crash after layout edits
Posted: 09.09.2016, 00:50
to repro create some layouts, then edit them, delete, rename etc. and you may crash
date/time : 2016-09-09, 00:45:14, 814ms
executable : FreeCommander.exe
exec. date/time : 2016-08-13 20:05
version : 2016.0.0.727
compiled with : Delphi XE7
madExcept version : 4.0.12
contact name : rfg
contact email : sdfa@dsa.com
callstack crc : $8fd5ad08, $4d52f5fb, $d5816c20
exception number : 2
exception class : EAccessViolation
exception message : Access violation at address 000000000040E9A5 in module 'FreeCommander.exe'. Read of address FFFFFFFFFFFFFFFF.
main thread ($1408):
0040e9a5 +015 FreeCommander.exe System TObject.Free
00d8a1a0 +020 FreeCommander.exe fcLayoutsConfig 289 +3 TfcLayoutsConfig.ClearList
00d8a14a +01a FreeCommander.exe fcLayoutsConfig 278 +1 TfcLayoutsConfig.Destroy
0040e9a5 +015 FreeCommander.exe System TObject.Free
0109a2a7 +027 FreeCommander.exe fcLayoutsDlg 195 +3 TfcDlgLayouts.FormDestroy
0084de93 +033 FreeCommander.exe Vcl.Forms TCustomForm.DoDestroy
0084dbcc +08c FreeCommander.exe Vcl.Forms TCustomForm.Destroy
0040e9a5 +015 FreeCommander.exe System TObject.Free
0109984c +10c FreeCommander.exe fcLayoutsDlg 122 +19 ShowLayoutsEditDialog
010c0c60 +020 FreeCommander.exe FcMain 6480 +5 TFcFormMain.actViewLayoutEditExecute
005e8a10 +020 FreeCommander.exe System.Classes TBasicAction.Execute
006860c5 +0c5 FreeCommander.exe Vcl.ActnList TCustomAction.Execute
005e8724 +024 FreeCommander.exe System.Classes TBasicActionLink.Execute
00834a5c +0cc FreeCommander.exe Vcl.Menus TMenuItem.Click
008372df +01f FreeCommander.exe Vcl.Menus TMenu.DispatchCommand
00854534 +044 FreeCommander.exe Vcl.Forms TCustomForm.WMCommand
0040f0ce +03e FreeCommander.exe System TObject.Dispatch
006b5f03 +383 FreeCommander.exe Vcl.Controls TControl.WndProc
006bd517 +8b7 FreeCommander.exe Vcl.Controls TWinControl.WndProc
0084f969 +8d9 FreeCommander.exe Vcl.Forms TCustomForm.WndProc
010b34e5 +035 FreeCommander.exe FcMain 2428 +2 TFcFormMain.WndProc
006bc73a +02a FreeCommander.exe Vcl.Controls TWinControl.MainWndProc
005e9ef3 +023 FreeCommander.exe System.Classes StdWndProc
76cd9925 +000 USER32.dll DispatchMessageW
0085dddf +12f FreeCommander.exe Vcl.Forms TApplication.ProcessMessage
0085de53 +013 FreeCommander.exe Vcl.Forms TApplication.HandleMessage
0085e2ef +0ef FreeCommander.exe Vcl.Forms TApplication.Run
010e82c3 +3c3 FreeCommander.exe FreeCommander 458 +102 initialization
76bb59bb +00b kernel32.dll BaseThreadInitThunk
thread $e04:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $1704:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $ae4:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1a9c:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $19c0:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1274:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1308:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $17c8:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00a49808 +a8 FreeCommander.exe RzShellCtrls 3841 +11 TRzChangeHandlerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1258: <priority:1>
7fefcb91 +96 KERNELBASE.dll WaitForSingleObjectEx
00ccddc4 +64 FreeCommander.exe fcIconThread 359 +6 TVirtualImageThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $2b4:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $1968:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $96c:
76bb59bb +b kernel32.dll BaseThreadInitThunk
modules:
C:\Windows\system32
processes:
1188 FreeCommander.exe 1 452 279 normal D:\FreeCommanderXE-64(New)
hardware:
cpu registers:
rax = 0000000003b991c0
rbx = 000204b000d84ab0
rcx = 0000000003b991c0
rdx = 0000000000000001
rsi = 0000000000000000
rdi = 0000000006f9ecc0
rip = 000000000040e9a5
rsp = 000000000022f420
rbp = 000000000022f530
r8 = 0000000000000001
r9 = 000000000022f238
r10 = 0000000000000000
r11 = 0000141000090003
r12 = 0000000000000000
r13 = 0000000000000111
r14 = 0000000000000000
r15 = 0000000000040646
stack dump:
0022f420 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f430 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f440 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f450 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f460 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f470 05 fa 08 03 00 00 00 00 - 50 73 27 08 00 00 00 00 ........Ps'.....
0022f480 00 00 00 00 00 00 00 00 - 10 43 6e 04 00 00 00 00 .........Cn.....
0022f490 e0 0b 00 00 c4 01 00 00 - 00 00 00 00 00 00 00 00 ................
