-
Bug
-
Resolution: Not an Issue
-
P3
-
9
While testing jaccesswalker(32) from 9ea+115 on Windows 8.1 there was reproducible stack overflow scenario.
The following steps lead to the crash:
i) Enable Accessibility with jabswitch
ii) Start SwingSet2
iii) start jaccesswalker , select "Refresh Tree" , "[]...." appears, select "Refresh Tree" again, then a crash appears (listed below).
(a58.ba8): Stack overflow - code c00000fd (!!! second chance !!!)
eax=00142000 ebx=00020980 ecx=00142eac edx=00305618 esi=001450ec edi=00145044
eip=003b7c37 esp=00144fd0 ebp=00144fe4 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206
jaccesswalker_32+0x7c37:
003b7c37 8500 test dword ptr [eax],eax ds:0023:00142000=00000000
0:000> kp
ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may be wrong.
00144fe4 003b6ab6 jaccesswalker_32+0x7c37
00147148 003b6ab6 jaccesswalker_32+0x6ab6
001492ac 003b6ab6 jaccesswalker_32+0x6ab6
0014b410 003b6ab6 jaccesswalker_32+0x6ab6
0014d574 003b6ab6 jaccesswalker_32+0x6ab6
0014f6d8 003b6ab6 jaccesswalker_32+0x6ab6
0015183c 003b6ab6 jaccesswalker_32+0x6ab6
001539a0 003b6ab6 jaccesswalker_32+0x6ab6
00155b04 003b6ab6 jaccesswalker_32+0x6ab6
00157c68 003b6ab6 jaccesswalker_32+0x6ab6
00159dcc 003b6ab6 jaccesswalker_32+0x6ab6
0015bf30 003b6ab6 jaccesswalker_32+0x6ab6
0015e094 003b6ab6 jaccesswalker_32+0x6ab6
001601f8 003b6ab6 jaccesswalker_32+0x6ab6
0016235c 003b6ab6 jaccesswalker_32+0x6ab6
001644c0 003b6ab6 jaccesswalker_32+0x6ab6
00166624 003b6ab6 jaccesswalker_32+0x6ab6
00168788 003b6ab6 jaccesswalker_32+0x6ab6
0016a8ec 003b6ab6 jaccesswalker_32+0x6ab6
0016ca50 003b6ab6 jaccesswalker_32+0x6ab6
0016ebb4 003b6ab6 jaccesswalker_32+0x6ab6
00170d18 003b6ab6 jaccesswalker_32+0x6ab6
00172e7c 003b6ab6 jaccesswalker_32+0x6ab6
00174fe0 003b6ab6 jaccesswalker_32+0x6ab6
00177144 003b6ab6 jaccesswalker_32+0x6ab6
001792a8 003b6ab6 jaccesswalker_32+0x6ab6
0017b40c 003b6ab6 jaccesswalker_32+0x6ab6
0017d570 003b6ab6 jaccesswalker_32+0x6ab6
0017f6d4 003b6ab6 jaccesswalker_32+0x6ab6
00181838 003b6ab6 jaccesswalker_32+0x6ab6
0018399c 003b6ab6 jaccesswalker_32+0x6ab6
00185b00 003b6ab6 jaccesswalker_32+0x6ab6
00187c64 003b6ab6 jaccesswalker_32+0x6ab6
00189dc8 003b6ab6 jaccesswalker_32+0x6ab6
0018bf2c 003b6ab6 jaccesswalker_32+0x6ab6
0018e090 003b6ab6 jaccesswalker_32+0x6ab6
001901f4 003b6ab6 jaccesswalker_32+0x6ab6
00192358 003b6ab6 jaccesswalker_32+0x6ab6
001944bc 003b6ab6 jaccesswalker_32+0x6ab6
00196620 003b6ab6 jaccesswalker_32+0x6ab6
00198784 003b6ab6 jaccesswalker_32+0x6ab6
0019a8e8 003b6ab6 jaccesswalker_32+0x6ab6
0019ca4c 003b6ab6 jaccesswalker_32+0x6ab6
0019ebb0 003b6ab6 jaccesswalker_32+0x6ab6
001a0d14 003b6ab6 jaccesswalker_32+0x6ab6
001a2e78 003b6ab6 jaccesswalker_32+0x6ab6
001a4fdc 003b6ab6 jaccesswalker_32+0x6ab6
001a7140 003b6ab6 jaccesswalker_32+0x6ab6
001a92a4 003b6ab6 jaccesswalker_32+0x6ab6
001ab408 003b6ab6 jaccesswalker_32+0x6ab6
001ad56c 003b6ab6 jaccesswalker_32+0x6ab6
001af6d0 003b6ab6 jaccesswalker_32+0x6ab6
001b1834 003b6ab6 jaccesswalker_32+0x6ab6
001b3998 003b6ab6 jaccesswalker_32+0x6ab6
