调试中使用MAPfile
写汇编语言的基础介绍越来越无聊,没有什么内容,或许大家自己看看比较好,随便写些其他的东西吧。
本篇文章的内容来自http://www.codeproject.com/KB/debug/mapfile.aspx,介绍当程序崩溃时一种找出崩溃点的方法.
在VC6中进行如下设置,将调试信息设为line Numbers Only,同时在link的命令行参数中添加
在
随便建立一个工程,例如MFC的dialog工程,在一个位置例如InitInstance中添加如下代码
char* pEmpty = NULL; *pEmpty = ' x'; // This is line 119
然后在编译后在debug文件夹下有个为Linker Address Map的文件,打开会有如下内容
MAPFILE
Timestamp is 3df6394d (Tue Dec 10 19:58:21 2002)
Preferred load address is 00400000
Start Length Name Class
0001:00000000 000038feH .text CODE
0002:00000000 000000f4H .idata$5 DATA
0002:000000f8 00000394H .rdata DATA
0002:0000048c 00000028H .idata$2 DATA
0002:000004b4 00000014H .idata$3 DATA
0002:000004c8 000000f4H .idata$4 DATA
0002:000005bc 0000040aH .idata$6 DATA
0002:000009c6 00000000H .edata DATA
0003:00000000 00000004H .CRT$XCA DATA
0003:00000004 00000004H .CRT$XCZ DATA
0003:00000008 00000004H .CRT$XIA DATA
0003:0000000c 00000004H .CRT$XIC DATA
0003:00000010 00000004H .CRT$XIZ DATA
0003:00000014 00000004H .CRT$XPA DATA
0003:00000018 00000004H .CRT$XPZ DATA
0003:0000001c 00000004H .CRT$XTA DATA
0003:00000020 00000004H .CRT$XTZ DATA
0003:00000030 00002490H .data DATA
0003:000024c0 000005fcH .bss DATA
0004:00000000 00000250H .rsrc$01 DATA
0004:00000250 00000720H .rsrc$02 DATA
Address Publics by Value Rva+Base Lib:Object
0001:00000000 _WinMain@16 00401000 f MAPFILE.obj
0001:000000c0 ?MyRegisterClass@@YAGPAUHINSTANCE__@@@Z 004010c0 f MAPFILE.obj
0001:00000150 ?InitInstance@@YAHPAUHINSTANCE__@@H@Z 00401150 f MAPFILE.obj
0001:000001b0 ?WndProc@@YGJPAUHWND__@@IIJ@Z 004011b0 f MAPFILE.obj
0001:00000310 ?About@@YGJPAUHWND__@@IIJ@Z 00401310 f MAPFILE.obj
0001:00000350 _WinMainCRTStartup 00401350 f LIBC:wincrt0.obj
0001:00000446 __amsg_exit 00401446 f LIBC:wincrt0.obj
0001:0000048f __cinit 0040148f f LIBC:crt0dat.obj
0001:000004bc _exit 004014bc f LIBC:crt0dat.obj
0001:000004cd __exit 004014cd f LIBC:crt0dat.obj
0001:00000591 __XcptFilter 00401591 f LIBC:winxfltr.obj
0001:00000715 __wincmdln 00401715 f LIBC:wincmdln.obj //SNIPPED FOR BETTER READING
0003:00002ab4 __FPinit 00408ab4
0003:00002ab8 __acmdln 00408ab8
entry point at 0001:00000350
Static symbols
0001:000035d0 LeadUp1 004045d0 f LIBC:memmove.obj
0001:000035fc LeadUp2 004045fc f LIBC:memmove.obj //SNIPPED FOR BETTER READING
0001:00000577 __initterm 00401577 f LIBC:crt0dat.obj
0001:0000046b _fast_error_exit 0040146b f LIBC:wincrt0.obj
