Created
August 19, 2015 20:33
-
-
Save h0wl/1c25823781e2863c5cfb to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1:053> r | |
| rax=0000000002000001 rbx=00007fff10b35f60 rcx=000000bdb9a099d0 | |
| rdx=000000bdb8b100d0 rsi=0000000000000000 rdi=000000bdb9a099d0 | |
| rip=00007fff10b80feb rsp=000000bdb9a097c0 rbp=000000bdb9a09860 | |
| r8=0000000000000000 r9=0000000000000000 r10=0000000000000000 | |
| r11=000000bdb9a09790 r12=000000bdb9a09940 r13=000000b5b6bb94c0 | |
| r14=000000bdb8b100d0 r15=0000000000000000 | |
| iopl=0 nv up ei pl nz na po nc | |
| cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010206 | |
| EDGEHTML!SHIsSameObject+0x4b: | |
| 00007fff`10b80feb 488b18 mov rbx,qword ptr [rax] ds:00000000`02000001=???????????????? | |
| 1:053> kb | |
| RetAddr : Args to Child : Call Site | |
| 00007fff`10b3606c : 000000bd`b9a099d0 000000bd`b8b100d0 00007fff`10b35f60 00000000`00000001 : EDGEHTML!SHIsSameObject+0x4b | |
| 00007fff`104a4bc2 : 000000bd`b8b98020 000000bd`b8b10000 000000bd`00000000 000000bd`b8b100d0 : EDGEHTML!CTravelLog::GetCurrentStateDataStream+0x10c | |
| 00007fff`10768b26 : 000000bd`b8b98020 000000b5`b6bb94c0 000000bd`b8b100d0 00007fff`000010ad : EDGEHTML!COmHistory::Var_get_state+0x13e | |
| 00007fff`1221b803 : 000000bd`be9d5ce0 00007fff`02000001 000000bd`bea17480 00000000`00000001 : EDGEHTML!CFastDOM::CHistory::Trampoline_Get_state+0x56 | |
| 00007fff`12048aa2 : 000000b5`b6b4d6c0 00000000`00018000 00000000`02000001 000000bd`b9a09a48 : chakra!amd64_CallFunction+0x93 | |
| 00007fff`121d1384 : 000000bd`be9d5ce0 00000000`02000001 000000bd`bea17480 000000b5`b6bc9040 : chakra!Js::JavascriptExternalFunction::ExternalFunctionThunk+0x172 | |
| 00007fff`1213582a : 000000bd`b9a09b80 000000bd`bea17480 000000bd`bb6e1980 00000000`0000ffff : chakra!<lambda_293ac39a7d71539278f496eaa6800998>::operator()+0x154 | |
| 00007fff`12162d98 : 000000b5`b6b4d6c0 000000bd`be9d5ce0 000000bd`b9a09b05 000000bd`b9a09b80 : chakra!ThreadContext::ExecuteImplicitCall<<lambda_293ac39a7d71539278f496eaa6800998> >+0x6a | |
| 00007fff`12160d57 : 00000000`00000006 000000bd`bb6e1980 000000bd`bea17480 000000bd`c36e3f30 : chakra!Js::DictionaryTypeHandlerBase<unsigned short>::GetPropertyFromDescriptor<0,int>+0x1c8 | |
| 00007fff`122026c6 : 000000bd`c2fad740 000000bd`bb6e1980 000000bd`bea17480 00007fff`000005e4 : chakra!Js::DictionaryTypeHandlerBase<unsigned short>::GetProperty+0x107 | |
| 00007fff`12043faf : 00007fff`1265d458 000000bd`bb6e1980 000000bd`bea17480 000000bd`000005e4 : chakra!Js::DeferredTypeHandler<&Js::CustomExternalType::DeferredInitializer,Js::DefaultDeferredTypeFilter,1,0,0>::GetProperty+0x86 | |
| 00007fff`120455de : 000000bd`bb6e1980 000000bd`bea17480 000000bd`000005e4 000000bd`b9a09f18 : chakra!Js::CustomExternalObject::GetPropertyImpl<1>+0x67f | |
| 00007fff`12107e48 : 000000bd`bb6e1980 000000bd`bea17480 00000000`000005e4 000000bd`b9a09f18 : chakra!Js::CustomExternalObject::GetProperty+0x2e | |
| 00007fff`121f0ca3 : 000000bd`bea17480 000000bd`bea17480 000000bd`b9a09f00 000000bd`000005e4 : chakra!Js::JavascriptOperators::GetProperty_Internal<0>+0x5a8 | |
