View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000174Falcon BMS Known BugsTEpublic2021-05-07 00:412021-05-07 00:41
Reporterairtex2019 Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
PlatformPCOSWindowsOS VersionWindows 10
Product VersionBMS 4.35 U1 
Summary0000174: WinDbg: HEAP[Falcon BMS.exe]: HEAP: Free Heap block ... modified at ... after it was freed
DescriptionRunning under WinDbg .. just flew TR#3 landing TE.. after exiting 3D to return to 2D, a couple dozen of these use-after-free breakpoint assertions are hit.

After deduping the stack traces, here are the 6 unique points in the code where this assertion breaks. These should probably be 6 separate bugs? But just opening this as 1 for now, in case these are all known .. already fixed, or tracked elsewhere.

I know there are known issues with needing to fully quit and restart the process, after leaving 3D .. hoping maybe some of these use-after-free bugs may help squash some of those longstanding issues.
Steps To ReproduceStart WinDbg, launch Falcon BMS.exe
Fly TR#3. Exit cockpit.

Observe: couple dozen use-after-free breakpoint assertions hit, before return to 2D map view
Expected: no broken assertions
Additional InformationHEAP[Falcon BMS.exe]: HEAP: Free Heap block 0000000106727A10 modified at 0000000106728948 after it was freed
(1704.2a90): Break instruction exception - code 80000003 (first chance)
ntdll!RtlpBreakPointHeap+0x16:k 24
00 00000000`0014e488 00007ffa`77a96256 ntdll!RtlpBreakPointHeap+0x16
01 00000000`0014e490 00007ffa`77a95b74 ntdll!RtlpFreeHeap+0x656
02 00000000`0014e640 00007ffa`77a947b1 ntdll!RtlpFreeHeapInternal+0x464
03 00000000`0014e700 00007ffa`77b691aa ntdll!RtlFreeHeap+0x51
04 00000000`0014e740 00007ffa`77a95cc1 ntdll!RtlDebugFreeHeap+0x23e
05 00000000`0014e7a0 00007ffa`77a95b74 ntdll!RtlpFreeHeap+0xc1
06 00000000`0014e950 00007ffa`77a947b1 ntdll!RtlpFreeHeapInternal+0x464
07 00000000`0014ea10 00000000`04c1cc5c ntdll!RtlFreeHeap+0x51
08 00000000`0014ea50 00000000`044ceb1f Falcon_BMS!_free_base+0x1c [d:\th\minkernel\crts\ucrt\src\appcrt\heap\free_base.cpp @ 107]
09 00000000`0014ea80 00000000`044d01fa Falcon_BMS!NavigationSystem::`scalar deleting destructor'+0x7f
0a 00000000`0014eab0 00000000`04496876 Falcon_BMS!CampaignClass::EndCampaign+0x3ea [d:\wip\bms\svn\code-4.35\campaign\campupd\cmpclass.cpp @ 1129]
0b 00000000`0014eae0 00000000`045a2215 Falcon_BMS!ShutdownCampaign+0x26 [d:\wip\bms\svn\code-4.35\ui\src\winmain.cpp @ 3808]
0c 00000000`0014eb10 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0xb95 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 947]
0d 00000000`0014ecb0 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]
0e 00000000`0014ecf0 00007ffa`7722e4ee USER32!UserCallWinProcCheckWow+0x2f8
0f 00000000`0014ee80 00007ffa`49135759 USER32!CallWindowProcW+0x8e
10 00000000`0014eed0 00007ffa`491358c4 DINPUT8!CallNextSubclassProc+0x95
11 00000000`0014ef40 00007ffa`49135759 DINPUT8!DefSubclassProc+0x94
12 00000000`0014ef90 00007ffa`49135ba6 DINPUT8!CallNextSubclassProc+0x95
13 00000000`0014f000 00007ffa`7722e858 DINPUT8!MasterSubclassProc+0x96
14 00000000`0014f060 00007ffa`7722de1b USER32!UserCallWinProcCheckWow+0x2f8
15 00000000`0014f1f0 00007ffa`77229785 USER32!SendMessageWorker+0x70b
16 00000000`0014f290 00000000`045a1f28 USER32!SendMessageA+0x55
17 00000000`0014f2e0 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0x8a8 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 859]
18 00000000`0014f480 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]
