Prev: Interlocked Singly Linked Lists (for Ben or anyone else).
Next: Hiding console window fails - Windows Vista specific
From: MB on 14 Nov 2007 17:54
Our application, which runs as a service, has given the following
Application Error just once, randomly, while shutting down the service on a
customer machine:

The instruction at "0x7c82caa2" referenced memory at "0xffffffff". The
memory could not be "read".

Is there anything that can be gleaned from that address? Does Windows or Dr.
Watson write any further information about this type of error anywhere? The
event log shows no further information and I could not locate a Dr. Watson
entry. There are Dr. Watson entries for other errors, so it is turned on.
Should Dr. Watson create a log entry for this type of error? If so, perhaps
I was looking in the wrong place. Where can I find it's log for the local
system account?


From: Remy Lebeau on 14 Nov 2007 19:00

"MB" <bla(a)bla.bla> wrote in message
news:OgK3zFxJIHA.3672(a)TK2MSFTNGP02.phx.gbl...

> Is there anything that can be gleaned from that address?

Your code is trying to read a value from memory using an invalid pointer.
If you were reading from a NULL pointer, that would result in a read at
address 0x00000000. 0xFFFFFFFF is 1 less than 0 when treated as an unsigned
value, so that suggests you are probably subtracting 1 byte from a NULL
pointer, such as by using index -1 into a dynamically allocated array that
is pointed to by a NULL pointer.

As for 0x7c82caa2, that is the memory address of the actual code instruction
that is performing the read. Im not sure about VC++, but Borland compilers
(which I use) have an option to output a .map file. That sometimes helps
isolate the offending section of code.

> Does Windows or Dr.Watson write any further information about this type of
> error anywhere?

Not that I know of.


Gambit


From: MB on 14 Nov 2007 19:45
Gambit,

Thanks. Also using the Borland compiler. Map file and debugger show code
starting at 0x00401000. The old td32 debugger (on my own machine, Win2k)
cannot even read from address 0x7c82caa2, it only displays question marks.
But if that address range so far up doesn't even exist, shouldn't Windows
complain about trying to access that address rather than an instruction at
that address doing something wrong? Does any Windows system code (DLL?) get
mapped into that address range, but protected so the debugger can't read it?
Or does Win2k3 server behave differently from Win2k?

As an aside, googling that address shows some versions of PHP generating a
similar error. Probably a useless bit of trivia, right? Obviously my
application != PHP.

MB.


From: Remy Lebeau on 14 Nov 2007 21:07

"MB" <bla(a)bla.bla> wrote in message
news:Opl%23WDyJIHA.1020(a)TK2MSFTNGP05.phx.gbl...

> Thanks. Also using the Borland compiler. Map file and debugger show code
> starting at 0x00401000.

If I remember correctly (been awhile since I used .map files), it contains
relative offsets, so add the program's starting address to them to get
anything meaningful out of them.


Gambit



From: MB on 14 Nov 2007 21:17
Indeed. I've already done that. The relative offsets start with zero. The
program's starting address is 0x00401000. Also verified using the debugger.


 |  Next  |  Last
Pages: 1 2
Prev: Interlocked Singly Linked Lists (for Ben or anyone else).
Next: Hiding console window fails - Windows Vista specific