Re: !heap -p -a 显示栈不完整
WinDbg
!heap -p -a 显示栈不完整
qstesiro
2014-12-30, 16:13 下午
写了一个小程序学习!heap使用,但是出现栈显示不完整的问题,代码如下:
void HeapTest()
{
PTSTR pszbuf = NULL;
for (int i = 0; i < 5; ++i)
{
pszbuf = (PTSTR)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, 1025);
}
for (int i = 0; i < 5; ++i)
{
pszbuf = (PTSTR)malloc(2049);
}
for (int i = 0; i < 5; ++i)
{
pszbuf = new TCHAR[4097];
}
}
在执行完此函数后执行如下操作,找到新申请的堆块,再执行!heap -p -a 用户地址,显示栈,但是发现只有从默认堆中声申请的块可以显示完整的栈,使用malloc与new申请的都不能完整显示,效果如下:
0> !heap -p -a 053cdbf8
address 053cdbf8 found in
_DPH_HEAP_ROOT @ 3c11000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
3c13c30: 53cdbf8 401 - 53cd000 2000
5bf18e89 verifier!AVrfDebugPageHeapAllocate+0x00000229
77100d96 ntdll!RtlDebugAllocateHeap+0x00000030
770baf0d ntdll!RtlpAllocateHeap+0x000000c4
77063cfe ntdll!RtlAllocateHeap+0x0000023a
00401819 demo!HeapTest+0x00000039
00401888 demo!wmain+0x00000008
00401170 demo!__tmainCRTStartup+0x0000010f
758d338a kernel32!BaseThreadInitThunk+0x0000000e
77069f72 ntdll!__RtlUserThreadStart+0x00000070
77069f45 ntdll!_RtlUserThreadStart+0x0000001b
使用malloc与new申请的块显示如下:
0> !heap -p -a 052ca7f8
address 052ca7f8 found in
_DPH_HEAP_ROOT @ 51d1000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
51d3f70: 52ca7f8 801 - 52ca000 2000
5bf18e89 verifier!AVrfDebugPageHeapAllocate+0x00000229
77100d96 ntdll!RtlDebugAllocateHeap+0x00000030
770baf0d ntdll!RtlpAllocateHeap+0x000000c4
77063cfe ntdll!RtlAllocateHeap+0x0000023a
我使用debug版本不存在问题都是正常的,但是如果使用禁止优化的release就会出现这个问题,
不知道是什么原因,请大家忙看看。
具体的环境是:
程序编译为x86运行于win7 x64系统中,调试器为x86版本
另外我也看了一下运行时库中的其它堆块问题,栈也是不能完整显示的,都是类似如下的栈(列出如下三个),明显是少了msvcr80之前的栈信息:
0:000> !heap -p -a 051c2fd0
address 051c2fd0 found in
_DPH_HEAP_ROOT @ 50d1000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
50d2068: 51c2fd0 30 - 51c2000 2000
73458e89 verifier!AVrfDebugPageHeapAllocate+0x00000229
77180d96 ntdll!RtlDebugAllocateHeap+0x00000030
7713af0d ntdll!RtlpAllocateHeap+0x000000c4
770e3cfe ntdll!RtlAllocateHeap+0x0000023a
74744efe MSVCR80!_calloc_impl+0x00000125
0:000> !heap -p -a 051c0fd8
address 051c0fd8 found in
_DPH_HEAP_ROOT @ 50d1000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
50d209c: 51c0fd8 24 - 51c0000 2000
73458e89 verifier!AVrfDebugPageHeapAllocate+0x00000229
77180d96 ntdll!RtlDebugAllocateHeap+0x00000030
7713af0d ntdll!RtlpAllocateHeap+0x000000c4
770e3cfe ntdll!RtlAllocateHeap+0x0000023a
74744efe MSVCR80!_calloc_impl+0x00000125
0:000> !heap -p -a 051acfd8
address 051acfd8 found in
_DPH_HEAP_ROOT @ 50d1000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
50d22a4: 51acfd8 28 - 51ac000 2000
73458e89 verifier!AVrfDebugPageHeapAllocate+0x00000229
77180d96 ntdll!RtlDebugAllocateHeap+0x00000030
7713af0d ntdll!RtlpAllocateHeap+0x000000c4
770e3cfe ntdll!RtlAllocateHeap+0x0000023a
74744efe MSVCR80!_calloc_impl+0x00000125
Re: !heap -p -a 显示栈不完整
格蠹老雷
2014-12-30, 21:48 下午
这是我试验的结果,也是release版,也是Win7上WoW
+ 9d40 ( 13a80 - 9d40) 2 allocs BackTrace4582230
+ 1 ( 2 - 1) BackTrace4582230 allocations
ntdll!RtlFreeHeap+000000A0
msvcrt!malloc+0000008D
MFC42!operator new+00000015
HeapMfc!CHeapMfcDlg::OnNew+0000000F (C:\DbgLabs\HiHeap\HeapMfc\HeapMfcDlg.cpp, 178)
MFC42!CCmdTarget::OnCmdMsg+0000013C
MFC42!CDialog::OnCmdMsg+00000021
MFC42!CWnd::OnCommand+00000099
MFC42!CWnd::OnWndMsg+00000051
MFC42!CWnd::WindowProc+0000002E
MFC42!AfxCallWndProc+000000B5
MFC42!AfxWndProc+0000003E
MFC42!AfxWndProcBase+00000057
USER32!InternalCallWinProc+00000023
USER32!UserCallWinProcCheckWow+00000109
编译器是很老的VC6
Re: !heap -p -a 显示栈不完整
qstesiro
2015-01-02, 16:01 下午
谢谢回复,我在家里也试了一下,是可以正常显示完整的栈(!heap 命令、umdh),环境:win7 (x64)、cdb (6.12.0002.633 X86)、VS2010,具体不清楚是什么问题,节后到公司更新一下调试器的版本,看看是调试器的版本问题还是与VS2005的运行时库的符号问题,
Re: !heap -p -a 显示栈不完整
qstesiro
2015-01-12, 19:26 下午
我在公司试了,调试器的版本是一样的,VS2005编译不能正常显示运行时库操作的栈,不知道是什么原因。