invalidOverlappedToPinvoke MDA

 

The invalidOverlappedToPinvoke managed debugging assistant (MDA) is activated when an overlapped pointer that was not created on the garbage collection heap is passed to specific Win32 functions.

System_CAPS_ICON_note.jpg Note

By default, this MDA is activated only if the platform invoke call is defined in your code and the debugger reports the JustMyCode status of each method. A debugger that does not understand JustMyCode (such as MDbg.exe with no extensions) will not activate this MDA. This MDA can be enabled for those debuggers by using a configuration file and explicitly settting justMyCode="false" in the .mda.config file (<invalidOverlappedToPinvoke enable="true" justMyCode="false"/>).

Crashes or unexplainable heap corruptions.

An overlapped pointer that was not created on the garbage collection heap is passed to specific operating system functions.

The following table shows the functions that this MDA tracks.

ModuleFunction
HttpApi.dllHttpReceiveHttpRequest
IpHlpApi.dllNotifyAddrChange
kernel32.dllReadFile
kernel32.dllReadFileEx
kernel32.dllWriteFile
kernel32.dllWriteFileEx
kernel32.dllReadDirectoryChangesW
kernel32.dllPostQueuedCompletionStatus
MSWSock.dllConnectEx
WS2_32.dllWSASend
WS2_32.dllWSASendTo
WS2_32.dllWSARecv
WS2_32.dllWSARecvFrom
MQRT.dllMQReceiveMessage

The potential for heap corruption is high for this condition because the AppDomain making the call might unload. If the AppDomain unloads, the application code will either free the memory for the overlapped pointer, causing corruption when the operation finishes, or the code will leak the memory, causing difficulties later.

Use an Overlapped object, calling the Pack method to get a NativeOverlapped structure that can be passed to the function. If the AppDomain unloads, the CLR waits until the asynchronous operation completes before freeing the pointer.

This MDA had no effect on the CLR.

The following is an example of output from this MDA.

An overlapped pointer (0x00ea3430) that was not allocated on the GC heap was passed via Pinvoke to the Win32 function 'WriteFile' in module 'KERNEL32.DLL'. If the AppDomain is shut down, this can cause heap corruption when the async I/O completes. The best solution is to pass a NativeOverlapped structure retrieved from a call to System.Threading.Overlapped.Pack(). If the AppDomain exits, the CLR will keep this structure alive and pinned until the I/O completes.

<mdaConfig>  
  <assistants>  
    <invalidOverlappedToPinvoke/>  
  </assistants>  
</mdaConfig>  

MarshalAsAttribute
Diagnosing Errors with Managed Debugging Assistants
Interop Marshaling

Show: