windbg dds - 无法获取分配内存的源
windbg dds - unable to get source where memory allocated
我正在按照 windbg.info 上的说明尝试在我的程序中找到与内存 allocation/leak 对应的源。我设置了一个带有泄漏代码的测试用例来尝试演示这一点。我可以到达那里的一部分,但看不到实际来源。
有问题的 C++ 代码是调试版本(优化关闭等)。多次调用。
class test
{
public:
int Allocate()
{
pai = new int[128];
pasz = new char[128];
}
private:
int * pai = nullptr;
char * pasz = nullptr;
};
我正在按照 windbg.info 上的说明进行操作(缩写):
- To get source information you must additionally enable page heap in step 1 (gflags.exe /i MyApp.exe +ust +hpa)
...
- Do a !heap -flt s [Size]. [Size]=AllocSize determined previously. This command will list down all blocks with that particular size.
- Do a !heap -p -a [UserAddr] to get the stack trace from where you have allocated that much bytes. Use the [UserAddr] that you got in previous step
- Do a dt ntdll!_DPH_HEAP_BLOCK StackTrace [MyHeapBlockAddr], where [MyHeapBlockAddr] is the DPH_HEAP_BLOCK address retrieved in step 3.
- Do a dds [StackTrace]", where [StackTrace] is the value retrieved in previous step.
Note that dds will dump the stack with source information included.
我确实正确加载了所有符号:
00007ff7`b1400000 00007ff7`b142b000 ConsoleApplication1 C (private pdb symbols) c:\...
00007ff8`37ae0000 00007ff8`37c9e000 ucrtbased (private pdb symbols) c:\...
00007ff8`39d20000 00007ff8`39e16000 MSVCP140D (private pdb symbols) c:\...
00007ff8`40e30000 00007ff8`40e9e000 verifier (private pdb symbols) c:\...
00007ff8`40ec0000 00007ff8`40ee2000 VCRUNTIME140D (private pdb symbols) c:\...
00007ff8`6a410000 00007ff8`6a62d000 KERNELBASE (private pdb symbols) c:\...
00007ff8`6b4c0000 00007ff8`6b56c000 KERNEL32 (private pdb symbols) c:\...
00007ff8`6d9e0000 00007ff8`6dbb1000 ntdll (private pdb symbols) c:\...
我确实看到 'good' 堆栈显示了对 test::Allocate:
的调用
0:004> !heap -flt s 2034
_DPH_HEAP_ROOT @ 272d60e1000
Freed and decommitted blocks
DPH_HEAP_BLOCK : VirtAddr VirtSize
Busy allocations
DPH_HEAP_BLOCK : UserAddr UserSize - VirtAddr VirtSize
00000272d60ecf70 : 00000272d6467fc0 0000000000002034 - 00000272d6467000 0000000000004000
0:004> !heap -p -a 00000272d6467fc0
address 00000272d6467fc0 found in
_DPH_HEAP_ROOT @ 272d60e1000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
272d60ecf70: 272d6467fc0 2034 - 272d6467000 4000
...
00007ff7b14142a8 ConsoleApplication1!test::Allocate+0x0000000000000048
00007ff7b141495a ConsoleApplication1!main+0x000000000000008a
...
我想我现在可以得到这个内存分配的来源:
0:004> dt ntdll!_DPH_HEAP_BLOCK StackTrace 00000272d60ecf70
+0x060 StackTrace : 0x00000272`d2f106d0 _RTL_TRACE_BLOCK
0:004> dds 0x00000272`d2f106d0
00000272`d2f106d0 00000000
00000272`d2f106d4 00000000
00000272`d2f106d8 00008804
...
