Details
-
Bug
-
Resolution: Fixed
-
Critical
Description
Jim, this seems to be related to your recent changes. Can you have a look?
Let me know if you want to know with which exact revision this problem started appearing, I can perform a regression test.
To reproduce, set ULONG MmSpecialPoolTag = 'GSMU'; in ntoskrnl/mm/ARM3/pool.c line 27, and simply boot up third stage.
*** Fatal System Error: 0x000000d5
|
(0xF3391FD0,0x00000000,0xF25839E1,0x00000000)
|
|
Driver at fault:
|
*** win32k.sys - Address F25839E1 base at F2512000, DateStamp 54df12d6
|
.
|
Break instruction exception - code 80000003 (first chance)
|
|
A fatal system error has occurred.
|
Debugger entered on first try; Bugcheck callbacks have not been invoked.
|
|
A fatal system error has occurred.
|
|
Connected to Windows Server 2003 3790 x86 compatible target at (Sat Feb 14 10:28:04.493 2015 (UTC + 1:00)), ptr64 FALSE
|
Loading Kernel Symbols
|
...................................................
|
Loading User Symbols
|
.................................
|
*******************************************************************************
|
* *
|
* Bugcheck Analysis *
|
* *
|
*******************************************************************************
|
|
Use !analyze -v to get detailed debugging information.
|
|
BugCheck D5, {f3391fd0, 0, f25839e1, 0}
|
|
Probably caused by : win32k.sys ( win32k!co_MsqSendMessage+7e1 )
|
|
Followup: MachineOwner
|
---------
|
|
nt!RtlpBreakWithStatusInstruction:
|
8055ee08 cc int 3
|
kd> !analyze -v
|
*******************************************************************************
|
* *
|
* Bugcheck Analysis *
|
* *
|
*******************************************************************************
|
|
DRIVER_PAGE_FAULT_IN_FREED_SPECIAL_POOL (d5)
|
Memory was referenced after it was freed.
|
This cannot be protected by try-except.
|
When possible, the guilty driver's name (Unicode string) is printed on
|
the bugcheck screen and saved in KiBugCheckDriver.
|
Arguments:
|
Arg1: f3391fd0, memory referenced
|
Arg2: 00000000, value 0 = read operation, 1 = write operation
|
Arg3: f25839e1, if non-zero, the address which referenced memory.
|
Arg4: 00000000, (reserved)
|
|
Debugging Details:
|
------------------
|
|
|
READ_ADDRESS: f3391fd0
|
|
FAULTING_IP:
|
win32k!co_MsqSendMessage+7e1 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\msgqueue.c @ 1294]
|
f25839e1 c7422800000000 mov dword ptr [edx+28h],0
|
|
MM_INTERNAL_CODE: 0
|
|
IMAGE_NAME: win32k.sys
|
|
DEBUG_FLR_IMAGE_TIMESTAMP: 54df12d6
|
|
MODULE_NAME: win32k
|
|
FAULTING_MODULE: f2512000 win32k
|
|
DEFAULT_BUCKET_ID: DRIVER_FAULT
|
|
BUGCHECK_STR: 0xD5
|
|
PROCESS_NAME: explorer.exe
|
|
CURRENT_IRQL: 1
|
|
TRAP_FRAME: 00000010 -- (.trap 0x10)
|
Unable to read trap frame at 00000010
|
|
LAST_CONTROL_TRANSFER: from 804a3886 to 8055ee08
|
|
STACK_TEXT:
|
f20acec0 804a3886 00000003 f20ad2a8 ffdff408 nt!RtlpBreakWithStatusInstruction
|
f20acef0 804a42d4 00000003 f20ad3c8 f20ad2ec nt!KiBugCheckDebugBreak+0x36 [c:\ros\reactos-clean\reactos\ntoskrnl\ke\bug.c @ 536]
|
f20ad2b0 804a4a6e 00000050 f3391fd0 00000000 nt!KeBugCheckWithTf+0x5b4 [c:\ros\reactos-clean\reactos\ntoskrnl\ke\bug.c @ 1100]
|
f20ad2d0 804ca312 00000050 f3391fd0 00000000 nt!KeBugCheckEx+0x1e [c:\ros\reactos-clean\reactos\ntoskrnl\ke\bug.c @ 1429]
