Re: !address为什么不会显示堆的类型

WinDbg

!address为什么不会显示堆的类型

烈火 2013-04-18, 23:41 下午
如题,使用!address命令,堆的类型会显示为<unclassified>
0:000> !address

  BaseAddr EndAddr+1 RgnSize     Type       State                 Protect             Usage
-------------------------------------------------------------------------------------------
*    10000    11000     1000                                                            <unclassified> 
*    20000    21000     1000                                                            <unclassified> 
*    30000    40000    10000                                                            <unclassified> 
*   131000   140000     f000                                                            Stack [59c.4a4; ~0]
。。。。。
。。。。。

0:000> !heap -h
Index   Address  Name      Debugging options enabled
  1:   00150000 
    Segment at 00150000 to 00250000 (00100000 bytes committed)
    Segment at 021b0000 to 022b0000 (000bd000 bytes committed)
    Segment at 02bf0000 to 02df0000 (0002f000 bytes committed)
。。。。
。。。。

0:000> !address 00150000
Usage:                  <unclassified>
Allocation Base:        00000000
Base Address:           00150000
End Address:            00250000
Region Size:            00100000
Type:                   00000000
State:                  00000000
Protect:                00000000


Re: !address为什么不会显示堆的类型

格蠹老雷 2013-04-20, 20:28 下午

0:000> !address 002f0000    

                                    
Mapping file section regions...
Mapping module regions...
Mapping PEB regions...
Mapping TEB and stack regions...
Mapping heap regions...
Mapping page heap regions...
Mapping other regions...
Mapping stack trace database regions...
Mapping activation context regions...


Usage:                  Heap
Base Address:           002f0000
End Address:            0031d000
Region Size:            0002d000
State:                  00001000 MEM_COMMIT
Protect:                00000004 PAGE_READWRITE
Type:                   00020000 MEM_PRIVATE
Allocation Base:        002f0000
Allocation Protect:     00000004 PAGE_READWRITE
More info:              heap owning the address: !heap 0x2f0000
More info:              heap segment
More info:              heap entry containing the address: !heap -x 0x2f0000

是活动目标还是dump?另外可以尝试更高版本的windbg

Re: !address为什么不会显示堆的类型

烈火 2013-05-04, 22:16 下午
感谢张老师的回复。

试了一下,重新下了一个WinDBG,版本是6.2.9200.16384,这个没有问题。
0:034> !address 150000

                                     
Mapping file section regions...
Mapping module regions...
Mapping PEB regions...
Mapping TEB and stack regions...
Mapping heap regions...
Mapping page heap regions...
Mapping other regions...
Mapping stack trace database regions...
Mapping activation context regions...


Usage:                  Heap
Base Address:           00150000
End Address:            00250000
Region Size:            00100000
State:                  00001000 MEM_COMMIT
Protect:                00000004 PAGE_READWRITE
Type:                   00020000 MEM_PRIVATE
Allocation Base:        00150000
Allocation Protect:     00000004 PAGE_READWRITE
More info:              heap owning the address: !heap 0x150000
More info:              heap segment
More info:              heap entry containing the address: !heap -x 0x150000

看起来是我使用的版本6.12.0002.633有问题,在这里看到一个同样的例子:http://stackoverflow.com/questions/3053955/windbg-address-summary-failed

比较古怪的是WinDBG的版本,6.2  > 6.12 ?

Re: !address为什么不会显示堆的类型

格蠹老雷 2013-05-04, 22:31 下午
WinDBG有两套版本号,一套是与NT内核一致的,比如6.2代表Win8,另一套是自己的,比如6.12. Win8的比6.12要新,相当于6.13+

Re: !address为什么不会显示堆的类型

烈火 2013-05-05, 10:53 上午
再次感谢张老师。

另外发现一个有趣的地方,6.2的帮助文档索引反而不如6.12的。有的命令比如dps在6.2的索引中就找不到,要使用搜索才可以。

Powered by Community Server Powered by CnForums.Net