我正在使用windbg調試軟件使用後釋放的bug(無法訪問源代碼)。懸掛指針 - 找出對象的創建時間
凡
An Object Created --(do something)--> Object Deleted --(do something)--> Object Reference Re-used [App. CRASHHHH!!!]
使用的WinDbg和「頁堆」我可以很容易找到當對象被釋放(!堆-p -a 0xXXXXXXX)和再利用。
我的問題是,當創建對象時,找出什麼方法。
THX
一個絕妙的技巧,你可以拉是使用(好吧,也許濫用)泄漏追蹤節省分配堆棧跟蹤,看看他們在調試器。
既然您已經啓用了pageheap,這應該很容易解釋。
gflags.exe(它帶有Windbg)並更改您的進程的圖像文件的標誌。Enable page heap和Create user mode stack trace database,然後點擊應用。 
!heap -p -a <allocation address you want the callstack of>我跑了它在notepad.exe的疊堆分配之一,得到這個:
0:000> !heap -p -a 00000261`1a43b6c8
address 000002611a43b6c8 found in
_DPH_HEAP_ROOT @ 26119821000
in busy allocation ( DPH_HEAP_BLOCK: UserAddr UserSize - VirtAddr VirtSize)
26119847750: 2611a43b6c0 938 - 2611a43b000 2000
COMDLG32!CFileOpenSave::`vftable'
00007ffa890622c7 ntdll!RtlDebugAllocateHeap+0x0000000000000047
00007ffa88ff79ce ntdll!RtlpAllocateHeap+0x00000000000000ee
00007ffa88ff595f ntdll!RtlpAllocateHeapInternal+0x000000000000064f
00007ffa884c0f38 COMDLG32!CFileOpenSave::s_CreateInstance+0x0000000000000088
00007ffa884d6750 COMDLG32!`CommonPrintDialogTelemetry::Instance'::`2'::`dynamic atexit destructor for 'wrapper''+0x00000000000103c0
00007ffa886ffee7 combase!CServerContextActivator::CreateInstance+0x0000000000000207 [d:\th\com\combase\objact\actvator.cxx @ 872]
00007ffa8876c0b3 combase!ActivationPropertiesIn::DelegateCreateInstance+0x00000000000000e3 [d:\th\com\combase\actprops\actprops.cxx @ 1926]
00007ffa88700687 combase!CApartmentActivator::CreateInstance+0x00000000000000c7 [d:\th\com\combase\objact\actvator.cxx @ 2168]
00007ffa886ff3e9 combase!CProcessActivator::CCICallback+0x0000000000000079 [d:\th\com\combase\objact\actvator.cxx @ 1631]
00007ffa886ff504 combase!CProcessActivator::AttemptActivation+0x0000000000000064 [d:\th\com\combase\objact\actvator.cxx @ 1518]
00007ffa886ff5e0 combase!CProcessActivator::ActivateByContext+0x00000000000000b0 [d:\th\com\combase\objact\actvator.cxx @ 1364]
00007ffa886ff900 combase!CProcessActivator::CreateInstance+0x0000000000000090 [d:\th\com\combase\objact\actvator.cxx @ 1262]
00007ffa8876c104 combase!ActivationPropertiesIn::DelegateCreateInstance+0x0000000000000134 [d:\th\com\combase\actprops\actprops.cxx @ 1926]
00007ffa8876929a combase!CClientContextActivator::CreateInstance+0x000000000000015a [d:\th\com\combase\objact\actvator.cxx @ 561]
00007ffa8876c0c6 combase!ActivationPropertiesIn::DelegateCreateInstance+0x00000000000000f6 [d:\th\com\combase\actprops\actprops.cxx @ 1978]
00007ffa88760c61 combase!ICoCreateInstanceEx+0x0000000000000c91 [d:\th\com\combase\objact\objact.cxx @ 1817]
00007ffa8875fea7 combase!CComActivator::DoCreateInstance+0x0000000000000147 [d:\th\com\combase\objact\immact.hxx @ 376]
00007ffa8875fd0c combase!CoCreateInstance+0x000000000000019c [d:\th\com\combase\objact\actapi.cxx @ 120]
00007ff6d5321be8 notepad!InvokeOpenDialog+0x000000000000004c
00007ff6d53225d7 notepad!NPCommand+0x00000000000003b7
00007ff6d53238a9 notepad!NPWndProc+0x0000000000000509
00007ffa88a41169 USER32!UserCallWinProcCheckWow+0x00000000000001f9
00007ffa88a40c97 USER32!DispatchMessageWorker+0x00000000000001a7
00007ff6d5323ba1 notepad!WinMain+0x0000000000000269
00007ff6d53390b5 notepad!WinMainCRTStartup+0x00000000000001c5
00007ffa866c8102 KERNEL32!BaseThreadInitThunk+0x0000000000000022
00007ffa8902c2e4 ntdll!RtlUserThreadStart+0x0000000000000034
如果你沒有得到堆棧跟蹤,要嘗試的一件事是增加堆棧回溯數據庫的大小。
謝謝先生:) –
只要找到構造函數和斷點吧 – paulm