Ideas

Kuzanagi_san's avatar
Kuzanagi_san
New Spectator
4 months ago

BF6 Crashing to desktop while changing MAP or when starting MAP

My game is crashing from time to time, here's the summary of my findings. 

Summary of the Problem

The core issue is an "Access Violation" (Exception Code c0000005), specifically an INVALID_POINTER_WRITE.

  • PROCESS_NAME: bf6.exe: The program that crashed is named bf6.exe. Given "Frostbite MiniDump" in the comment, this is likely a game using the Frostbite engine (e.g., a Battlefield or Star Wars Battlefront game).
  • Failure.Exception.Code: 0xc0000005: This is a very common error code in programming. It means the program tried to read from or write to a memory address that it did not have permission to access.
  • Key : AV.Type Value: Write: The program was trying to write data to an invalid memory location.
  • WRITE_ADDRESS: 0000000000000024: The program attempted to write to a memory address very close to zero. This almost always indicates that a pointer (a variable that stores a memory address) was null (or close to null) when it should have been pointing to a valid object or location. The program then tried to use that invalid pointer to access data, causing the crash.

Where it Happened

The crash occurred deep within Windows system code that manages multithreading, but the actual fault likely originated in the application code just before that.

  • ntdll!RtlpWaitOnCriticalSection+0xb3: This is the exact function and offset in the Windows ntdll.dll library where the machine instruction failed. RtlpWaitOnCriticalSection is related to "critical sections," which are mechanisms used to synchronize different threads of a program to prevent them from accessing the same data simultaneously.
  • ntdll!RtlEnterCriticalSection+0xf2 -> bf6!ffxFsr2ResourceIsNull+...: The STACK_TEXT section shows the sequence of function calls that led to the crash. The bf6.exe application called a function that eventually tried to enter a critical section managed by ntdll.
  • The instruction that failed was inc dword ptr [rax+24h]. This means it tried to increment a value located at a memory address calculated from the rax register. The CONTEXT section shows rax=0000000000000000. So it was trying to access 0x00000000 + 0x24, which is address 0x24—a null pointer dereference.

Conclusion

The bf6.exe application has a bug where it passed a null pointer to a Windows system function (RtlEnterCriticalSection), which is used to manage access to a shared resource. When the system function tried to use the provided pointer to update its internal state, it crashed because the pointer was invalid.

To fix this, the developers of bf6.exe need to identify where in their code (specifically the functions mentioned in the stack trace, like ffxFsr2ResourceIsNull) they are passing an uninitialized or invalid critical section object pointer.

crashing

Featured Places

Node avatar for Battlefield 6 Bug Reports

Battlefield 6 Bug Reports

Report bugs and see what the Battlefield 6 community is saying on this forum.Latest Activity: 4 months ago
9,834 Posts