Skip to content
This repository was archived by the owner on Aug 15, 2025. It is now read-only.
This repository was archived by the owner on Aug 15, 2025. It is now read-only.

ExtTextOutW triggers blue screen #1

Open
Open
ExtTextOutW triggers blue screen#1
@romanholidaypancakes

Description

@romanholidaypancakes
romanholidaypancakes
opened on Jun 12, 2024
0: kd> K
 # Child-SP          RetAddr               Call Site
00 ffff8e05`cdebb388 fffff806`66d40572     nt!DbgBreakPointWithStatus
01 ffff8e05`cdebb390 fffff806`66d3fcf7     nt!KiBugCheckDebugBreak+0x12
02 ffff8e05`cdebb3f0 fffff806`66c60147     nt!KeBugCheck2+0x957
03 ffff8e05`cdebbb10 fffff806`66c71869     nt!KeBugCheckEx+0x107
04 ffff8e05`cdebbb50 fffff806`66c71c10     nt!KiBugCheckDispatch+0x69
05 ffff8e05`cdebbc90 fffff806`66c70008     nt!KiFastFailDispatch+0xd0
06 ffff8e05`cdebbe70 ffff8f8f`09e69e5f     nt!KiRaiseSecurityCheckFailure+0x308
07 ffff8e05`cdebc000 ffff8f8f`09a53207     win32kbase!RGNMEMOBJ::vPushThreadGuardedObject+0xabb0f
08 ffff8e05`cdebc030 ffff8f8f`09a559b3     win32kfull!vSpUpdateDirtyRgn+0x97
09 ffff8e05`cdebc140 ffff8f8f`09a581a5     win32kfull!GreUpdateSpriteInternal+0x3b3
0a ffff8e05`cdebc390 ffff8f8f`09a51c0f     win32kfull!GreUpdateSpriteDevLockEnd+0x1b5
0b ffff8e05`cdebc680 ffff8f8f`09a4b240     win32kfull!DEVLOCKOBJ::vDestructor+0x2cf
0c ffff8e05`cdebc6f0 ffff8f8f`09a4aace     win32kfull!GreExtTextOutWInternal+0x104
0d ffff8e05`cdebc7e0 fffff806`4daf212e     win32kfull!NtGdiExtTextOutW+0x2fe
0e ffff8e05`cdebc9d0 fffff806`4daf1742     KernelOverlay!NtGdiExtTextOutW+0x9e [ Kernel-DWM-Overlay-master\KernelDWMOverlay\Import.h @ 255] 
0f ffff8e05`cdebca50 fffff806`4daf148e     KernelOverlay!Overlay::ExtTextOutW+0x222 [ Kernel-DWM-Overlay-master\KernelDWMOverlay\Overlay.h @ 276] 
10 ffff8e05`cdebcb00 fffff806`4daf1fcc     KernelOverlay!Overlay::DrawText+0x8e [ Kernel-DWM-Overlay-master\KernelDWMOverlay\Overlay.h @ 347] 
11 ffff8e05`cdebcb80 fffff806`66bd06c5     KernelOverlay!MainThread+0xec [ Kernel-DWM-Overlay-master\KernelDWMOverlay\Main.cpp @ 18] 
12 ffff8e05`cdebcc10 fffff806`66c6749c     nt!PspSystemThreadStartup+0x55
13 ffff8e05`cdebcc60 00000000`00000000     nt!KiStartSystemThread+0x1c

I also saw that the code would modify the eprocess and ethread related fields, which seems to cause the pg blue screen. Do you have any good suggestions?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions