Registrations are now open. Join us today!
There is still a lot of work to do on the wiki yet! More information about editing can be found here.
Already have an account?

Microsoft KB Archive/255607

From BetaArchive Wiki

PRB: Comctl32.dll Causes Access Violation After Debugging an Application


The information in this article applies to:

  • Microsoft Win32 Software Development Kit (SDK), used with:
    • the operating system: Microsoft Windows 98
    • the operating system: Microsoft Windows Millennium Edition


After you run an application in the debugger on Microsoft Windows 98 or Microsoft Windows Millennium Edition (Me), unrelated applications on the system may begin to generate access violations in the Comctl32.dll file.

For example, you may see this problem when an animated ToolTip is displayed or when the mouse hovers over a button of a toolbar with the TBSTYLE_FLAT style.


When Comctl32.dll uses a function that is not exported in all versions of system components, it uses the LoadLibrary and GetProcAddress functions to retrieve the address of the function, and then calls the function. This method prevents errors that are associated with static linking of a function that may not be present. In many instances, the function pointer is stored in a static or global variable; once the address is retrieved, it is never retrieved again. This problem occurs, for example, when Comctl32.dll calls the AnimateWindow or TrackMouseEvent function.

When a process is run under a debugger, the Windows 98 or Windows Me operating system provides the address of a thunk function in response to GetProcAddress, rather than the true function address. Unfortunately, Comctl32.dll is a shared DLL, so it is not unloaded when the process terminates. If the function is called the first time in the context of a process that is being debugged, the thunk function address is stored, rather than the true address. When the process that is being debugged terminates, the thunk address is released. The function pointer now stored in the static variable of Comctl32.dll is not NULL and does not point to a valid address. The next time this function pointer is used, an access violation occurs. All processes share the same copy of Comctl32.dll, and therefore this access violation occurs in any application that causes Comctl32.dll to call this function.

This problem occurs only with Comctl32.dll version 5.8x, which comes with Internet Explorer 5.0x because the data segment of this version of the DLL is shared. Previous versions do not share the data segment. This problem has only been observed on Windows 98 and Windows Me, but could also occur on Microsoft Windows 95.


It is important to note that this problem occurs only when an application is being debugged. The problem does not normally occur in a user's environment.

You can prevent this problem from occurring by performing the problematic action before running your application in the debugger. For example, cause the problem to occur (for example, cause an animated ToolTip to be displayed) before running your application in the debugger. This will cause the true function address to be loaded and the true function address is used from then on.


This behavior is by design.

Additional query words:

Keywords : kbCtrl kbSDKWin32 kbGrpDSUser kbOSWin98bug kbDSupport
Issue type : kbprb
Technology : kbWin32SDKSearch kbAudDeveloper kbSDKSearch kbWin32sSearch

Last Reviewed: February 22, 2001
© 2001 Microsoft Corporation. All rights reserved. Terms of Use.