It occurs only when running under Application Verifier, which is annoying, because it's masking another bug that I want to catch using AppVerifier, but I can't, because this crash starts happening first.
Here's the lovely code responsible (only slightly paraphrased):
ImportantHandle::ImportantHandle (void * rawData, unsigned sizeOfData) {
if (sizeOfData) {
this->ImportantPointer = rawData;
// Plus some inconsequential stuff
}
}
Spot the bug!
That's right: if you pass in a zero-size "blob", you get an undefined (aka. garbage) value in your ImportantPointer. What could go wrong!!!
The saddest part is, this is just one of many bugs in the program in question. Sometimes, it will just freeze in an infinite loop trying to reacquire a lost DirectX device, failing, and trying again without changing any state.
Other times, it'll crash in random areas with heap corruption - the bug I'm trying to chase - but not reliably, without AppVerifier. And of course AV causes it to barf in a dozen other creative ways instead.
It really is a minor miracle that I'm not yet bald.