Null Pointer Assignment Errors Explained

by Oct 19, 1993

 Technical Information Database

TI500C.txt   Null Pointer Assignment Errors Explained          
Category   :General
Platform    :All
Product    :Borland C++  All    

Description:
  1. What is a Null Pointer Assignment error?
  The Null Pointer Assignment error is generated in programs that
  corrupt the bottom of the data segment in such a fashion as to
  indicate a high probability that an improperly-initialized
  pointer has been used.  The error can only be generated in the
  small and medium memory models.
  2. What causes a Null Pointer Assignment error?
  Borland places four zero bytes at the bottom of the data
  segment, followed by the Borland copyright notice.  In the
  small and medium memory models, a null pointer points to
  DS:0000.  Thus assigning a value to the memory referenced by
  this pointer will overwrite the first zero byte in the data
  segment.  At program termination, the four zeros and the
  copyright banner are checked.  If either has been modified,
  then the Null Pointer Assignment error is generated.  Note that
  the pointer may not truly be null, but may be a wild pointer
  that references these key areas in the data segment.
  3. How can I debug a Null Pointer Assignment error?
  In either the Integrated Development Environment or in Turbo
  Debugger,
  set two watches on these key memory locations.  These watches,
  and
  what they should display in the watch window, are:
    (char*)4         char *ds:0004 "Borland C++ - Copyright ..."
    *(char*)0,4m     00 00 00 00
  Step through your program and monitor theses values in the
  watch window.  At the point where one of them changes, you have
  just executed a statement that uses a pointer that has not been
  properly initialized.
  The most common cause of this error is probably declaring a
  pointer and then using it before allocating memory for it.  For
  example, compile either of the following programs in the small
  memory model and execute it:
  Program 1:
  #include 
  #include 
  #include 
  int main(void)
  {
  char *ptr, *banner;
  banner = (char *)
  MK_FP(_DS, 4);
  printf("banner: %sn", banner);
  strcpy(ptr, "Where will this text be copied?!?");
  printf("&ptr = %Fpn",(void far*) &ptr[0]);
  printf("banner: %sn", banner);
  return 0;
  }
  Program 2:
  // The following code illustrates the null pointer
  // assignment error.  Code using the "bad" pointer will
  // cause a null pointer assignment; code using the "good"
  // pointer will not.
  #include 
  #include 
  int main()
  {
  char good[81];
  char *bad;
  strcpy (good, "This does not create a"
             " null pointer assignment.n");
  strcpy (bad, "This creates a null pointer assignment.n");
  printf("%s", good);
  printf("%s", bad);
  return 0;
  }
  One useful debugging technique is to turn on all warning
  compiler messages.  If the above programs are compiled with
  warnings turned off, no warning messages will be generated.
  However, if all warnings are turned on, both the strcpy() and
  printf() calls will generate warnings.  Be particularly
  suspicious of any warnings that a variable might be used before
  being initialized, or of a suspicious pointer assignment.  With
  the command-line compiler, you may wish to use the -wdef switch
  to enable the "Possible use of identifier before definition"
  warning. In the Borland or Turbo C++ IDE, select "Options /
  Compiler / Messages / Display and set Display Warnings to
  "All".
  4. Why is a Null Pointer Assignment error not generated in all
     models?
  In the compact, large and huge memory models, far pointers are
  used for data.  Therefore, a null pointer will reference
  0000:0000, or the base of system memory, and using it will not
  cause a corruption of the key values at the base of the data
  segment.  Modifying the base of system memory usually causes a
  system crash, however.  Although it would be possible that a
  wild pointer would overwrite the key values, it would not
  indicate a null pointer.
  In the tiny memory model, DS = CS = SS.  Therefore, using a
  null pointer will overwrite the beginning of the code segment.
  5.  Can anything else generate a Null Pointer Assignment error?
  Using a wild pointer that happens to reference the base area of
  the data segment--thus causing a corruption of the zeros or the
  copyright banner--will generate this error.  Since data
  corruption or stack corruption could cause an otherwise-valid
  pointer to be corrupted and point to the base of the data
  segment, any memory corruption could result in this error being
  generated.  If the pointer used in the program statement which
  corrupts the key values appears to have been properly
  initialized, place a watch on that pointer.  Step through your
  program again and watch for its value (address) to change.
  DISCLAIMER: You have the right to use this technical information
  subject to the terms of the No-Nonsense License Statement that
  you received with the Borland product to which this information
  pertains.


Reference:


7/2/98 10:39:11 AM

Article originally contributed by Borland Staff