虽然我设置了 'source file path',但没有来源。我还没有找到任何成功案例的例子。我是不是环境设置或命令有问题?
windbg 版本:6.12.0002.633 AMD64。 x64 测试可执行文件。
dds 是 dump DWORD 的命令,解释为 s大头钉。这可能适用于 32 位应用程序。
您的应用程序是 64 位应用程序。我可以从像 00007ff7'b1400000 这样包含反引号的地址中看到这一点。所以你应该使用 dqs (转储四字并解释为堆栈)。
更好的是 dps(转储指针大小并解释为堆栈),因为它将使用 32 位或 64 位,具体取决于您的应用程序的体系结构。
我正在按照 windbg.info 上的说明尝试在我的程序中找到与内存 allocation/leak 对应的源。我设置了一个带有泄漏代码的测试用例来尝试演示这一点。我可以到达那里的一部分,但看不到实际来源。
有问题的 C++ 代码是调试版本(优化关闭等)。多次调用。
class test
{
public:
int Allocate()
{
pai = new int[128];
pasz = new char[128];
}
private:
int * pai = nullptr;
char * pasz = nullptr;
};
我正在按照 windbg.info 上的说明进行操作(缩写):
- To get source information you must additionally enable page heap in step 1 (gflags.exe /i MyApp.exe +ust +hpa) ...
- Do a !heap -flt s [Size]. [Size]=AllocSize determined previously. This command will list down all blocks with that particular size.
- Do a !heap -p -a [UserAddr] to get the stack trace from where you have allocated that much bytes. Use the [UserAddr] that you got in previous step
- Do a dt ntdll!_DPH_HEAP_BLOCK StackTrace [MyHeapBlockAddr], where [MyHeapBlockAddr] is the DPH_HEAP_BLOCK address retrieved in step 3.
- Do a dds [StackTrace]", where [StackTrace] is the value retrieved in previous step. Note that dds will dump the stack with source information included.
我确实正确加载了所有符号:
00007ff7`b1400000 00007ff7`b142b000 ConsoleApplication1 C (private pdb symbols) c:\...
00007ff8`37ae0000 00007ff8`37c9e000 ucrtbased (private pdb symbols) c:\...
00007ff8`39d20000 00007ff8`39e16000 MSVCP140D (private pdb symbols) c:\...
00007ff8`40e30000 00007ff8`40e9e000 verifier (private pdb symbols) c:\...
00007ff8`40ec0000 00007ff8`40ee2000 VCRUNTIME140D (private pdb symbols) c:\...
00007ff8`6a410000 00007ff8`6a62d000 KERNELBASE (private pdb symbols) c:\...
00007ff8`6b4c0000 00007ff8`6b56c000 KERNEL32 (private pdb symbols) c:\...
00007ff8`6d9e0000 00007ff8`6dbb1000 ntdll (private pdb symbols) c:\...
我确实看到 'good' 堆栈显示了对 test::Allocate:
的调用0:004> !heap -flt s 2034
_DPH_HEAP_ROOT @ 272d60e1000
Freed and decommitted blocks
DPH_HEAP_BLOCK : VirtAddr VirtSize
Busy allocations
DPH_HEAP_BLOCK : UserAddr UserSize - VirtAddr VirtSize
00000272d60ecf70 : 00000272d6467fc0 0000000000002034 - 00000272d6467000 0000000000004000
0:004> !heap -p -a 00000272d6467fc0
address 00000272d6467fc0 found in
_DPH_HEAP_ROOT @ 272d60e1000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
272d60ecf70: 272d6467fc0 2034 - 272d6467000 4000
...
00007ff7b14142a8 ConsoleApplication1!test::Allocate+0x0000000000000048
00007ff7b141495a ConsoleApplication1!main+0x000000000000008a
...
我想我现在可以得到这个内存分配的来源:
0:004> dt ntdll!_DPH_HEAP_BLOCK StackTrace 00000272d60ecf70
+0x060 StackTrace : 0x00000272`d2f106d0 _RTL_TRACE_BLOCK
0:004> dds 0x00000272`d2f106d0
00000272`d2f106d0 00000000
00000272`d2f106d4 00000000
00000272`d2f106d8 00008804
...
虽然我设置了 'source file path',但没有来源。我还没有找到任何成功案例的例子。我是不是环境设置或命令有问题?
windbg 版本:6.12.0002.633 AMD64。 x64 测试可执行文件。
dds 是 dump DWORD 的命令,解释为 s大头钉。这可能适用于 32 位应用程序。
您的应用程序是 64 位应用程序。我可以从像 00007ff7'b1400000 这样包含反引号的地址中看到这一点。所以你应该使用 dqs (转储四字并解释为堆栈)。
更好的是 dps(转储指针大小并解释为堆栈),因为它将使用 32 位或 64 位,具体取决于您的应用程序的体系结构。