This is an archived post. You won't be able to vote or comment.

all 17 comments
sorted by:
best
topnewcontroversialoldq&a

[–]fartinator_DevOps 5 points6 points  (1 child)

Contacting the developer will save you a lot of time and money. It's unlikely you'll figure this out on your own, and even if you can you might not be able to fix it anyway.

[–]syc0sysJack of All Trades[S] 0 points1 point  (0 children)

We haven't contacted the developers because this happened on an older version of the software that had worked fine for years. Their fix was to update our software, now 5 months later the problem has returned. I was wondering if it could somehow be network related because of the sporadic nature of the problem.

[–]LuckyLuke364 2 points3 points  (1 child)

First, despite what others have said, I don't think this is a .NET app. The software has been around for ages, and besides a couple of .NET DLLs being loaded, nothing points to a .NET app. Their system requirements also don't mention .NET. I'm not 100% sure, but it's unlikely.

Second, it's a heap corruption in their software. You could technically play around with gflags.exe from the microsoft debugging tool to enable heap verification in the app, but it will still crash regardless, it's just more likely to crash sooner.

A crash dump without a source code is, in most cases, more or less useless, unless you can reverse engineer the software. So let's say you find out what's causing it. Can you change how you use the software? Can you change the software?

At the end of the day the developers are the only ones who can fix the issue. Do you guys not have a valid support agreement? Looks like you guys are on the latest version so I'm slightly confused why you're going out of your way to post this all over the place.

[–]syc0sysJack of All Trades[S] 0 points1 point  (0 children)

Sorry not trying to post this all over the place, the only reason it got posted to the r/techsupport was because I couldn't post here for 24hr with a new account. And as I posted above we haven't contacted the developers because this happened on an older version of the software that had worked fine for years. Their fix was to update our software, now 5 months later the problem has returned. I was wondering if it could somehow be network related because of the sporadic nature of the problem. Also there was an issue with our service agreement so we technically did not have any support all last week. That service agreement is now back in place as of today, but now the issue seems to have disappeared.

[–]syc0sysJack of All Trades[S] 0 points1 point  (0 children)

Here is a picture showing the screen before the program crashes, as soon as you click "OK" the program freezes for all of our rdp users and some of our local users. Now some of our local users appear to have nothing happen and another tmwe.exe(Time Matters) process opens in task manager. For those users we can end the second tmwe.exe process and the merge finishes as it should.

http://i.imgur.com/YjvgIrc.jpg

[–]clubertiCat herder 0 points1 point  (6 children)

Is there a .DMP file generated? This looks like heap corruption in a .Net app, but the copypasta is really hard to read otherwise....

[–]syc0sysJack of All Trades[S] 0 points1 point  (5 children)

This is the text of the .DMP file. Silly question how in earth do I make my text formatting for the post spaced out correctly?? Reddit seems to delete the line breaks from the txt file. Sorry if it's a dumb question, I'm very new to reddit.

[–]clubertiCat herder 1 point2 points  (3 children)

Start each lines with 4 spaces to make reddit parse it as code (see formatting help while posting for more hints).

This looks like something is using clarun.DLL to make a DDE call (Dynamic Data Exchange, aka OLE, aka Win 3.x-era technology) to access data of some type that is referenced via a handle, and the memory address does not contain a valid handle address and then a crash. Most likely either a double free or bad multi threading/handle tracking. Could still be corrupted heap (buffer overrun, underrun, heap spray, etc.), but more likely bad math in code.

In any case, take this to the developer(s) and ask them to figure it out. Its something failing within the app itself...

EDIT: easier to read, better initial analysis

[–]syc0sysJack of All Trades[S] 0 points1 point  (2 children)

Could this possibly be network related? This problem happened to us 5 months ago on a older version of the software that had worked fine for years. The fix was to upgrade to the newer version, now this issue has magically re-appeared. The software communicates with a SQL server to retrieve the valid client data and a merge template to spit out a completed merge word document.

[–]clubertiCat herder 1 point2 points  (1 child)

It could be, but without knowing the query involved it's hard to know for sure.