|
f20ad3c8 804f455e 00000000 f3391fd0 00000000 nt!MmArmAccessFault+0x822 [c:\ros\reactos-clean\reactos\ntoskrnl\mm\arm3\pagfault.c @ 1853]
|
f20ad3e4 805418d3 00000000 f3391fd0 00000000 nt!MmAccessFault+0xce [c:\ros\reactos-clean\reactos\ntoskrnl\mm\mmfault.c @ 243]
|
f20ad418 804036df f20ad520 f25839e1 cccccccc nt!KiTrap0EHandler+0x1c3 [c:\ros\reactos-clean\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1277]
|
f20ad418 f25839e1 f20ad520 f25839e1 cccccccc nt!KiTrap0E+0x8f
|
f20ad520 f25781ad 0000001a 0000002f f26a012c win32k!co_MsqSendMessage+0x7e1 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\msgqueue.c @ 1294]
|
f20ad5b8 f2577c61 0000002f f26a012c 00000000 win32k!co_IntSendMessageTimeoutSingle+0x51d [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\message.c @ 1397]
|
f20ad5f0 f2593f07 0000002f f26a012c 00000000 win32k!co_IntSendMessageTimeout+0x1a1 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\message.c @ 1488]
|
f20ad62c f2596e98 0012ec30 00080002 0012eba8 win32k!UserSystemParametersInfo+0x117 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\sysparams.c @ 1607]
|
f20ad644 80542689 0000002f 00000001 0012ec30 win32k!NtUserSystemParametersInfo+0x88 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\sysparams.c @ 1631]
|
f20ad664 8054219d f2596e10 0012eb98 00000010 nt!KiSystemCallTrampoline+0x19 [c:\ros\reactos-clean\reactos\ntoskrnl\include\internal\i386\ke.h @ 725]
|
f20ad6ac 80403e03 0012ebc0 7c92fb8e badb0d00 nt!KiSystemServiceHandler+0x23d [c:\ros\reactos-clean\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1717]
|
f20ad6ac 7c92fb8e 0012ebc0 7c92fb8e badb0d00 nt!KiFastCallEntry+0x8c
|
0012eb8c 77a9fd63 77a50b9c 0000002f 00000001 ntdll!KiFastSystemCallRet
|
0012eb90 77a50b9c 0000002f 00000001 0012ec30 user32!ZwUserSystemParametersInfo+0xc
|
0012ebc0 77a50d89 0000002f 00000001 0012ec30 user32!RealSystemParametersInfoW+0x6c [c:\ros\reactos-clean\reactos\win32ss\user\user32\misc\desktop.c @ 360]
|
0012ec0c 00415c40 0000002f 00000001 0012ec30 user32!SystemParametersInfoW+0x89 [c:\ros\reactos-clean\reactos\win32ss\user\user32\misc\desktop.c @ 415]
|
0012ec60 004194f6 cccccccc cccccccc cccccccc explorer!CTrayWindow::ResizeWorkArea+0x100 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1029]
|
0012ec84 00416581 00000005 00000000 00000000 explorer!CTrayWindow::OnSize+0x46 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 2346]
|
0012ecec 0040ce6a 00040080 00000005 00000000 explorer!CTrayWindow::ProcessWindowMessage+0x181 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 2848]
|
0012ed58 77a844b7 00040080 00000005 00000000 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::WindowProc+0x9a [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 479]
|
0012ee14 77a88303 003434a0 00040080 00000005 user32!IntCallWindowProcW+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012eea0 7c92fae1 0012eeb8 00000020 0012f168 user32!User32CallWindowProcFromKernel+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
0012f090 77a61b0a 00040080 00000047 00000000 ntdll!KiUserCallbackDispatcher+0x2e
|
0012f10c 755d2bb5 00040080 00000047 00000000 user32!RealDefWindowProcW+0x3fa [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\defwnd.c @ 1618]
|