0022f4a0 b4 f4 22 00 00 00 00 00 - c0 ec f9 06 00 00 00 00 ..".............
0022f4b0 30 f5 22 00 00 00 00 00 - 79 7c 50 00 00 00 00 00 0.".....y|P.....
0022f4c0 00 e2 03 03 00 00 00 00 - 50 e1 e4 06 00 00 00 00 ........P.......
0022f4d0 a5 e9 40 00 00 00 00 00 - 01 73 27 08 00 00 00 00 ..@......s'.....
0022f4e0 20 f4 22 00 00 00 00 00 - 30 f5 22 00 00 00 00 00 .".....0.".....
0022f4f0 08 a9 a1 0a 00 00 00 00 - 05 a2 09 01 00 00 00 00 ................
0022f500 50 73 27 08 00 00 00 00 - 00 00 00 00 00 00 00 00 Ps'.............
0022f510 00 00 00 00 00 00 00 00 - 38 79 27 08 00 00 00 00 ........8y'.....
0022f520 80 e2 03 03 00 00 00 00 - a9 de 84 00 00 00 00 00 ................
0022f530 70 00 00 00 00 00 00 00 - 78 83 09 01 00 00 00 00 p.......x.......
0022f540 80 e2 03 03 00 00 00 00 - 95 f4 40 00 00 00 00 00 ..........@.....
0022f550 2f 9c cd 76 00 00 00 00 - 30 f5 22 00 00 00 00 00 /..v....0.".....
disassembling:
[...]
00d8a191 jl loc_d8a1ad
00d8a193 289 mov rcx, rbx
00d8a196 mov edx, esi
00d8a198 call +$e3 ($d8a280) ; fcLayoutsConfig.TfcLayoutsConfig.GetItem
00d8a19d mov rcx, rax
00d8a1a0 > call -$97b815 ($40e990) ; System.TObject.Free
00d8a1a5 290 sub esi, 1
00d8a1a8 287 cmp esi, -1
00d8a1ab jnz loc_d8a193
00d8a1ad nop
00d8a1ae 292 mov rcx, rbx
[...]
error details:
date/time : 2016-09-09, 00:45:14, 814ms
executable : FreeCommander.exe
exec. date/time : 2016-08-13 20:05
version : 2016.0.0.727
compiled with : Delphi XE7
madExcept version : 4.0.12
contact name : rfg
contact email : sdfa@dsa.com
callstack crc : $8fd5ad08, $4d52f5fb, $d5816c20
exception number : 2
exception class : EAccessViolation
exception message : Access violation at address 000000000040E9A5 in module 'FreeCommander.exe'. Read of address FFFFFFFFFFFFFFFF.
main thread ($1408):
0040e9a5 +015 FreeCommander.exe System TObject.Free
00d8a1a0 +020 FreeCommander.exe fcLayoutsConfig 289 +3 TfcLayoutsConfig.ClearList
00d8a14a +01a FreeCommander.exe fcLayoutsConfig 278 +1 TfcLayoutsConfig.Destroy
0040e9a5 +015 FreeCommander.exe System TObject.Free
0109a2a7 +027 FreeCommander.exe fcLayoutsDlg 195 +3 TfcDlgLayouts.FormDestroy
0084de93 +033 FreeCommander.exe Vcl.Forms TCustomForm.DoDestroy
0084dbcc +08c FreeCommander.exe Vcl.Forms TCustomForm.Destroy
0040e9a5 +015 FreeCommander.exe System TObject.Free
0109984c +10c FreeCommander.exe fcLayoutsDlg 122 +19 ShowLayoutsEditDialog
010c0c60 +020 FreeCommander.exe FcMain 6480 +5 TFcFormMain.actViewLayoutEditExecute
005e8a10 +020 FreeCommander.exe System.Classes TBasicAction.Execute
006860c5 +0c5 FreeCommander.exe Vcl.ActnList TCustomAction.Execute
005e8724 +024 FreeCommander.exe System.Classes TBasicActionLink.Execute
00834a5c +0cc FreeCommander.exe Vcl.Menus TMenuItem.Click
008372df +01f FreeCommander.exe Vcl.Menus TMenu.DispatchCommand
00854534 +044 FreeCommander.exe Vcl.Forms TCustomForm.WMCommand
0040f0ce +03e FreeCommander.exe System TObject.Dispatch
006b5f03 +383 FreeCommander.exe Vcl.Controls TControl.WndProc
006bd517 +8b7 FreeCommander.exe Vcl.Controls TWinControl.WndProc
0084f969 +8d9 FreeCommander.exe Vcl.Forms TCustomForm.WndProc
010b34e5 +035 FreeCommander.exe FcMain 2428 +2 TFcFormMain.WndProc
006bc73a +02a FreeCommander.exe Vcl.Controls TWinControl.MainWndProc
005e9ef3 +023 FreeCommander.exe System.Classes StdWndProc
76cd9925 +000 USER32.dll DispatchMessageW
0085dddf +12f FreeCommander.exe Vcl.Forms TApplication.ProcessMessage
0085de53 +013 FreeCommander.exe Vcl.Forms TApplication.HandleMessage
0085e2ef +0ef FreeCommander.exe Vcl.Forms TApplication.Run
010e82c3 +3c3 FreeCommander.exe FreeCommander 458 +102 initialization
76bb59bb +00b kernel32.dll BaseThreadInitThunk
