(..\..\subsystems\win32\csrss\csrsrv\api\wapi.c:1221) Exception in 27c.280. Killing...
(..\..\subsystems\win32\csrss\csrsrv\api\wapi.c:1114) Death from unknown thread, just continue
Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ntdll!wcscpy+0xb:
001b:77f4c0db 66ad            lods    word ptr [esi]
kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************

ReadVirtual: 41b3bb1c not properly sign extended

FAULTING_IP: 
ntdll!wcscpy+b
001b:77f4c0db 66ad            lods    word ptr [esi]

EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 77f4c0db (ntdll!wcscpy+0x0000000b)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000000
Attempt to read from address 00000000

DEFAULT_BUCKET_ID:  NULL_POINTER_READ

ERROR_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000000

READ_ADDRESS:  00000000 

FOLLOWUP_IP: 
kernel32_winetest!doitW+2d [p:\trunk_slave\x86_msvc\build\modules\rostests\winetests\kernel32\format_msg.c @ 48]
001b:0044068d 8945f8          mov     dword ptr [ebp-8],eax

MOD_LIST: <ANALYSIS/>

NTGLOBALFLAG:  440001

FAULTING_THREAD:  00000001

PRIMARY_PROBLEM_CLASS:  NULL_POINTER_READ

BUGCHECK_STR:  APPLICATION_FAULT_NULL_POINTER_READ

LAST_CONTROL_TRANSFER:  from 77dd82dd to 77f4c0db

STACK_TEXT:  
Raw args                   Func info, Source Args
00031b20 00000000 00034160 ntdll!wcscpy+0xb (FPO: [2,0,2])
00000001 00000001 000318ac kernel32!format_insert(int unicode_caller = 0n1, int insert = 0n1, wchar_t * format = 0x000318ac "", unsigned long flags = 0x400, struct format_args * args = 0x00f8fbd8, unsigned short ** result = 0x00f8fb90)+0x7d (FPO: [Non-Fpo]) (CONV: cdecl)
00000001 00000400 000318a8 kernel32!format_message(int unicode_caller = 0n1, unsigned long dwFlags = 0x400, wchar_t * fmtstr = 0x000318a8 "%1", struct format_args * format_args = 0x00f8fbd8)+0x15b (FPO: [Non-Fpo]) (CONV: cdecl)
00000400 004a84d4 00000000 kernel32!FormatMessageW(unsigned long dwFlags = 0x400, void * lpSource = 0x004a84d4, unsigned long dwMessageId = 0, unsigned long dwLanguageId = 0, unsigned short * lpBuffer = 0x00f8fc64, unsigned long nSize = 0x100, char ** args = 0x00f8fc1c)+0x1f6 (FPO: [Non-Fpo]) (CONV: stdcall)
00000400 004a84d4 00000000 kernel32_winetest!doitW(unsigned int flags = 0x400, void * src = 0x004a84d4, unsigned int msg_id = 0, unsigned int lang_id = 0, unsigned short * out = 0x00f8fc64, unsigned int outsize = 0x100)+0x2d (FPO: [Non-Fpo]) (CONV: cdecl)
00000000 00f8fe90 004a3cf7 kernel32_winetest!test_message_from_string_wide(void)+0x1a29 (FPO: [Non-Fpo]) (CONV: cdecl)
00000004 00000000 00edb2d4 kernel32_winetest!func_format_msg(void)+0x86 (FPO: [Non-Fpo]) (CONV: cdecl)
00031890 00000021 00030d20 kernel32_winetest!run_test(char * name = 0x00031890 "format_msg")+0x87 (FPO: [Non-Fpo]) (CONV: cdecl)
00000002 00031858 00030b00 kernel32_winetest!main(int argc = 0n2, char ** argv = 0x00031858)+0x14a (FPO: [Non-Fpo]) (CONV: cdecl)
000000ff 00f8fff0 77dae275 kernel32_winetest!__tmainCRTStartup(void)+0x248 (FPO: [Non-Fpo]) (CONV: cdecl)
00edb2d4 00edb2e8 7ffba000 kernel32_winetest!WinMainCRTStartup(void)+0x1f (FPO: [Non-Fpo]) (CONV: cdecl)
004a4040 00000000 00000000 kernel32!BaseProcessStartup(<function> * lpStartAddress = 0x004a4040)+0x55 (FPO: [Non-Fpo]) (CONV: stdcall)


STACK_COMMAND:  kb

FAULTING_SOURCE_CODE:  
    44:     DWORD r;
    45: 
    46:     __ms_va_start(list, outsize);
    47:     r = FormatMessageW(flags, src, msg_id,
>   48:         lang_id, out, outsize, &list);
    49:     __ms_va_end(list);
    50:     return r;
    51: }
    52: 
    53: static void test_message_from_string_wide(void)


SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  kernel32_winetest!doitW+2d

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: kernel32_winetest

IMAGE_NAME:  kernel32_winetest.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  50151f7d

FAILURE_BUCKET_ID:  NULL_POINTER_READ_c0000005_kernel32_winetest.exe!doitW

BUCKET_ID:  APPLICATION_FAULT_NULL_POINTER_READ_kernel32_winetest!doitW+2d

Followup: MachineOwner
---------