19 00000000`0014f4c0 00007ffa`7722e4ee USER32!UserCallWinProcCheckWow+0x2f8
1a 00000000`0014f650 00007ffa`49135759 USER32!CallWindowProcW+0x8e
1b 00000000`0014f6a0 00007ffa`491358c4 DINPUT8!CallNextSubclassProc+0x95
1c 00000000`0014f710 00007ffa`49135759 DINPUT8!DefSubclassProc+0x94
1d 00000000`0014f760 00007ffa`49135ba6 DINPUT8!CallNextSubclassProc+0x95
1e 00000000`0014f7d0 00007ffa`7722e858 DINPUT8!MasterSubclassProc+0x96
1f 00000000`0014f830 00007ffa`7722e299 USER32!UserCallWinProcCheckWow+0x2f8
20 00000000`0014f9c0 00000000`0449319d USER32!DispatchMessageWorker+0x249
21 (Inline Function) --------`-------- Falcon_BMS!FalconDisplayConfiguration::Run+0x54 [d:\wip\bms\svn\code-4.35\falclib\dispcfg.cpp @ 209]
22 00000000`0014fa40 00000000`04493329 Falcon_BMS!HandleWinMain+0xc2d [d:\wip\bms\svn\code-4.35\ui\src\winmain.cpp @ 1102]


HEAP[Falcon BMS.exe]: HEAP: Free Heap block 0000000106727A10 modified at 00000001067289C8 after it was freed
(1704.2a90): Break instruction exception - code 80000003 (first chance)
ntdll!RtlpBreakPointHeap+0x16:
00007ffa`77b6a182 cc int 3
0:000> k 20
 # Child-SP RetAddr Call Site
00 00000000`0014c6a8 00007ffa`77a9dd6a ntdll!RtlpBreakPointHeap+0x16
01 00000000`0014c6b0 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xc0a
02 00000000`0014c900 00007ffa`77b68648 ntdll!RtlpAllocateHeapInternal+0xa2d
03 00000000`0014ca10 00007ffa`77a9d255 ntdll!RtlDebugAllocateHeap+0xe8
04 00000000`0014ca70 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xf5
05 00000000`0014ccc0 00000000`04c1ccc4 ntdll!RtlpAllocateHeapInternal+0xa2d
06 00000000`0014cdd0 00000000`04bdb4e3 Falcon_BMS!_malloc_base+0x44 [d:\th\minkernel\crts\ucrt\src\appcrt\heap\malloc_base.cpp @ 29]
07 00000000`0014ce00 00000000`04abcec9 Falcon_BMS!operator new+0x1f [d:\agent\_work\2\s\src\vctools\crt\vcstartup\src\heap\new_scalar.cpp @ 35]
08 00000000`0014ce30 00000000`04abda7e Falcon_BMS!tinyxml2::MemPoolT<112>::Alloc+0x29 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.h @ 376]
09 00000000`0014ce60 00000000`04aba92d Falcon_BMS!tinyxml2::XMLDocument::CreateUnlinkedNode<tinyxml2::XMLText,112>+0x1e [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.h @ 1932]
0a 00000000`0014ce90 00000000`04abac77 Falcon_BMS!tinyxml2::XMLDocument::Identify+0x12d [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 714]
0b 00000000`0014ced0 00000000`04abc134 Falcon_BMS!tinyxml2::XMLNode::ParseDeep+0xa7 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1014]
0c 00000000`0014cf70 00000000`04abacb8 Falcon_BMS!tinyxml2::XMLElement::ParseDeep+0xa4 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1913]
0d 00000000`0014cfa0 00000000`04abc134 Falcon_BMS!tinyxml2::XMLNode::ParseDeep+0xe8 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1023]
0e 00000000`0014d040 00000000`04abacb8 Falcon_BMS!tinyxml2::XMLElement::ParseDeep+0xa4 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1913]
0f 00000000`0014d070 00000000`04abc134 Falcon_BMS!tinyxml2::XMLNode::ParseDeep+0xe8 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1023]
10 00000000`0014d110 00000000`04abacb8 Falcon_BMS!tinyxml2::XMLElement::ParseDeep+0xa4 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1913]
11 00000000`0014d140 00000000`04abc134 Falcon_BMS!tinyxml2::XMLNode::ParseDeep+0xe8 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1023]
12 00000000`0014d1e0 00000000`04abacb8 Falcon_BMS!tinyxml2::XMLElement::ParseDeep+0xa4 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1913]
