An Execute Access Violation occurs when the application attempts to execute code from a memory address that is invalid. To be valid, the memory page must have a valid state, protection and type. The memory must be in the MEM_COMMIT state. The memory can be of any type; MEM_IMAGE, MEM_MAPPED or MEM_PRIVATE. The vast majority is MEM_IMAGE. MEM_PRIVATE is used for Just-in-Time (JIT) code - the main example being JavaScript. The protection of the memory must be PAGE_EXECUTE_READ, PAGE_EXECUTE_READWRITE or PAGE_EXECUTE_WRITECOPY. The vast majority is PAGE_EXECUTE_READ. PAGE_EXECUTE_READWRITE and PAGE_EXECUTE_WRITECOPY are rare and can be considered dangerous, as code can be modified (injected). To view the state, protection and type of the address, use !address <address> Be sure to reference the current values; not the allocation valuesEach memory page region (minimum 4K) tracks both the initial protection value at allocation, and the current protection value, as set by the VirtualProtect family of functions.The violation is detected by the processor via Data Execution Protection. The memory address may be invalid because of one of these common scenarios: Stack Corruption - the return address of a call is pushed on the stack. Local variables are next to this location. If a local has a buffer overrun, the return address is corrupted.DLL Reference Counting - the address was valid, but is now being accessed after the DLL has been unloadedBit-Flip - RAM (hardware) issue where one or more bits have flipped (rare)Additional Resources: Inside - Access ViolationInside - Access Violation C0000005 - Read or WriteInside - Windows SDKMSDN - Memory Protection ConstantsMSDN - MEMORY_BASIC_INFORMATION structureMSDN - Data Execution Protection

Podden och tillhörande omslagsbild på den här sidan tillhör Microsoft. Innehållet i podden är skapat av Microsoft och inte av, eller tillsammans med, Poddtoppen.