Analyzing application fault in msvcr80.dll, fault address 0x00008aa0

Question

I'm debugging an intermittent problem in which an application (created using C++ in Visual Studio 2005) is faulting. The event log provides the following information:

faulting module msvcr80.dll
version 8.0.50727.1433
fault address 0x00008aa0

I did a Google search and found many other examples of applications crashing with this particular fault address, but no indication of what it means.

Is there any way to find out what msvcr80.dll is doing at this address?

I tried attaching to a running instance of the application from Visual Studio to see what code is located at 0x00008aa0 -- but there doesn't seem to be anything there!

More generally, given an address somewhere in a Windows DLL, is there a way to figure out what the code is doing?

Answer 1

Googling myself, someone suggested using dependency walker to find out which module you're using that is directly dependent on msvcr80.dll -- since you are using VS 2005.

That might give you a clue where to start isolating the bug.

Answer 2

Address this low usually indicates a null pointer access violation. The offset of the member access accessed to the base pointer is 8aa0. Looks like a pretty large object. I would suggest you add null-asserts when you dereference pointers to objects of large data type.

Answer 3

You can try to use Microsoft debug symbols, in this case you will see normal function name instead of address.

In VS2005 you should do:

1. Go to Tools -> Options -> Debugging -> Symbols
2. Insert http://msdl.microsoft.com/download/symbols as a symbol location
3. Attach VS to your app instance and repeat the crash

Answer 4

Windows will never map anything to addresses lower than 0x10000, so you are definitely AV'ing.