k!ldevLoadImage+0x157
f6fdab14 bf80469a 00000000 00000001 e1980f80 win32k!ldevLoadDriver+0x37
f6fdab2c bf804517 e17fb2c0 8199b200 f6fdab54
win32k!ldevGetDriverModes+0x19
f6fdab5c bf804bc8 00000000 00000000 00166cb8
win32k!DrvBuildDevmodeList+0xa2
f6fdabe4 bf8fdd97 e1980f80 f6fdacd0 f6fdace8
win32k!DrvProbeAndCaptureDevmode+0x3e3
f6fdacdc bf928eb0 f6fdacb0 00000000 00166cb8
win32k!DrvChangeDisplaySettings+0xe6
f6fdad20 bf916c03 00aefaf8 00166cb8 00000000
win32k!xxxUserChangeDisplaySettings+0x13b
f6fdad48 804da140 00aefaf8 00166cb8 00000000
win32k!NtUserChangeDisplaySettings+0x48
f6fdad48 7ffe0304 00aefaf8 00166cb8 00000000 nt!KiSystemService+0xc4
00aefb00 00000000 00000000 00000000 00000000
SharedUserData!SystemCallStub+0x4
FOLLOWUP_IP:
kdcom!Dbg1394_ReadPacket+c5
fc9bbad5 f3a5 rep movsd
FOLLOWUP_NAME: MachineOwner
SYMBOL_NAME: kdcom!Dbg1394_ReadPacket+c5
DEBUG_FLR_IMAGE_TIMESTAMP: 3d6dd5b5
STACK_COMMAND: kb
BUCKET_ID: 0x50_W_kdcom!Dbg1394_ReadPacket+c5
Followup: MachineOwner
kd> .dump /f c:\windbg1394crash.dmp
Creating c:\windbg1394crash.dmp - Full kernel dump
Percent written 0
Percent written 5
Percent written 10
Percent written 15
Percent written 20
Percent written 25
Percent written 30
Percent written 35
Percent written 40
Percent written 45
Percent written 50
Percent written 55
Percent written 60
Percent written 65
Percent written 70
Percent written 75
Percent written 80
Percent written 85
Percent written 90
Percent written 95
kd>