13 00000000`0014d210 00000000`04abc8c3 Falcon_BMS!tinyxml2::XMLNode::ParseDeep+0xe8 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 1023]
14 (Inline Function) --------`-------- Falcon_BMS!tinyxml2::XMLDocument::LoadFile+0xa1 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 2242]
15 00000000`0014d2b0 00000000`0450ebc0 Falcon_BMS!tinyxml2::XMLDocument::LoadFile+0x113 [d:\wip\bms\svn\code-4.35\extlibs\tinyxml2\tinyxml2.cpp @ 2174]
16 00000000`0014d2f0 00000000`044d1e7e Falcon_BMS!LoadMissionDataXml+0x2b0 [d:\wip\bms\svn\code-4.35\falclib\entity.cpp @ 5988]
17 00000000`0014e6c0 00000000`044cebc6 Falcon_BMS!CampaignClass::LoadScenarioStats+0x4de [d:\wip\bms\svn\code-4.35\campaign\campupd\cmpclass.cpp @ 1801]
18 00000000`0014e7c0 00000000`045a1e96 Falcon_BMS!CampaignClass::LoadCampaign+0x56 [d:\wip\bms\svn\code-4.35\campaign\campupd\cmpclass.cpp @ 521]
19 00000000`0014eae0 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0x816 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 843]
1a 00000000`0014ec80 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]


HEAP[Falcon BMS.exe]: HEAP: Free Heap block 000000003C62ED60 modified at 000000003C62ED98 after it was freed
(1704.2a90): Break instruction exception - code 80000003 (first chance)
ntdll!RtlpBreakPointHeap+0x16:
00007ffa`77b6a182 cc int 3
0:000> k 20
 # Child-SP RetAddr Call Site
00 00000000`0014a818 00007ffa`77a9dd6a ntdll!RtlpBreakPointHeap+0x16
01 00000000`0014a820 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xc0a
02 00000000`0014aa70 00007ffa`77b68648 ntdll!RtlpAllocateHeapInternal+0xa2d
03 00000000`0014ab80 00007ffa`77a9d255 ntdll!RtlDebugAllocateHeap+0xe8
04 00000000`0014abe0 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xf5
05 00000000`0014ae30 00000000`04c1ccc4 ntdll!RtlpAllocateHeapInternal+0xa2d
06 00000000`0014af40 00000000`04bdb4e3 Falcon_BMS!_malloc_base+0x44 [d:\th\minkernel\crts\ucrt\src\appcrt\heap\malloc_base.cpp @ 29]
07 00000000`0014af70 00000000`0451f3c3 Falcon_BMS!operator new+0x1f [d:\agent\_work\2\s\src\vctools\crt\vcstartup\src\heap\new_scalar.cpp @ 35]
08 (Inline Function) --------`-------- Falcon_BMS!std::allocator<std::_Tree_node<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,FrequencyPair>,void *> >::allocate+0xa [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\xmemory0 @ 997]
09 00000000`0014afa0 00000000`0451f04e Falcon_BMS!std::_Tree_comp_alloc<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,FrequencyPair,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,FrequencyPair> >,0> >::_Buynode0+0x13 [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\xtree @ 958]
0a 00000000`0014afd0 00000000`0451ef3f Falcon_BMS!std::_Tree_comp_alloc<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,int,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,int> >,0> >::_Buynode<std::piecewise_construct_t const &,std::tuple<std::basic_string<char,std::char_traits<char>,std::allocator<char> > &&>,std::tuple<> >+0xe [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\xtree @ 983]
0b (Inline Function) --------`-------- Falcon_BMS!std::_Tree<std::_Tmap_traits<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,enum RADIO_AGENCIES,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,enum RADIO_AGENCIES> >,0> >::emplace_hint+0x12 [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\xtree @ 1162]
