boji

Dump file: https://ufile.io/h1aaolw4 (link expires in 30 days) PROCESS_NAME: explorer.exe ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application. SYMBOL_NAME: startallbackx64+1fc9 MODULE_NAME: StartAllBackX64 IMAGE_NAME: StartAllBackX64.dll STACK_COMMAND: ~41s ; .cxr ; kb FAILURE_BUCKET_ID: FAIL_FAST_CORRUPT_LIST_ENTRY_AVRF_c0000409_StartAllBackX64.dll!Unknown OS_VERSION: 10.0.22621.1 BUILDLAB_STR: ni_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 IMAGE_VERSION: 3.7.11.4917 FAILURE_ID_HASH: {a2394612-fd60-b6b5-28cd-a624212d8954}

I use both open-shell and startallback simultaneously; (left, open-shell) (right, startallback) startallback 3.8 breaks the compatibility of these two. Unlike what you see above, both icons land in the middle simultaneously, overlapping one another and both competing for space, vibrating against each other. Anyway to ensure compatibility of both? Using 23h2

Is there any use for you to connect to my computer and perform debugging at this point?

looks like all the previous bugs have all been fixed in 3.2.2, zero problems so far! Great work! Masterful work! Thank you.

Would love to see this feature. I found it indispensable with 7+ taskbar tweaker for loading processhacker, as an alternative to the task manager. middle click option to close window would be nice as well.

If I disable k-lite thumbnails, or uninstall k-lite codecs the crash on right click problem persists.

Ok to recreate without fail, I right click the start button, and then immediately right click the taskbar, or visa versa... then click anywhere else, and it crashes. I'm using the latest k-lite standard version https://www.codecguide.com/download_k-lite_codec_pack_standard.htm

[1688] StartIsBack: forbiding XAML launcher to start [1688] SIB ASSERTION FAILED SysTray.cpp:332 [1688] Jumplist populated in 8 ms (system pane items 5 init 14 ms) total 27 ms [1688] Jumplist populated in 89 ms (system pane items 40 init 14 ms) total 143 ms Ok... so i manually forced closed explorer, reloaded it to test more. This time I got the Icaros popup without explorer crashing. Right clicking about a dozen times eventually caused the right click menu on the start button to stick & stop working. The rest works fine however. No crash/dump yet on this try.

Dump: https://drive.google.com/file/d/12KtAOdsJB4whHCy5OeB1Lj2KgKFwSxwT/view?usp=sharing

This new version accurately replaces the taskbar and start menu... I do get the occasional explorer crash-dump I never had before, after right clicking the taskbar. the dumps vary, they either points to heap corruption, or to k-lite's thumbs. Crash dump is created and a k-lite popup appears asking to send the dump to their side. Right clicking the taskbar was what triggered the crash. Right clicking the start button never did. But now after a crash, right clicking the start button shows no menu. Left clicking works however. The button appears permanently in the pushed position.

So far it seems the newer version works perfectly! HOLY GOD

Ok, after disabling these mitigations the problem with 3.2.1 persists. I'll try your new test version, thank you!

This is the error I receive using the fixed version you initially posted. I'll try the standard one and then your latest one next.

Not loading a non Microsoft binary is "Code Integrity Guard" in MS exploit mitigations. The mitigation for preventing dynamically-generated code is "Arbitrary Code Guard"

Ok I think I have found the culprit finally. I have enabled in gpo Group policy:

Yeah that Yes this one doesn't crash but doesn't modify anything as far as I can see. UPDATE Oh, I see start actually does work if I push win+shift and it is modifying explorer as well.

Also using 'listary' and 'everything' which modify or modulate windows search functions.

Will autoruns help "explorer" entries help? I disabled hips, and AV, using ESET, thats it. I have hundreds if not a thousand group policy modifications. Could find nothing policy related, filtered under the term "explorer". Disabled all Exploit protections in testing to no avail.

Debugview: [9248] GR-805 : DX9 Overlay is DISABLED [13008] StartIsBack: forbiding XAML launcher to start [13008] SIB ASSERTION FAILED SysTray.cpp:331 [1800] SIB ASSERTION FAILED explorerhooks.cpp:1226 [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [1800] StartIsBack: forbiding XAML launcher to start [1800] SIB ASSERTION FAILED SysTray.cpp:331 [12488] SIB ASSERTION FAILED explorerhooks.cpp:1226 [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [12488] StartIsBack: forbiding XAML launcher to start [12488] SIB ASSERTION FAILED SysTray.cpp:331 [3440] SIB ASSERTION FAILED explorerhooks.cpp:1226 [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [3440] StartIsBack: forbiding XAML launcher to start [3440] SIB ASSERTION FAILED SysTray.cpp:331 [8028] SIB ASSERTION FAILED explorerhooks.cpp:1226 [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [8028] StartIsBack: forbiding XAML launcher to start [8028] SIB ASSERTION FAILED SysTray.cpp:331 [11936] SIB ASSERTION FAILED explorerhooks.cpp:1226 [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [11936] StartIsBack: forbiding XAML launcher to start [11936] SIB ASSERTION FAILED SysTray.cpp:331 [5164] SIB ASSERTION FAILED explorerhooks.cpp:1226 [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [9248] NVD3DREL: [9248] GR-805 : DX9 Overlay is DISABLED [5164] StartIsBack: forbiding XAML launcher to start [5164] SIB ASSERTION FAILED SysTray.cpp:331

I am using open-shell, disabled that, not seeing anything else that could conflict with it. Disabling that made no difference. The dump should have everything you need.

what is debugview output and whatnot?

