0x00000050 BSOD

1.  
2. Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
3. Copyright (c) Microsoft Corporation. All rights reserved.
4.  
5.  
6. Loading Dump File [D:\My Documents\Desktop\041412-31200-01.dmp]
7. Mini Kernel Dump File: Only registers and stack trace are available
8.  
9. Symbol search path is: SRV*D:\Symbols*http://msdl.microsoft.com/download/symbols
10. Executable search path is:
11. Windows 7 Kernel Version 7601 (Service Pack 1) MP (2 procs) Free x64
12. Product: WinNt, suite: TerminalServer SingleUserTS Personal
13. Built by: 7601.17790.amd64fre.win7sp1_gdr.120305-1505
14. Machine Name:
15. Kernel base = 0xfffff800`02017000 PsLoadedModuleList = 0xfffff800`0225b650
16. Debug session time: Sat Apr 14 09:20:19.546 2012 (UTC + 8:00)
17. System Uptime: 0 days 0:00:10.389
18. Loading Kernel Symbols
19. ...............................................................
20. ..............................................
21. Loading User Symbols
22. *******************************************************************************
23. * *
24. * Bugcheck Analysis *
25. * *
26. *******************************************************************************
27.  
28. Use !analyze -v to get detailed debugging information.
29.  
30. BugCheck 50, {fffffa800b601340, 0, fffff8000237d56a, 2}
31.  
32.  
33. Could not read faulting driver name
34. Probably caused by : ntkrnlmp.exe ( nt!RtlpApplyAclToObject+1a )
35.  
36. Followup: MachineOwner
37. ---------
38.  
39. 1: kd> !analyze -v
40. *******************************************************************************
41. * *
42. * Bugcheck Analysis *
43. * *
44. *******************************************************************************
45.  
46. PAGE_FAULT_IN_NONPAGED_AREA (50)
47. Invalid system memory was referenced. This cannot be protected by try-except,
48. it must be protected by a Probe. Typically the address is just plain bad or it
49. is pointing at freed memory.
50. Arguments:
51. Arg1: fffffa800b601340, memory referenced.
52. Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
53. Arg3: fffff8000237d56a, If non-zero, the instruction address which referenced the bad memory
54. address.
55. Arg4: 0000000000000002, (reserved)
56.  
57. Debugging Details:
58. ------------------
59.  
60.  
61. Could not read faulting driver name
62.  
63. READ_ADDRESS: GetPointerFromAddress: unable to read from fffff800022c5100
64. fffffa800b601340
65.  
66. FAULTING_IP:
67. nt!RtlpApplyAclToObject+1a
68. fffff800`0237d56a 41803808 cmp byte ptr [r8],8
69.  
70. MM_INTERNAL_CODE: 2
71.  
72. CUSTOMER_CRASH_COUNT: 1
73.  
74. DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
75.  
76. BUGCHECK_STR: 0x50
77.  
78. PROCESS_NAME: System
79.  
80. CURRENT_IRQL: 0
81.  
82. TRAP_FRAME: fffff880023db1a0 -- (.trap 0xfffff880023db1a0)
83. NOTE: The trap frame does not contain all registers.
84. Some register values may be zeroed or incorrect.
85. rax=000000000000504d rbx=0000000000000000 rcx=fffffa800874acc4
86. rdx=00000000fd7ffbff rsi=0000000000000000 rdi=0000000000000000
87. rip=fffff8000237d56a rsp=fffff880023db338 rbp=0000000000008004
88. r8=fffffa800b601340 r9=00000000000003c6 r10=fffffa8003d3064c
89. r11=fffffa800874acc4 r12=0000000000000000 r13=0000000000000000
90. r14=0000000000000000 r15=0000000000000000
91. iopl=0 nv up ei ng nz ac pe cy
92. nt!RtlpApplyAclToObject+0x1a:
93. fffff800`0237d56a 41803808 cmp byte ptr [r8],8 ds:0001:fffffa80`0b601340=??
94. Resetting default scope
95.  
