Assertion '(HeapEntry + BlockSize)->PreviousSize == BlockSize' failed at C:\reactos\lib\rtl\heap.c line 2248 Break instruction exception - code 80000003 (first chance) 001b:7c92c832 cc int 3 kd> !analyze -v Connected to Windows Server 2003 3790 x86 compatible target at (Wed Apr 30 20:18:46.551 2014 (UTC + 2:00)), ptr64 FALSE *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. Loading Kernel Symbols ..................................................... Loading User Symbols .................................. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. *** Unable to resolve unqualified symbol in Bp expression 'GCHECK_STR: ACCESS_VIOLATION'. *** Unable to resolve unqualified symbol in Bp expression 'CKET_ID: ACCESS_VIOLATION_win32k!IntEngBitBlt+1ea'. FAULTING_IP: ntdll!DbgBreakPoint+0 001b:7c92c832 cc int 3 EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff) ExceptionAddress: 7c92c832 (ntdll!DbgBreakPoint) ExceptionCode: 80000003 (Break instruction exception) ExceptionFlags: 00000000 NumberParameters: 3 Parameter[0]: 00000000 Parameter[1]: 00000000 Parameter[2]: 00000000 DEFAULT_BUCKET_ID: HEAP_CORRUPTION ERROR_CODE: (NTSTATUS) 0x80000003 - {ERRORE DI EXCEPTION} Breakpoint stato raggiunto un breakpoint. EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - Uno o pi argomenti non validi. EXCEPTION_PARAMETER1: 00000000 EXCEPTION_PARAMETER2: 00000000 EXCEPTION_PARAMETER3: 00000000 NTGLOBALFLAG: 440000 APP: wordpad.exe ADDITIONAL_DEBUG_TEXT: Enable Pageheap/AutoVerifer ; Followup set based on attribute [Is_ChosenCrashFollowupThread] from Frame:[0] on thread:[PSEUDO_THREAD] LAST_CONTROL_TRANSFER: from 7c936e96 to 7c92c832 FAULTING_THREAD: 00000001 PRIMARY_PROBLEM_CLASS: HEAP_CORRUPTION BUGCHECK_STR: APPLICATION_FAULT_HEAP_CORRUPTION_HEAP_CORRUPTION STACK_TEXT: 00000000 00000000 heap_corruption!heap_corruption+0x0 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: heap_corruption!heap_corruption FOLLOWUP_NAME: MachineOwner MODULE_NAME: heap_corruption DEBUG_FLR_IMAGE_TIMESTAMP: 0 STACK_COMMAND: ** Pseudo Context ** ; kb FAILURE_BUCKET_ID: HEAP_CORRUPTION_80000003_heap_corruption!heap_corruption BUCKET_ID: APPLICATION_FAULT_HEAP_CORRUPTION_HEAP_CORRUPTION_heap_corruption!heap_corruption IMAGE_NAME: heap_corruption Followup: MachineOwner --------- kd> kb ChildEBP RetAddr Args to Child 0012b3a0 7c936e96 0012b3e4 7c92dc4a 7c986df0 ntdll!DbgBreakPoint 0012b3a8 7c92dc4a 7c986df0 7c986dd4 000008c8 ntdll!RtlAssert+0x46 [c:\reactos\lib\rtl\assert.c @ 119] 0012b3e4 7c92e5d2 007f0000 00000000 02991008 ntdll!RtlFreeHeap+0x27a [c:\reactos\lib\rtl\heap.c @ 2248] 0012b498 756b6a09 007f0000 00000000 02991008 ntdll!RtlReAllocateHeap+0x712 [c:\reactos\lib\rtl\heap.c @ 2909] 0012b4b0 756b8f50 02991008 00001000 00000000 RICHED20!heap_realloc+0x19 [c:\reactos\dll\win32\riched20\editor.h @ 75] 0012b574 756b9452 0012b5e0 00a2e880 