tags:

views:

204

answers:

3
+3  Q: 

How to find a method in assembly code

From a memory leak log I have the following info:

TestApp.exe! + 2238ch

Let us say this means that method at offset '2238c' (hex value) is leaking.

How can I locate the corresponding method in my source code? I have the linker map (testapp.map) but not sure how to use it.

This is a C++ application compiled in VS2008.

+3  A: 

Use objdump -- that should tell you the function-address mapping.

From Ferruccio: The Windows version of that is dumpbin, it comes with Visual Studio

dirkgently  2009-03-11 18:09:38
The Windows version of that is dumpbin, it comes with Visual Studio.
Ferruccio  2009-03-11 18:24:08
objdump -d --start-address=ADDRESS --stop-address=ADDRESS+δ
Zitrax  2009-03-11 23:52:39
A: 

Also you can generate assembly when building - take a look at the compiler settings, the option is IIRC /FAs.

Nemanja Trifunovic  2009-03-11 18:13:52
+7  A: 

Your map file will have a bunch of entries like these:

 0001:00000070       ??0logic_error@std@@QAE@ABV01@@Z 00401070 f i scratch.obj
 0001:000000e0       _main                      004010e0 f   scratch.obj
 0001:00000310       ??1?$list@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@std@@QAE@XZ 00401310 f i scratch.obj
 0001:00000330       ??1?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@QAE@XZ 00401330 f i scratch.obj
 0001:00000360       ?_Buynode@?$list@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@std@@IAEPAU_Node@?$_List_nod@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@2@XZ 00401360 f i scratch.obj
 0001:00000380       ?clear@?$list@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@std@@QAEXXZ 00401380 f i scratch.obj
 0001:000003f0       ?_Buynode@?$list@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@std@@IAEPAU_Node@?$_List_nod@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@2@PAU342@0ABV?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@Z 004013f0 f i scratch.obj
 0001:00000480       ?_Incsize@?$list@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@V?$allocator@V?$variant@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H_NUvoid_@0detail@boost@@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@U3045@@boost@@@std@@@std@@IAEXI@Z 00401480 f i scratch.obj

This shows you exactly how your code is laid out in memory. e.g. main() starts at E0 and ends at 30F in segment 1.

You just need to go through the address list to see where the address you were given lands. One thing to look out for is there are usually multiple segments, but you can usually deduce which one has the code you're interested in.

Ferruccio  2009-03-11 18:18:40
one question for clarity sake: in the above I can see main() starts at 0001:000000e0 but how did you find it ends at 30F?
Sesh  2009-03-12 12:09:37
The object right after main starts at 1:310. 310 - 1 = 30f.
Ferruccio  2009-03-12 12:13:56
Thanks Ferruccio. In my log I have an address which is not listed in the map file. Say I have two methods listed at 3187c and 318bc but my log shows address 318a4h. Can I assume it is called inside the method at 3187c or is there something wrong?
Sesh  2009-03-12 12:18:29
@Sesh - yes, that's correct. The address will not be an exact match unless it crashes on the very first instruction of a method, which is extremely unlikely since it's probably just setting up the stack frame.
Ferruccio  2009-03-12 14:05:30
Great! thanks. I have already marked your post as the expected answer.
Sesh  2009-03-12 14:34:18

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS