How to debug heap corruption issues in Internet Information Services (IIS) (300966)
The information in this article applies to:
- Microsoft Internet Information Services 5.0
- Microsoft Internet Information Services version 5.1
- Microsoft Internet Information Services version 6.0
This article was previously published under Q300966 SUMMARYThis article describes how to use Pageheap.exe in NORMAL
mode to debug heap corruption issues in IIS applications. The tools that are
used in this article are the IIS Crash/Hang Agent and the Gflags/Pageheap tools.
You can download the tools from the Microsoft Download Center. MORE INFORMATIONHeap corruption occurs when a thread allocates a block of
heap memory of a given size and then writes to memory addresses that are beyond the
requested size of the heap block. Another common cause of
heap corruption is writing to a block of memory that has been freed (old
pointer reuse) or
freeing a block of memory that was already freed. Debugging heap
corruption issues is not an easy task because the thread that causes the
exception is not usually the thread that caused the corruption. To find the
thread that caused the corruption, you must use Pageheap.exe. Pageheap.exe is a
software validation layer between the application and the system. Pageheap.exe
verifies all dynamic memory applications. You can enable Pageheap.exe in NORMAL
or FULL mode; you can also enable Pageheap.exe for specific targeted DLLs.
For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
286470
How to use Pageheap.exe in Windows
XP and Windows 2000
The following file is available for download from the Microsoft
Download Center: Download
the IISDebugTools.exe package now.
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591 How to obtain Microsoft support files from online services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
To use Pageheap.exe, follow these steps:
- Download and install the IIS Crash/Hang Agent and the IISDump
tools.
- Use the GUI or the command line to enable Pageheap.exe:
- To use the GUI, follow these steps:
- Run Gflags.exe.
- For Image File Name, type the
name of the process that you want to debug. For an IIS 5.0 Web site, the name of this process is Inetinfo.exe, Dllhost.exe, or Aspnet_wp.exe. For an IIS 6.0 Web site, the name of this process is Inetinfo.exe or W3wp.exe.
- Under Destination, click the
Image File Options option.
- In the lower pane of the Global Flags dialog box, click Enable page heap.
- Click Apply, and then click
OK.
- To use the command line, follow these steps:
- Switch to the folder where the IIS Crash/Hang
Agent is installed.
- Run the following command:
gflags -p /enable Process Name NoteFor IIS 5.0, Process Name
is Inetinfo.exe, Dllhost.exe, or Aspnet_wp.exe.
For IIS 6.0, Process Name is Inetinfo.exe or W3wp.exe.
- If the targeted process is Inetinfo.exe, use the Iisreset command to restart IIS. To do this, follow these steps:
- Click Start, click Run, type Cmd, and then click OK.
- At the command prompt, type Iisreset computername /restart, and then press ENTER.
Replace computername with the name of your IIS server. If
the targeted process is Dllhost.exe or Aspnet_wp.exe, unload and then reload the Web
application (you do not have to restart IIS). - Attach the debugger to the targeted process:
- Switch to the folder where you installed the IIS
Crash/Hang Agent and the IISDump tools.
- At a command prompt, run the following command:
iisdump.exe -I -p
[PID of Targeted process]
When the corruption occurs, a breakpoint exception dump file or
a second chance access violation dump file is created. You must use the Windows
debugger (Cdb.exe or Windbg.exe) to analyze the dump file so that you find the cause
of the corruption. Remember that in certain circumstances,
Pageheap.exe may not help find the cause of the corruption when Pageheap.exe is
running in NORMAL mode. If this occurs, run Pageheap.exe in FULL mode.
When you complete the debugging, you can disable Pageheap.exe. To do
this, either click to clear the Enable Pageheap check box in
the Gflags GUI, or run the following command at a command prompt: gflags -p /disable Process Name Note For IIS 5.0, Process Name is Inetinfo.exe, Dllhost.exe, or
Aspnet_wp.exe. For IIS 6.0, Process Name is Inetinfo.exe or W3wp.exe.
Note Running Gflags with the -p switch is the same as running Pageheap.exe. For example, both of the
following commands cause Pageheap.exe to run in NORMAL mode for the
Inetinfo.exe process:
- Gflags -p /enable
inetinfo.exe
- Pageheap.exe /enable
inetinfo.exe
Modification Type: | Minor | Last Reviewed: | 11/23/2004 |
---|
Keywords: | kbDebug kbinfo kbhowto KB300966 kbAudDeveloper |
---|
|