0c (Inline Function) --------`-------- Falcon_BMS!std::map<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,enum RADIO_AGENCIES,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,enum RADIO_AGENCIES> > >::_Try_emplace+0x6a [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\map @ 232]
0d (Inline Function) --------`-------- Falcon_BMS!std::map<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,enum RADIO_AGENCIES,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,enum RADIO_AGENCIES> > >::try_emplace+0x6a [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\map @ 263]
0e 00000000`0014b000 00000000`0451bfa2 Falcon_BMS!std::map<std::basic_string<char,std::char_traits<char>,std::allocator<char> >,enum RADIO_AGENCIES,std::less<std::basic_string<char,std::char_traits<char>,std::allocator<char> > >,std::allocator<std::pair<std::basic_string<char,std::char_traits<char>,std::allocator<char> > const ,enum RADIO_AGENCIES> > >::operator[]+0x7f [c:\program files (x86)\microsoft visual studio\2017\enterprise\vc\tools\msvc\14.16.27023\include\map @ 199]
0f 00000000`0014b040 00000000`044ce8e7 Falcon_BMS!MessageAgencyMap::SetupMessageNameStringMap+0x4c02 [d:\wip\bms\svn\code-4.35\falclib\radiospectrum.cpp @ 567]
10 (Inline Function) --------`-------- Falcon_BMS!MessageAgencyMap::init+0x38 [d:\wip\bms\svn\code-4.35\falclib\include\radiospectrum.h @ 470]
11 (Inline Function) --------`-------- Falcon_BMS!MessageAgencyMap::{ctor}+0x7b [d:\wip\bms\svn\code-4.35\falclib\include\radiospectrum.h @ 393]
12 00000000`0014e5f0 00000000`044ced0c Falcon_BMS!CampaignClass::InitCampaign+0x647 [d:\wip\bms\svn\code-4.35\campaign\campupd\cmpclass.cpp @ 428]
13 00000000`0014e7c0 00000000`045a1e96 Falcon_BMS!CampaignClass::LoadCampaign+0x19c [d:\wip\bms\svn\code-4.35\campaign\campupd\cmpclass.cpp @ 560]
14 00000000`0014eae0 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0x816 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 843]
15 00000000`0014ec80 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]


HEAP[Falcon BMS.exe]: HEAP: Free Heap block 00000000BF3E3180 modified at 00000000BF3E34C8 after it was freed
(1704.2a90): Break instruction exception - code 80000003 (first chance)
ntdll!RtlpBreakPointHeap+0x16:
00007ffa`77b6a182 cc int 3
0:000> k 20
 # Child-SP RetAddr Call Site
00 00000000`0014e058 00007ffa`77a9dd6a ntdll!RtlpBreakPointHeap+0x16
01 00000000`0014e060 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xc0a
02 00000000`0014e2b0 00007ffa`77b68648 ntdll!RtlpAllocateHeapInternal+0xa2d
03 00000000`0014e3c0 00007ffa`77a9d255 ntdll!RtlDebugAllocateHeap+0xe8
04 00000000`0014e420 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xf5
05 00000000`0014e670 00000000`04c1ccc4 ntdll!RtlpAllocateHeapInternal+0xa2d
06 00000000`0014e780 00000000`04bdb4e3 Falcon_BMS!_malloc_base+0x44 [d:\th\minkernel\crts\ucrt\src\appcrt\heap\malloc_base.cpp @ 29]
07 00000000`0014e7b0 00000000`0498358c Falcon_BMS!operator new+0x1f [d:\agent\_work\2\s\src\vctools\crt\vcstartup\src\heap\new_scalar.cpp @ 35]
08 00000000`0014e7e0 00000000`04971133 Falcon_BMS!C_TextHash::AddText+0x17c [d:\wip\bms\svn\code-4.35\ui95\chash.cpp @ 86]
09 (Inline Function) --------`-------- Falcon_BMS!C_String::AddString+0xd [d:\wip\bms\svn\code-4.35\ui95\cstringrc.cpp @ 94]
0a (Inline Function) --------`-------- Falcon_BMS!C_String::LocalFunction+0x33 [d:\wip\bms\svn\code-4.35\ui95\cstringrc.cpp @ 154]
0b 00000000`0014e830 00000000`0496dc96 Falcon_BMS!C_Parser::ParseString+0x133 [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 3408]
0c 00000000`0014e8e0 00000000`04a518f1 Falcon_BMS!C_Parser::LoadStringList+0x176 [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 1226]