00000000 RICHED20!itemize_para+0xe0 [c:\reactos\dll\win32\riched20\wrap.c @ 765] 0012b5d0 756b6b53 0012b5e0 00a2e880 39010103 RICHED20!ME_WrapTextParagraph+0x72 [c:\reactos\dll\win32\riched20\wrap.c @ 863] 0012b660 756a333d 007f2458 007f2458 0012ea48 RICHED20!ME_WrapMarkedParagraphs+0xc3 [c:\reactos\dll\win32\riched20\wrap.c @ 959] 0012b670 7569eaa9 007f2458 00000000 0012f1a4 RICHED20!ME_UpdateRepaint+0xd [c:\reactos\dll\win32\riched20\paint.c @ 121] 0012ea48 75696ea2 007f2458 00000001 0012f1a4 RICHED20!ME_StreamIn+0x8f9 [c:\reactos\dll\win32\riched20\editor.c @ 1663] 0012ef90 756a196e 007f2458 00000449 00000001 RICHED20!ME_HandleMessage+0x982 [c:\reactos\dll\win32\riched20\editor.c @ 3154] 0012f040 756a1a4d 00020116 00000449 00000001 RICHED20!RichEditWndProc_common+0x44e [c:\reactos\dll\win32\riched20\editor.c @ 4648] 0012f060 77a7880c 00020116 00000449 00000001 RICHED20!RichEditWndProcW+0x3d [c:\reactos\dll\win32\riched20\editor.c @ 4668] 0012f0f8 77a78f4c 00347d50 00020116 00000449 user32!IntCallWindowProcW+0x37c [c:\reactos\win32ss\user\user32\windows\message.c @ 1577] 0012f128 77a759ed 00347d50 00020116 00000449 user32!IntCallMessageProc+0x1ac [c:\reactos\win32ss\user\user32\windows\message.c @ 1811] 0012f18c 00406a8c 00020116 00000449 00000001 user32!SendMessageW+0x10d [c:\reactos\win32ss\user\user32\windows\message.c @ 2420] 0012f1c4 00406f60 0012f1d0 003a0043 0065005c wordpad!DoOpenFile+0x14c [c:\reactos\base\applications\wordpad\wordpad.c @ 809] 0012f430 004096f4 77a8bce5 77a4b69e 00020036 wordpad!DialogOpenFile+0xa0 [c:\reactos\base\applications\wordpad\wordpad.c @ 997] 0012fb40 0040a9d7 000400e2 000003e9 00000000 wordpad!OnCommand+0x1c4 [c:\reactos\base\applications\wordpad\wordpad.c @ 2096] 0012fd60 77a7880c 000400e2 00000111 000003e9 wordpad!WndProc+0x117 [c:\reactos\base\applications\wordpad\wordpad.c @ 2596] 0012fdf8 77a78f4c 003467e8 000400e2 00000111 user32!IntCallWindowProcW+0x37c [c:\reactos\win32ss\user\user32\windows\message.c @ 1577] 0012fe28 77a74d90 003467e8 000400e2 00000111 user32!IntCallMessageProc+0x1ac [c:\reactos\win32ss\user\user32\windows\message.c @ 1811] 0012fe7c 004051f4 0012feb8 00000030 00000000 user32!DispatchMessageW+0x1e0 [c:\reactos\win32ss\user\user32\windows\message.c @ 2069] 0012ff04 0040c45e 00400000 00000000 00133ed3 wordpad!WinMain+0x2b4 [c:\reactos\base\applications\wordpad\wordpad.c @ 2727] 0012ff1c 0040c365 00000001 001319d8 00131d80 wordpad!main+0x1e [c:\reactos\lib\sdk\crt\startup\crt0_c.c @ 22] 0012ffb4 0040c3bf 000000ff 0012fff0 77d8f797 wordpad!__tmainCRTStartup+0x255 [c:\reactos\lib\sdk\crt\startup\crtexe.c @ 310] 0012ffc0 77d8f797 00000000 00000000 7ffba000 wordpad!WinMainCRTStartup+0x1f [c:\reactos\lib\sdk\crt\startup\crtexe.c @ 168] 0012fff0 00000000 0040c3a0 00000000 ec0100ed kernel32!BaseProcessStartup+0x57 [c:\reactos\dll\win32\kernel32\client\proc.c @ 478]