Quantcast
Channel: LabWindows/CVI topics
Viewing all articles
Browse latest Browse all 5368

0xC0000005 Access Violation in cvirte.dll (SetWindowsErrorMode?)

November 15, 2013, 1:52 pm
$
0
0

Hello,

 

We will occasionally see a crash with our CVI LabWindows based 2010 SP1 application, a 0xC0000005 Access Violation exception thrown from within cvirte.dll. The app is working primarily from a spawned thread when the crash occurs. I've been able to get it consistently on a Win7 x64 VirtualBox VM and have some data that may be of use if someone there would like to investigate.

 

When I track down the location of the instruction pointer (work below) it seems to be in the "SetWindowsErrorMode()" function (at least going by the exports in DependencyWalker):

 

1. The IP is 0x687B5F1C at the time of the crash.
2. The base module address for cvirte.dll is 0x68420000, so the IP is 0x395F1C bytes into the DLL.
3. Using DependencyWalker on cvirte.dll and sorting by entry point indicates that the IP is inside of "SetWindowsErrorMode()" at 0x003938D0, which comes before "MinimizeAllWindows()" at 0x003984B0.

 

Coincidentally, this crash happens in CVI 2013 F1 as well, the offset within "SetWindowsErrorMode()" is a bit different (0x264C past entry in 2010 SP1, 0x2D0C past entry in 2013), but locally the code looks the same in my VS2010 disassembler:

 

CVI2010 SP1

 

*Address *Code Bytes          *Instruction
687B5F02 89 17                mov dword ptr [edi],edx
687B5F04 8B 48 5C             mov ecx,dword ptr [eax+5Ch]
687B5F07 89 78 6C             mov dword ptr [eax+6Ch],edi
687B5F0A 89 4F 04             mov dword ptr [edi+4],ecx
687B5F0D 89 58 5C             mov dword ptr [eax+5Ch],ebx
687B5F10 C7 40 60 00 00 00 00 mov dword ptr [eax+60h],0
687B5F17 5E                   pop esi
687B5F18 85 DB                test ebx,ebx
687B5F1A 74 09                je 687B5F25
687B5F1C 8B 13                mov edx,dword ptr [ebx] <--- CRASH


CVI2013 F1

 

*Address *Code Bytes          *Instruction
687CA2B2 89 17                mov dword ptr [edi],edx
687CA2B4 8B 48 5C             mov ecx,dword ptr [eax+5Ch]
687CA2B7 89 78 6C             mov dword ptr [eax+6Ch],edi
687CA2BA 89 4F 04             mov dword ptr [edi+4],ecx
687CA2BD 89 58 5C             mov dword ptr [eax+5Ch],ebx
687CA2C0 C7 40 60 00 00 00 00 mov dword ptr [eax+60h],0
687CA2C7 5E                   pop esi
687CA2C8 85 DB                test ebx,ebx
687CA2CA 74 09                je 687CA2D5
687CA2CC 8B 13                mov edx,dword ptr [ebx] <--- CRASH

I have dump files (mini, or mini+heap) for both builds if it would help.

 

This bug seems semi-similar to the thread "Is InstallPopup not threadsafe?":

http://forums.ni.com/t5/LabWindows-CVI/Is-InstallPopup-not-threadsafe/m-p/716822/highlight/true#M35963

 

Just for posterity, I'll add the data for the 2013 build. IP is 0x687CA2CC, DLL Module address is 0x68420000-0x68A28000, so offset is 0x3AA2CC. "SetWindowsErrorMode()" enters at 0x003A75C0 in this dll, and "MinimizeAllWindows()" is at 0x003ACB20.

 

Thanks-
Baker

Search
Viewing all articles
Browse latest Browse all 5368
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>