| 00007fff`1204a6dc : 000000bd`bc4e0280 000000bd`bb96b0f0 000000bd`00000004 000000bd`bea17480 : chakra!Js::JavascriptOperators::PatchGetValueWithThisPtrNoFastPath+0xb3 | |
| 00007fff`12050b82 : 000000bd`bea17480 00000000`000005e4 000000bd`bb96b0f0 00000000`00000004 : chakra!Js::ProfilingHelpers::ProfiledLdFld<0,0,0>+0x4dc | |
| 00007fff`12054a9d : 000000bd`b9a0a190 000000bd`bb97803b 000000bd`bb97803e 00000000`00000000 : chakra!Js::InterpreterStackFrame::OP_ProfiledGetProperty<Js::OpLayoutT_ElementCP<Js::LayoutSizePolicy<0> > const >+0x52 | |
| 00007fff`12052bf2 : 000000bd`b9a0a190 00000000`ffffffff 000000bd`b9a0a190 00000000`00000000 : chakra!Js::InterpreterStackFrame::ProcessProfiled+0xed | |
| 00007fff`121a4af8 : 000000bd`b9a0a190 000000bd`bc4e0280 000000bd`b9a0a310 000000bd`b9a0a201 : chakra!Js::InterpreterStackFrame::Process+0xd2 | |
| 00007fff`121a4785 : 000000bd`bc383c00 000000bd`b9a0a4d0 000000bd`bc500fb2 000000bd`b9a0a4e8 : chakra!Js::InterpreterStackFrame::InterpreterHelper+0x368 | |
| 000000bd`bc500fb2 : 000000bd`b9a0a520 000000bd`b9a0a8d0 000000b5`b6bc9040 000000bd`bc500000 : chakra!Js::InterpreterStackFrame::InterpreterThunk+0x55 | |
| 00007fff`1221b803 : 000000bd`bc383c00 00000000`10000001 000000bd`bb6ec0b0 00000000`00000001 : 0x000000bd`bc500fb2 | |
| 00007fff`1204d16f : 000000b5`b6b4d6c0 00000000`00000008 000000bd`be96b980 00000001`00000000 : chakra!amd64_CallFunction+0x93 | |
| 00007fff`1204e885 : 000000bd`b9a0a760 000000bd`b9c73fad 000000bd`bc383c00 000000bd`bc383c00 : chakra!Js::InterpreterStackFrame::OP_CallCommon<Js::OpLayoutDynamicProfile<Js::OpLayoutT_CallI<Js::LayoutSizePolicy<0> > > >+0x16f | |
| 00007fff`12052f5c : 000000bd`b9a0a760 000000bd`b9c73fad 000000bd`00000000 000000bd`b9c73fb2 : chakra!Js::InterpreterStackFrame::OP_CallI<Js::OpLayoutDynamicProfile<Js::OpLayoutT_CallI<Js::LayoutSizePolicy<0> > > >+0x45 | |
| 00007fff`12052c3a : 000000bd`b9a0a760 00000000`ffffffff 000000bd`b9a0a760 00000000`00000000 : chakra!Js::InterpreterStackFrame::ProcessUnprofiled+0x25c | |
| 00007fff`121a4af8 : 000000bd`b9a0a760 000000bd`be96b980 000000bd`b9a0a8e0 00007fff`12662500 : chakra!Js::InterpreterStackFrame::Process+0x11a | |
| 00007fff`121a4785 : 000000bd`c2f73d80 000000bd`b9a0aaa0 000000bd`bc500fba 000000bd`b9a0aab8 : chakra!Js::InterpreterStackFrame::InterpreterHelper+0x368 | |
| 000000bd`bc500fba : 000000bd`b9a0aaf0 000000bd`b9a0b0a0 ffffffff`fffffffe 000000bd`bc500000 : chakra!Js::InterpreterStackFrame::InterpreterThunk+0x55 | |
| 00007fff`1221b803 : 000000bd`c2f73d80 00000000`00000002 000000bd`bb68fcc0 000000bd`bea17c60 : 0x000000bd`bc500fba | |
| 00007fff`12158cc3 : 000000b5`b6b4d6c0 00000000`00000010 000000b5`b6bc9040 000000b5`b6bc9040 : chakra!amd64_CallFunction+0x93 | |
| 00007fff`121583fa : 000000bd`c2f73d80 00007fff`1221b9f0 000000bd`b9a0ac00 000000b5`b6b58800 : chakra!Js::JavascriptFunction::CallFunction<1>+0x83 | |
| 00007fff`12157f9b : 000000bd`c2f73d80 000000bd`b9a0ae20 000000b5`b6bc9040 000000bd`b9a0b170 : chakra!Js::JavascriptFunction::CallRootFunctionInternal+0x11a | |
