Memory magic number and debug CRT

VC that has debugged the debug versionProgramThe user must be very impressed with the memory such as 0xcccccccc and 0xcdcdcd. This is the initial value provided by the CRT of the debug version to facilitate debugging.

In fact, there are more such initial values on windows, as shown in the following table:

Uninitialized
Baadf00d	Used by Microsoft's localalloc/globalalloc/heapalloc (lmem_fixed) to mark uninitialised allocated heap memory
Cccccccc	Used by Microsoft's c ++ debugging Runtime Library to mark uninitialised stack memory
Cdcdcdcd	Used by Microsoft's c ++ debugging Runtime Library to mark uninitialised heap memory
Freed
Feeefeee	Used by Microsoft's localfree/globalfree/heapfree () to mark freed heap memory
Dddddddd	Used by microquill's smartheap and Microsoft's c ++ debugging heap to mark freed heap memory
No Man's Land
Abababab	Used by Microsoft's localalloc/globalalloc/heapalloc () to mark "No Man's Land" guard bytes after allocated heap memory
Fdfdfdfd	Used by Microsoft's c ++ debugging heap to mark "No Man's Land" guard bytes before and after allocated heap memory

Source: http://en.wikipedia.org/wiki/Magic_number_ (programming)

In addition to the debug CRT that will help you add these initialization values, Microsoft's heap management functions will also add some initialization values when allocating and releasing them.

Localalloc/globalalloc. If lmem_fixed is specified (this is specified by default) and lmem_zeroinit is not specified, the initial value in the allocated memory is baadf00d (it can be understood as badfood, that is, it cannot be eaten directly ). When localfree/globalfree is called, the value is changed to feeefeee.) it can be understood as free ).

If heapalloc does not specify heap_zero_memory, the initial value is baadf00d, and feeefeee after heapfree.

In addition, when the three heap allocation functions (localalloc/globalalloc/heapalloc) in Windows allocate memory, an additional 8 bytes of Guard data will be added after the allocated memory, that is, No Man's Land in the table above. The value is abababab.

 

For Windows heap management functions, pay attention to the following two points:

1. If the allocated memory is too large (for example, for dozens of MB, heapalloc is converted to virtualalloc instead of allocating from the stack. Therefore, the memory values after the allocation and release are not shown in the table above.
2. After pageheap is enabled, the initialization value allocated by calling heapalloc is 0xc0c0c0. Heapfree memory cannot be accessed

 

If your memory management uses CRT functions such as new (malloc) and delete (free), the situation will be more complicated. These CRT memory management functions are built on the above Windows heap management functions.

Especially the debug version of CRT, will do more things, see the http://www.nobugs.org/developer/win32/debug_crt_heap.html for details

The uninitialized memory value allocated by new (malloc) is cdcdcd, And the uninitialized value after Delete (free) is dddddddddd.

In addition, the debug CRT has the same No Man's Land data as the heap management function in windows. They are fdfdfdfd (which can be understood as fence), with a total of 8 bytes, four bytes are before payload, and four bytes are behind payload.
It should be noted that the management data of CRT is also the payload of the heap management function of windows, so when we use the CRT function to allocate memory, such as 10 bytes, the CRT will apply for additional memory (about 40 bytes, that is, a total of 50 bytes) from the heap management function of windows ). The additional memory is used by the CRT to manage the CRT memory, including no man's land data, and the memory size and memory type, the file name and number of rows when the allocation function is called. For more information about the operations and functions of 40bytes, see the URL above.

 

Here are some more detailed introduction about debug CRT: http://www.codeguru.com/cpp/w-p/win32/tutorials/article.php/c9535/Inside-CRT-Debug-Heap-Management.htm

 

It is worth noting that the above operations are performed only by the debug CRT. The release CRT directly calls the heap manager function of windows, so its performance is the same as that of the heap manager function directly called by the user.