64-bit WPF app crashes on some computers - by ED88B0D7-834D-4A98-8608-07154F3685DF

Status : 


Sign in
to vote
ID 780684 Comments
Status Closed Workarounds
Type Bug Repros 1
Opened 3/5/2013 7:28:32 AM
Access Restriction Public


(Sorry about the poor formatting. Connect apparently doesn't parse line breaks..?)

I'm running into an obscure .NET (WPF) crash. My application, which is compiled with a platform target of x64, silently crashes (no dialog or anything) and an event is logged in the Windows Event Viewer on a subset of my users' computers (as in it works for some people and crashes for others).

My application consists of the main WPF executable and a class library DLL, both compiled for the .NET Framework 4 Client Profile and both with a target platform of x64.

The weird thing is that if I compile the WPF executable with a target platform of AnyCPU, but leave the class library with a target of x64, then the application starts up fine.

The stacktrace looks like this (it appears the problem is in IsProcessorFeaturePresent()):

(a30.f0): Access violation - code c0000005 (first/second chance not available)
00000000`7729ce6b 418b4350        mov     eax,dword ptr [r11+50h] ds:00000000`00000050=????????
0:000> k
00000000`004cefd0 000007fe`f1cecf00 ntdll!RtlPcToFileHeader+0x97 00000000`004cf050 000007fe`f1cece5d MSVCR110_CLR0400!__ExceptionPtr::_CopyException+0x8b 00000000`004cf140 000007fe`f1cec978 MSVCR110_CLR0400!__ExceptionPtr::_InitBadAllocException+0x5d 00000000`004cf1a0 000007fe`f1cf519b MSVCR110_CLR0400!IsProcessorFeaturePresent+0x1bfe 00000000`004cf1d0 000007fe`f1ced41f MSVCR110_CLR0400!initterm+0x1f 00000000`004cf200 000007fe`f1ced3bf MSVCR110_CLR0400!cinit+0x3f 00000000`004cf230 00000000`772cb0d8 MSVCR110_CLR0400!CrtEndBoot+0x65 00000000`004cf260 00000000`772b784a ntdll!LdrpRunInitializeRoutines+0x1fe 00000000`004cf430 00000000`772b7b2e ntdll!LdrpLoadDll+0x231 00000000`004cf640 000007fe`fd9b9aa9 ntdll!LdrLoadDll+0x9a 00000000`004cf6b0 000007fe`fc24b05b KERNELBASE!LoadLibraryExW+0x22e 00000000`004cf720 000007fe`fc24aee3 mscoreei!RuntimeDesc::LoadLibrary+0x193 00000000`004cf8a0 000007fe`fc242611 mscoreei!RuntimeDesc::LoadMainRuntimeModule+0x266 00000000`004cf940 000007fe`fc24b2fb mscoreei!RuntimeDesc::EnsureLoaded+0x6a 00000000`004cf9d0 000007fe`fc24b299 mscoreei!RuntimeDesc::GetProcAddressInternal+0x23 00000000`004cfa00 000007fe`fc248974 mscoreei!CLRRuntimeInfoImpl::GetProcAddress+0x61 00000000`004cfa80 000007fe`fc2474c8 mscoreei!GetCorExeMainEntrypoint+0x120 00000000`004cfb40 000007fe`fb685b21 mscoreei!CorExeMain+0x41 00000000`004cfb90 00000000`76bc652d mscoree!CorExeMain_Exported+0x57 00000000`004cfbc0 00000000`772bc521 kernel32!BaseThreadInitThunk+0xd 00000000`004cfbf0 00000000`00000000 ntdll!RtlUserThreadStart+0x1d
Sign in to post a comment.
Posted by Microsoft on 6/5/2013 at 2:04 PM
Hi Soren, as I haven't hear back from you in a week, I'm going to resolve the bug internally as No Repro, as required by our bug bars and internal processes.
Posted by Microsoft on 5/29/2013 at 5:09 PM
Soren, I noticed IEBHO.dll was loaded into your process from C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll, and datamngr.dll loaded from C:\Program Files (x86)\Search Results Toolbar\Datamngr\x64\datamngr.dll. A quick search listed these as malware, that could be wrong, but can you confirm these aren't yours? Normally they should not be loaded into your process so early. Can you try removing these from your machine if they are not yours?

It would also help to know if you can repro this with something smaller.

Aditionally it would also help if you can try running your app on a different machine.

The image corruption I told you about earlier:

0:000> lmv m Updater
start             end                 module name
00000000`008d0000 00000000`00b60000 Updater T (no symbols)        
    Loaded symbol image file: Updater.exe
    Image path: C:\Users\Games\Desktop\EvolveSupport\Updater.exe
    Image name: Updater.exe
    Timestamp:        Thu Jan 10 14:34:11 2013 (50EF41E3)
    CheckSum:         00292699
    ImageSize:        00290000
    File version:
    Product version:
    File flags:     0 (Mask 3F)
    File OS:         4 Unknown Win32
    File type:        1.0 App
    File date:        00000000.00000000
    Translations:     0000.04b0 0000.04e4 0409.04b0 0409.04e4
0:000> !dh 0x8d0000
No file header
0:000> dt ntdll!_IMAGE_DOS_HEADER 0x8d0000
+0x000 e_magic         : 0xb848

The magic should be 0x5A4D.
Posted by Microsoft on 5/29/2013 at 4:11 PM
Is it posible to share your executable?

Additionally, can you run the app, crash it as before, collect the dump and attach two or three more of the dumps to the bug? From what we can see it seems the process image is being corrupted somehow during startup, and without a repro or a few more dumps to hopefully identify a pattern, there's no way to identify where the corruption happens.
Posted by ED88B0D7-834D-4A98-8608-07154F3685DF on 5/29/2013 at 3:39 PM
On the computers affected, this is reproducible every time the application launches. And yes, I've only observed this issue on 64-bit machines.
Posted by Microsoft on 5/29/2013 at 3:35 PM
Soren, do your repro this consistently, or only sometimes? Can you confirm you repro this only on 64-bit?
Posted by Microsoft on 3/7/2013 at 4:22 AM
Thanks for your feedback.

We are rerouting this issue to the appropriate group within the Visual Studio Product Team for triage and resolution. These specialized experts will follow-up with your issue.
Posted by ED88B0D7-834D-4A98-8608-07154F3685DF on 3/6/2013 at 11:57 AM
I've attached a crash dump (Crash.7z) from a user's machine. This particular user has a different stack than the other user:

00000000`0048f270 000007fe`f281000f ntdll!RtlPcToFileHeader+0x97
00000000`0048f2f0 000007fe`f28102f6 MSVCR100_CLR0400!__ExceptionPtr::_CopyException+0x6f
00000000`0048f400 000007fe`f287fee4 MSVCR100_CLR0400!__ExceptionPtr::_InitBadAllocException+0x5e
00000000`0048f450 000007fe`f2810a13 MSVCR100_CLR0400!_GSHandlerCheck_EH+0x1c80
00000000`0048f480 000007fe`f2810b27 MSVCR100_CLR0400!initterm+0x1f
00000000`0048f4b0 000007fe`f2811245 MSVCR100_CLR0400!cinit+0x3f
00000000`0048f4e0 00000000`7798bde8 MSVCR100_CLR0400!CrtEndBoot+0x89
00000000`0048f510 00000000`779841db ntdll!LdrpRunInitializeRoutines+0x1fe
00000000`0048f6e0 00000000`779844ce ntdll!LdrpLoadDll+0x31e
00000000`0048f8f0 000007fe`fe12a369 ntdll!LdrLoadDll+0x9a
00000000`0048f960 000007fe`efd11812 KERNELBASE!LoadLibraryExW+0x22e
00000000`0048f9d0 000007fe`efd13cf8 mscoreei!RuntimeDesc::LoadLibrary+0x82
00000000`0048fb40 000007fe`efd13ca9 mscoreei!RuntimeDesc::LoadMainRuntimeModuleHelper+0x4a
00000000`0048fb70 000007fe`efd13a85 mscoreei!RuntimeDesc::LoadMainRuntimeModule+0x4a
00000000`0048fc00 000007fe`efd13962 mscoreei!RtlPcToFileHeader+0xc23d
00000000`0048fc90 000007fe`efd13904 mscoreei!RuntimeDesc::GetProcAddressInternal+0x22
00000000`0048fcc0 000007fe`efd13450 mscoreei!CLRRuntimeInfoImpl::GetProcAddress+0x5c
00000000`0048fd50 000007fe`efd132f1 mscoreei!GetCorExeMainEntrypoint+0x161
00000000`0048fe10 000007fe`f0125b21 mscoreei!CorExeMain+0x31
00000000`0048fe40 00000000`7784f33d mscoree!CorExeMain_Exported+0x57
00000000`0048fe70 00000000`77982cc1 kernel32!BaseThreadInitThunk+0xd
00000000`0048fea0 00000000`00000000 ntdll!RtlUserThreadStart+0x1d
Posted by Microsoft on 3/5/2013 at 9:04 PM
Thanks for your feedback. In order to efficiently investigate and reproduce this issue, we are requesting additional information outlined below.

Could you please give us a dump file so that we can conduct further research?

Visual Studio now has an extension called Microsoft Visual Studio 2012 Feedback Tool, available on the VS gallery(http://visualstudiogallery.msdn.microsoft.com/f8a5aac8-0418-4f88-9d34-bdbe2c4cfe72).

The extension allows you to
1. upload files,
2. collect trace and dump files
3. collect steps while you're repro'ing the issue, as well as
4. SQM logs about VS extensions installed
5. System details (in DxDiag output)

Please submit this information to us within 4 business days. We look forward to hearing from you with this information.

Microsoft Visual Studio Connect Support Team
Posted by Microsoft on 3/5/2013 at 10:50 AM
Thank you for your feedback, we are currently reviewing the issue you have submitted. If this issue is urgent, please contact support directly(http://support.microsoft.com)