| 00007fff`1217bd3a : 000000bd`c2f73d80 000000bd`b9a0aeb0 000000b5`b6bc9040 00000000`00000000 : chakra!Js::JavascriptFunction::CallRootFunction+0x33 | |
| 00007fff`121520d4 : 000000bd`c2f73d80 000000bd`b9a0af20 00000000`00000000 000000bd`b9a0af00 : chakra!ScriptSite::CallRootFunction+0xaa | |
| 00007fff`1215620c : 000000b5`b6b57640 000000bd`c2f73d80 000000bd`b9a0afb0 00000000`00000000 : chakra!ScriptSite::Execute+0x134 | |
| 00007fff`10021be4 : 000000b5`b6bb94c0 000000bd`c2f73d80 00000000`00000002 000000bd`b9a0b0a0 : chakra!ScriptEngineBase::Execute+0xcc | |
| 00007fff`10021962 : 00000000`80004005 000000bd`b8b414a0 000000bd`bea17c60 00007fff`0ff0623a : EDGEHTML!CListenerDispatch::InvokeVar+0x264 | |
| 00007fff`0fe5b12c : 000000bd`bea17c01 00007fff`0fe5b500 000000bd`b9a0b2e0 000000bd`b8b284c0 : EDGEHTML!CListenerDispatch::Invoke+0x92 | |
| 00007fff`0fe59bc7 : 000000bd`b8b284c0 000000bd`b8b284c0 00007fff`100caf00 00007fff`80011700 : EDGEHTML!CEventMgr::_InvokeListeners+0x39c | |
| 00007fff`1023d8ba : 00000000`000001c0 000000bd`beb7b930 000000bd`b9a0b740 000000bd`b8b284c0 : EDGEHTML!CEventMgr::Dispatch+0x357 | |
| 00007fff`10171db4 : 000000bd`00000001 00007fff`10cd3210 000000bd`b9a0c130 000000bd`b9a0b740 : EDGEHTML!CEventMgr::DispatchPointerEvent+0x1da | |
| 00007fff`10171bc5 : 00000000`00000000 00000000`00000001 000000bd`b8b284c0 00000000`00000000 : EDGEHTML!CEventMgr::DispatchClickEvent+0x1d0 | |
| 00007fff`100230b1 : 00007fff`100caf00 000000bd`b9a0bc00 00000000`00000001 000000bd`b8b38528 : EDGEHTML!CElement::Fire_onclick+0x4d | |
| 00007fff`105ac63c : 00000000`00000000 000000bd`b9a0c130 000000bd`b8b44dc0 00000000`00000000 : EDGEHTML!CElement::DoClick+0x121 | |
| 00007fff`10273990 : 00007fff`105ac540 000000bd`b9a0bd69 000000bd`b8b38738 00000000`00000000 : EDGEHTML!CInput::DoClick+0xfc | |
| 00007fff`102737a6 : 00000000`0000c801 000000bd`b9a0c130 000000bd`b9a0c130 000000bd`b8b38738 : EDGEHTML!CDeferredActionHandler::CommitClickAction+0x1bc | |
| 00007fff`101e07ed : 00000000`00000000 000000bd`b9a0bf00 00000000`00000001 00007fff`10095ef0 : EDGEHTML!CDeferredActionHandler::RegisterClickAction+0xae | |
| 00007fff`100f99a2 : 000000bd`b8b284c0 00000000`00000000 000000bd`b9a0bf90 000000bd`b9a0c130 : EDGEHTML!CDoc::PerformClickAction+0xed | |
| 00007fff`10173105 : 000000bd`b8b38000 00000000`00000000 000000bd`b9a0c020 00007fff`00000000 : EDGEHTML!CDoc::PumpMessage+0x902 | |
| 00007fff`10172ce4 : 00000000`00000000 000000b5`b6b4b0b8 000000bd`b8b38528 000000bd`b9a0c101 : EDGEHTML!CMouseHandler::HandleSyntheticMessage+0x99 | |
| 00007fff`1017267e : 00000000`00000000 000000bd`b9a0c130 000000bd`b9a0c130 00007fff`100b1c0c : EDGEHTML!CTouchHelper::PumpSynthesizedMessage+0x28 | |
| 00007fff`101725cf : 000000bd`beb41900 000000bd`b9a0c210 000000bd`b8b38528 00000000`00000000 : EDGEHTML!CTouchHelper::PrepareAndPump+0x66 | |
| 00007fff`1028ab0b : 00000000`00000000 000000bd`b8b38500 00000000`00000246 00000000`00000001 : EDGEHTML!CTouchHelper::FireMouseEventMessage+0xe7 | |
