Everything x64 Crash bug: INVALID_POINTER_READ

Found a bug in "Everything"? report it here
Post Reply
Debugger
Posts: 630
Joined: Thu Jan 26, 2017 11:56 am

Everything x64 Crash bug: INVALID_POINTER_READ

Post by Debugger »

Everything x64

Version 1.4.1.877 (x64)
Basically the application crashed for memory access violation. The following link would give you more information on this:

Code: Select all

Failed calling InternetOpenUrl, GLE=12029

FAULTING_IP: 
Everything+ca0c9
00000001`400ca0c9 8903            mov     dword ptr [rbx],eax

EXCEPTION_RECORD:  ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 00000001400ca0c9 (Everything+0x00000000000ca0c9)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 00000000ef54fadc
Attempt to write to address 00000000ef54fadc

PROCESS_NAME:  Everything.exe

ADDITIONAL_DEBUG_TEXT:  
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.

FAULTING_MODULE: 0000000076dc0000 ntdll

DEBUG_FLR_IMAGE_TIMESTAMP:  59375034

ERROR_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo

EXCEPTION_PARAMETER1:  0000000000000001

EXCEPTION_PARAMETER2:  00000000ef54fadc

WRITE_ADDRESS:  00000000ef54fadc 

FOLLOWUP_IP: 
Everything+ca0c9
00000001`400ca0c9 8903            mov     dword ptr [rbx],eax

MOD_LIST: <ANALYSIS/>

FAULTING_THREAD:  00000000000013ec

BUGCHECK_STR:  APPLICATION_FAULT_INVALID_POINTER_READ_INVALID_POINTER_WRITE_WRONG_SYMBOLS

PRIMARY_PROBLEM_CLASS:  INVALID_POINTER_READ

DEFAULT_BUCKET_ID:  INVALID_POINTER_READ

LAST_CONTROL_TRANSFER:  from 00000001400bd761 to 00000001400ca0c9

STACK_TEXT:  
00000000`0012f400 00000001`400bd761 : 00000000`3a07f580 00000000`0e0e1e0c 00000000`022e5f51 00000000`76bb75ea : Everything+0xca0c9
00000000`0012f840 00000001`400f3b3b : 00000000`00000000 00000000`0000007f 00000000`00000000 00000000`76bb9690 : Everything+0xbd761
00000000`0012f870 00000000`76bb9bbd : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : Everything+0xf3b3b
00000000`0012fb00 00000000`76bb98c2 : 00000000`0012fc70 00000001`400f3770 00000000`00000000 00000000`008ddae0 : user32!TranslateMessageEx+0x29d
00000000`0012fbc0 00000001`400ce93f : 00000000`00900145 00000000`00900145 00000001`400f3770 00000000`00000001 : user32!TranslateMessage+0x1e2
00000000`0012fc40 00000001`4000d669 : 00000000`00000001 00000000`00000000 000042ff`00000008 00000000`00000000 : Everything+0xce93f
00000000`0012fec0 00000000`76cb5a4d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : Everything+0xd669
00000000`0012ff60 00000000`76e1383d : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`0012ff90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d


STACK_COMMAND:  ~0s; .ecxr ; kb

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  Everything+ca0c9

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Everything

IMAGE_NAME:  Everything.exe

BUCKET_ID:  WRONG_SYMBOLS

FAILURE_BUCKET_ID:  INVALID_POINTER_READ_c0000005_Everything.exe!Unknown

WATSON_STAGEONE_URL:  http://watson.microsoft.com/StageOne/Everything_exe/1_4_1_877/59375034/Everything_exe/1_4_1_877/59375034/c0000005/000ca0c9.htm?Retriage=1

Followup: MachineOwner
---------

0:000> .exr 0xffffffffffffffff
ExceptionAddress: 00000001400ca0c9 (Everything+0x00000000000ca0c9)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 00000000ef54fadc
Attempt to write to address 00000000ef54fadc
void
Developer
Posts: 16680
Joined: Fri Oct 16, 2009 11:31 pm

Re: Everything x64 Crash bug: INVALID_POINTER_READ

Post by void »

Thanks for the bug report and crash information.
00000001400ca0c9
The crash occurred when building an IPC reply.
Specifically when Everything fills in the Extension information for the IPC reply.

Did you issue a command with ES before this crash? if so what was the command?
Did you send Everything an IPC message?
Debugger
Posts: 630
Joined: Thu Jan 26, 2017 11:56 am

Re: Everything x64 Crash bug: INVALID_POINTER_READ

Post by Debugger »

Probably none of these things. Only I started Everything and in an unexpected moment it crashed.
Post Reply