Line numbers for ./Release/MAPFILE.obj(F:/MAPFILE/MAPFILE.cpp) segment .text 24 0001:00000000 30 0001:00000004 31 0001:0000001b 32 0001:00000027 35 0001:0000002d 53 0001:00000041 40 0001:00000047 43 0001:00000050 45 0001:00000077 47 0001:00000088 48 0001:0000008f 52 0001:000000ad 53 0001:000000b3 71 0001:000000c0 80 0001:000000c3 81 0001:000000c8 82 0001:000000ff 86 0001:00000114 88 0001:00000135 89 0001:00000145 102 0001:00000150 108 0001:00000155 110 0001:00000188 122 0001:0000018d 115 0001:0000018e 116 0001:0000019a 119 0001:000001a1 121 0001:000001a8 122 0001:000001ae 135 0001:000001b0 143 0001:000001cc 172 0001:000001ee 175 0001:0000020d 149 0001:00000216 157 0001:0000022c 175 0001:00000248 154 0001:00000251 174 0001:0000025f 175 0001:00000261 151 0001:0000026a 174 0001:00000287 175 0001:00000289 161 0001:00000294 164 0001:000002a8 165 0001:000002b6 166 0001:000002d8 174 0001:000002e7 175 0001:000002e9 169 0001:000002f2 174 0001:000002fa 175 0001:000002fc 179 0001:00000310 186 0001:0000031e 193 0001:0000032e 194 0001:00000330 188 0001:00000333 183 0001:00000344 194 0001:00000349
运行程序之后会crash,在我们的例子中
本篇文章的内容来自http://www.codeproject.com/KB/debug/mapfile.aspx,介绍当程序崩溃时一种找出崩溃点的方法.
在VC6中进行如下设置,将调试信息设为line Numbers Only,同时在link的命令行参数中添加
/MAPINFO:LINES 和
/MAPINFO:EXPORTS,这里是为了让map文件中能输出对应行的汇编代码内存位置。
同时说一句其他的,对VC编译器的过程,可以简单理解为1.ML ......(很多参数);2.link .....(很多参数),由于参数太多所以很多被界面化选项了,所以只要C/C++和link的总的命令行一样,编译结果也基本一样,虽然个别扩展的地方也要设置,不过基本方法就是比较两个工程总的编译命令行的不同来发现一些问题.
在
随便建立一个工程,例如MFC的dialog工程,在一个位置例如InitInstance中添加如下代码
char* pEmpty = NULL; *pEmpty = ' x'; // This is line 119
然后在编译后在debug文件夹下有个为Linker Address Map的文件,打开会有如下内容
MAPFILE
Timestamp is 3df6394d (Tue Dec 10 19:58:21 2002)
Preferred load address is 00400000
Start Length Name Class
0001:00000000 000038feH .text CODE
0002:00000000 000000f4H .idata$5 DATA
0002:000000f8 00000394H .rdata DATA
0002:0000048c 00000028H .idata$2 DATA
0002:000004b4 00000014H .idata$3 DATA
0002:000004c8 000000f4H .idata$4 DATA
0002:000005bc 0000040aH .idata$6 DATA
0002:000009c6 00000000H .edata DATA
0003:00000000 00000004H .CRT$XCA DATA
0003:00000004 00000004H .CRT$XCZ DATA
0003:00000008 00000004H .CRT$XIA DATA
0003:0000000c 00000004H .CRT$XIC DATA
0003:00000010 00000004H .CRT$XIZ DATA
0003:00000014 00000004H .CRT$XPA DATA
0003:00000018 00000004H .CRT$XPZ DATA
0003:0000001c 00000004H .CRT$XTA DATA
0003:00000020 00000004H .CRT$XTZ DATA
0003:00000030 00002490H .data DATA
0003:000024c0 000005fcH .bss DATA
0004:00000000 00000250H .rsrc$01 DATA
0004:00000250 00000720H .rsrc$02 DATA
Address Publics by Value Rva+Base Lib:Object
0001:00000000 _WinMain@16 00401000 f MAPFILE.obj
