Re: CSplitterWnd crashes in release build after 2005 upgrade

Hi Oleg -

Thanks for all your efforts. I turned on full page heap as described, ran
the app and got no complaints about memory problems. Here is the
disassembly of the code just before the call to ::GetModuleHandle:

class CDllIsolationWrapperBase : public CNoTrackObject
{
public:
 HMODULE m_hModule;
 bool m_bFreeLib;
protected:
 CString m_strModuleName;
public:
 HMODULE GetModuleHandle()
 {
00405C90 push ebp
00405C91 mov ebp,esp
00405C93 sub esp,0Ch
00405C96 push esi
00405C97 mov dword ptr [ebp-0Ch],0CCCCCCCCh
00405C9E mov dword ptr [ebp-8],0CCCCCCCCh
00405CA5 mov dword ptr [ebp-4],0CCCCCCCCh
00405CAC mov dword ptr [ebp-4],ecx
  if (m_hModule == NULL)
00405CAF mov eax,dword ptr [this]
00405CB2 cmp dword ptr [eax+4],0
00405CB6 jne CDllIsolationWrapperBase::GetModuleHandleA+87h
(405D17h)
  {
   m_hModule = ::GetModuleHandle(m_strModuleName.GetString());
00405CB8 mov ecx,dword ptr [this]
00405CBB mov edx,dword ptr [ecx+9]
00405CBE mov dword ptr [ebp-8],edx
00405CC1 mov esi,esp
00405CC3 mov eax,dword ptr [ebp-8]
00405CC6 push eax
00405CC7 call dword ptr [__imp__GetModuleHandleA@4 (88B298h)]
00405CCD cmp esi,esp
00405CCF call _RTC_CheckEsp (4CC6A7h)
00405CD4 mov ecx,dword ptr [this]
00405CD7 mov dword ptr [ecx+4],eax
   if (m_hModule == NULL)
00405CDA mov edx,dword ptr [this]
00405CDD cmp dword ptr [edx+4],0
00405CE1 jne CDllIsolationWrapperBase::GetModuleHandleA+87h
(405D17h)
   {
    m_hModule = ::LoadLibrary(m_strModuleName.GetString());
00405CE3 mov eax,dword ptr [this]
00405CE6 mov ecx,dword ptr [eax+9]
00405CE9 mov dword ptr [ebp-0Ch],ecx
00405CEC mov esi,esp
00405CEE mov edx,dword ptr [ebp-0Ch]
00405CF1 push edx
00405CF2 call dword ptr [__imp__LoadLibraryA@4 (88B294h)]
00405CF8 cmp esi,esp
00405CFA call _RTC_CheckEsp (4CC6A7h)
00405CFF mov ecx,dword ptr [this]
00405D02 mov dword ptr [ecx+4],eax
    m_bFreeLib = m_hModule != NULL;
00405D05 mov edx,dword ptr [this]
00405D08 xor eax,eax
00405D0A cmp dword ptr [edx+4],0
00405D0E setne al
00405D11 mov ecx,dword ptr [this]
00405D14 mov byte ptr [ecx+8],al
   }
  }
  return m_hModule;
00405D17 mov edx,dword ptr [this]
00405D1A mov eax,dword ptr [edx+4]
 }
00405D1D pop esi
00405D1E add esp,0Ch
00405D21 cmp ebp,esp
00405D23 call _RTC_CheckEsp (4CC6A7h)
00405D28 mov esp,ebp
00405D2A pop ebp
00405D2B ret

==================================

with the debugger paused at the call instruction (address=00405CC7 ), I used
CDB to obtain the register values:

eax=f0000000 ebx=0057c710 ecx=022a2f98 edx=f0000000 esi=0012fc64
edi=00000000
eip=00405cc7 esp=0012fc60 ebp=0012fc74 iopl=0 nv up ei pl zr na po
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000246

======================================

Continuing beyond this point, we get an access violation: "Unhandled
exception at 0x7c9012b4 (ntdll.dll) in rms.exe: 0xC0000005: Access violation
reading location 0xf0000000." and cdb reports:

Microsoft (R) Windows Debugger Version 6.6.0003.5
Copyright (c) Microsoft Corporation. All rights reserved.

*** wait with pending attach
Symbol search path is:
srv*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
WARNING: Process 3340 is not attached as a debuggee
         The process can be examined but debug events will not be received
..........................
Loading unloaded module list
..
(d0c.828): Wake debugger - code 80000007 (first chance)
eax=00000000 ebx=0057c710 ecx=ffffffff edx=0012fc44 esi=7ffdfbf8
edi=f0000000
eip=7c9012b4 esp=0012fc30 ebp=0012fc4c iopl=0 nv up ei pl zr na po
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000246
ntdll!RtlInitAnsiString+0x1b:
7c9012b4 f2ae repne scasb
es:f0000000=??
0:000> ~*kb;q

.. 0 Id: d0c.828 Suspend: 1 Teb: 7ffdf000 Unfrozen
*** WARNING: Unable to verify checksum for
c:\projects\CBS\SMC_RMS\rms2\Release\rms.exe
ChildEBP RetAddr Args to Child
0012fc58 00405ccd f0000000 022a2f98 cccccccc ntdll!RtlInitAnsiString+0x1b
0012fc4c 7c80b53c f0000000 0012fc74 00405ccd
rms!CDllIsolationWrapperBase::GetModuleHandleA+0x3d [c:\program
files\microsoft visual studio 8\vc\atlmfc\include\afxcomctl32.h @ 198]
0012fc58 00405ccd f0000000 022a2f98 cccccccc kernel32!GetModuleHandleA+0x21
0012fc74 00497c56 005487e4 022a2f98 00497cb0
rms!CDllIsolationWrapperBase::GetModuleHandleA+0x3d [c:\program
files\microsoft visual studio 8\vc\atlmfc\include\afxcomctl32.h @ 198]
0012fc80 00497cb0 0012fc9c 0c59839a 00000000
rms!CCommDlgWrapper::GetProcAddress_PrintDlgA+0x13
[f:\rtm\vctools\vc7libs\ship\atlmfc\include\afxcomctl32.h @ 388]
0012fcc4 00497e01 0012fd64 00497ec5 0012fd64
rms!CCommDlgWrapper::_PrintDlgA+0x43
[f:\rtm\vctools\vc7libs\ship\atlmfc\include\afxcomctl32.h @ 388]
0012fccc 00497ec5 0012fd64 004a3734 0c5981de rms!AfxCtxPrintDlgA+0x14
[f:\rtm\vctools\vc7libs\ship\atlmfc\include\afxcomctl32.inl @ 178]
0012fcd4 004a3734 0c5981de 0012ff0c 0057c710
rms!CPrintDialog::GetDefaults+0x12
[f:\rtm\vctools\vc7libs\ship\atlmfc\src\mfc\dlgprnt.cpp @ 351]
0012fe80 004a3887 00000001 0057c710 00431a26
rms!CWinApp::UpdatePrinterSelection+0x1e5
[f:\rtm\vctools\vc7libs\ship\atlmfc\src\mfc\appprnt.cpp @ 87]
0012fe8c 00431a26 0012fec0 0057c710 0057c710
rms!CWinApp::GetPrinterDeviceDefaults+0x11
[f:\rtm\vctools\vc7libs\ship\atlmfc\src\mfc\appprnt.cpp @ 23]
0012ff18 004fe280 00000a28 00000002 00000001 rms!CRms2App::InitInstance+0x66
[c:\projects\cbs\smc_rms\rms2\rms2.cpp @ 95]
0012ff28 004d659a 00400000 00000000 0016afff rms!AfxWinMain+0x47
[f:\rtm\vctools\vc7libs\ship\atlmfc\src\mfc\winmain.cpp @ 37]
0012ffc0 7c816d4f 00000000 08f0f99c 7ffd9000 rms!__tmainCRTStartup+0x177
[f:\rtm\vctools\crt_bld\self_x86\crt\src\crt0.c @ 315]
0012fff0 00000000 004d6603 00000000 78746341 kernel32!BaseProcessStart+0x23
quit:

============================================

-- leon

"Oleg Starodumov" <com-dot-debuginfo-at-oleg> wrote in message
news:ui27916mGHA.1248@TK2MSFTNGP05.phx.gbl...