96. LOCK_ADDRESS: fffff80002291b60 -- (!locks fffff80002291b60)
97.  
98. Resource @ nt!PiEngineLock (0xfffff80002291b60) Available
99.  
100. WARNING: SystemResourcesList->Flink chain invalid. Resource may be corrupted, or already deleted.
101.  
102.  
103. WARNING: SystemResourcesList->Blink chain invalid. Resource may be corrupted, or already deleted.
104.  
105. 1 total locks
106.  
107. PNP_TRIAGE:
108. Lock address : 0xfffff80002291b60
109. Thread Count : 0
110. Thread address: 0x0000000000000000
111. Thread wait : 0x0
112.  
113. LAST_CONTROL_TRANSFER: from fffff8000203ec50 to fffff80002093c80
114.  
115. STACK_TEXT:
116. fffff880`023db038 fffff800`0203ec50 : 00000000`00000050 fffffa80`0b601340 00000000`00000000 fffff880`023db1a0 : nt!KeBugCheckEx
117. fffff880`023db040 fffff800`02091dae : 00000000`00000000 fffffa80`0b601340 fffff8a0`0031c400 fffff8a0`00715024 : nt! ?? ::FNODOBFM::`string'+0x43d76
118. fffff880`023db1a0 fffff800`0237d56a : fffff800`0232c16c 00000000`00000000 fffff8a0`00715024 00000000`00120010 : nt!KiPageFault+0x16e
119. fffff880`023db338 fffff800`0232c16c : 00000000`00000000 fffff8a0`00715024 00000000`00120010 00000000`000007ff : nt!RtlpApplyAclToObject+0x1a
120. fffff880`023db340 fffff800`022f5d6f : fffffa80`03d33b60 00000000`00000801 00000000`00000001 63536553`00000000 : nt!RtlpSetSecurityObject+0x378
121. fffff880`023db480 fffff800`0246bdb6 : fffff8a0`00206f70 fffffa80`03d3064c fffffa80`03d33b60 00000000`00000000 : nt!SeSetSecurityDescriptorInfo+0x33
122. fffff880`023db4d0 fffff800`0246c5b0 : fffff8a0`00206f70 fffffa80`07134050 fffff8a0`00715010 00000000`00000000 : nt!IopSetDeviceSecurityDescriptor+0xb6
123. fffff880`023db540 fffff800`023d2550 : fffffa80`07134050 fffff8a0`00715010 00000000`00000000 fffff880`023db6b8 : nt!IopSetDeviceSecurityDescriptors+0x50
124. fffff880`023db590 fffff800`0232ca46 : ffffffff`8000018c ffffffff`80000184 fffff880`023db6b8 fffff8a0`00715010 : nt! ?? ::NNGAKEGL::`string'+0x2754e
125. fffff880`023db650 fffff800`02473363 : fffff880`023db708 fffff880`00000004 00000000`00000002 fffff8a0`0070bcb0 : nt!ObSetSecurityObjectByPointer+0x5a
126. fffff880`023db6b0 fffff800`0247d773 : fffffa80`08747e20 fffffa80`08747e20 fffff8a0`003ff920 fffffa80`071358b0 : nt!PipChangeDeviceObjectFromRegistryProperties+0x2e3
127. fffff880`023db7a0 fffff800`0247ec32 : fffffa80`07133620 fffffa80`071358b0 00000000`00000002 fffffa80`07134050 : nt!PipCallDriverAddDevice+0x733
128. fffff880`023db950 fffff800`0247f0cc : fffff800`0228f400 00000000`00000000 00000000`00000000 00000000`00000000 : nt!PipProcessDevNodeTree+0x2b2
129. fffff880`023dbbc0 fffff800`0218fee2 : 00000001`00000003 00000000`00000000 00000000`32706e50 00000000`00000084 : nt!PiProcessStartSystemDevices+0x7c
130. fffff880`023dbc10 fffff800`0209d361 : fffff800`0218fbe0 fffff800`02389701 fffffa80`03d33b00 ec6aa74c`c7c8b486 : nt!PnpDeviceActionWorker+0x302
131. fffff880`023dbcb0 fffff800`0232dfda : fbfffeff`fdf5eff9 fffffa80`03d33b60 00000000`00000080 fffffa80`03d2a040 : nt!ExpWorkerThread+0x111
132. fffff880`023dbd40 fffff800`020849c6 : fffff880`009b1180 fffffa80`03d33b60 fffff880`009bbf40 9a951e86`de9f4fbf : nt!PspSystemThreadStartup+0x5a
133. fffff880`023dbd80 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KxStartSystemThread+0x16
134.  