0d (Inline Function) --------`-------- Falcon_BMS!LoadStringFiles+0xc [d:\wip\bms\svn\code-4.35\ui\src\ui_main.cpp @ 1191]
0e 00000000`0014e930 00000000`045a1b54 Falcon_BMS!UI_Startup+0x411 [d:\wip\bms\svn\code-4.35\ui\src\ui_main.cpp @ 1839]
0f 00000000`0014eb10 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0x4d4 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 750]
10 00000000`0014ecb0 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]
11 00000000`0014ecf0 00007ffa`7722e4ee USER32!UserCallWinProcCheckWow+0x2f8
12 00000000`0014ee80 00007ffa`49135759 USER32!CallWindowProcW+0x8e
13 00000000`0014eed0 00007ffa`491358c4 DINPUT8!CallNextSubclassProc+0x95
14 00000000`0014ef40 00007ffa`49135759 DINPUT8!DefSubclassProc+0x94
15 00000000`0014ef90 00007ffa`49135ba6 DINPUT8!CallNextSubclassProc+0x95
16 00000000`0014f000 00007ffa`7722e858 DINPUT8!MasterSubclassProc+0x96
17 00000000`0014f060 00007ffa`7722de1b USER32!UserCallWinProcCheckWow+0x2f8
18 00000000`0014f1f0 00007ffa`77229785 USER32!SendMessageWorker+0x70b
19 00000000`0014f290 00000000`045a2099 USER32!SendMessageA+0x55
1a 00000000`0014f2e0 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0xa19 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 915]
1b 00000000`0014f480 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]


HEAP[Falcon BMS.exe]: HEAP: Free Heap block 0000000100942740 modified at 0000000100943468 after it was freed
(1704.2a90): Break instruction exception - code 80000003 (first chance)
ntdll!RtlpBreakPointHeap+0x16:
00007ffa`77b6a182 cc int 3
0:000> k 20
 # Child-SP RetAddr Call Site
00 00000000`0014de88 00007ffa`77a9dd6a ntdll!RtlpBreakPointHeap+0x16
01 00000000`0014de90 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xc0a
02 00000000`0014e0e0 00007ffa`77b68648 ntdll!RtlpAllocateHeapInternal+0xa2d
03 00000000`0014e1f0 00007ffa`77a9d255 ntdll!RtlDebugAllocateHeap+0xe8
04 00000000`0014e250 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xf5
05 00000000`0014e4a0 00000000`04c1ccc4 ntdll!RtlpAllocateHeapInternal+0xa2d
06 00000000`0014e5b0 00000000`04bdb4e3 Falcon_BMS!_malloc_base+0x44 [d:\th\minkernel\crts\ucrt\src\appcrt\heap\malloc_base.cpp @ 29]
07 00000000`0014e5e0 00000000`0498ab99 Falcon_BMS!operator new+0x1f [d:\agent\_work\2\s\src\vctools\crt\vcstartup\src\heap\new_scalar.cpp @ 35]
08 00000000`0014e610 00000000`04982b4c Falcon_BMS!C_Resmgr::LoadData+0x109 [d:\wip\bms\svn\code-4.35\ui95\cresmgr.cpp @ 389]
09 00000000`0014e750 00000000`0496fa3c Falcon_BMS!C_Image::LoadPrivateRes+0xbc [d:\wip\bms\svn\code-4.35\ui95\cimagerc.cpp @ 687]
0a 00000000`0014e780 00000000`0496d896 Falcon_BMS!C_Parser::ParseImage+0x11c [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 2700]
0b 00000000`0014e800 00000000`04a4eb9b Falcon_BMS!C_Parser::LoadImageList+0x176 [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 1057]
0c 00000000`0014e850 00000000`04a519c5 Falcon_BMS!LoadMainWindow+0x3b [d:\wip\bms\svn\code-4.35\ui\src\ui_main.cpp @ 618]
0d 00000000`0014e930 00000000`045a1b54 Falcon_BMS!UI_Startup+0x4e5 [d:\wip\bms\svn\code-4.35\ui\src\ui_main.cpp @ 1844]
0e 00000000`0014eb10 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0x4d4 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 750]
0f 00000000`0014ecb0 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]
10 00000000`0014ecf0 00007ffa`7722e4ee USER32!UserCallWinProcCheckWow+0x2f8
11 00000000`0014ee80 00007ffa`49135759 USER32!CallWindowProcW+0x8e
12 00000000`0014eed0 00007ffa`491358c4 DINPUT8!CallNextSubclassProc+0x95
13 00000000`0014ef40 00007ffa`49135759 DINPUT8!DefSubclassProc+0x94
14 00000000`0014ef90 00007ffa`49135ba6 DINPUT8!CallNextSubclassProc+0x95
15 00000000`0014f000 00007ffa`7722e858 DINPUT8!MasterSubclassProc+0x96
16 00000000`0014f060 00007ffa`7722de1b USER32!UserCallWinProcCheckWow+0x2f8
17 00000000`0014f1f0 00007ffa`77229785 USER32!SendMessageWorker+0x70b
18 00000000`0014f290 00000000`045a2099 USER32!SendMessageA+0x55
19 00000000`0014f2e0 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0xa19 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 915]
1a 00000000`0014f480 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]


HEAP[Falcon BMS.exe]: HEAP: Free Heap block 000000003C893E90 modified at 000000003C894148 after it was freed
(1704.2a90): Break instruction exception - code 80000003 (first chance)
ntdll!RtlpBreakPointHeap+0x16:
00007ffa`77b6a182 cc int 3
0:000> k 20
 # Child-SP RetAddr Call Site
00 00000000`0014dec8 00007ffa`77a9dd6a ntdll!RtlpBreakPointHeap+0x16
01 00000000`0014ded0 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xc0a
02 00000000`0014e120 00007ffa`77b68648 ntdll!RtlpAllocateHeapInternal+0xa2d
03 00000000`0014e230 00007ffa`77a9d255 ntdll!RtlDebugAllocateHeap+0xe8
04 00000000`0014e290 00007ffa`77a9b44d ntdll!RtlpAllocateHeap+0xf5
05 00000000`0014e4e0 00000000`04c1ccc4 ntdll!RtlpAllocateHeapInternal+0xa2d
06 00000000`0014e5f0 00000000`04bdb4e3 Falcon_BMS!_malloc_base+0x44 [d:\th\minkernel\crts\ucrt\src\appcrt\heap\malloc_base.cpp @ 29]
07 00000000`0014e620 00000000`0497e158 Falcon_BMS!operator new+0x1f [d:\agent\_work\2\s\src\vctools\crt\vcstartup\src\heap\new_scalar.cpp @ 35]
08 00000000`0014e650 00000000`0497402c Falcon_BMS!O_Output::SetText+0xb8 [d:\wip\bms\svn\code-4.35\ui95\ooutput.cpp @ 178]
09 00000000`0014e680 00000000`0496ac63 Falcon_BMS!C_Button::SetText+0x15c [d:\wip\bms\svn\code-4.35\ui95\cbuttons.cpp @ 682]
0a 00000000`0014e6c0 00000000`0496ed77 Falcon_BMS!C_ListBox::AddItem+0xc3 [d:\wip\bms\svn\code-4.35\ui95\clistbox.cpp @ 279]
0b 00000000`0014e720 00000000`0496f097 Falcon_BMS!C_Parser::ControlParser+0xec7 [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 1874]
0c 00000000`0014e790 00000000`0496f90f Falcon_BMS!C_Parser::WindowParser+0x1c7 [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 1982]
0d 00000000`0014e800 00000000`0496d398 Falcon_BMS!C_Parser::ParseWindow+0x16f [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 2330]
0e 00000000`0014e850 00000000`049a4084 Falcon_BMS!C_Parser::LoadWindowList+0x228 [d:\wip\bms\svn\code-4.35\ui95\cparser.cpp @ 850]
0f 00000000`0014e8b0 00000000`04992766 Falcon_BMS!LoadPlannerWindows+0x54 [d:\wip\bms\svn\code-4.35\ui\src\campaign\planner.cpp @ 119]
10 00000000`0014e900 00000000`04a51fbd Falcon_BMS!LoadCampaignSelectWindows+0xe6 [d:\wip\bms\svn\code-4.35\ui\src\campaign\cpselect.cpp @ 197]
11 00000000`0014e930 00000000`045a1b54 Falcon_BMS!UI_Startup+0xadd [d:\wip\bms\svn\code-4.35\ui\src\ui_main.cpp @ 1892]
12 00000000`0014eb10 00000000`045a4193 Falcon_BMS!FalconMainWindowD3D11::ExtendedMessageHandler+0x4d4 [d:\wip\bms\svn\code-4.35\graphics\bluebox\falconmainwindowd3d11.cpp @ 750]
13 00000000`0014ecb0 00007ffa`7722e858 Falcon_BMS!ApplicationWindow::WndProc+0x73 [d:\wip\bms\svn\code-4.35\graphics\bluebox\applicationwindow.cpp @ 1611]
TagsWinDbg
Theatre of OperationsKTO

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-05-07 00:41 airtex2019 New Issue
2021-05-07 00:41 airtex2019 Tag Attached: WinDbg