Win7 0xc0000005 in dui70!DirectUI IsAccessible+1c - Free Advertising Forums | Free Advertising Board | Post Free Ads Forum | Free Advertising Forums Directory | Best Free Advertising Methods

06-16-2011, 08:38 AM

Status: In Progress...

At one of our consumers, we see a really large frequency of programs crash with a stack equivalent to:

0:009> knL
# ChildEBP RetAddr
00 0370f984 7434cd13 dui70!DirectUI::IsAccessible+0x1c
01 0370f99c 7434ccda dui70!DirectUI::InvokeHelper::OnInvoke+0x20
02 0370f9a8 742b3f98 dui70!DirectUI::InvokeHelper::_WndProc+0x1d
03 0370f9dc 766dc4e7 duser,Windows 7 Home Premium 64,lfs lightning fast shop - Freelancer.co.uk!WndBridge::RawWndProc+0x77
04 0370fa08 766dc5e7 user32!InternalCallWinProc+0x23
05 0370fa80 766d4f0e user32!UserCallWinProcCheckWow+0x14b
06 0370fadc 766d4f7d user32!DispatchClientMessage+0xda
07 0370fb04 77516fee user32!__fnDWORD+0x24
08 0370fb30 766d6517 ntdll!KiUserCallbackDispatcher+0x2e
09 0370fb34 742b1430 user32!NtUserRealInternalGetMessage+0xc
0a 0370fb70 742b14e9 duser!CoreSC::xwProcessNL+0xfb
0b 0370fb98 766d654f duser!MphProcessMessage+0x5e
0c 0370fbe0 77516fee user32!__ClientGetMessageMPH+0x30
0d 0370fc08 766d6445 ntdll!KiUserCallbackDispatcher+0x2e
0e 0370fc0c 766d647a user32,Microsoft Office 2007 Product Key!NtUserPeekMessage+0xc
0f 0370fc34 766d64a1 user32!_PeekMessage+0x73
10 0370fc60 6608c6c0 user32!PeekMessageW+0xfb
11 0370fcb4 66090cb3 EXPLORERFRAME!CExplorerFrame::FrameMessagePump+0x3 c
12 0370fcc4 66090f5d EXPLORERFRAME,Microsoft Office Professional Plus!BrowserThreadProc+0x49
13 0370fcdc 66090f0a EXPLORERFRAME!BrowserNewThreadProc+0x43
14 0370fcec 660608f6 EXPLORERFRAME,Windows 7 Home Basic!CExplorerTask::InternalResumeRT+0x11
15 0370fd0c 759c639b EXPLORERFRAME!CRunnableTask::Run+0xce
16 0370fd28 759c8c1f shell32!CShellTask::TT_Run+0x167
17 0370fd70 759c8d53 shell32,Microsoft Office 2010!CShellTaskThread::ThreadProc+0xa3
18 0370fd78 76df43c0 shell32!CShellTaskThread::s_ThreadProc+0x1b
19 0370fe00 77223c45 shlwapi!WrapperThreadProc+0x1b5
1a 0370fe0c 775337f5 kernel32!BaseThreadInitThunk+0xe
1b 0370fe4c 775337c8 ntdll!__RtlUserThreadStart+0x70
1c 0370fe64 00000000 ntdll!_RtlUserThreadStart+0x1b

This happens because a stale pointer is used, referencing an object that is already gone. In case you've come across this too, please let me know!