473,573 Members | 2,510 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

When I call malloc() to get some space, I get Segmentation fault

Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40093343 in _int_malloc () from /lib/tls/libc.so.6
#1 0x40094c54 in malloc () from /lib/tls/libc.so.6

It's really strange; I just call malloc() like "tmp=malloc(siz e);"
the system gives me Segmentation fault

I want to write a code to do like a dynamic array, and the code is as
follow:
char *t=space->ptr;
int size=0;
char *tmp=NULL;
printf("pointer :%p\tsize:%d\n" , space->ptr ,
space->capacity*spa ce->unit_size);
space->capacity+=10 0;
//printf("%s\n" , (char *)space->ptr);

//space->ptr=realloc(sp ace->ptr , space->capacity*spa ce->unit_size);
size=space->capacity*spa ce->unit_size;
tmp=malloc(size );
printf("---pointer:%p\tnew size:%d\n" , tmp ,
space->capacity*spa ce->unit_size);
space->ptr=tmp;
memcpy(space->ptr , t , (space->capacity-100)*space->unit_size);
free(t);
if(space->ptr == NULL)
err_quit("there is not enough space\n");

At first I use realloc() to realize the dynamic array, but there is
also Segmentation fault, so I change the code.
The following is what the program print when it ran.
The first time it goes well:
pointer:(nil) size:0
---pointer:0x80512 30 new size:100
pointer:0x80512 30 size:100
---pointer:0x8051b 20 new size:200
pointer:0x8051b 20 size:200
---pointer:0x8051c d8 new size:300
pointer:0x8051c d8 size:300
---pointer:0x8051e 08 new size:400
pointer:0x8051e 08 size:400
---pointer:0x8051f a0 new size:500
pointer:0x8051f a0 size:500
---pointer:0x8051c d8 new size:600
pointer:0x8051c d8 size:600
---pointer:0x8051f 38 new size:700
free pointer:0x8051f 38

For the second time, there is something wrong, glibc says I have double
free 0x08051230, but I'm sure I don't
pointer:(nil) size:0
---pointer:0x80512 30 new size:100
pointer:0x80512 30 size:100
---pointer:0x8051b 20 new size:200
*** glibc detected *** double free or corruption: 0x08051230 ***
pointer:0x8051b 20 size:200
---pointer:0x8052c f8 new size:300
pointer:0x8052c f8 size:300
---pointer:0x8052e 28 new size:400
pointer:0x8052e 28 size:400
---pointer:0x8052f c0 new size:500
pointer:0x8052f c0 size:500
---pointer:0x8052c f8 new size:600
pointer:0x8052c f8 size:600
---pointer:0x8052f 58 new size:700
pointer:0x8052f 58 size:700
---pointer:0x80532 18 new size:800
pointer:0x80532 18 size:800
---pointer:0x8052c f8 new size:900
pointer:0x8052c f8 size:900
---pointer:0x80530 80 new size:1000
pointer:0x80530 80 size:1000
---pointer:0x80534 70 new size:1100
pointer:0x80534 70 size:1100
---pointer:0x8052c f8 new size:1200
pointer:0x8052c f8 size:1200
---pointer:0x80531 b0 new size:1300
pointer:0x80531 b0 size:1300
---pointer:0x80536 c8 new size:1400
pointer:0x80536 c8 size:1400
---pointer:0x8052c f8 new size:1500
pointer:0x8052c f8 size:1500
---pointer:0x80532 d8 new size:1600
pointer:0x80532 d8 size:1600
---pointer:0x80539 20 new size:1700
free pointer:0x80539 20

The third time, I get Segmentation fault
---pointer:0x8051b 20 new size:100
pointer:0x8051b 20 size:100

Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6

Why?
It troubles me too much.
Please help me!
Thank you!

Nov 14 '05 #1
3 11395
Zheng Da <zh*********@gm ail.com> wrote:
It's really strange; I just call malloc() like "tmp=malloc(siz e);"
the system gives me Segmentation fault I want to write a code to do like a dynamic array, and the code is as
follow:
char *t=space->ptr;
What is `space', and `space->ptr'?
int size=0;
char *tmp=NULL;
printf("pointer :%p\tsize:%d\n" , space->ptr ,
space->capacity*spa ce->unit_size);
space->capacity+=10 0;
//printf("%s\n" , (char *)space->ptr); //space->ptr=realloc(sp ace->ptr , space->capacity*spa ce->unit_size);
size=space->capacity*spa ce->unit_size;
tmp=malloc(size );
printf("---pointer:%p\tnew size:%d\n" , tmp ,
space->capacity*spa ce->unit_size);
space->ptr=tmp;
memcpy(space->ptr , t , (space->capacity-100)*space->unit_size);
free(t);
if(space->ptr == NULL) (Isn't it a bit too late to check this here, after memcpy()?) err_quit("there is not enough space\n");


There are too many unknowns. No-one can help you until you send
the smallest code that shows the problem, that everybody can
compile.

