程序退出异常，达人指点！！

当我的程序运行了之后，退出的时候弹出异常，但是设置断点却定位不了！！
异常对话框:
Unhandled exception at 0x10012a84 (InjectSocket.dll) in HookSocket.exe: 0xC0000005: Access violation writing location 0x10018050.部分代码如下:////////////////////////////////////////////////////////
//拦截API
void Inject()
{
//获取系统API jmp xxxx指令
if(g_bInject)
return;
g_bInject = TRUE;
HMODULE hMod = LoadLibraryW(_T("Ws2_32.dll"));
if(hMod == NULL)
return;
    g_pfnSendProc = (pfnSend)GetProcAddress(hMod , "send");
g_pfnSendtoProc = (pfnSendto)GetProcAddress(hMod , "sendto");
g_pfnRecvProc = (pfnRecv)GetProcAddress(hMod , "recv");
g_pfnRecvfromProc = (pfnRecvfrom)GetProcAddress(hMod , "recvfrom"); if(g_pfnSendProc == NULL || g_pfnSendtoProc == NULL
|| g_pfnRecvProc == NULL || g_pfnRecvfromProc == NULL)
return; //获取系统API调用jmp xxxx // 指令,将其保存到g_OldCode中
_asm
{
push edi
push esi
lea edi , g_OldCodeSend
mov esi , g_pfnSendProc
cld
movsd
movsb
pop edi
pop esi
}
//总共5字节
_asm
{
push edi
push esi
lea edi , g_OldCodeSendto
mov esi , g_pfnSendtoProc
cld
movsd
movsb
pop edi
pop esi
}
_asm
{
push edi
push esi
lea edi , g_OldCodeRecv
mov esi , g_pfnRecvProc
cld
movsd
movsb
pop edi
pop esi
}
_asm
{
push edi
push esi
lea edi , g_OldCodeRecv
mov esi , g_pfnRecvfromProc
cld
movsd
movsb
pop edi
pop esi
}
//获取新的jmp xxxx跳转指令并保存到g_NewCode中
g_NewCodeSend[0] = 0xe9;
g_NewCodeSendto[0] = 0xe9;
g_NewCodeRecv[0] = 0xe9;
g_NewCodeRecvfrom[0] = 0xe9;
_asm
{
push eax
push ebx
lea eax , MySend
mov ebx , g_pfnSendProc
sub eax , ebx
sub eax , 5
mov dword ptr [g_NewCodeSend + 1] , eax
pop eax
pop ebx
}
_asm
{
push eax
push ebx
lea eax , MySendto
mov ebx , g_pfnSendtoProc
sub eax , ebx
sub eax , 5
mov dword ptr [g_NewCodeSendto + 1] , eax
pop eax
pop ebx
}

//算出偏移量
_asm
{
push eax
push ebx
lea eax , MyRecv
mov ebx , g_pfnRecvProc
sub eax , ebx
sub eax , 5
mov dword ptr [g_NewCodeRecv + 1] , eax
pop eax
pop ebx
}

