All geek questions in one place

The contradiction between! heap -x -v and! heap -flt s

I am analyzing a dump that shows something strange: there seems to be a conflict between the commands !heap -x -v hexadecimal_address and !heap -flt s size_of_block

I ask about dangling pointers. On this dump, this sagging pointer turned out to be: 0x0bdd00c0

To get information about the heap memory block, I use !heap -x -v 0bdd00c0 Heap !heap -x -v 0bdd00c0 , which returns

  Entry User Heap Segment Size PrevSize Unused Flags
     -------------------------------------------------- ---------------------------
     0bdd00b8 0bdd00c0 003b0000 0bc00000 98 20 8 busy

Which shows that in this case:

  • the memory block is in busy mode (most of the time on other dumps the memory is free here)
  • memory block 0x98 bytes large
  • the memory block is managed inside the 003b0000 heap.

What puzzles me:

When I run !heap -flt s 98 (I just want to watch other objects that have the same size) I get this result, which index 0bdd00c0 of my research does not display

  HEAP_ENTRY Size Prev Flags UserPtr UserSize - state
    _HEAP @ 3b0000
        14b24fa8 0014 0014 [01] 14b24fb0 00098 - (busy)
        0bc645a8 0014 0014 [01] 0bc645b0 00098 - (busy)
        0bc66398 0014 0014 [01] 0bc663a0 00098 - (busy)
        0bcbedf8 0014 0014 [01] 0bcbee00 00098 - (busy)
        0bce2cc8 0014 0014 [01] 0bce2cd0 00098 - (busy)
        0bceff88 0014 0014 [00] 0bceff90 00098 - (free)
        0bdf2f78 0014 0014 [01] 0bdf2f80 00098 - (busy)
        0be28c50 0014 0014 [01] 0be28c58 00098 - (busy)
        0be57470 0014 0014 [00] 0be57478 00098 - (free)
        0beed050 0014 0014 [01] 0beed058 00098 - (busy)
        0bf1aaf0 0014 0014 [00] 0bf1aaf8 00098 - (free)
        0bf214c0 0014 0014 [00] 0bf214c8 00098 - (free)
        0bf99bf0 0014 0014 [00] 0bf99bf8 00098 - (free)

(I only gave you a snippet associated with a bunch of 3b0000)

So, I came to the conclusion that there seems to be a contradiction.

Am I doing / guessing something wrong? What can I do to understand what is wrong?

+4
source share
1 answer

You missed 8 unused bytes, try

 !heap -flt s 90

From the My Test profile:

 0:000> !heap -x -v 0x003dc710 Entry User Heap Segment Size PrevSize Unused Flags ----------------------------------------------------------------------------- 003dc708 003dc710 003d0000 003d0000 1310 40 d busy 0:000> ? 1310-d Evaluate expression: 4867 = 00001303 0:000> !heap -flt s 1303 _HEAP @ 3d0000 HEAP_ENTRY Size Prev Flags UserPtr UserSize - state 003dc708 0262 0000 [00] 003dc710 01303 - (busy)

More about placement here:

 0:000> !heap -i 3d0000 Heap context set to the heap 0x003d0000 0:000> !heap -i 003dc708 Detailed information for block entry 003dc708 Assumed heap : 0x003d0000 (Use !heap -i NewHeapHandle to change) Header content : 0x6334FAFC 0x0D00FD4A (decoded : 0x61010262 0x0D000008) Owning segment : 0x003d0000 (offset 0) Block flags : 0x1 (busy ) Total block size : 0x262 units (0x1310 bytes) Requested size : 0x1303 bytes (unused 0xd bytes) Previous block size: 0x8 units (0x40 bytes) Block CRC : OK - 0x61 Previous block : 0x003dc6c8 Next block : 0x003dda18
+7
source

Source: https://habr.com/ru/post/1213262/

More articles:


All Articles