ValidateFreeSpaces(), GlobalCompact(), and Wild Pointers

 Last reviewed: July 22, 1997
Article ID: Q32680
3.00 3.10 WINDOWS kbprg docerr

The information in this article applies to:

  • Microsoft Windows Software Development Kit (SDK) for Windows versions 3.0 and 3.1

SUMMARY

The ValidateFreeSpaces() function does not work as documented on page 4-454 of the "Microsoft Windows Software Development Kit Reference Volume 1" for version 3.0. On page 964 of the "Programmer's Reference, Volume 2: Functions" manual from the Windows 3.1 SDK, the ValidateFreeSpaces() function is correctly documented.

MORE INFORMATION

ValidateFreeSpaces() returns a void, not a LPSTR, as documented. Under the debugging kernel, ValidateFreeSpaces() will RIP if it finds overwritten free space; under the retail kernel, it does nothing.

To use ValidateFreeSpaces(), the WIN.INI file must include the following statements: 

   [KERNEL]
   EnableHeapChecking=1
   EnableFreeChecking=1
If an application calls ValidateFreeSpaces() and it discovers an error, it will RIP with a fatal exit code of 0x00ff, "FREE MEMORY OVERWRITE AT," and the address of the byte that was overwritten as Segment:Offset.

To build a fairly solid detector of wild pointers, an application writer can use the following statements in the [KERNEL] section:

  1. EnableHeapChecking=1 to cause the kernel to regularly check the global arena.

  2. EnableFreeChecking=1 to let ValidateFreeSpaces() check global free space.

  3. EnableSegmentChecksum=1 to cause the kernel to check for corrupted code segments.

If the application then calls ValidateFreeSpaces() and GlobalCompact(-1) regularly, it will catch almost all wild global pointers. ValidateFreeSpaces() checks for any overwritten free blocks, and GlobalCompact(-1) moves and discards memory, thereby forcing heap and checksum checking.

Please note the following:

  • CCh is used for the free-space fill byte because it will cause the debugger to breakpoint if a jump into free space is executed.
  • If EnableSegmentChecksum=1 is used, setting breakpoints may cause spurious 0x0409 RIPs.
  • Setting all of these checks will noticeably slow the system.
  • If bad free spaces exist, check for fatal exit FFs and LLLLLLLs before the address actually appears. A few fatal exits may have to be ignored before the address appears.

Additional reference words: 3.00 3.10
KBCategory: kbprg
KBSubcategory: KrDebug
Keywords : kb16bitonly

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: July 22, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.