_asm
{
push eax
push ebx
lea eax , MyRecvfrom
mov ebx , g_pfnRecvfromProc
sub eax , ebx
sub eax , 5
mov dword ptr [g_NewCodeRecvfrom + 1] , eax
pop eax
pop ebx
}
HookOn();
}////////////////////////////////////////////////////////
//将新的指令写入API入口
void HookOn()
{
DWORD dwOldProtectSend;
DWORD dwOldProtectSendto;
DWORD dwOldProtectRecv;
DWORD dwOldProtectRecvfrom;
DWORD dwTemp;
BOOL bRet = FALSE;
DWORD dwPid = GetCurrentProcessId();
DWORD dwAccess = PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE;
HANDLE hProcess = OpenProcess(dwAccess , FALSE , dwPid);
if(NULL == hProcess)
return;
VirtualProtectEx(hProcess , g_pfnSendProc , 5 , PAGE_READWRITE , &dwOldProtectSend);
bRet = WriteProcessMemory(hProcess , g_pfnSendProc , g_NewCodeSend , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnSendProc , 5 , dwOldProtectSend, &dwTemp); VirtualProtectEx(hProcess , g_pfnSendtoProc , 5 , PAGE_READWRITE , &dwOldProtectSendto);
bRet = WriteProcessMemory(hProcess , g_pfnSendtoProc , g_NewCodeSendto , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnSendtoProc , 5 , dwOldProtectSendto, &dwTemp); VirtualProtectEx(hProcess , g_pfnRecvProc , 5 , PAGE_READWRITE , &dwOldProtectRecv);
bRet = WriteProcessMemory(hProcess , g_pfnRecvProc , g_NewCodeRecv , 5 , NULL);
VirtualProtectEx(hProcess , g_OldCodeRecv , 5 , dwOldProtectRecv, &dwTemp); VirtualProtectEx(hProcess , g_pfnRecvfromProc , 5 , PAGE_READWRITE , &dwOldProtectRecvfrom);
bRet = WriteProcessMemory(hProcess , g_pfnRecvfromProc , g_NewCodeRecvfrom , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnRecvfromProc , 5 , dwOldProtectRecvfrom, &dwTemp);
return;
}
//////////////////////////////////////////////////////////
//恢复旧指令
void HookOff()
{
DWORD dwOldProtectSend;
DWORD dwOldProtectSendto;
DWORD dwOldProtectRecv;
DWORD dwOldProtectRecvfrom;
DWORD dwTemp;
BOOL bRet = FALSE;
DWORD dwPid = GetCurrentProcessId();
DWORD dwAccess = PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE;
HANDLE hProcess = OpenProcess(dwAccess , FALSE , dwPid);
if(NULL == hProcess)
return;
VirtualProtectEx(hProcess , g_pfnSendProc , 5 , PAGE_READWRITE , &dwOldProtectSend);
bRet = WriteProcessMemory(hProcess , g_pfnSendProc , g_OldCodeSend , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnSendProc , 5 , dwOldProtectSend, &dwTemp); VirtualProtectEx(hProcess , g_pfnSendtoProc , 5 , PAGE_READWRITE , &dwOldProtectSendto);
bRet = WriteProcessMemory(hProcess , g_pfnSendtoProc , g_OldCodeSendto , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnSendtoProc , 5 , dwOldProtectSendto, &dwTemp); VirtualProtectEx(hProcess , g_pfnRecvProc , 5 , PAGE_READWRITE , &dwOldProtectRecv);
bRet = WriteProcessMemory(hProcess , g_pfnRecvProc , g_OldCodeRecv , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnRecvProc , 5 , dwOldProtectRecv, &dwTemp); VirtualProtectEx(hProcess , g_pfnRecvfromProc , 5 , PAGE_READWRITE , &dwOldProtectRecvfrom);
bRet = WriteProcessMemory(hProcess , g_pfnRecvfromProc , g_OldCodeRecvfrom , 5 , NULL);
VirtualProtectEx(hProcess , g_pfnRecvfromProc , 5 , dwOldProtectRecvfrom, &dwTemp);
return;
}void WriteData(void *pdata)
{
HANDLE hFile = OpenFileMapping(PAGE_READWRITE , FALSE , SHARE_DATA);
if(hFile != NULL)
{
MY_SHARE_DATA *pd =  (MY_SHARE_DATA*)MapViewOfFile(hFile , FILE_MAP_WRITE,0 , 0 , sizeof(MY_SHARE_DATA));
pd->nSize = *(int*)pdata;
CloseHandle(hFile);
}
}/////////////////////////////////////////////////////////////
int WINAPI MySend(SOCKET s, const char* buf, int len, int flags)
{
HookOff();//防止死循环
if(NULL == g_pfnSendProc)
return 0;
MessageBox(NULL ,_T("dd") , _T("提示") , MB_OK);
g_nTotalBytes += g_pfnSendProc(s , buf , len , flags);
WriteData(&g_nTotalBytes);
HookOn();
return 1;
}
以上是DLL中的部分代码，异常发生在DLL卸载的时候！但是我在DllMain设置断点之前就弹出了异常对话框！！
望高手指点！！

解决方案 »

免费领取超大流量手机卡，每月29元包185G流量+100分钟通话, 中国电信官方发货

调试运行，然后查看call stack