Reputation: 3869
How can a heap corruption be done with pure Delphi code?
A customer reported a very weird problem. On one specific computer, our Delphi 12 application is terminated by Windows with a FaultTolerantHeap error which can only be seen in the Windows Event Viewer, since the application just closed without any error message. It happened a few times, but it cannot be reproduced reliably.
Fault bucket 1800708316894836483, Typ 4
Event Name: APPCRASH
Response: Not available
Cab Id: 0
Problem signature:
P1: Contoso.exe
P2: 9.0.1.1
P3: 659fea29
P4: StackHash_2f9c
P5: 10.0.19041.3996
P6: 39215800
P7: c0000374
P8: PCH_AF_FROM_ntdll+0x000000000009DB34
P9:
P10:
Failure bucket 2083737153543537444, Typ 5
Event Name: FaultTolerantHeap
Reponse: Not available
Cab Id: 0
Problem signature:
P1: Contoso.exe
P2: 9.0.1.1
P3: 659FEA29
P4: ffffbaad
P5:
P6:
P7:
P8:
P9:
P10:
I need to understand: What exactly is a heap corruption and how can I enforce such a corruption with pure Delphi code?
As far as I understand, heap corruption can be caused by a memory write overflow that can overwrite the gaps between data (which might contain management data such as the length of the heap elements). As illustrated in this YouTube video:
So, I want to try if I can enforce a heap corruption:
type
TMyObject = class(TObject)
// These variables should be on the heap
myvar: array[0..10] of char;
myvar2: array[0..10] of char;
end;
procedure TryToCorruptTheHeap;
var
myobj: TMyObject; // The object reference should be on the stack
begin
myobj := TMyObject.Create;
ZeroMemory(@myobj.myvar[0], 2000000); // Try to destroy sections between heap entries to corrupt the heap
end;
Unfortunately, I only receive an error message telling me about an access violation, but the application is not terminated by the operating system:
No matter how hard I try, I cannot force my application to be abnormally terminated by Windows without an error message. So I wonder, is it possible at all to cause such a crash with pure Delphi code? Or is it rather likely that a Windows/Driver/Hardware bug or even a compiler bug caused this?
A few additional thoughts and things I have tried:
(1) On my development computer, I already ran the application through Microsoft Application Verifier and no memory or heap issues were found.
(2) I also tried using FastMM4, since it also recognizes some memory problems.
(3) Another thought was that my application is loading a DLL file from a third party which might mess with the memory. If such a DLL were written in a low-level language like C, I could imagine that it could easily corrupt the memory. However, all my loaded DLLs are Microsoft DLLs, and I am not aware that I am dynamically loading anything else (I searched for LoadLibrary to be sure about this).
Upvotes: 0
Views: 137
Answers (0)
Related Questions
- How to debug heap corruption errors?
- Heap Corruption while using CreateWindowExW
- C program Changing argv programmatically gives heap corruption error after exit of program only in debug mode in Visual Studio. How to resolve?
- Access violation reading location. Heap corruption. Boost thread
- Heap corruption when trimming delayed free queue
- VFH and heap corruption
- Structured Exception Handler (SEH) does not catch heap corruption
- GFlags setting to catch heap corruption (other than Page Heap)?
- Delphi DLL return string from C# ... .NET 4.5 Heap Corruption but .NET 4.0 works? Explain please?