| 00007fff`1028a7b3 : 000000bd`beb41900 0000000d`b6272369 000000bd`b9a0c820 00007fff`10242332 : EDGEHTML!CTouchHelper::FireMouseUpMessages+0x37 | |
| 00007fff`10241c44 : 000000bd`b9a0c800 000000bd`b9a0c820 000000bd`b9a0c500 000000bd`b9a0c820 : EDGEHTML!CTouchHelper::FirePointerUpMessages+0x93 | |
| 00007fff`102405c4 : 000000bd`b8b384c0 000000bd`beb41900 00000000`00000000 000000bd`beb41900 : EDGEHTML!CTouchHelper::GenerateInputEvents+0x108 | |
| 00007fff`10242f5a : 00000000`00000000 000000bd`00000015 00000000`00020001 000000bd`b8b38528 : EDGEHTML!CTouchHelper::OnPointerMessage+0x46c | |
| 00007fff`0ff07910 : 00007fff`10093960 00000000`00000078 00000000`00000247 00007fff`0ff08be6 : EDGEHTML!CTouchHelper::HandleMessage+0x36 | |
| 00007fff`0ff0719c : 00000000`00020001 000000bd`b9a0cbd0 00000000`00000247 000000bd`b8b38000 : EDGEHTML!CInputManager::HandleMessage+0x114 | |
| 00007fff`0ff06fc4 : 00000000`00000001 00000000`00000247 00000000`00000000 00000000`01f80277 : EDGEHTML!CDoc::OnWindowMessage+0xec | |
| 00007fff`2a7200dc : 00000000`00000001 00000000`00000247 00000000`00000001 00000000`00000000 : EDGEHTML!CServer::WndProc+0xa4 | |
| 00007fff`2a71f991 : 00000000`00000000 00007fff`0ff06f20 00000000`00df05a6 00007fff`0ff06f20 : USER32!UserCallWinProcCheckWow+0x1fc | |
| 00007fff`0fd80bbd : 00000000`00000000 00000000`01f80277 00000000`00000247 000000b5`b65bd140 : USER32!CallWindowProcW+0x91 | |
| 00007fff`0fdc5531 : 000000b5`b65bd140 00000000`00000247 00000000`00020001 00000000`01f80277 : EDGEHTML!CCoreHostedEventHandler::Dispatch+0x95 | |
| 00007fff`0fdc5878 : 000000b5`b65bd140 000000bd`00000247 00000000`00020001 00000000`01f80277 : EDGEHTML!CCoreHostedEventHandler::DispatchAndHandle+0x29 | |
| 00007fff`10b95707 : 000000b5`b65bd140 00007fff`00000247 000000bd`be599a50 000000bd`be599a50 : EDGEHTML!CCoreHostedEventHandler::OnPointerEvent+0x154 | |
| 00007fff`1d55db83 : 000000b5`b65bd140 000000b5`b6b4b060 000000bd`be599a50 000000b5`b6bc03e0 : EDGEHTML!CCoreHostedEventHandler::OnPointerReleased+0x47 | |
| (Inline Function) : --------`-------- --------`-------- --------`-------- --------`-------- : Windows_UI!Microsoft::WRL::EventSource<Windows::Foundation::ITypedEventHandler<IInspectable *,Windows::UI::Core::PointerEventArgs *>,Microsoft::WRL::InvokeModeOptions<-2> >::InvokeAll::__l3::<lambda_ebe22273e2a6dcf3c3d7b4e3fc5e8f44>::operator()+0x20 [d:\th.public.fre\sdk\inc\wrl\event.h @ 1265] | |
| 00007fff`1d55db03 : 00000000`00000000 000000bd`b9a0d200 00000000`00000001 00000000`002005cc : Windows_UI!Microsoft::WRL::InvokeTraits<-2>::InvokeDelegates<<lambda_ebe22273e2a6dcf3c3d7b4e3fc5e8f44>,Windows::Foundation::ITypedEventHandler<IInspectable * __ptr64,Windows::UI::Core::PointerEventArgs * __ptr64> >+0x5f [d:\th.public.fre\internal\sdk\inc\wrl\internalevent.h @ 118] | |
| (Inline Function) : --------`-------- --------`-------- --------`-------- --------`-------- : Windows_UI!Microsoft::WRL::EventSource<Windows::Foundation::ITypedEventHandler<IInspectable *,Windows::UI::Core::PointerEventArgs *>,Microsoft::WRL::InvokeModeOptions<-2> >::DoInvoke+0x50 [d:\th.public.fre\sdk\inc\wrl\event.h @ 1243] | |