001b5afc 003b6ab6 jaccesswalker_32+0x6ab6
001b7c60 003b6ab6 jaccesswalker_32+0x6ab6
001b9dc4 003b6ab6 jaccesswalker_32+0x6ab6
001bbf28 003b6ab6 jaccesswalker_32+0x6ab6
001be08c 003b6ab6 jaccesswalker_32+0x6ab6
001c01f0 003b6ab6 jaccesswalker_32+0x6ab6
001c2354 003b6ab6 jaccesswalker_32+0x6ab6
001c44b8 003b6ab6 jaccesswalker_32+0x6ab6
001c661c 003b6ab6 jaccesswalker_32+0x6ab6
001c8780 003b6ab6 jaccesswalker_32+0x6ab6
001ca8e4 003b6ab6 jaccesswalker_32+0x6ab6
001cca48 003b6ab6 jaccesswalker_32+0x6ab6
001cebac 003b6ab6 jaccesswalker_32+0x6ab6
001d0d10 003b6ab6 jaccesswalker_32+0x6ab6
001d2e74 003b6ab6 jaccesswalker_32+0x6ab6
001d4fd8 003b6ab6 jaccesswalker_32+0x6ab6
001d713c 003b6ab6 jaccesswalker_32+0x6ab6
001d92a0 003b6ab6 jaccesswalker_32+0x6ab6
001db404 003b6ab6 jaccesswalker_32+0x6ab6
001dd568 003b6ab6 jaccesswalker_32+0x6ab6
001df6cc 003b6ec4 jaccesswalker_32+0x6ab6
*001df804 77221655 jaccesswalker_32+0x6ec4
001df838 772216ca USER32!IsChild+0x355
001df854 003b687c USER32!EnumWindows+0x1a
001df868 003b6cb8 jaccesswalker_32+0x687c
001df8e4 77218c50 jaccesswalker_32+0x6cb8
001df910 77218e21 USER32!DispatchMessageW+0x40
001df994 77218bab USER32!CallNextHookEx+0x191
001df9f4 77224360 USER32!NotifyWinEvent+0x22b
001df9fc 003b6840 USER32!DispatchMessageA+0x10
001dfa68 003b6458 jaccesswalker_32+0x6840
001dfa80 003b7e8b jaccesswalker_32+0x6458
001dfacc 76964198 jaccesswalker_32+0x7e8b
001dfae0 773c32d1 KERNEL32!BaseThreadInitThunk+0x28
001dfb28 773c329f ntdll!LdrRemoveLoadAsDataTable+0x191
001dfb38 00000000 ntdll!LdrRemoveLoadAsDataTable+0x15f
The following steps lead to the crash:
i) Enable Accessibility with jabswitch
ii) Start SwingSet2
iii) start jaccesswalker , select "Refresh Tree" , "[]...." appears, select "Refresh Tree" again, then a crash appears (listed below).
(a58.ba8): Stack overflow - code c00000fd (!!! second chance !!!)
eax=00142000 ebx=00020980 ecx=00142eac edx=00305618 esi=001450ec edi=00145044
eip=003b7c37 esp=00144fd0 ebp=00144fe4 iopl=0 nv up ei pl nz na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010206
jaccesswalker_32+0x7c37:
003b7c37 8500 test dword ptr [eax],eax ds:0023:00142000=00000000
0:000> kp
ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may be wrong.
00144fe4 003b6ab6 jaccesswalker_32+0x7c37
00147148 003b6ab6 jaccesswalker_32+0x6ab6
001492ac 003b6ab6 jaccesswalker_32+0x6ab6
0014b410 003b6ab6 jaccesswalker_32+0x6ab6
0014d574 003b6ab6 jaccesswalker_32+0x6ab6
0014f6d8 003b6ab6 jaccesswalker_32+0x6ab6
0015183c 003b6ab6 jaccesswalker_32+0x6ab6
001539a0 003b6ab6 jaccesswalker_32+0x6ab6
00155b04 003b6ab6 jaccesswalker_32+0x6ab6
00157c68 003b6ab6 jaccesswalker_32+0x6ab6
00159dcc 003b6ab6 jaccesswalker_32+0x6ab6
0015bf30 003b6ab6 jaccesswalker_32+0x6ab6
0015e094 003b6ab6 jaccesswalker_32+0x6ab6
001601f8 003b6ab6 jaccesswalker_32+0x6ab6
0016235c 003b6ab6 jaccesswalker_32+0x6ab6
001644c0 003b6ab6 jaccesswalker_32+0x6ab6
00166624 003b6ab6 jaccesswalker_32+0x6ab6
00168788 003b6ab6 jaccesswalker_32+0x6ab6
0016a8ec 003b6ab6 jaccesswalker_32+0x6ab6
