Visual Studio - how to find source of heap corruption errors

heap-memory debugging visual-studio

I wonder if there is a good way to find the source code that causes a heap corruption error, given the memory address of the data that was written 'outside' the allocated heap block in Visual Studio;

Dedicated (0008) free list element 26F7F670 is wrong size (dead)

(Trying to write down some notes on how to find memory errors)


Solution 1:

Begin with installing windbg:

http://www.microsoft.com/whdc/Devtools/Debugging/default.mspx

Then turn on the pageheap like this:

gflags.exe /p /enable yourexecutable.exe /full

This will insert a non writable page after each heap allocation.

After this launch the executable from inside windbg, any writes outside the heap will now be caught by this debugger. To turn of the pageheap afterwards use this:

gflags.exe /p /disable yourexecutable.exe

More info on how to use the pageheap here.

Solution 2:

For Window 10 you could enable the PageHeap option in the GFlags Tool, this tool is included as part of the Debugging Tools for Windows.

The Page Heap options in GFlags lets you select standard heap verification or full-page heap verification. Beware, the full heap verification uses a full page of memory for each allocation so it can cause system memory shortages.

To enable the Page Heap in GFlags:

•To enable standard page heap verification, the standard version will write a pattern at the end of each heap allocation and then examine the pattern when the allocations are freed.

To verify all processes use:

gflags /r +hpa

gflags /k +hpa

for a single process use:

gflags /p /enable ImageFileName

•To enable full page heap verification for one process, this option places an inaccessible page at the end of each allocation so that the program stops immediately if it tries to accesses memory beyond the allocation, this should only be used on a single process due to the heavy memory consumption.

gflags /i ImageFileName +hpa

gflags /p /enable ImageFileName /full

The two commands above are interchangeable.

Note: All page heap settings mentioned above are system wide settings stored in the registry (except /k) and remain effective until you change them. The /k setting is a Kernel flag setting are set for this session and will be lost when Windows shuts down

Another helpful tool is the Application Verifier, but this is not part of the Debugging Tools for Windows, rather it is included in the Windows Software Development Kit (SDK).

Solution 3:

Maybe you can try Microsoft's Application Verifier. It solved a similar problem for me once,by turning on extra checks on heap operations. In my opinion, the randomness of corrupted address is because the heap can be 'subtly' damaged, and the problem won't show up until something big happens to the heap (like massive allocation/free).

Solution 4:

You could set a breakpoint on a write to the memory address. The debugger will then show you the code that writes to the location, but you still need to work out which of the writes are causing the problem.

Related

Header message just like at Stack Overflow
dogfight vs. dog fighting
'WE are the most precious person in the world' or 'WE are the most precious persons in the world' [duplicate]
Is there redundancy in saying that something "can be a potential risk"?
Word to describe the moment when you ask the question, "How did I get here?"
Get used to + Be used to [closed]
Present perfect simple, yes but why? [closed]
Compound subjects and compound sentences
"The Left/Right are in tears"
What does 'Day trading' means? [closed]
Use of comma and its effect on the meaning [closed]
Redaction error in book 'I am Pilgrim' or something else?