0012f128 77a61eda 00040080 00000047 00000000 uxtheme!ThemeDefWindowProcW+0x25 [c:\ros\reactos-clean\reactos\dll\win32\uxtheme\themehooks.c @ 192]
|
0012f178 77a844b7 00040080 00000047 00000000 user32!DefWindowProcW+0xba [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\defwnd.c @ 1691]
|
0012f234 77a862a0 003434a0 00040080 00000047 user32!IntCallWindowProcW+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012f258 0040d07c 0041e5d6 00040080 00000047 user32!CallWindowProcW+0xa0 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1804]
|
0012f27c 0040cf08 00000047 00000000 0012f45c explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::DefWindowProcW+0x3c [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 442]
|
0012f2dc 77a844b7 00040080 00000047 00000000 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::WindowProc+0x138 [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 493]
|
0012f398 77a88303 003434a0 00040080 00000047 user32!IntCallWindowProcW+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012f424 7c92fae1 0012f43c 0000003c 0012f8b4 user32!User32CallWindowProcFromKernel+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
0012f4a0 00416cc4 00000000 00000000 00000000 ntdll!KiUserCallbackDispatcher+0x2e
|
0012f4c4 00416d64 0012f79c 0012f7bc cccccccc explorer!CTrayWindow::OnThemeChanged+0xb4 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1458]
|
0012f734 004165bb 00000001 00000000 0012f988 explorer!CTrayWindow::OnCreate+0x84 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1475]
|
0012f79c 0040ce6a 00040080 00000001 00000000 explorer!CTrayWindow::ProcessWindowMessage+0x1bb [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 2849]
|
0012f808 77a844b7 00040080 00000001 00000000 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::WindowProc+0x9a [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 479]
|
0012f8c4 77a88303 003434a0 00040080 00000001 user32!IntCallWindowProcW+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012f950 7c92fae1 0012f968 00000056 0012ffe0 user32!User32CallWindowProcFromKernel+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
0012fae4 77a92228 00000180 0000c04a 00000000 ntdll!KiUserCallbackDispatcher+0x2e
|
0012fb80 0040c782 00000180 0000c04a 00000000 user32!CreateWindowExW+0x318 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\window.c @ 567]
|
0012fbc0 0041b8eb 00000000 0012fc34 00000000 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::Create+0xd2 [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 528]
|
0012fbf8 004156d6 00000000 0012fc34 00000000 explorer!ATL::CWindowImpl<CTrayWindow,ATL::CWindow,ATL::CWinTraits<1442840576,0> >::Create+0xab [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 565]
|
0012fc48 004144bc 0013a734 0012feb4 0012fc90 explorer!CTrayWindow::Open+0xf6 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1606]
|
0012fc84 00401a18 0012fca4 0012ffb4 0012fef0 explorer!CreateTrayWindow+0x9c [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 3130]
|
0012feb4 00401850 00400000 00000001 0012fedc explorer!StartWithDesktop+0xd8 [c:\ros\reactos-clean\reactos\base\shell\explorer\explorer.cpp @ 157]
|
0012fec4 0041f55e 00400000 00000000 00133be6 explorer!wWinMain+0x90 [c:\ros\reactos-clean\reactos\base\shell\explorer\explorer.cpp @ 224]
|