0016ca50 003b6ab6 jaccesswalker_32+0x6ab6
0016ebb4 003b6ab6 jaccesswalker_32+0x6ab6
00170d18 003b6ab6 jaccesswalker_32+0x6ab6
00172e7c 003b6ab6 jaccesswalker_32+0x6ab6
00174fe0 003b6ab6 jaccesswalker_32+0x6ab6
00177144 003b6ab6 jaccesswalker_32+0x6ab6
001792a8 003b6ab6 jaccesswalker_32+0x6ab6
0017b40c 003b6ab6 jaccesswalker_32+0x6ab6
0017d570 003b6ab6 jaccesswalker_32+0x6ab6
0017f6d4 003b6ab6 jaccesswalker_32+0x6ab6
00181838 003b6ab6 jaccesswalker_32+0x6ab6
0018399c 003b6ab6 jaccesswalker_32+0x6ab6
00185b00 003b6ab6 jaccesswalker_32+0x6ab6
00187c64 003b6ab6 jaccesswalker_32+0x6ab6
00189dc8 003b6ab6 jaccesswalker_32+0x6ab6
0018bf2c 003b6ab6 jaccesswalker_32+0x6ab6
0018e090 003b6ab6 jaccesswalker_32+0x6ab6
001901f4 003b6ab6 jaccesswalker_32+0x6ab6
00192358 003b6ab6 jaccesswalker_32+0x6ab6
001944bc 003b6ab6 jaccesswalker_32+0x6ab6
00196620 003b6ab6 jaccesswalker_32+0x6ab6
00198784 003b6ab6 jaccesswalker_32+0x6ab6
0019a8e8 003b6ab6 jaccesswalker_32+0x6ab6
0019ca4c 003b6ab6 jaccesswalker_32+0x6ab6
0019ebb0 003b6ab6 jaccesswalker_32+0x6ab6
001a0d14 003b6ab6 jaccesswalker_32+0x6ab6
001a2e78 003b6ab6 jaccesswalker_32+0x6ab6
001a4fdc 003b6ab6 jaccesswalker_32+0x6ab6
001a7140 003b6ab6 jaccesswalker_32+0x6ab6
001a92a4 003b6ab6 jaccesswalker_32+0x6ab6
001ab408 003b6ab6 jaccesswalker_32+0x6ab6
001ad56c 003b6ab6 jaccesswalker_32+0x6ab6
001af6d0 003b6ab6 jaccesswalker_32+0x6ab6
001b1834 003b6ab6 jaccesswalker_32+0x6ab6
001b3998 003b6ab6 jaccesswalker_32+0x6ab6
001b5afc 003b6ab6 jaccesswalker_32+0x6ab6
001b7c60 003b6ab6 jaccesswalker_32+0x6ab6
001b9dc4 003b6ab6 jaccesswalker_32+0x6ab6
001bbf28 003b6ab6 jaccesswalker_32+0x6ab6
001be08c 003b6ab6 jaccesswalker_32+0x6ab6
001c01f0 003b6ab6 jaccesswalker_32+0x6ab6
001c2354 003b6ab6 jaccesswalker_32+0x6ab6
001c44b8 003b6ab6 jaccesswalker_32+0x6ab6
001c661c 003b6ab6 jaccesswalker_32+0x6ab6
001c8780 003b6ab6 jaccesswalker_32+0x6ab6
001ca8e4 003b6ab6 jaccesswalker_32+0x6ab6
001cca48 003b6ab6 jaccesswalker_32+0x6ab6
001cebac 003b6ab6 jaccesswalker_32+0x6ab6
001d0d10 003b6ab6 jaccesswalker_32+0x6ab6
001d2e74 003b6ab6 jaccesswalker_32+0x6ab6
001d4fd8 003b6ab6 jaccesswalker_32+0x6ab6
001d713c 003b6ab6 jaccesswalker_32+0x6ab6
001d92a0 003b6ab6 jaccesswalker_32+0x6ab6
001db404 003b6ab6 jaccesswalker_32+0x6ab6
001dd568 003b6ab6 jaccesswalker_32+0x6ab6
001df6cc 003b6ec4 jaccesswalker_32+0x6ab6
*001df804 77221655 jaccesswalker_32+0x6ec4
001df838 772216ca USER32!IsChild+0x355
001df854 003b687c USER32!EnumWindows+0x1a
001df868 003b6cb8 jaccesswalker_32+0x687c
001df8e4 77218c50 jaccesswalker_32+0x6cb8
001df910 77218e21 USER32!DispatchMessageW+0x40
001df994 77218bab USER32!CallNextHookEx+0x191
001df9f4 77224360 USER32!NotifyWinEvent+0x22b
001df9fc 003b6840 USER32!DispatchMessageA+0x10
001dfa68 003b6458 jaccesswalker_32+0x6840
001dfa80 003b7e8b jaccesswalker_32+0x6458
001dfacc 76964198 jaccesswalker_32+0x7e8b
001dfae0 773c32d1 KERNEL32!BaseThreadInitThunk+0x28
001dfb28 773c329f ntdll!LdrRemoveLoadAsDataTable+0x191
001dfb38 00000000 ntdll!LdrRemoveLoadAsDataTable+0x15f