The case of the DLL that was not present in memory despite not being formally unloaded, part 1
Summary
The article details a Windows DLL crash caused by a forced unload of combase.dll during process shutdown, leading to an access violation in CoTaskMemFree and a recursive exception-dispatch loop. Through crash-dump analysis, the author demonstrates how a memory management error can cause a DLL to be freed while still in use, making the shell32 and combase layers appear as victims rather than culprits. The piece introduces the bucket spray concept and sets up questions for follow-up coverage in part 2.