thread $e04:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $1704:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $ae4:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1a9c:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $19c0:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1274:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1308:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00ca972f +5f FreeCommander.exe csWorkerThreadPool 433 +5 TWorkerThreadJobLists.WaitForNextJob
00ca9a53 +23 FreeCommander.exe csWorkerThreadPool 521 +3 TWorkerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $17c8:
7fefcb91 +00 KERNELBASE.dll WaitForMultipleObjectsEx
76bb06ab +ab kernel32.dll WaitForMultipleObjects
00a49808 +a8 FreeCommander.exe RzShellCtrls 3841 +11 TRzChangeHandlerThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $1258: <priority:1>
7fefcb91 +96 KERNELBASE.dll WaitForSingleObjectEx
00ccddc4 +64 FreeCommander.exe fcIconThread 359 +6 TVirtualImageThread.Execute
005087f4 +24 FreeCommander.exe madExcept HookedTThreadExecute
005e4760 +40 FreeCommander.exe System.Classes ThreadProc
00411ca8 +38 FreeCommander.exe System ThreadWrapper
005086c9 +49 FreeCommander.exe madExcept ThreadExceptFrame
76bb59bb +0b kernel32.dll BaseThreadInitThunk
thread $2b4:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $1968:
76bb59bb +b kernel32.dll BaseThreadInitThunk
thread $96c:
76bb59bb +b kernel32.dll BaseThreadInitThunk
modules:
C:\Windows\system32
processes:
1188 FreeCommander.exe 1 452 279 normal D:\FreeCommanderXE-64(New)
hardware:
cpu registers:
rax = 0000000003b991c0
rbx = 000204b000d84ab0
rcx = 0000000003b991c0
rdx = 0000000000000001
rsi = 0000000000000000
rdi = 0000000006f9ecc0
rip = 000000000040e9a5
rsp = 000000000022f420
rbp = 000000000022f530
r8 = 0000000000000001
r9 = 000000000022f238
r10 = 0000000000000000
r11 = 0000141000090003
r12 = 0000000000000000
r13 = 0000000000000111
r14 = 0000000000000000
r15 = 0000000000040646
stack dump:
0022f420 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f430 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f440 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f450 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f460 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
0022f470 05 fa 08 03 00 00 00 00 - 50 73 27 08 00 00 00 00 ........Ps'.....
0022f480 00 00 00 00 00 00 00 00 - 10 43 6e 04 00 00 00 00 .........Cn.....
0022f490 e0 0b 00 00 c4 01 00 00 - 00 00 00 00 00 00 00 00 ................
0022f4a0 b4 f4 22 00 00 00 00 00 - c0 ec f9 06 00 00 00 00 ..".............
0022f4b0 30 f5 22 00 00 00 00 00 - 79 7c 50 00 00 00 00 00 0.".....y|P.....
0022f4c0 00 e2 03 03 00 00 00 00 - 50 e1 e4 06 00 00 00 00 ........P.......
0022f4d0 a5 e9 40 00 00 00 00 00 - 01 73 27 08 00 00 00 00 ..@......s'.....
0022f4e0 20 f4 22 00 00 00 00 00 - 30 f5 22 00 00 00 00 00 .".....0.".....
0022f4f0 08 a9 a1 0a 00 00 00 00 - 05 a2 09 01 00 00 00 00 ................
0022f500 50 73 27 08 00 00 00 00 - 00 00 00 00 00 00 00 00 Ps'.............
0022f510 00 00 00 00 00 00 00 00 - 38 79 27 08 00 00 00 00 ........8y'.....
0022f520 80 e2 03 03 00 00 00 00 - a9 de 84 00 00 00 00 00 ................
0022f530 70 00 00 00 00 00 00 00 - 78 83 09 01 00 00 00 00 p.......x.......
0022f540 80 e2 03 03 00 00 00 00 - 95 f4 40 00 00 00 00 00 ..........@.....
0022f550 2f 9c cd 76 00 00 00 00 - 30 f5 22 00 00 00 00 00 /..v....0.".....
disassembling:
[...]
00d8a191 jl loc_d8a1ad
00d8a193 289 mov rcx, rbx
00d8a196 mov edx, esi
00d8a198 call +$e3 ($d8a280) ; fcLayoutsConfig.TfcLayoutsConfig.GetItem
00d8a19d mov rcx, rax
00d8a1a0 > call -$97b815 ($40e990) ; System.TObject.Free
00d8a1a5 290 sub esi, 1
00d8a1a8 287 cmp esi, -1
00d8a1ab jnz loc_d8a193
00d8a1ad nop
00d8a1ae 292 mov rcx, rbx
[...]
error details: