- Forum
- Windows Programming
- ntdll.dll crash, corruption of heap
ntdll.dll crash, corruption of heap
Hi I currently have a strange problem with my program.
It runs great once it passed a certain point but sometimes (it seems total random to me) it almost immediately crashes when I launch it. Of course some code from my program gets executed before the crash but I cant figure out what the last line is he processes.
The error message is this (only in debug, otherwise its just "...has stopped working"):
and this is the only relevant line that pops up in the Output window:
Here is the callstack after the crash:
Sometimes its also another crash but the same error message, one callstack line is different there.
Instead of
its
and the output message is also different:
(edit): this is another different crash, here's the stack
and here the output message:
Can anybody give me a hint what this could be or why the crash happened? Or any suggestion how I can find out the source of that problem?
I would be glad about any suggestion here because I really have no clue whatsoever what could be the cause for this and I also cant find anything relevant anywhere else.
Maybe I can somehow decompile ntdll.dll so am able to get more information of why the crash happens but can I even do this?
Oh and I am using Visual Studio 2010 and boost libaries, MySQL Connector C++ and OpenSSL for my program. And I am using multiple threads in my program.
Another thing I noticed is that there is a higher chance for the crash to happen when it already happened a few moments ago but as I said, it seems like total random to me.
edit2: I think I found the approximate location of the last line that gets executed in my program (though I am still not sure since its hard to debug this).
I think its one of those lines, both are OpenSSL related methods:
Could it be that the threads I use cause this problem? Because I have two threads here that call these functions at the approximate same time, maybe there is something which cant be accessed by both threads a t the same time?
It runs great once it passed a certain point but sometimes (it seems total random to me) it almost immediately crashes when I launch it. Of course some code from my program gets executed before the crash but I cant figure out what the last line is he processes.
The error message is this (only in debug, otherwise its just "...has stopped working"):
| Windows has triggered a breakpoint in program.exe This may be due to a corruption of the heap which indicates a bug in program.exe or any of the DLLs it has loaded. This may also be due to the user pressing F12 while program.exe has focus. The output window may have more diagnostic information. |
and this is the only relevant line that pops up in the Output window:
| HEAP[program.exe]: Invalid address specified to RtlReAllocateHeap( 008C0000, 008C6F90 ) Windows has triggered a breakpoint in program.exe. |
Here is the callstack after the crash:
| ntdll.dll!770f5654() [Frames below may be incorrect and/or missing, no symbols loaded for ntdll.dll] ntdll.dll!770c1a77() ntdll.dll!7709ffad() ntdll.dll!7709374e() |
Sometimes its also another crash but the same error message, one callstack line is different there.
Instead of
| ntdll.dll!770c1a77() |
| ntdll.dll!770ba554() |
| HEAP[program.exe]: HEAP: Free Heap block 2d31c0 modified at 2d31dc after it was freed |
(edit): this is another different crash, here's the stack
| > ntdll.dll!770f37dd() [Frames below may be incorrect and/or missing, no symbols loaded for ntdll.dll] ntdll.dll!770f473b() ntdll.dll!7709ffad() ntdll.dll!7709374e() |
| Critical error detected c0000374 |
Can anybody give me a hint what this could be or why the crash happened? Or any suggestion how I can find out the source of that problem?
I would be glad about any suggestion here because I really have no clue whatsoever what could be the cause for this and I also cant find anything relevant anywhere else.
Maybe I can somehow decompile ntdll.dll so am able to get more information of why the crash happens but can I even do this?
Oh and I am using Visual Studio 2010 and boost libaries, MySQL Connector C++ and OpenSSL for my program. And I am using multiple threads in my program.
Another thing I noticed is that there is a higher chance for the crash to happen when it already happened a few moments ago but as I said, it seems like total random to me.
edit2: I think I found the approximate location of the last line that gets executed in my program (though I am still not sure since its hard to debug this).
I think its one of those lines, both are OpenSSL related methods:
|
|
Could it be that the threads I use cause this problem? Because I have two threads here that call these functions at the approximate same time, maybe there is something which cant be accessed by both threads a t the same time?
Last edited on
Enable downloading of Windows Symbols. That will change the address numbers into function calls. At least you'll get a more decent stack this way. Tools, then Options. In the tree, select Debugging, then Symbols. Put a checkmark for Microsoft Symbol Servers.
What you are experienced is most likely memory leaks and access violations. The debug CRT can help you find them, but I have never used this before, so I cannot really describe it to you. Google it up, I guess.
What you are experienced is most likely memory leaks and access violations. The debug CRT can help you find them, but I have never used this before, so I cannot really describe it to you. Google it up, I guess.
Thanks, that made the callstack indeed more detailed:
Though I still cant make anything useful out of it...
this seems to be interesting as I shortly call it before the error seems to be happening:
But I still dont see why this should cause a problem.
And I'm afraid the debug CRT seems to be a little bit too complicated for me :p
Could it really be that the threads are the cause for this? Because they are running almost at the same time and making one wait for some time with Sleep seems to make the error disappear (at least I didnt get anything since the code changes).
If thats really the case then I would like to know how I can signal one thread to wait for the other one to do something specific?
It seems that PostThreadMessage could be useful for this but in msdn it says that the thread needs to have a message queue to process the message. Since I currently dont have a queue and dont plan to add one only for one message I would like to know if there is another way?
edit: I found the WaitForSingleObject method could be useful for this, is that true? If yes, how do I porperly use it in combination with PostThreadMessage because I dont know what handle I have to pass for the function.
| > ntdll.dll!_RtlpBreakPointHeap@4() + 0x23 bytes ntdll.dll!@RtlpAllocateHeap@24() + 0x34ad8 bytes ntdll.dll!_RtlAllocateHeap@12() + 0x2d0a bytes ntdll.dll!_RtlDebugAllocateHeap@12() + 0xb5 bytes ntdll.dll!@RtlpAllocateHeap@24() + 0x3493e bytes ntdll.dll!_RtlAllocateHeap@12() + 0x2d0a bytes msvcr90.dll!malloc(unsigned int size) Line 163 + 0x5f bytes C libeay32.dll!001e1f0b() [Frames below may be incorrect and/or missing, no symbols loaded for libeay32.dll] libeay32.dll!001e2352() libeay32.dll!00231fae() libeay32.dll!002341fd() libeay32.dll!002351a1() libeay32.dll!00235945() program.exe!__stricmp() + 0x1d2a bytes C++ ntdll.dll!__except_handler4() 0132c967() |
Though I still cant make anything useful out of it...
| program.exe!__stricmp() + 0x1d2a bytes |
|
|
But I still dont see why this should cause a problem.
And I'm afraid the debug CRT seems to be a little bit too complicated for me :p
Could it really be that the threads are the cause for this? Because they are running almost at the same time and making one wait for some time with Sleep seems to make the error disappear (at least I didnt get anything since the code changes).
If thats really the case then I would like to know how I can signal one thread to wait for the other one to do something specific?
It seems that PostThreadMessage could be useful for this but in msdn it says that the thread needs to have a message queue to process the message. Since I currently dont have a queue and dont plan to add one only for one message I would like to know if there is another way?
edit: I found the WaitForSingleObject method could be useful for this, is that true? If yes, how do I porperly use it in combination with PostThreadMessage because I dont know what handle I have to pass for the function.
Last edited on
You should also provide the symbol files for your other dll's, like libeay32.dll, if that is of your own making. What I see here is a call into the runtime's malloc() function. This is calling the internal routines to allocate memory, which seems to me are mapped to HeapAlloc() (I guess because of their names). Down that stack it seems that the C runtime does some checking of the allocated memory or something related, ending up in a breakpoint (top line in the stack).
So indeed is a memory issue. You may be using unallocated memory or similar. You'll have to check this out very carefully in order to find out the problem.
BTW, generate symbol files for your program too! That way you can see the function call in the stack when it is in your exe.
So indeed is a memory issue. You may be using unallocated memory or similar. You'll have to check this out very carefully in order to find out the problem.
BTW, generate symbol files for your program too! That way you can see the function call in the stack when it is in your exe.
| You should also provide the symbol files for your other dll's, like libeay32.dll, if that is of your own making |
And I believe I am already making symbol files for my program..
Anyway, after I spend some time now to unsuccessfully searching for something that could cause the unallocated memory I tried to process the threads one after another for that code section (so they are not executing the same functions at the same time) and so far no error showed up ;)
I hope the problem got solved with this, anyway thanks for your help.
Last edited on
Topic archived. No new replies allowed.