0012fedc 0041ecec 00000001 00138bc8 001333c8 explorer!wmain+0x1e [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crt0_w.c @ 26]
|
0012ffb4 0041e9e6 000000ff 0012fff0 77d93909 explorer!__tmainCRTStartup+0x2ac [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crtexe.c @ 307]
|
0012ffc0 77d93909 00000000 00000000 7ffdc000 explorer!wWinMainCRTStartup+0x26 [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crtexe.c @ 168]
|
0012fff0 00000000 0041e9c0 00000000 ec0100ed kernel32!BaseProcessStartup+0x69 [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\proc.c @ 478]
|
|
|
STACK_COMMAND: kb
|
|
FOLLOWUP_IP:
|
win32k!co_MsqSendMessage+7e1 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\msgqueue.c @ 1294]
|
f25839e1 c7422800000000 mov dword ptr [edx+28h],0
|
|
SYMBOL_STACK_INDEX: 8
|
|
SYMBOL_NAME: win32k!co_MsqSendMessage+7e1
|
|
FOLLOWUP_NAME: MachineOwner
|
|
FAILURE_BUCKET_ID: 0xD5_win32k!co_MsqSendMessage+7e1
|
|
BUCKET_ID: 0xD5_win32k!co_MsqSendMessage+7e1
|
|
Followup: MachineOwner
|
---------
|
|
kd> kp
|
ChildEBP RetAddr
|
f20acec0 804a3886 nt!RtlpBreakWithStatusInstruction
|
f20acef0 804a42d4 nt!KiBugCheckDebugBreak(unsigned long StatusCode = 3)+0x36 [c:\ros\reactos-clean\reactos\ntoskrnl\ke\bug.c @ 536]
|
f20ad2b0 804a4a6e nt!KeBugCheckWithTf(unsigned long BugCheckCode = 0x50, unsigned long BugCheckParameter1 = 0xf3391fd0, unsigned long BugCheckParameter2 = 0, unsigned long BugCheckParameter3 = 0xf20ad420, unsigned long BugCheckParameter4 = 0, struct _KTRAP_FRAME * TrapFrame = 0xf20ad420)+0x5b4 [c:\ros\reactos-clean\reactos\ntoskrnl\ke\bug.c @ 1100]
|
f20ad2d0 804ca312 nt!KeBugCheckEx(unsigned long BugCheckCode = 0x50, unsigned long BugCheckParameter1 = 0xf3391fd0, unsigned long BugCheckParameter2 = 0, unsigned long BugCheckParameter3 = 0xf20ad420, unsigned long BugCheckParameter4 = 0)+0x1e [c:\ros\reactos-clean\reactos\ntoskrnl\ke\bug.c @ 1429]
|
f20ad3c8 804f455e nt!MmArmAccessFault(unsigned char StoreInstruction = 0x00 '', void * Address = 0xf3391fd0, char Mode = 0n0 '', void * TrapInformation = 0xf20ad420)+0x822 [c:\ros\reactos-clean\reactos\ntoskrnl\mm\arm3\pagfault.c @ 1853]
|
f20ad3e4 805418d3 nt!MmAccessFault(unsigned char StoreInstruction = 0x00 '', void * Address = 0xf3391fd0, char Mode = 0n0 '', void * TrapInformation = 0xf20ad420)+0xce [c:\ros\reactos-clean\reactos\ntoskrnl\mm\mmfault.c @ 243]
|
f20ad418 804036df nt!KiTrap0EHandler(struct _KTRAP_FRAME * TrapFrame = 0xf20ad420)+0x1c3 [c:\ros\reactos-clean\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1277]
|
f20ad418 f25839e1 nt!KiTrap0E+0x8f
|
f20ad520 f25781ad win32k!co_MsqSendMessage(struct _THREADINFO * ptirec = 0xb49da918, struct HWND__ * Wnd = 0x000a0074, unsigned int Msg = 0x1a, unsigned int wParam = 0x2f, long lParam = 0xf26a012c, unsigned int uTimeout = 0x64, int Block = 0, int HookMessage = 0, unsigned long * uResult = 0xf20ad61c)+0x7e1 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\msgqueue.c @ 1294]
|
f20ad5b8 f2577c61 win32k!co_IntSendMessageTimeoutSingle(struct HWND__ * hWnd = 0x000a0074, unsigned int Msg = 0x1a, unsigned int wParam = 0x2f, long lParam = 0xf26a012c, unsigned int uFlags = 0, unsigned int uTimeout = 0x64, unsigned long * uResult = 0xf20ad61c)+0x51d [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\message.c @ 1397]
|
f20ad5f0 f2593f07 win32k!co_IntSendMessageTimeout(struct HWND__ * hWnd = 0x0000ffff, unsigned int Msg = 0x1a, unsigned int wParam = 0x2f, long lParam = 0xf26a012c, unsigned int uFlags = 0, unsigned int uTimeout = 0x64, unsigned long * uResult = 0xf20ad61c)+0x1a1 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\message.c @ 1488]
|
f20ad62c f2596e98 win32k!UserSystemParametersInfo(unsigned int uiAction = 0x2f, unsigned int uiParam = 1, void * pvParam = 0x0012ec30, unsigned int fWinIni = 0x80002)+0x117 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\sysparams.c @ 1607]
|
f20ad644 80542689 win32k!NtUserSystemParametersInfo(unsigned int uiAction = 0x2f, unsigned int uiParam = 1, void * pvParam = 0x0012ec30, unsigned int fWinIni = 0x80002)+0x88 [c:\ros\reactos-clean\reactos\win32ss\user\ntuser\sysparams.c @ 1631]
|
f20ad664 8054219d nt!KiSystemCallTrampoline(void * Handler = 0xf2596e10, void * Arguments = 0x0012eb98, unsigned long StackBytes = 0x10)+0x19 [c:\ros\reactos-clean\reactos\ntoskrnl\include\internal\i386\ke.h @ 725]
|
f20ad6ac 80403e03 nt!KiSystemServiceHandler(struct _KTRAP_FRAME * TrapFrame = 0xf20ad6b4, void * Arguments = 0x0012eb98)+0x23d [c:\ros\reactos-clean\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1717]
|
f20ad6ac 7c92fb8e nt!KiFastCallEntry+0x8c
|
0012eb8c 77a9fd63 ntdll!KiFastSystemCallRet
|
0012eb90 77a50b9c user32!ZwUserSystemParametersInfo+0xc
|
0012ebc0 77a50d89 user32!RealSystemParametersInfoW(unsigned int uiAction = 0x2f, unsigned int uiParam = 1, void * pvParam = 0x0012ec30, unsigned int fWinIni = 2)+0x6c [c:\ros\reactos-clean\reactos\win32ss\user\user32\misc\desktop.c @ 360]
|
0012ec0c 00415c40 user32!SystemParametersInfoW(unsigned int uiAction = 0x2f, unsigned int uiParam = 1, void * pvParam = 0x0012ec30, unsigned int fWinIni = 2)+0x89 [c:\ros\reactos-clean\reactos\win32ss\user\user32\misc\desktop.c @ 415]
|
0012ec60 004194f6 explorer!CTrayWindow::ResizeWorkArea(void)+0x100 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1029]
|
0012ec84 00416581 explorer!CTrayWindow::OnSize(unsigned int uMsg = 5, unsigned int wParam = 0, long lParam = 0, int * bHandled = 0x0012ece0)+0x46 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 2346]
|
0012ecec 0040ce6a explorer!CTrayWindow::ProcessWindowMessage(struct HWND__ * hWnd = 0x00040080, unsigned int uMsg = 5, unsigned int wParam = 0, long lParam = 0, long * lResult = 0x0012ed24, unsigned long dwMsgMapID = 0)+0x181 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 2848]
|
0012ed58 77a844b7 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::WindowProc(struct HWND__ * hWnd = 0x00040080, unsigned int uMsg = 5, unsigned int wParam = 0, long lParam = 0)+0x9a [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 479]
|
0012ee14 77a88303 user32!IntCallWindowProcW(int IsAnsiProc = 0, <function> * WndProc = 0x00930000, struct _WND * pWnd = 0x003434a0, struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 5, unsigned int wParam = 0, long lParam = 0)+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012eea0 7c92fae1 user32!User32CallWindowProcFromKernel(void * Arguments = 0x0012eeb8, unsigned long ArgumentLength = 0x20)+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
0012f090 77a61b0a ntdll!KiUserCallbackDispatcher+0x2e
|
