给定一个指针,我如何找到它所属的_HEAP_ENTRY?
我正在学习使用 WinDbg,我可能在这方面偏离了轨道,但我假设如果我的程序没有使用分页堆,而不是“拥有”指向的指针的 _DPH_HEAP_BLOCK
结构在我的分配中,我将使用 _HEAP_ENTRY
来存储分配的数据。
给定堆上分配数据的地址,我如何找到与之匹配的 _HEAP_ENTRY
(在 WinDbg 中),或者我的问题甚至没有意义?
我的问题的根源是我想知道转储中的分配是否已释放或者堆是否以某种方式损坏。
I'm learning to use WinDbg and I might be way off track on this, but I assume that if my program isn't using a paged heap that instead of _DPH_HEAP_BLOCK
structures that "own" a pointer to my allocation, I would instead have a _HEAP_ENTRY
for the allocated data.
Given an address to allocated data on the heap, how might I find which _HEAP_ENTRY
goes with it (in WinDbg), or does my question not even make sense?
The root of my question is my desire to know if an allocation in a dump was freed or if the heap was corrupted somehow.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
!heap -p -a
启用页堆后,这会转储出有用的信息(可能包括最后一个分配/释放此堆块的人的调用堆栈) - 我认为这可视化了_DPH_HEAP_BLOCK。
如果没有启用页面堆,它只会显示基本信息 - 这没有那么有用。我认为这是常规的 _HEAP_ENTRY 结构。在第二次访问时调试双重释放/等几乎是不可能的(至少对于像我这样的凡人来说)。
当遇到堆问题时,我立即通过 AppVerifier 启用堆验证,然后再次 repo。这有两件事:
它将 AV 从“更向上”访问已释放的内存移动到更早的时间点,有时使错误的根本原因变得明显
它使
命令转储出更多有用的信息,包括调用堆栈谁最后释放了它 (!!)!heap -p -a
!heap+app 验证器非常棒,在每个人都应该知道的 ninja-windbg-foo 列表上可能仅次于内存写入断点。
!heap -p -a <address>
With page heap enabled, this dumps out useful information (potentially including the callstack of the last person to allocate/free this heap block) - I think this visualizes the _DPH_HEAP_BLOCK.
Without page heap enabled it just shows basic info - which isn't that useful. I think this is the regular _HEAP_ENTRY struct. Debugging double frees/etc at the point of the second access is pretty much impossible (by mere mortals such as myself, at least).
When confronted with a heap issue, I immediately enable heap validation via AppVerifier, then repo again. This does two things:
It moves AV's from accessing freed memory "further up" to an earlier point in time, sometimes making the root cause of bugs obvious
It makes the
!heap -p -a <address>
command dump out a lot more useful information, including the callstack of who last freed it (!!)!heap+app verifier is pretty awesome, and probably second only to memory write breakpoints on the list of ninja-windbg-foo that everyone should know.