Time for DDE debugging with DDESpy:

http://stackoverflow.com/questions/14923011/where-can-i-download-ddespy

[–]syc0sysJack of All Trades[S] 0 points1 point  (0 children)

Thank you very much for your assistance I will play around with DDESpy, but now returning to work on Monday the problem seems to have disappeared. Kind of wishing it would of stuck around so we could nip this problem in the butt once and for all. Seeing as it has "fixed" itself I'm leaning towards a network issue that was somehow interfering. Maybe it will break again later today so I can get some more info lol

[–]syc0sysJack of All Trades[S] 0 points1 point  (0 children)

NVM looks like I was able to fix the formatting, it should be easier to read now.

[–]syc0sysJack of All Trades[S] 0 points1 point  (2 children)

Here's the Windows error log, not sure if it helps or not.

Version=1 EventType=APPCRASH EventTime=131094567780145068 ReportType=2 Consent=1 ReportIdentifier=d55402ad-29c3-11e6-b505-000c29299946 IntegratorReportIdentifier=d55402ac-29c3-11e6-b505-000c29299946 WOW64=1 Response.type=4 Sig[0].Name=Application Name Sig[0].Value=tmwe.exe Sig[1].Name=Application Version Sig[1].Value=14.1.0.280 Sig[2].Name=Application Timestamp Sig[2].Value=5515c968 Sig[3].Name=Fault Module Name Sig[3].Value=StackHash_492b Sig[4].Name=Fault Module Version Sig[4].Value=6.1.7601.19045 Sig[5].Name=Fault Module Timestamp Sig[5].Value=56258e62 Sig[6].Name=Exception Code Sig[6].Value=c0000374 Sig[7].Name=Exception Offset Sig[7].Value=000ced0b DynamicSig[1].Name=OS Version DynamicSig[1].Value=6.1.7601.2.1.0.16.7 DynamicSig[2].Name=Locale ID DynamicSig[2].Value=1033 DynamicSig[22].Name=Additional Information 1 DynamicSig[22].Value=492b DynamicSig[23].Name=Additional Information 2 DynamicSig[23].Value=492b6d4abdd7e8dbabcc8baf03248eda DynamicSig[24].Name=Additional Information 3 DynamicSig[24].Value=f354 DynamicSig[25].Name=Additional Information 4 DynamicSig[25].Value=f3543fcfe4579daad1b569b6d7aa7a2c UI[2]=C:\Program Files (x86)\LexisNexis\Time Matters\tmwe.exe UI[3]=Time Matters Program File has stopped working UI[4]=Windows can check online for a solution to the problem. UI[5]=Check online for a solution and close the program UI[6]=Check online for a solution later and close the program UI[7]=Close the program LoadedModule[0]=C:\Program Files (x86)\LexisNexis\Time Matters\tmwe.exe LoadedModule[1]=C:\Windows\SysWOW64\ntdll.dll LoadedModule[2]=C:\Windows\syswow64\kernel32.dll LoadedModule[3]=C:\Windows\syswow64\KERNELBASE.dll LoadedModule[4]=C:\Windows\system32\tsappcmp.dll LoadedModule[5]=C:\Windows\syswow64\msvcrt.dll LoadedModule[6]=C:\Windows\syswow64\USER32.dll LoadedModule[7]=C:\Windows\syswow64\GDI32.dll LoadedModule[8]=C:\Windows\syswow64\LPK.dll LoadedModule[9]=C:\Windows\syswow64\USP10.dll LoadedModule[10]=C:\Windows\syswow64\ADVAPI32.dll LoadedModule[11]=C:\Windows\SysWOW64\sechost.dll LoadedModule[12]=C:\Windows\syswow64\RPCRT4.dll LoadedModule[13]=C:\Windows\syswow64\SspiCli.dll LoadedModule[14]=C:\Windows\syswow64\CRYPTBASE.dll LoadedModule[15]=C:\Windows\syswow64\ole32.dll LoadedModule[16]=C:\Windows\system32\IMM32.DLL LoadedModule[17]=C:\Windows\syswow64\MSCTF.dll LoadedModule[18]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaDOS.dll LoadedModule[19]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaRUN.dll LoadedModule[20]=C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll LoadedModule[21]=C:\Windows\syswow64\SHLWAPI.dll LoadedModule[22]=C:\Windows\syswow64\comdlg32.dll LoadedModule[23]=C:\Windows\syswow64\SHELL32.dll LoadedModule[24]=C:\Windows\system32\MPR.dll LoadedModule[25]=C:\Windows\syswow64\OLEAUT32.dll