135.  
136. STACK_COMMAND: kb
137.  
138. FOLLOWUP_IP:
139. nt!RtlpApplyAclToObject+1a
140. fffff800`0237d56a 41803808 cmp byte ptr [r8],8
141.  
142. SYMBOL_STACK_INDEX: 3
143.  
144. SYMBOL_NAME: nt!RtlpApplyAclToObject+1a
145.  
146. FOLLOWUP_NAME: MachineOwner
147.  
148. MODULE_NAME: nt
149.  
150. IMAGE_NAME: ntkrnlmp.exe
151.  
152. DEBUG_FLR_IMAGE_TIMESTAMP: 4f558b55
153.  
154. FAILURE_BUCKET_ID: X64_0x50_nt!RtlpApplyAclToObject+1a
155.  
156. BUCKET_ID: X64_0x50_nt!RtlpApplyAclToObject+1a
157.  
158. Followup: MachineOwner
159. ---------
160.  
161. 1: kd> lmvm nt
162. start end module name
163. fffff800`02017000 fffff800`025ff000 nt (pdb symbols) d:\symbols\ntkrnlmp.pdb\76FCE21B949E486090FD485BE42AF54A2\ntkrnlmp.pdb
164. Loaded symbol image file: ntkrnlmp.exe
165. Mapped memory image file: d:\symbols\ntoskrnl.exe\4F558B555e8000\ntoskrnl.exe
166. Image path: ntkrnlmp.exe
167. Image name: ntkrnlmp.exe
168. Timestamp: Tue Mar 06 11:58:13 2012 (4F558B55)
169. CheckSum: 005553E5
170. ImageSize: 005E8000
171. File version: 6.1.7601.17790
172. Product version: 6.1.7601.17790
173. File flags: 0 (Mask 3F)
174. File OS: 40004 NT Win32
175. File type: 1.0 App
176. File date: 00000000.00000000
177. Translations: 0409.04b0
178. CompanyName: Microsoft Corporation
179. ProductName: Microsoft® Windows® Operating System
180. InternalName: ntkrnlmp.exe
181. OriginalFilename: ntkrnlmp.exe
182. ProductVersion: 6.1.7601.17790
183. FileVersion: 6.1.7601.17790 (win7sp1_gdr.120305-1505)
184. FileDescription: NT Kernel & System
185. LegalCopyright: © Microsoft Corporation. All rights reserved.
186. 1: kd> .trap 0xfffff880023db1a0
187. NOTE: The trap frame does not contain all registers.
188. Some register values may be zeroed or incorrect.
189. rax=000000000000504d rbx=0000000000000000 rcx=fffffa800874acc4
190. rdx=00000000fd7ffbff rsi=0000000000000000 rdi=0000000000000000
191. rip=fffff8000237d56a rsp=fffff880023db338 rbp=0000000000008004
192. r8=fffffa800b601340 r9=00000000000003c6 r10=fffffa8003d3064c
193. r11=fffffa800874acc4 r12=0000000000000000 r13=0000000000000000
194. r14=0000000000000000 r15=0000000000000000
195. iopl=0 nv up ei ng nz ac pe cy
196. nt!RtlpApplyAclToObject+0x1a:
197. fffff800`0237d56a 41803808 cmp byte ptr [r8],8 ds:0001:fffffa80`0b601340=??