这些Windbg错误消息是什么意思?

时间:2013-12-04 02:15:55

标签: windbg

我正在尝试在Windbg中执行!heap -s来获取堆信息。当我尝试它时,我得到以下输出:

  Heap     Flags   Reserv  Commit  Virt   Free  List   UCR  Virt  Lock  Fast 
                    (k)     (k)    (k)     (k) length      blocks cont. heap 
-----------------------------------------------------------------------------
00000000005d0000 08000002     512     28    512     10     3     1    0      0      
Error: Heap 0000000000000000 has an invalid signature eeffeeff
Front-end heap type info is not available
Front-end heap type info is not available
Virtual block: 0000000000000000 - 0000000000000000 (size 0000000000000000)
HEAP 0000000000000000 (Seg 0000000000000000) At 0000000000000000 Error: Unable to read virtual block

0000000000000000 00000000       0      0      0      0     0     0    1      0      
-----------------------------------------------------------------------------

我找不到任何关于异常错误/不可用行的含义的参考。

有人可以给我一个总结,说明为什么我没有得到预期的堆积堆?

我在!heap -s之前执行的唯一事情是!wow64exts.sw,因为进程转储来自32位进程,但是由64位任务管理器创建。

1 个答案:

答案 0 :(得分:1)

使用32位和64位任务管理器进行测试后,似乎只能使用!wow64exts.sw某些区域中成功调试由64位任务管理器创建的32位进程的进程转储在Windbg中使用32位调试。

该扩展程序允许正确查看调用堆栈,但!heap -s似乎无法在其下正常工作。相反,你最终会得到问题中的错误。

例如,使用32位任务管理器从32位进程的进程转储输出:

0:000> !heap -s
NtGlobalFlag enables following debugging aids for new heaps:
    stack back traces
LFH Key                   : 0x06b058a2
Termination on corruption : DISABLED
  Heap     Flags   Reserv  Commit  Virt   Free  List   UCR  Virt  Lock  Fast 
                    (k)     (k)    (k)     (k) length      blocks cont. heap 
-----------------------------------------------------------------------------
031b0000 08000002    1024    236   1024      2    13     1    0      0   LFH
001d0000 08001002    1088    188   1088     18     9     2    0      0   LFH
01e30000 08001002    1088    160   1088      4     3     2    0      0   LFH
03930000 08001002     256      4    256      2     1     1    0      0      
038a0000 08001002      64     16     64     13     1     1    0      0      
-----------------------------------------------------------------------------

使用64位任务管理器而不是!wow64exts.sw的32位进程的进程转储的输出:

0:000> !heap -s
NtGlobalFlag enables following debugging aids for new heaps:
    stack back traces
LFH Key                   : 0x000000b406b058a2
Termination on corruption : ENABLED
          Heap     Flags   Reserv  Commit  Virt   Free  List   UCR  Virt  Lock  Fast 
                            (k)     (k)    (k)     (k) length      blocks cont. heap 
-------------------------------------------------------------------------------------
0000000001f70000 08000002     512     28    512     10     3     1    0      0      
0000000000020000 08008000      64      4     64      1     1     1    0      0      
-------------------------------------------------------------------------------------

使用带有!wow64exts.sw的64位任务管理器从32位进程的进程转储输出:

0:000> !wow64exts.sw
Switched to 32bit mode
0:000:x86> !heap -s
NtGlobalFlag enables following debugging aids for new heaps:
    stack back traces
LFH Key                   : 0x000000b406b058a2
Termination on corruption : ENABLED
  Heap     Flags   Reserv  Commit  Virt   Free  List   UCR  Virt  Lock  Fast 
                    (k)     (k)    (k)     (k) length      blocks cont. heap 
-----------------------------------------------------------------------------
0000000001f70000 08000002     512     28    512     10     3     1    0      0      
Error: Heap 0000000000000000 has an invalid signature eeffeeff
Front-end heap type info is not available
Front-end heap type info is not available
Virtual block: 0000000000000000 - 0000000000000000 (size 0000000000000000)
HEAP 0000000000000000 (Seg 0000000000000000) At 0000000000000000 Error: Unable to read virtual block

0000000000000000 00000000       0      0      0      0     0     0    1      0      
-----------------------------------------------------------------------------

这些都来自同一个过程。

相关问题
最新问题