tags:

views:

540

answers:

3
+2  Q: 

Does the VS disassembly window show the whole EXE?

A client is running my company's program and it is halting before it gets anywhere. They sent this information from the Windows Event Log:

faulting module program.exe, version 1.2.3.4, fault address 0x00054321.

We don't have much else to go on so as a last ditch effort I've been trying to see if I can find where that position is in a disassembler. I run the program through Visual Studio, pause it, look at the Disassembly window and try scrolling to that address but all I get there is this:

00054321  ???              
00054322  ???              
00054323  ???              
00054324  ???              
00054325  ???              
00054326  ???              
00054327  ???              
00054328  ???              
00054329  ???              
0005432A  ???

Would this be because Visual Studio only disassembles part of the EXE near the pause position or something? It's hard for me to look through how much is actually disassembled because the scrollbar doesn't work fully. (I can't grab and move the scroll position; I have to scroll by line or by page.)

Thanks for any insight you may have!

+2  A: 

The fault address could also be caused from a stack corruption problem, ie. the return address could be compromised and jumped back to the wrong address @ 0x54321. Also, depending on the tecnology used (Java, .NET) the code could change it's position between runs.

Visual studio makes a disassembly of the whole process space. ???? means that the position is not accessible.

You'd better need a stack-frame to see what's happening, from a core dump.

QbProg  2009-01-29 21:36:51
Thanks! Is there a straightforward way to get the user to get such a core dump? I don't have access to their machine.
Owen  2009-01-29 21:49:08
It's not really easy, specially on Vista. And you need to have exactly the PDB files of the shipped version. You'd better try to reproduce the bug on your machine, if it becomes frequent.
QbProg  2009-01-30 22:32:57
+1  A: 

WinDbg may be your friend here, there you can load your executable and the symbols (.pdb), if you can get a (mini)dump as QbProg says that would definitely ease the search. But I have had experiences when it was easier doing this in WinDbg.

Fredrik Jansson  2009-01-29 21:40:16
WinDbg was brilliant; thanks for the tip. We sent them the .pdb and debug .exe and had them run it and it gave enough info to fix the issue.
Owen  2009-02-06 21:23:44
+1  A: 

What are you expecting to see in the disassembly window? This approach is not going to work. If you are able to rebuild the exact same build configuration of that your client is running then you can enable the /MAP option in the project's link options. This will create a file that maps symbols to addresses and will allow you to see which function was executing when the crash occurred. You may have to do a bit of calculation to offset the raw mapped address against the address the module was loaded at on the client's PC.

As Fredrik says, WinDbg may be able to help too, especially if you can get a crash dump from your client's PC.

Stu Mackellar  2009-01-29 21:54:01
I hoped the address would already be relative to the module, since it quotes what module it is. But I suppose I hoped wrong. I don't see /MAP in the linker command line but the options already seem to be sufficient to see source code in the places it corresponds to.
Owen  2009-01-29 21:59:33
It depends which version of VS you're using, but they're all similar. In 2008 you can go to Project Properties->Linker->Debugging and set Generate Map File to true and, optionally, set a filename.
Stu Mackellar  2009-01-29 22:07:24

related questions

What is the best way to do unit testing for ASP.NET 2.0 web pages?
TestDriven.NET is not running my SetUp methods for MbUnit
Automated release script and Visual Studio Setup projects
Setup Visual Studio 2005 to print line numbers
What is the best way to deploy a VB.NET application?
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How can I create Debian install packages in Windows for a Visual Studio project?
Plugin for Visual Studio to Mimic Eclipse's "Open Type" or "Open Resource" Keyboard Access
How to generate getters and setters in Visual Studio?
Do you have any recommended add-ons/plugins for Microsoft Visual Studio?
What is keyboard shortcut to view all open documents in Visual Studio 2008
Visual Studio 2008 debugger already attached work-around
Add Custom Tag to Visual Studio Validation
ASP.NET MVC Without Visual Studio
Are Multiple DataContext classes ever appropriate?
Folders or Projects in a Visual Studio Solution?
What's a good book for learning ASP?
Integrating Visual Studio Test Project with Cruise Control
.Net XML comment into API Documentation
Visual Studio Setup Project - Per User Registry Settings
.NET Testing Framework Advice
Automatically update version number
Build for Windows NT 4.0 using Visual Studio 2005?
ASP.NET, Visual Studio and Subversion - how to integrate?