CODEWITHSUNDEEP
c++debuggingwindbgcrash-dumps
user1137890
user1137890

Reputation: 157

what does "BUGCHECK_STR: APPLICATION_FAULT_NULL_CLASS_PTR_READ_AFTER_CALL" mean in windbg !analyze -v output

I try to analyze the crash dump file by using windbg, and type the extension command to get some basic analysis result "!analyze -v", and get the result as follow:- (I only pasted part of the info here)

....
  ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000004
Attempt to read from address 00000004

PROCESS_NAME:  tscommand.exe

...

LAST_CONTROL_TRANSFER:  from 010444c2 to 010181e6

FAULTING_THREAD:  00002270

BUGCHECK_STR:  APPLICATION_FAULT_NULL_CLASS_PTR_READ_AFTER_CALL

PRIMARY_PROBLEM_CLASS:  NULL_CLASS_PTR_READ_AFTER_CALL

DEFAULT_BUCKET_ID:  NULL_CLASS_PTR_READ_AFTER_CALL

STACK_TEXT:  

...

What does "BUGCHECK_STR: APPLICATION_FAULT_NULL_CLASS_PTR_READ_AFTER_CALL" mean here? Does it mean the application is fault because of a NULL class pointer after calling a function? I search the net, cannot find anything about APPLICATION_FAULT_NULL_CLASS_PTR_READ_AFTER_CALL.

Upvotes: 1

Views: 3085

Answers (1)

Mats Petersson
Mats Petersson

Reputation: 129374

The "BUGCHECK_STR" is a classification used by Microsoft to "classify" errors, and this one appears to indicate that you have a NULL class pointer - which seems to be correct to me, since the memory read is from address 4, which is a small offset away from the base of a NULL pointer.

Basically, you are having a situation where you are using a pointer to something (I'm not 100% sure it's a class as such), and the pointer is NULL at the point when you dereference it. It is entirely possible that this is caused by a call to a member function, and the debugger can figure that out [by looking at a combination of call-stack, symbols and register values], but it's not unknown for WinDBG to get these things wrong from time to time - it is heuristics, so it's something like "If we have this value here, and that value there and something else matches this range, then it's this group of errors".

If you posted a bit more of the stack/register values at the point of the crash, it would perhaps be possible to figure out a bit more about what went wrong.

What is certain from the combination of error code and extra data with the error is that your code is reading address 4 in memory. Which typically means trying to use the second integer or float in a class/struct that is pointed to by "NULL". I have seen this a fair few times when I've forgotten a "if (ptr != NULL) ... " in my code. Happens to most of us from time to time...

Upvotes: 2

Related Questions