paulstelian97

Weird Windows 10 EFI kernel issue

Sun Dec 25, 2016 1:53 pm

How to reproduce:
0. On some computers it does not appear. But on those where it does, it can be reproduced consistently.
1. Install and run Process Hacker with the kernel-mode driver. As soon as the driver is unloaded, the bug disappears.
2. Do a lot of things to overload the system. CPU-bound overloading is best.
3. winlogon.exe will enter a peculiar wait state, and won't exit from that state until the kernel mode Process Hacker driver is unloaded.

Manifestation:
While in that wait state, winlogon.exe will not respond to shutdown/reboot requests, nor to Ctrl-Alt-Del.

Sorry for not being able to point directly to which component of the driver does this, and I don't think crash dumps are of any use (since they only capture the user-mode side, which has no relevance to the manifestation of this bug)

System: Windows 10 Anniversary Update (on older ones the bug was not present), EFI, Intel Core i3-5005U CPU (on both laptops where I saw it happen). System is up-to-date as of this writing (25.12.2016 15:54 UTC+2)
 
Ethiopian19

Re: Weird Windows 10 EFI kernel issue

Mon Jan 30, 2017 12:21 am

Yeah, I can confirm this. I get the same issue in Windows 10.

EFI installation of Windows 10, build 14393.693
 
User avatar
dmex
Posts: 1204
Location: Australia

Re: Weird Windows 10 EFI kernel issue

Tue Jul 11, 2017 4:58 am

On some computers it does not appear. But on those where it does, it can be reproduced consistently.
We have the suspicion it's caused by Avast?

Process Hacker is developed only on Windows 10 (installed with UEFI) and we haven't been able to reproduce this issue... can you please list the software you have installed on those machines?
winlogon.exe will enter a peculiar wait state, and won't exit from that state until the kernel mode Process Hacker driver is unloaded.
Can you post stacktraces for all winlogon threads and what security software are you using?

Who is online

Users browsing this forum: No registered users and 1 guest