When DLL with statically linked debug CRT, which called _CrtSetDbgFlag(_CRTDBG_LEAK_CHECK_DF ) exits, CRT code will write to a freed heap block. This will be caught by the page heap or some other heap debugger and potentially can lead to a memory corruption.
The problem is that __freeCrtMemory() from crt0dat.c will be called twice (stack traces attached) and it will 2 times decrese the reference for __ptmbcinfo (line 495):
if (InterlockedDecrement(&(__ptmbcinfo->refcount)) == 0 && __ptmbcinfo != &__initialmbcinfo)
__ptmbcinfo = &__initialmbcinfo;
This structure was allocated at mbctype.cpp:600 and it has recount 2 since it is also stored in _getptd() data.