Author: Odd
Subject: handle.exe crash
Posted: 10 July 2014 at 12:40am
We are using handle.exe version 3.51 and also getting this blue screen.
Subject: handle.exe crash
Posted: 10 July 2014 at 12:40am
We are using handle.exe version 3.51 and also getting this blue screen.
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced. This cannot be protected by try-except,
it must be protected by a Probe. Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffff8a02c14b00d, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffff8800698cd39, If non-zero, the instruction address which referenced the bad memory
address.
Arg4: 0000000000000000, (reserved)
Debugging Details:
------------------
READ_ADDRESS: fffff8a02c14b00d Paged pool
FAULTING_IP:
PROCEXP152+1d39
fffff880`0698cd39 0fb6404d movzx eax,byte ptr [rax+4Dh]
MM_INTERNAL_CODE: 0
IMAGE_NAME: PROCEXP152.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 50c7fe0b
MODULE_NAME: PROCEXP152
FAULTING_MODULE: fffff8800698b000 PROCEXP152
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0x50
PROCESS_NAME: handle64.exe
CURRENT_IRQL: 0
TRAP_FRAME: fffff8800b753360 -- (.trap 0xfffff8800b753360)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffff8a02c14afc0 rbx=0000000000000000 rcx=0000000000000000
rdx=0000000000000000 rsi=0000000000000000 rdi=0000000000000000
rip=fffff8800698cd39 rsp=fffff8800b7534f0 rbp=fffff8800b753b60
r8=0000000000000001 r9=0000000000000002 r10=fffffa8093b1c060
r11=0000000000000001 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei pl nz na pe nc
PROCEXP152+0x1d39:
fffff880`0698cd39 0fb6404d movzx eax,byte ptr [rax+4Dh] ds:fffff8a0`2c14b00d=??
Resetting default scope
LAST_CONTROL_TRANSFER: from fffff80002d0abf0 to fffff80002c8cbc0
STACK_TEXT:
fffff880`0b7531f8 fffff800`02d0abf0 : 00000000`00000050 fffff8a0`2c14b00d 00000000`00000000 fffff880`0b753360 : nt!KeBugCheckEx
fffff880`0b753200 fffff800`02c8acee : 00000000`00000000 fffff8a0`2c14b00d 00000000`00000000 fffffa80`aaf80850 : nt! ?? ::FNODOBFM::`string'+0x4518f
fffff880`0b753360 fffff880`0698cd39 : fffff880`0b753b60 fffffa80`aaf80850 fffffa80`aaf80850 fffff800`00000001 : nt!KiPageFault+0x16e
fffff880`0b7534f0 fffff880`0698dce9 : 00000000`00000001 fffffa80`a571e7c0 fffffa80`a571e7c0 fffffa80`89f38f18 : PROCEXP152+0x1d39
fffff880`0b753610 fffff880`0698e2cd : fffffa80`aaf80850 fffff800`02f9ac01 fffffa80`a571e7c0 00000000`00000020 : PROCEXP152+0x2ce9
fffff880`0b753800 fffff800`02fa9e67 : fffffa80`31287ce0 fffffa80`89f38ee0 fffffa80`89f38ff8 fffffa80`89f38ee0 : PROCEXP152+0x32cd
fffff880`0b7538d0 fffff800`02faa6c6 : fffffa80`93b1c060 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0x607
fffff880`0b753a00 fffff800`02c8be53 : fffffa80`93b1c060 00000000`00000001 fffffa80`700a3380 fffff800`02f847a4 : nt!NtDeviceIoControlFile+0x56
fffff880`0b753a70 00000000`778e132a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x13
00000000`0012d348 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x778e132a
STACK_COMMAND: kb
FOLLOWUP_IP:
PROCEXP152+1d39
fffff880`0698cd39 0fb6404d movzx eax,byte ptr [rax+4Dh]
SYMBOL_STACK_INDEX: 3
SYMBOL_NAME: PROCEXP152+1d39
FOLLOWUP_NAME: MachineOwner
FAILURE_BUCKET_ID: X64_0x50_PROCEXP152+1d39
BUCKET_ID: X64_0x50_PROCEXP152+1d39