--
Stan Tobias
mailx `echo si***@FamOuS.Be dBuG.pAlS.INVALID | sed s/[[:upper:]]//g`
Nov 14 '05 #2


Zheng Da wrote:
Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40093343 in _int_malloc () from /lib/tls/libc.so.6
#1 0x40094c54 in malloc () from /lib/tls/libc.so.6

It's really strange; I just call malloc() like "tmp=malloc(siz e);"
the system gives me Segmentation fault

I want to write a code to do like a dynamic array, and the code is as
follow:
char *t=space->ptr;
int size=0;
char *tmp=NULL;
printf("pointer :%p\tsize:%d\n" , space->ptr ,
space->capacity*spa ce->unit_size);
Passing a pointer to printf you should cast it to (void*).
This is not your problem I'd guess.
space->capacity+=10 0;
//printf("%s\n" , (char *)space->ptr);

//space->ptr=realloc(sp ace->ptr , space->capacity*spa ce->unit_size);
This was a better way to do it. Except that you always need to use a
temporary variable when reallocing to avoid memory leakage/original
pointer loss on failure. i.e. if the realloc fails here, you no longer
have the pointer to
your original space...
size=space->capacity*spa ce->unit_size;
tmp=malloc(size );
printf("---pointer:%p\tnew size:%d\n" , tmp ,
space->capacity*spa ce->unit_size);
space->ptr=tmp;
memcpy(space->ptr , t , (space->capacity-100)*space->unit_size);
free(t);
if(space->ptr == NULL)
You'd have probably crashed before this, because you have copied into
the NULL pointer.
err_quit("there is not enough space\n");

At first I use realloc() to realize the dynamic array, but there is
also Segmentation fault, so I change the code.


Your code above looks basically OK. Crashes in malloc are often
far removed from the scene of the crime, which makes them hard
to diagnose. For example, if in other code you overwrote the bounds
of dynamically allocated memory, the problem might only manifest
itself here. Since I see above that this is a char* string (based
on your commented out printf), such problems often include failure
to account for the '\0' character that is at the end of the string
resulting in a 1 byte overrun.

If you can provide a small self contained (and compilable) set of code,
I expect folks here would see the problem in moments. If not, I
recommend
you find some tools on your system that are good at diagnosing this
sort of problem (examples include
valgrind/purify/boundschecker/electric fence/glibc
MALLOC_CHECK/insure++). Note that questions on these tools
should be addressed to a newsgroup dedicated to your system, for
example comp.unix.progr ammer if you are using unix.

-David

Nov 14 '05 #3
Zheng Da wrote:
Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40093343 in _int_malloc () from /lib/tls/libc.so.6
#1 0x40094c54 in malloc () from /lib/tls/libc.so.6

It's really strange; I just call malloc() like "tmp=malloc(siz e);"
the system gives me Segmentation fault
<snip><snip>
Why?
It troubles me too much.
Please help me!
Thank you!

Okay, very generic comment, but might come in handy.
I have seen mallocs and frees give segmentation fault when you have memory
corruption in your code BEFORE you call that malloc /free. The generic
reason is, malloc/free work on a linked list of memory blocks. If you
overwrite some of the control areas of this link-list (which generally
reside just after or before the memory blocks, making them prone to buffer
overflows), malloc/free can generate a segmentation fault as they could be
trying to access some wrong locations as next free/allocated block.

Check your code again to see if there are such issues before the call to
malloc.
--
-IG
Nov 14 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

13
815
by: Steve Zimmerman | last post by:
Esteemed contributors to clc: Thank you for all the responses. Experiments 2 and 3 below are identical, except that experiment 2 does not call free(), while experiment 3 does. With such a trivial program, is it safe not to call free()? Are there dangers in experiment 2 that experiment 3 avoids?
7
3341
by: Alexandre | last post by:
Hello, Maybe it's a little OT, but the fact is that I don't necessarly want to know "how to correct?", but "why it happens?" I have a program who "segment fault" (ok, that's "normal"... ;-) but this time, it's not my code who "segment fault" but it's in the call of malloc/mallopt I've got:
25
487
by: sabads | last post by:
Hello everyone: I have a problem like this : typedef struct node { char *data; struct node *next; }lnode; when I allocate space for node p : p = (lnode *)malloc(sizeof(struct node)); it happened display : Segmentation fault. I think it will be problem the 'char *data' is not enough
15
2006
by: Stanley S | last post by:
Hi, I'm puzzled. Why does the following cause a seg fault? Notwithstanding that I've already malloc() a certain space for "Hello". I do understand that using a fixed length array will work very well. But I wish to find out how can this be achieve using pointers. Thank you.
12
2291
by: nae zot bba la | last post by:
Hi, very short code here. Basically I want to open a file called instruction in a++ mode and then write data of %s type to it, then read from the same file and print to screen. The code compiles but when I execute the binary and enter some string to expect the program to print them for me to screen, segmentation fault occurs. Any ideas...
19
1953
by: SP | last post by:
I am learning C and have a question re: malloc(). I wrote simple program which assigns a value to a structure and then prints it as follow: #include <stdio.h> #include <stdlib.h> struct item { char name;
58
4611
by: Jorge Peixoto de Morais Neto | last post by:
I was reading the code of FFmpeg and it seems that they use malloc just too much. The problems and dangers of malloc are widely known. Malloc also has some overhead (although I don't know what is the overhead of automatic variable sized arrays, I suspect it is smaller than that of malloc), although I'm not too worried about it. I was...
173
8006
by: Marty James | last post by:
Howdy, I was reflecting recently on malloc. Obviously, for tiny allocations like 20 bytes to strcpy a filename or something, there's no point putting in a check on the return value of malloc. OTOH, if you're allocating a gigabyte for a large array, this might fail, so you should definitely check for a NULL return.
25
3360
by: jbholman | last post by:
I am pretty new to C and doing my first project in C. I actually read almost the entire FAQ, but can't seem to figure out this problem. I have a structure. I have a list of these structures. Inside each structure, I have two members: a list of strings, and a string. I have made a sample program below that exhibits the error I am...
0
7750
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
1
7744
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
8039
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
0
5271
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3708
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3708
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
2170
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
1
1271
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
0
1008
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.