w3dview crash in CDataTreeView::AddRenderObjects #1148
Description
Crash when using w3dview to load objects
> w3dview.exe!CDataTreeView::AddRenderObjects() Line 128 C++
w3dview.exe!CMainFrame::OnOpen() Line 676 C++
[Inline Frame] mfc140.dll!_AfxDispatchCmdMsg(CCmdTarget * pfn, unsigned int nSig, int) Line 77 C++
mfc140.dll!CCmdTarget::OnCmdMsg(unsigned int nID, int nCode, void * pExtra, AFX_CMDHANDLERINFO * pHandlerInfo) Line 377 C++
mfc140.dll!CFrameWnd::OnCmdMsg(unsigned int nID, int nCode, void * pExtra, AFX_CMDHANDLERINFO * pHandlerInfo) Line 988 C++
w3dview.exe!CMainFrame::OnCmdMsg(unsigned int nID, int nCode, void * pExtra, AFX_CMDHANDLERINFO * pHandlerInfo) Line 180 C++
mfc140.dll!CWnd::OnCommand(unsigned int wParam, long lParam) Line 2801 C++
mfc140.dll!CFrameWnd::OnCommand(unsigned int wParam, long lParam) Line 384 C++
w3dview.exe!CMainFrame::OnCommand(unsigned int wParam, long lParam) Line 217 C++
mfc140.dll!CWnd::OnWndMsg(unsigned int message, unsigned int wParam, long lParam, long * pResult) Line 2114 C++
mfc140.dll!CWnd::WindowProc(unsigned int message, unsigned int wParam, long lParam) Line 2100 C++
w3dview.exe!CMainFrame::WindowProc(unsigned int message, unsigned int wParam, long lParam) Line 230 C++
mfc140.dll!AfxCallWndProc(CWnd * pWnd, HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 268 C++
mfc140.dll!AfxWndProc(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 417 C++
mfc140.dll!AfxWndProcBase(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 299 C++
user32.dll!__InternalCallWinProc@20() Unknown
user32.dll!UserCallWinProcCheckWow() Unknown
user32.dll!SendMessageWorker(struct tagWND *,unsigned int,unsigned int,long,int) Unknown
user32.dll!SendMessageW() Unknown
comctl32.dll!_TBOnLButtonUp@20() Unknown
comctl32.dll!_ToolbarWndProc@16() Unknown
user32.dll!__InternalCallWinProc@20() Unknown
user32.dll!UserCallWinProcCheckWow() Unknown
user32.dll!CallWindowProcAorW(long (*)(struct HWND__ *,unsigned int,unsigned int,long),struct HWND__ *,enum _WM_VALUE,unsigned int,long,int) Unknown
user32.dll!_CallWindowProcA@20() Unknown
mfc140.dll!CWnd::DefWindowProcA(unsigned int nMsg, unsigned int wParam, long lParam) Line 1108 C++
mfc140.dll!CWnd::WindowProc(unsigned int message, unsigned int wParam, long lParam) Line 2101 C++
mfc140.dll!CControlBar::WindowProc(unsigned int nMsg, unsigned int wParam, long lParam) Line 502 C++
mfc140.dll!AfxCallWndProc(CWnd * pWnd, HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 268 C++
mfc140.dll!AfxWndProc(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 417 C++
mfc140.dll!AfxWndProcBase(HWND__ * hWnd, unsigned int nMsg, unsigned int wParam, long lParam) Line 299 C++
user32.dll!__InternalCallWinProc@20() Unknown
user32.dll!UserCallWinProcCheckWow() Unknown
user32.dll!_DispatchMessageWorker@8() Unknown
user32.dll!IsDialogMessageW() Unknown
user32.dll!IsDialogMessageA() Unknown
mfc140.dll!CWnd::IsDialogMessageA(tagMSG * lpMsg) Line 193 C++
mfc140.dll!CWnd::PreTranslateInput(tagMSG * lpMsg) Line 4607 C++
mfc140.dll!CControlBar::PreTranslateMessage(tagMSG * pMsg) Line 440 C++
mfc140.dll!CWnd::WalkPreTranslateTree(HWND__ * hWndStop, tagMSG * pMsg) Line 3380 C++
mfc140.dll!AfxInternalPreTranslateMessage(tagMSG * pMsg) Line 233 C++
mfc140.dll!CWinThread::PreTranslateMessage(tagMSG * pMsg) Line 777 C++
mfc140.dll!AfxPreTranslateMessage(tagMSG * pMsg) Line 252 C++
mfc140.dll!AfxInternalPumpMessage() Line 178 C++
mfc140.dll!AfxWinMain(HINSTANCE__ * hInstance, HINSTANCE__ * hPrevInstance, char * lpCmdLine, int nCmdShow) Line 61 C++
[Inline Frame] w3dview.exe!invoke_main() Line 102 C++
w3dview.exe!__scrt_common_main_seh() Line 288 C++
kernel32.dll!7674fcc9() Unknown
[Frames below may be incorrect and/or missing, no symbols loaded for kernel32.dll]
ntdll.dll!__RtlUserThreadStart() Unknown
ntdll.dll!__RtlUserThreadStart@8() Unknown
Exception thrown: read access violation.
iter->**** was 0x7F7FFFFF.
| Name | Value | Type | |
|---|---|---|---|
| ◢ | iter | 0x02f7bfac {...} | RenderObjIterator * |
| ◢ AssetIterator | {m_index=0xbf800000 } | AssetIterator | |
| ▶ __vfptr | 0x7f7fffff {???, ???, ???, ???, ???} | void * * | |
| m_index | 0xbf800000 | int |
vtable of iter is garbage. Crashes on calling First().
void CDataTreeView::AddRenderObjects()
{
SetRedraw(FALSE);
RenderObjIterator *iter = W3DAssetManager::Get_Instance()->Create_Render_Obj_Iterator();
if (iter != nullptr) {
for (iter->First(); !iter->Is_Done(); iter->Next()) { // <----- crash here
const char *name = iter->Current_Item_Name();
...