Who moved my pointer? Translator's order: This paper introduces a method of finding a hanging pointer (wild pointer) during the debugging process, which is achieved by overloading the New and the Delete operator. This approach is not perfect, it is achieved at the price of memory leaks in the debug period, because the code appearing in the text must not appear in a final published software product, can only be used when debugging. In the VC, in the debug environment, you can simply replace the New to replace the New to DEBUG_NEW, you can implement more and more convenient pointer detection. For details, please refer to MSDN. DEBUG_NEW has a connection with this article, so the method introduced in the article is not the best, but it is also practical, more importantly, it provides us with a new idea. Introduction: A few days ago, I was debugging a program, this program used a large plug-in pointer to handle a linked list, eventually got a problem in a pointer to the chain table node. We expect it to point to an object of a virtual base class. I think the first question is: Is there a object that the pointer refers to? The pointer value of the problem can be divided by 4, and is not null, so it can be concluded that it is an effective pointer. By using Visual Studio, view the window (View-> Debug Windows-> Memory) We found that the data referred to this pointer is Fe Ee Fe Ee Fe EE ... This usually means that the memory is once assigned, but It is now in a unallocated state. I don't know who it is, where is the memory area referred to in my pointer to release it. I would like to find a solution to find out how my data is released. Background: I eventually find the data I lost by overloading the New and Delete operators. When a function is called, the parameter will be first pressed to the stack, and then the return address will also be pressed onto the stack. We can extract this information from the stack in the function of the New and Delete operators to help us debug the program. Code: After receiving several wrong guess, I decided to help to overrun the New and Delete operators to help me find the data pointed to by my pointer. The implementation of the next New operator puts the return address from the stack. This return address is located between the delivered parameters and the address of the first partial variable. The configuration of the compiler, the method of calling the function, the computer's architecture will sound this return address actual location, so when you use the following code, you should do some adjustments according to your actual situation. Once the NEW operator obtains the return address, it is allocated to all 16 bytes of space to be allocated, and the memory size of the return address and the actual allocation are stored, and the actual allocated memory block first address return. For the Delete operator, you can see that it no longer releases space. It uses the same way as New to extract the return address, written to the actual allocation space size (the translator Note: It is the 9th to 12th bytes of the 16 bytes allocated), in the last four words Fill in the DE Ad BE EF (Translator Note: Four Hexagonaries), as a word, it is just a dead beef. It is used to indicate that the memory has been released is really very image! Note: The space originally actually allocated and the space should now be released) fill in a duplicate value. Now, if the program is wrong due to a wrong pointer, I just want to open the memory to view the window, find the place where the error pointer is fingerd, and then find 16 bytes forward.
The value here is to call the address of the New operator. The four bytes are the actual allocated memory size, the third four bytes are the address of the DELETE operator, the last four bytes should be de ad BE EF . The following actual allocated memory content should be 77 77 77 77. To find the corresponding new and delete in the source program, you can do this: first, you can get the content of the four bytes of the address indicating the address, this is because of the Intel platform The upper character sequence is the low position. Next, right click on the source code and select "Go to DiaSsembly". The left column on the opposing window is the memory address corresponding to the machine code. Press CTRL G or select Edit-> Go to ... and enter one of the addresses you found. The disassembled window will scroll to the corresponding new or delete function call location. To return to the source program, just right click, select "Go to Source". You can see the corresponding new or delete call. Now you can easily find when your data is lost. As for finding why Delete will be called, you will rely on yourself.