Here is another dmp after removing explorerpatcher. pass: 123 https://drive.google.com/file/d/1f5rfXqvuvzKukoot8xtdLoWwJvwdg-iY/view?usp=sharing ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* KEY_VALUES_STRING: 1 Key : Analysis.CPU.Sec Value: 11 Key : Analysis.DebugAnalysisProvider.CPP Value: Create: 8007007e on DEVICE Key : Analysis.DebugData Value: CreateObject Key : Analysis.DebugModel Value: CreateObject Key : Analysis.Elapsed.Sec Value: 13 Key : Analysis.Memory.CommitPeak.Mb Value: 575 Key : Analysis.System Value: CreateObject Key : Timeline.Process.Start.DeltaSec Value: 3 NTGLOBALFLAG: 0 PROCESS_BAM_CURRENT_THROTTLED: 0 PROCESS_BAM_PREVIOUS_THROTTLED: 0 APPLICATION_VERIFIER_FLAGS: 0 APPLICATION_VERIFIER_LOADED: 1 CONTEXT: (.ecxr) rax=00000046c36fc5a0 rbx=00000046c36fcb80 rcx=00000046c36fc5a0 rdx=00000046c36fca50 rsi=00007ffce691ab01 rdi=00000046c36fc5a0 rip=00007ffce57c23f2 rsp=00000046c36fc4c0 rbp=0000000000000001 r8=0000000000000000 r9=00000046c36fca00 r10=00000fff9cd235a3 r11=00000046c36fcb80 r12=ffffffffffffffff r13=0000000000000000 r14=0000000000000002 r15=0000000000000003 iopl=0 nv up ei pl nz na pe nc cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000200 kernelbase!RaiseFailFastException+0x152: 00007ffc`e57c23f2 0f1f440000 nop dword ptr [rax+rax] Resetting default scope EXCEPTION_RECORD: (.exr -1) ExceptionAddress: 00007ffcc75d30b4 (Taskbar!winrt::terminate+0x0000000000000064) ExceptionCode: c000027b ExceptionFlags: 00000001 NumberParameters: 2 Parameter[0]: 000001bf4ba68d60 Parameter[1]: 0000000000000003 PROCESS_NAME: explorer.exe ERROR_CODE: (NTSTATUS) 0xc000027b - An application-internal exception has occurred. EXCEPTION_CODE_STR: c000027b EXCEPTION_PARAMETER1: 000001bf4ba68d60 EXCEPTION_PARAMETER2: 0000000000000003 STACK_TEXT: 00000046`c36fc4c0 00007ffc`e6a014c9 : 000001bf`4b707448 00007ffc`e691ab01 000001bf`4b707448 00000000`00002380 : kernelbase!RaiseFailFastException+0x152 00000046`c36fcaa0 00007ffc`c75d30b4 : 00007ffc`e6a01940 00007ffc`e6a01940 00000000`00000000 00000046`c36ff100 : combase!RoFailFastWithErrorContextInternal2+0x4d9 00000046`c36fcd10 00007ffc`c75d706d : 0000fdf6`80070057 00000000`00000000 00000046`c36fce78 00007ffc`e55aef44 : Taskbar!winrt::terminate+0x64 00000046`c36fcd40 00007ffc`c7589dff : 0000fdf6`d357eaa0 00000000`00000000 00000046`c36fdba0 00007ffc`e55aee81 : Taskbar!std::experimental::coroutine_traits<winrt::fire_and_forget,CPearl * __ptr64,winrt::Windows::Foundation::Point,enum winrt::WindowsUdk::UI::Shell::InputDeviceKind>::promise_type::unhandled_exception+0x9 00000046`c36fcd70 00007ffc`e55af2e0 : 00007ffc`c7589de2 00000046`c36ff100 00000046`c36ff100 00000046`c36f0033 : Taskbar!`TrayUI::InitializeUndockedComponentsAsync$_ResumeCoro$1'::`1'::catch$8+0x1d 00000046`c36fcdc0 00007ffc`e55a48e5 : 00007ffc`c7589de2 00000046`c36fdd08 00001fa0`00000100 0053002b`002b0033 : ucrtbase!CallSettingFrame_LookupContinuationIndex+0x20 00000046`c36fcdf0 00007ffc`e8127b66 : 00000000`00000000 00000000`00000003 00000000`00000000 00000046`c36fef60 : ucrtbase!__FrameHandler4::CxxCallCatchBlock+0x115 00000046`c36fced0 00007ffc`c7589aac : 00000046`c36ff170 00007ffc`c778b000 00000046`c36ff1d0 00000000`19930520 : ntdll!RcConsolidateFrames+0x6 00000046`c36ff100 00007ffc`c75d2ee6 : 000001bf`4b4c0490 000001bf`4b4c0490 000001bf`4b9a7b01 000001bf`4b85afd8 : Taskbar!TrayUI::InitializeUndockedComponentsAsync$_ResumeCoro$1+0x1ec 00000046`c36ff1a0 00007ffc`c75d247e : 00000000`00000000 000001bf`4b9a7d70 000001bf`4b9a7ba8 00007ffc`c766cfc4 : Taskbar!winrt::impl::resume_apartment+0xe2 00000046`c36ff1e0 00007ffc`c766b408 : 00000000`000606b0 000001bf`4b9bc790 00000000`00000000 00000000`00000000 : Taskbar!winrt::impl::delegate<winrt::Windows::Foundation::AsyncOperationCompletedHandler<bool>,<lambda_e19b98bcf2579e04276d4d07a2ffd8e4> >::Invoke+0x1e 00000046`c36ff220 00007ffc`c766ab8b : 00007ffc`c77890b8 00007ffc`c7669950 00000000`00000000 000001bf`4b9a7bb0 : Taskbar!winrt::Windows::Foundation::AsyncActionCompletedHandler::operator()+0x24 00000046`c36ff250 00007ffc`c766e43d : 000001bf`4b9a7d70 000001bf`4b9a7b60 00000000`00000000 00000000`00000000 : Taskbar!winrt::impl::invoke<winrt::Windows::Foundation::AsyncActionCompletedHandler,winrt::impl::promise_base<std::experimental::coroutine_traits<winrt::Windows::Foundation::IAsyncAction,TaskbarHost * __ptr64>::promise_type,winrt::Windows::Foundation::IAsyncAction,void>,enum winrt::Windows::Foundation::AsyncStatus>+0x17 00000046`c36ff280 00007ffc`c766db51 : 000001bf`00000003 000001bf`4ba179f0 000001bf`4b9a7d70 000001bf`4b9a7bb0 : Taskbar!winrt::impl::promise_base<std::experimental::coroutine_traits<winrt::Windows::Foundation::IAsyncAction,TaskbarHost * __ptr64>::promise_type,winrt::Windows::Foundation::IAsyncAction,void>::set_completed+0x6d 00000046`c36ff2b0 00007ffc`c758db26 : 000001bf`4b9bcd10 000001bf`4b9bcd10 000001bf`4b9a7bb0 000001bf`4b85af58 : Taskbar!winrt::impl::promise_base<std::experimental::coroutine_traits<winrt::Windows::Foundation::IAsyncAction,TaskbarHost * __ptr64>::promise_type,winrt::Windows::Foundation::IAsyncAction,void>::final_suspend_awaiter::await_suspend+0x11 00000046`c36ff2e0 00007ffc`c766c5d3 : 000001bf`4b9a7bb0 000001bf`4b9bcd10 00007ffc`e24a8330 00000000`00000001 : Taskbar!TaskbarHost::ShowAsync$_ResumeCoro$1+0x996 00000046`c36ff3d0 00007ffc`e24a8350 : 00000000`00010002 00000046`c36ff4f0 00000000`00010002 00007ffc`e637aab9 : Taskbar!winrt::impl::delegate<winrt::Windows::System::DispatcherQueueHandler,<lambda_f475742c0de8d0f2b24fd9d946f0a567> >::Invoke+0x23 00000046`c36ff400 00007ffc`e2471984 : 80000022`00000000 00000000`00000000 00000000`00000000 00007ffc`ce3b9d5e : CoreMessaging!Windows::System::DispatcherQueue::DeferInvokeCallback+0x20 00000046`c36ff430 00007ffc`e24718de : 000001bf`374df490 00007ffc`e24a8330 000001bf`374df490 00007ffc`e24a8330 : CoreMessaging!CFlat::SehSafe::Execute<<lambda_a81ff790741c2a62f2197c2561f5fe49> >+0x2c 00000046`c36ff460 00007ffc`e246b41f : 000001bf`4b9bd520 00000000`00000000 00000000`00000000 000001bf`4b9bd550 : CoreMessaging!Microsoft::CoreUI::ActionCallback::ImportAdapter$+0xae 00000046`c36ff4a0 00007ffc`e246a93b : 000001bf`383269c0 000001bf`0000c029 00000000`00000018 00000000`001601b4 : CoreMessaging!Microsoft::CoreUI::Dispatch::DeferredCall::Callback_Dispatch+0x2bf 00000046`c36ff560 00007ffc`e246a5bd : 000001bf`00000007 00000000`00000007 00000000`00000001 000001bf`374af560 : CoreMessaging!Microsoft::CoreUI::Dispatch::DeferredCallDispatcher::Callback_OnDispatch+0x12b 00000046`c36ff620 00007ffc`e246bc84 : 000001bf`382a8e90 000001bf`3724fc90 000001bf`382a8fd0 00000000`00000000 : CoreMessaging!Microsoft::CoreUI::Dispatch::EventLoop::Callback_RunCoreLoop+0x2ed 00000046`c36ff6e0 00007ffc`e246b7ec : 000001bf`382a8fd0 000001bf`382a8fd0 000001bf`374df490 000001bf`3724fc90 : CoreMessaging!Microsoft::CoreUI::Dispatch::UserAdapter::OnUserDispatch+0x214 00000046`c36ff770 00007ffc`e2467a0f : 00000000`00000004 00000046`00000000 00000000`00000574 000001bf`382a4ea0 : CoreMessaging!Microsoft::CoreUI::Dispatch::UserAdapter::DoWork+0x1fc 00000046`c36ff800 00007ffc`e6371c4c : 00000000`0000c029 00000000`00000001 00000000`00000001 00000000`00000000 : CoreMessaging!Microsoft::CoreUI::Dispatch::UserAdapter::WindowProc+0x4f 00000046`c36ff870 00007ffc`e637179c : 00000000`00000000 00007ffc`e24679c0 00000000`000401d2 00007ffc`00000060 : user32!UserCallWinProcCheckWow+0x33c 00000046`c36ff9e0 00007ffc`e6384b4d : 00000000`00000000 00000000`00000000 00000000`00000001 00000000`00000000 : user32!DispatchClientMessage+0x9c 00000046`c36ffa40 00007ffc`e81272b4 : 00007ffc`e5be13b4 00000000`00000001 00000000`00000000 00000000`00000000 : user32!_fnDWORD+0x3d 00000046`c36ffaa0 00007ffc`e5be13b4 : 00007ffc`e6379f0f 00000046`c36ffba0 00000000`00000000 00007ffc`e24679c0 : ntdll!KiUserCallbackDispatcherContinue 00000046`c36ffb28 00007ffc`e6379f0f : 00000046`c36ffba0 00000000`00000000 00007ffc`e24679c0 00000000`00000000 : win32u!NtUserPeekMessage+0x14 00000046`c36ffb30 00007ffc`e6379e7a : 00000000`00000001 000001bf`32c0acf0 00000000`00000000 00000000`00000000 : user32!_PeekMessage+0x3f 00000046`c36ffba0 00007ffc`ce3e388a : 00000046`c36ffc98 00000000`00000000 00000000`00000001 00000000`00000001 : user32!PeekMessageW+0x13a 00000046`c36ffc10 00007ff7`28656fb6 : 00007ff7`289b49b0 00000046`c36ffce9 00000000`00000000 00007ff7`28650000 : StartAllBackX64!DllGetClassObject+0x716 00000046`c36ffc60 00007ff7`28656f30 : 00000000`00000048 000001bf`37257150 00000000`0000282a 00000000`00000000 : explorer!CTray::_MessageLoop+0x76 00000046`c36ffd50 00007ffc`e6bc4e9f : 00007ff7`00000040 00000000`00000000 000001bf`38206180 000001bf`37257150 : explorer!CTray::MainThreadProc+0x60 00000046`c36ffdb0 00007ffc`e67354e0 : 00000000`00000001 000001bf`37257150 00000000`00000000 00000000`00000000 : SHCore!_WrapperThreadProc+0x10f 00000046`c36ffe90 00007ffc`e808485b : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x10 00000046`c36ffec0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x2b SYMBOL_NAME: Taskbar!winrt::terminate+64 MODULE_NAME: Taskbar IMAGE_NAME: Taskbar.dll STACK_COMMAND: ~12s ; .ecxr ; kb FAILURE_BUCKET_ID: STOWED_EXCEPTION_AVRF_c000027b_Taskbar.dll!winrt::terminate OS_VERSION: 10.0.22000.1 BUILDLAB_STR: co_release OSPLATFORM_TYPE: x64 OSNAME: Windows 10 FAILURE_ID_HASH: {6affcc77-02e0-4641-126c-3baacbc450fa} Followup: MachineOwner ---------

There is no \Windows\dgxi.dll, there is a "C:\Windows\dxgi.prev" "C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\dxgi.prev" "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\dxgi.prev"

Removing explorerpatcher never solved the problem.

No luck. Will try rebooting after removing and see if that helps.