0012f10c 755d2bb5 user32!RealDefWindowProcW(struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0x3fa [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\defwnd.c @ 1618]
|
0012f128 77a61eda uxtheme!ThemeDefWindowProcW(struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 0x47, unsigned long wParam = 0, long lParam = 0x12f45c)+0x25 [c:\ros\reactos-clean\reactos\dll\win32\uxtheme\themehooks.c @ 192]
|
0012f178 77a844b7 user32!DefWindowProcW(struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0xba [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\defwnd.c @ 1691]
|
0012f234 77a862a0 user32!IntCallWindowProcW(int IsAnsiProc = 0, <function> * WndProc = 0x0041e5d6, struct _WND * pWnd = 0x003434a0, struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012f258 0040d07c user32!CallWindowProcW(<function> * lpPrevWndFunc = 0x0041e5d6, struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0xa0 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1804]
|
0012f27c 0040cf08 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::DefWindowProcW(unsigned int uMsg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0x3c [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 442]
|
0012f2dc 77a844b7 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::WindowProc(struct HWND__ * hWnd = 0x00040080, unsigned int uMsg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0x138 [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 493]
|
0012f398 77a88303 user32!IntCallWindowProcW(int IsAnsiProc = 0, <function> * WndProc = 0x00930000, struct _WND * pWnd = 0x003434a0, struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 0x47, unsigned int wParam = 0, long lParam = 0x12f45c)+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012f424 7c92fae1 user32!User32CallWindowProcFromKernel(void * Arguments = 0x0012f43c, unsigned long ArgumentLength = 0x3c)+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
0012f4a0 00416cc4 ntdll!KiUserCallbackDispatcher+0x2e
|
0012f4c4 00416d64 explorer!CTrayWindow::OnThemeChanged(void)+0xb4 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1458]
|
0012f734 004165bb explorer!CTrayWindow::OnCreate(unsigned int uMsg = 1, unsigned int wParam = 0, long lParam = 0x12f988, int * bHandled = 0x0012f790)+0x84 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1475]
|
0012f79c 0040ce6a explorer!CTrayWindow::ProcessWindowMessage(struct HWND__ * hWnd = 0x00040080, unsigned int uMsg = 1, unsigned int wParam = 0, long lParam = 0x12f988, long * lResult = 0x0012f7d4, unsigned long dwMsgMapID = 0)+0x1bb [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 2849]
|
0012f808 77a844b7 explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::WindowProc(struct HWND__ * hWnd = 0x00040080, unsigned int uMsg = 1, unsigned int wParam = 0, long lParam = 0x12f988)+0x9a [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 479]
|
0012f8c4 77a88303 user32!IntCallWindowProcW(int IsAnsiProc = 0, <function> * WndProc = 0x00930000, struct _WND * pWnd = 0x003434a0, struct HWND__ * hWnd = 0x00040080, unsigned int Msg = 1, unsigned int wParam = 0, long lParam = 0x12f988)+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
0012f950 7c92fae1 user32!User32CallWindowProcFromKernel(void * Arguments = 0x0012f968, unsigned long ArgumentLength = 0x56)+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
0012fae4 77a92228 ntdll!KiUserCallbackDispatcher+0x2e
|
0012fb80 0040c782 user32!CreateWindowExW(unsigned long dwExStyle = 0x180, wchar_t * lpClassName = 0x0000c04a "--- memory read error at address 0x0000c04a ---", wchar_t * lpWindowName = 0x00000000 "", unsigned long dwStyle = 0x96840000, int x = 0, int y = 0, int nWidth = 0, int nHeight = 0, struct HWND__ * hWndParent = 0x00000000, struct HMENU__ * hMenu = 0x00000000, struct HINSTANCE__ * hInstance = 0x00400000, void * lpParam = 0x00000000)+0x318 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\window.c @ 567]
|
0012fbc0 0041b8eb explorer!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<1442840576,0> >::Create(struct HWND__ * hWndParent = 0x00000000, class ATL::_U_RECT rect = class ATL::_U_RECT, wchar_t * szWindowName = 0x00000000 "", unsigned long dwStyle = 0x96840000, unsigned long dwExStyle = 0x180, class ATL::_U_MENUorID MenuOrID = class ATL::_U_MENUorID, unsigned short atom = 0xc04a, void * lpCreateParam = 0x00000000)+0xd2 [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 528]
|
0012fbf8 004156d6 explorer!ATL::CWindowImpl<CTrayWindow,ATL::CWindow,ATL::CWinTraits<1442840576,0> >::Create(struct HWND__ * hWndParent = 0x00000000, class ATL::_U_RECT rect = class ATL::_U_RECT, wchar_t * szWindowName = 0x00000000 "", unsigned long dwStyle = 0x96840000, unsigned long dwExStyle = 0x180, class ATL::_U_MENUorID MenuOrID = class ATL::_U_MENUorID, void * lpCreateParam = 0x00000000)+0xab [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 565]
|
0012fc48 004144bc explorer!CTrayWindow::Open(void)+0xf6 [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 1606]
|
0012fc84 00401a18 explorer!CreateTrayWindow(struct ITrayWindow ** ppTray = 0x0012fca4)+0x9c [c:\ros\reactos-clean\reactos\base\shell\explorer\traywnd.cpp @ 3130]
|
0012feb4 00401850 explorer!StartWithDesktop(struct HINSTANCE__ * hInstance = 0x00400000)+0xd8 [c:\ros\reactos-clean\reactos\base\shell\explorer\explorer.cpp @ 157]
|
0012fec4 0041f55e explorer!wWinMain(struct HINSTANCE__ * hInstance = 0x00400000, struct HINSTANCE__ * hPrevInstance = 0x00000000, wchar_t * lpCmdLine = 0x00133be6 "", int nCmdShow = 1)+0x90 [c:\ros\reactos-clean\reactos\base\shell\explorer\explorer.cpp @ 224]
|
0012fedc 0041ecec explorer!wmain(int flags = 1, unsigned short ** cmdline = 0x00138bc8, unsigned short ** inst = 0x001333c8)+0x1e [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crt0_w.c @ 26]
|
0012ffb4 0041e9e6 explorer!__tmainCRTStartup(void)+0x2ac [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crtexe.c @ 307]
|
0012ffc0 77d93909 explorer!wWinMainCRTStartup(void)+0x26 [c:\ros\reactos-clean\reactos\lib\sdk\crt\startup\crtexe.c @ 168]
|
0012fff0 00000000 kernel32!BaseProcessStartup(<function> * lpStartAddress = 0x0041e9c0)+0x69 [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\proc.c @ 478]
|
kd> ?? Message
|
struct _USER_SENT_MESSAGE * 0xf3391fa8
|
+0x000 ListEntry : _LIST_ENTRY
|
+0x008 Msg : tagMSG
|
+0x024 QS_Flags : ??
|
+0x028 CompletionEvent : ????
|
+0x02c Result : ????
|
+0x030 lResult : ??
|
+0x034 ptiSender : ????
|
+0x038 ptiReceiver : ????
|
+0x03c CompletionCallback : ????
|
+0x040 ptiCallBackSender : ????
|
+0x044 CompletionCallbackContext : ??
|
+0x048 DispatchingListEntry : _LIST_ENTRY
|
+0x050 HookMessage : ??
|
+0x054 HasPackedLParam : ??
|