1

I am investigating a faulty code. Application verifier shows heap is corrupted after below call:

AA!Class::Function+dbaf

I have map file with me.Please help me how to reach on line number using above information and information present into Map file.

Preferred load address is 00400000

0002:00000dc4       __imp_?Class@Function@@QAEXV?$vector@Uty_point@@V?$allocator@Uty_point@@@std@@@std@@0PAV23@@Z 0049bdc4

Note : I have anonymized class and function name.

Sai Kalyan Kumar Akshinthala
  • 11,704
  • 8
  • 43
  • 67
Satbir
  • 6,358
  • 6
  • 37
  • 52
  • It's on line 12. (I have anonymized line numbers in the answer.) – Kerrek SB Aug 10 '11 at 08:36
  • @Kerrek , :) I liked you answer. I anonymized because my company might not like this.I hope you understand this. Thanks – Satbir Aug 10 '11 at 08:46
  • @Sabir: Sure, pardon the joke ... the real issue is that it's nearly impossible to say anything useful if you don't post some of the code and do some debugging yourself to find out where the crash happens. Compile with debug symbols for a start, then your debugger should already be able to tell you where to go. – Kerrek SB Aug 10 '11 at 08:50
  • @Kerrek i am on the path of debugging now . See this topic which say we can directly find the line numbers using map files http://www.codeproject.com/KB/debug/mapfile.aspx – Satbir Aug 10 '11 at 08:53
  • As a wild guess, are you maybe just accessing an invalid `vector` element? Double-check your algorithm whether you aren't invalidating any iterators, erasing elements or overstepping bounds. – Kerrek SB Aug 10 '11 at 08:59

3 Answers3

1

Do you only have a map file? No PDB? If you have full symbols then use the map and .pdbs (and .exe) with WinDBG (are you on windows?). I would imagine that you do seeing as how you have been given the name of the function.

IF not... dbaf is your answer. What does that equate to? The offset should be the location of faulty instructions. Of course you would need to figure out the number of instructions (assembly instructions) that each has.

Dennis
  • 3,683
  • 1
  • 21
  • 43
  • He has a pdb, otherwise it couldn't display AA!Class::Function. It is not a very good one though, 0xdbaf is rather a large offset. His map is thus probably lousy too. – Hans Passant Aug 10 '11 at 09:54
  • AA!Class::Function+dbaf is in result file of Application verifier which reports heap corrupt. Thanks for your answer. I will try under debugger now using symbol files. – Satbir Aug 10 '11 at 10:29
0

MAP File Browser provides functions to allow you to turn crash addresses, or DLL offsets, or symbol offsets, or event log XML crash data into the corresponding symbol location.

Load the map file into MAP File Browser then go to the Query Menu.

Full disclosure: I wrote MAP File Browser.

Stephen Kellett
  • 3,078
  • 1
  • 22
  • 25
0

I remember being able to jump to the faulty code by having only the map file and the value of EIP (the instruction pointer, the address where the code crashed), a quick google search pointed me to this webpage: Map Files And DLL Rebasing. From what I remember in an ideal situation you can change the value of EIP directly in the Visual C++ debugger and it will jump to the corresponding code line.

Now, this was really a long time ago in the Visual C++ 6 era, I don't even know if it's still applicable today. As already pointed out you should really look into symbols and the program database options in Visual C++, there is tons of information about how to setup and use them.

floyd73
  • 1,240
  • 9
  • 12