access vialation thrown when call function in unmanaged code from managed code

I got access violation(0xC0000005) exception thrown when I call a foo() in unmanaged DLL from managed code.

There is a memory allocation in foo(), which is calloc(). I got to know the exception is related to this call to calloc(), because the log just disappear before this call and I caught the exception 0XC0000005 by __except().

One thing special is: As you can see in the diagram below, I call foo() through a wrapper in spy.dll, which is injected by tool.exe into app.exe. Calling foo() this way, I got access violation upon execution of calloc().

By the way, I injected spy.dll by CreateRemoteThread().

But, If I call the same foo() from another DLL(com.dll), which is initially loaded by app.exe, everything is OK.

diagram

What rules did I violated?

Is what I am trying to do totally wrong, or I can achieve what I want with some minor modification?