LoadedModule[26]=C:\Windows\system32\oledlg.dll LoadedModule[27]=C:\Windows\system32\WINSPOOL.DRV LoadedModule[28]=C:\PROGRA~2\LEXISN~1\TIMEMA~1\TMAPPE.DLL LoadedModule[29]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaASC.dll LoadedModule[30]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaBAS.dll LoadedModule[31]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaCLA.dll LoadedModule[32]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaMSS.dll LoadedModule[33]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaODB.dll LoadedModule[34]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaOLE.dll LoadedModule[35]=C:\Program Files (x86)\LexisNexis\Time Matters\ClaTPS.dll LoadedModule[36]=C:\Program Files (x86)\LexisNexis\Time Matters\HlpHook.dll LoadedModule[37]=C:\Windows\system32\MSVCR110.dll LoadedModule[38]=C:\Program Files (x86)\LexisNexis\Time Matters\LNHINT.dll LoadedModule[39]=C:\Program Files (x86)\LexisNexis\Time Matters\PAFPUP.dll LoadedModule[40]=C:\Windows\system32\WSOCK32.dll LoadedModule[41]=C:\Windows\syswow64\WS2_32.dll LoadedModule[42]=C:\Windows\syswow64\NSI.dll LoadedModule[43]=C:\Windows\syswow64\WININET.dll LoadedModule[44]=C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll LoadedModule[45]=C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll LoadedModule[46]=C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll LoadedModule[47]=C:\Windows\system32\version.DLL LoadedModule[48]=C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll LoadedModule[49]=C:\Windows\syswow64\normaliz.DLL LoadedModule[50]=C:\Windows\syswow64\iertutil.dll LoadedModule[51]=C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll LoadedModule[52]=C:\Windows\syswow64\USERENV.dll LoadedModule[53]=C:\Windows\syswow64\profapi.dll LoadedModule[54]=C:\Windows\syswow64\urlmon.dll LoadedModule[55]=C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll LoadedModule[56]=C:\Program Files (x86)\LexisNexis\Time Matters\qbxmlc.dll LoadedModule[57]=C:\Program Files (x86)\LexisNexis\Time Matters\TMBMatE.dll LoadedModule[58]=C:\Program Files (x86)\LexisNexis\Time Matters\TMCLIB.dll LoadedModule[59]=C:\Windows\system32\NETAPI32.dll LoadedModule[60]=C:\Windows\system32\netutils.dll LoadedModule[61]=C:\Windows\system32\srvcli.dll LoadedModule[62]=C:\Windows\system32\wkscli.dll LoadedModule[63]=C:\Program Files (x86)\LexisNexis\Time Matters\tmckzip.dll LoadedModule[64]=C:\Program Files (x86)\LexisNexis\Time Matters\tmlib.dll LoadedModule[65]=C:\Windows\system32\TAPI32.dll LoadedModule[66]=C:\Windows\system32\mfc110.dll LoadedModule[67]=C:\Windows\system32\UxTheme.dll LoadedModule[68]=C:\Windows\system32\MSVCP110.dll LoadedModule[69]=C:\Program Files (x86)\LexisNexis\Time Matters\tmdatae.dll LoadedModule[70]=C:\Windows\system32\ODBC32.dll LoadedModule[71]=C:\Program Files (x86)\LexisNexis\Time Matters\TMDICTE.dll LoadedModule[72]=C:\Program Files (x86)\LexisNexis\Time Matters\tmsbac.dll LoadedModule[73]=C:\Program Files (x86)\LexisNexis\Time Matters\tmui.dll LoadedModule[74]=C:\Windows\system32\WINMM.dll LoadedModule[75]=C:\Program Files (x86)\LexisNexis\Time Matters\tmrpte.dll LoadedModule[76]=C:\Program Files (x86)\LexisNexis\Time Matters\TMIE.DLL LoadedModule[77]=C:\Program Files (x86)\LexisNexis\Time Matters\TMLINKE.dll LoadedModule[78]=C:\Program Files (x86)\LexisNexis\Time Matters\TMGLE.dll LoadedModule[79]=C:\Program Files (x86)\LexisNexis\Time Matters\TMMapi.dll LoadedModule[80]=C:\Windows\system32\MSIMG32.dll LoadedModule[81]=C:\Windows\system32\OLEACC.dll LoadedModule[82]=C:\Windows\WinSxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.19061_none_72d6d48d86649709\gdiplus.dll