| 00007fff`1d57589c : 000000b5`b6bc03e0 00000000`00000000 00007fff`1d558c40 000000bd`b9a0d390 : Windows_UI!Microsoft::WRL::EventSource<Windows::Foundation::ITypedEventHandler<IInspectable * __ptr64,Windows::UI::Core::PointerEventArgs * __ptr64>,Microsoft::WRL::InvokeModeOptions<-2> >::InvokeAll<IInspectable * __ptr64,CPointerEventArgs * __ptr64>+0x63 [d:\th.public.fre\sdk\inc\wrl\event.h @ 1266] | |
| 00007fff`1d5674be : 00000000`00000000 000000b5`b6b4b060 00000000`00000000 000000b5`b6b4b060 : Windows_UI!Windows::UI::Core::CCoreInput<&RuntimeClass_Windows_UI_Core_CoreComponentInputSource>::OnPointerUpEvent+0x10c [d:\th\windows\advcore\winrt\iwindow\corewindow\input.cpp @ 1977] | |
| 00007fff`2a7200dc : 00000000`00000001 00000000`00000247 00000000`00000001 00001844`00001844 : Windows_UI!Windows::UI::Core::CCoreInput<&RuntimeClass_Windows_UI_Core_CoreComponentInputSource>::WndProc+0x1f85e [d:\th\windows\advcore\winrt\iwindow\corewindow\input.cpp @ 776] | |
| 00007fff`2a71f991 : 000000b5`b6b4b060 00007fff`1d547c60 00000000`002005cc 00007fff`1d547c60 : USER32!UserCallWinProcCheckWow+0x1fc | |
| 00007fff`0fd80aa9 : 000000b5`b6b4b060 000000bd`b9a0d408 000000b5`b65bd140 00000000`00000000 : USER32!CallWindowProcW+0x91 | |
| 00007fff`0fd8096d : 000000b5`b65bd140 00000000`002005cc 00000000`00000247 00000000`00020001 : EDGEHTML!CCoreHostedEventHandler::OnSubClassWindowMessage+0x131 | |
| 00007fff`2a7200dc : 00000000`002005cc 00000000`00000247 00000000`00020001 00000000`01f80277 : EDGEHTML!CCoreHostedEventHandler::SubClassWndProc+0x4d | |
| 00007fff`2a71fc07 : 000000b5`b6fc5de0 00007fff`0fd80920 00000000`002005cc 00007ff6`66212800 : USER32!UserCallWinProcCheckWow+0x1fc | |
| 00007fff`0c829d28 : 000000b5`b659e4c8 00000000`00000000 00000000`00000001 000000b5`b65b0620 : USER32!DispatchMessageWorker+0x1a7 | |
| 00007fff`0c88d82b : 00007fff`0c8ac3f0 00007fff`0c8ac3f0 00000000`00000001 000000b5`b6598bb8 : EMODEL!CTabWindow::_TabWindowThreadProc+0x5b8 | |
| 00007fff`1f437faf : 00000000`00000000 00007fff`0c88d570 000000b5`b6b11530 000000b5`b6b11530 : EMODEL!LCIETab_ThreadProc+0x2bb | |
| 00007fff`2a8d2d92 : 00007fff`1f437f90 00000000`00000000 00000000`00000000 00000000`00000000 : iertutil!_IsoThreadProc_WrapperToReleaseScope+0x1f | |
| 00007fff`2c2f9f64 : 00007fff`2a8d2d70 00000000`00000000 00000000`00000000 00000000`00000000 : KERNEL32!BaseThreadInitThunk+0x22 | |
| 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x34 | |
| 1:053> u EDGEHTML!SHIsSameObject+0x4b | |
| EDGEHTML!SHIsSameObject+0x4b: | |
| 00007fff`10b80feb 488b18 mov rbx,qword ptr [rax] <-crash | |
| 00007fff`10b80fee 488bcb mov rcx,rbx | |
| 00007fff`10b80ff1 ff15f9b60300 call qword ptr [EDGEHTML!_guard_check_icall_fptr (00007fff`10bbc6f0)] | |
| 00007fff`10b80ff7 4c8d442428 lea r8,[rsp+28h] | |
| 00007fff`10b80ffc 488bcf mov rcx,rdi | |
| 00007fff`10b80fff 488d15d2820c00 lea rdx,[EDGEHTML!GUID_00000000_0000_0000_c000_000000000046 (00007fff`10c492d8)] | |
| 00007fff`10b81006 ffd3 call rbx | |
| 00007fff`10b81008 85c0 test eax,eax |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment