the Chromium logo

The Chromium Projects

Page Heap for Chromium

Page Heap is a Windows mode to help identify memory errors, including those in third-party or OS supplied code. Application Verifier is a Windows mode that enables Page Heap and can also detect additional programming errors.

When using Application Verifier on official builds of Chrome you need to add --disable-features=RendererCodeIntegrity to avoid sandbox crashes in renderer processes. See crbug.com/1004989 for details. Application Verifier can be used on non-official developer builds, but you should probably close stable Chrome to avoid having it crash. See also this page for information on Application Verifier.

Enabling Page Heap

  1. One way of enabling page heap is using Application Verifier (comes with the Windows Platform SDK, use X64 or WOW versions), which enables full page heap and also enables other checks. If you run Application Verifier you can enable the checks for chrome by using File-> Add Application to add chrome.exe. Then open the Basics section and uncheck Leak and SRWLock, to avoid known failures that do not indicate real problems (see crbug.com/807500 for details). You may also need to disable Handles and Locks depending on your graphics driver.

For some builds (debug builds for sure) it is necessary to disable Basics-> TLS due to aggressive TLS index range-checking done by v8.

After adjusting these settings be sure to hit Save. Note that all chrome.exe process launches will be affected so you may want to shut down stable Chrome while testing to avoid confusing problems. You should make sure that Chrome has fully shut down.

Page heap should always be used with a 64-bit version of Chrome to avoid address space exhaustion - every allocation takes a minimum of 4 KB of memory and at least 8 KB of address space.

  1. Another way to turn on page heap is using gflags, which is included in Windows Debugging Tools.It comes with the Debuggers package in the Windows SDK. If you're a Googler and use the depot_tools toolchain, there's a version in "depot_tools\win_toolchain\vs_files\<hash>\win_sdk\Debuggers\x64".

Or add the SDK's Windows Debugging Tools to your path: "c:\Program Files (x86)\Windows Kits\10\Debuggers\x64"

  1. Enable full page heap for a particular executable with this command:

gflags.exe /p /enable chrome.exe /full

This method doesn't seem to work anymore - it just says "No application has page heap enabled." and does nothing, so run gflags.exe and let the UI come up. Or use Application Verifier.

If chrome gets too slow with full page heap turned on, you can enable it with normal page heap:

gflags.exe /p /enable chrome.exe

Tip: since you need to run this as administrator, it might be easiest if you right-click on your console program and select Run as administrator so that all operations in that shell are already privileged.

See Background section for more information on page heap and gflags.

Disabling Page Heap

To disable page heap when you're done, run:

gflags.exe /p /disable chrome.exe

Background

  1. Page heap is Window built-in support for heap verification. There are two modes:

When an application foo.exe is launched, Windows looks up in "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\foo.exe" for page heap and other settings of the executable and acts accordingly.

  1. To turn on page heap for an executable, one just needs to modify the settings in registry. Gflags is a utility downloadable from Microsoft to edit settings under "Image File Execution Options".

Troubleshooting