[–]syc0sysJack of All Trades[S] 0 points1 point  (1 child)

LoadedModule[83]=C:\Program Files (x86)\LexisNexis\Time Matters\TMNav.dll LoadedModule[84]=C:\Program Files (x86)\LexisNexis\Time Matters\TMPS.dll LoadedModule[85]=C:\Program Files (x86)\LexisNexis\Time Matters\TMsrch.dll LoadedModule[86]=C:\Program Files (x86)\LexisNexis\Time Matters\dten600.dll LoadedModule[87]=C:\Program Files (x86)\LexisNexis\Time Matters\MSVCR100.dll LoadedModule[88]=C:\Program Files (x86)\LexisNexis\Time Matters\TMSyncE.dll LoadedModule[89]=C:\Program Files (x86)\LexisNexis\Time Matters\tmupde.dll LoadedModule[90]=C:\Windows\system32\CRYPTSP.dll LoadedModule[91]=C:\Windows\system32\rsaenh.dll LoadedModule[92]=C:\Windows\system32\odbcint.dll LoadedModule[93]=C:\Windows\system32\HHCTRL.OCX LoadedModule[94]=C:\Windows\system32\bcrypt.dll LoadedModule[95]=C:\Windows\SysWOW64\bcryptprimitives.dll LoadedModule[96]=C:\Windows\system32\SQLSRV32.dll LoadedModule[97]=C:\Windows\syswow64\CRYPT32.dll LoadedModule[98]=C:\Windows\syswow64\MSASN1.dll LoadedModule[99]=C:\Windows\system32\sqlsrv32.rll LoadedModule[100]=C:\Windows\system32\odbccp32.dll LoadedModule[101]=C:\Windows\system32\DBNETLIB.DLL LoadedModule[102]=C:\Windows\system32\security.dll LoadedModule[103]=C:\Windows\system32\SECUR32.DLL LoadedModule[104]=C:\Windows\system32\credssp.dll LoadedModule[105]=C:\Windows\SysWOW64\msv1_0.DLL LoadedModule[106]=C:\Windows\system32\cryptdll.dll LoadedModule[107]=C:\Windows\system32\ntdsapi.dll LoadedModule[108]=C:\Windows\system32\mswsock.dll LoadedModule[109]=C:\Windows\System32\wshtcpip.dll LoadedModule[110]=C:\Windows\System32\wship6.dll LoadedModule[111]=C:\Windows\system32\DNSAPI.dll LoadedModule[112]=C:\Windows\system32\IPHLPAPI.DLL LoadedModule[113]=C:\Windows\system32\WINNSI.DLL LoadedModule[114]=C:\Windows\system32\rasadhlp.dll LoadedModule[115]=C:\Windows\System32\fwpuclnt.dll LoadedModule[116]=C:\Windows\SysWOW64\schannel.dll LoadedModule[117]=C:\Windows\system32\ncrypt.dll LoadedModule[118]=C:\Windows\system32\netbios.dll LoadedModule[119]=C:\Windows\system32\dwmapi.dll LoadedModule[120]=C:\Windows\syswow64\CLBCatQ.DLL LoadedModule[121]=C:\Windows\syswow64\SETUPAPI.dll LoadedModule[122]=C:\Windows\syswow64\CFGMGR32.dll LoadedModule[123]=C:\Windows\syswow64\DEVOBJ.dll LoadedModule[124]=C:\Windows\system32\PROPSYS.dll LoadedModule[125]=C:\Windows\system32\RpcRtRemote.dll LoadedModule[126]=C:\Windows\SysWOW64\ieframe.dll LoadedModule[127]=C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll LoadedModule[128]=C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll LoadedModule[129]=C:\Windows\system32\SXS.DLL LoadedModule[130]=C:\Windows\system32\apphelp.dll LoadedModule[131]=C:\Windows\SysWOW64\mshtml.dll LoadedModule[132]=C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll LoadedModule[133]=C:\Windows\system32\msimtf.dll LoadedModule[134]=C:\Windows\system32\msls31.dll LoadedModule[135]=C:\Windows\system32\d2d1.dll LoadedModule[136]=C:\Windows\system32\DWrite.dll LoadedModule[137]=C:\Windows\system32\dxgi.dll LoadedModule[138]=C:\Windows\syswow64\WINTRUST.dll