0001:000000c0 ?MyRegisterClass@@YAGPAUHINSTANCE__@@@Z 004010c0 f MAPFILE.obj
0001:00000150 ?InitInstance@@YAHPAUHINSTANCE__@@H@Z 00401150 f MAPFILE.obj
0001:000001b0 ?WndProc@@YGJPAUHWND__@@IIJ@Z 004011b0 f MAPFILE.obj
0001:00000310 ?About@@YGJPAUHWND__@@IIJ@Z 00401310 f MAPFILE.obj
0001:00000350 _WinMainCRTStartup 00401350 f LIBC:wincrt0.obj
0001:00000446 __amsg_exit 00401446 f LIBC:wincrt0.obj
0001:0000048f __cinit 0040148f f LIBC:crt0dat.obj
0001:000004bc _exit 004014bc f LIBC:crt0dat.obj
0001:000004cd __exit 004014cd f LIBC:crt0dat.obj
0001:00000591 __XcptFilter 00401591 f LIBC:winxfltr.obj
0001:00000715 __wincmdln 00401715 f LIBC:wincmdln.obj //SNIPPED FOR BETTER READING
0003:00002ab4 __FPinit 00408ab4
0003:00002ab8 __acmdln 00408ab8
entry point at 0001:00000350
Static symbols
0001:000035d0 LeadUp1 004045d0 f LIBC:memmove.obj
0001:000035fc LeadUp2 004045fc f LIBC:memmove.obj //SNIPPED FOR BETTER READING
0001:00000577 __initterm 00401577 f LIBC:crt0dat.obj
0001:0000046b _fast_error_exit 0040146b f LIBC:wincrt0.obj
Line numbers for ./Release/MAPFILE.obj(F:/MAPFILE/MAPFILE.cpp) segment .text 24 0001:00000000 30 0001:00000004 31 0001:0000001b 32 0001:00000027 35 0001:0000002d 53 0001:00000041 40 0001:00000047 43 0001:00000050 45 0001:00000077 47 0001:00000088 48 0001:0000008f 52 0001:000000ad 53 0001:000000b3 71 0001:000000c0 80 0001:000000c3 81 0001:000000c8 82 0001:000000ff 86 0001:00000114 88 0001:00000135 89 0001:00000145 102 0001:00000150 108 0001:00000155 110 0001:00000188 122 0001:0000018d 115 0001:0000018e 116 0001:0000019a 119 0001:000001a1 121 0001:000001a8 122 0001:000001ae 135 0001:000001b0 143 0001:000001cc 172 0001:000001ee 175 0001:0000020d 149 0001:00000216 157 0001:0000022c 175 0001:00000248 154 0001:00000251 174 0001:0000025f 175 0001:00000261 151 0001:0000026a 174 0001:00000287 175 0001:00000289 161 0001:00000294 164 0001:000002a8 165 0001:000002b6 166 0001:000002d8 174 0001:000002e7 175 0001:000002e9 169 0001:000002f2 174 0001:000002fa 175 0001:000002fc 179 0001:00000310 186 0001:0000031e 193 0001:0000032e 194 0001:00000330 188 0001:00000333 183 0001:00000344 194 0001:00000349
运行程序之后会crash,在我们的例子中
0x004011a1. 这个地址在
0x00401150 和
0x004011b0 ,所以我们崩溃的函数为
?InitInstance@@YAHPAUHINSTANCE__@@H@Z。从行数文件可以看出
0x004011a1 - 0x00400000 - 0x1000 = 0x1a1在119行和121行之间。就是我们实际的120行
这里简单说一下,pe文件结构中有个文件段大小的单位和内存中段大小的单位,从
0001:000000c0 ?MyRegisterClass@@YAGPAUHINSTANCE__@@@Z 004010c0 f MAPFILE.obj 中可以算出(004010c0-0x00400000-0x000000c0)/1=0x00001000 内存段的单位为1000。