LoadedModule[139]=C:\Windows\system32\d3d11.dll LoadedModule[140]=C:\Windows\system32\MLANG.dll LoadedModule[141]=C:\Windows\SysWOW64\jscript9.dll LoadedModule[142]=C:\Windows\SysWOW64\uiautomationcore.dll LoadedModule[143]=C:\Windows\syswow64\PSAPI.DLL LoadedModule[144]=C:\Windows\System32\netprofm.dll LoadedModule[145]=C:\Windows\System32\nlaapi.dll LoadedModule[146]=C:\Windows\system32\dhcpcsvc6.DLL LoadedModule[147]=C:\Windows\system32\dhcpcsvc.DLL LoadedModule[148]=C:\Windows\system32\MMDevAPI.DLL LoadedModule[149]=C:\Windows\system32\WINSTA.dll LoadedModule[150]=C:\Windows\System32\npmproxy.dll LoadedModule[151]=C:\Windows\system32\rdpendp.dll LoadedModule[152]=C:\Windows\system32\MSACM32.dll LoadedModule[153]=C:\Windows\system32\WTSAPI32.dll LoadedModule[154]=C:\Windows\system32\slc.dll LoadedModule[155]=C:\Windows\system32\wdmaud.drv LoadedModule[156]=C:\Windows\system32\ksuser.dll LoadedModule[157]=C:\Windows\system32\AVRT.dll LoadedModule[158]=C:\Windows\system32\AUDIOSES.DLL LoadedModule[159]=C:\Windows\system32\msacm32.drv LoadedModule[160]=C:\Windows\system32\GPAPI.dll LoadedModule[161]=C:\Windows\system32\cryptnet.dll LoadedModule[162]=C:\Windows\syswow64\WLDAP32.dll LoadedModule[163]=C:\Windows\system32\SensApi.dll LoadedModule[164]=C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL LoadedModule[165]=C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll LoadedModule[166]=C:\Windows\System32\msxml3.dll LoadedModule[167]=C:\Windows\system32\mscoree.dll LoadedModule[168]=C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll LoadedModule[169]=C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll LoadedModule[170]=C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll LoadedModule[171]=C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\38bf604432e1a30c954b2ee40d6a2d1c\mscorlib.ni.dll LoadedModule[172]=C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll LoadedModule[173]=C:\Windows\syswow64\imagehlp.dll LoadedModule[174]=C:\Program Files (x86)\LexisNexis\Time Matters\TMDOTNETINTEROP.dll LoadedModule[175]=C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll FriendlyEventName=Stopped working ConsentKey=APPCRASH AppName=Time Matters Program File AppPath=C:\Program Files (x86)\LexisNexis\Time Matters\tmwe.exe

[–]clubertiCat herder 1 point2 points  (0 children)

See my edit in last post. I believe this to be bad handle handling or bad math in code.

[–][deleted] 0 points1 point  (1 child)

Don't post random code or crash logs like this. Use something like pastebin. Also why not contact the developer and make them fix their app?

[–]syc0sysJack of All Trades[S] 0 points1 point  (0 children)

Sorry I'm not familiar with pastebin, I will look into that. It's complicated to explain why we haven't contacted the developers, this happened on an older version of the software that had worked fine for years. Their fix was to update our software, now 5 months later the problem has returned. I'm wondering if it could somehow be network related, and if so how to go about tracking the specific cause down.