473,287 Members | 1,689 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,287 software developers and data experts.

When I call malloc() to get some space, I get Segmentation fault

Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40093343 in _int_malloc () from /lib/tls/libc.so.6
#1 0x40094c54 in malloc () from /lib/tls/libc.so.6

It's really strange; I just call malloc() like "tmp=malloc(size);"
the system gives me Segmentation fault

I want to write a code to do like a dynamic array, and the code is as
follow:
char *t=space->ptr;
int size=0;
char *tmp=NULL;
printf("pointer:%p\tsize:%d\n" , space->ptr ,
space->capacity*space->unit_size);
space->capacity+=100;
//printf("%s\n" , (char *)space->ptr);

//space->ptr=realloc(space->ptr , space->capacity*space->unit_size);
size=space->capacity*space->unit_size;
tmp=malloc(size);
printf("---pointer:%p\tnew size:%d\n" , tmp ,
space->capacity*space->unit_size);
space->ptr=tmp;
memcpy(space->ptr , t , (space->capacity-100)*space->unit_size);
free(t);
if(space->ptr == NULL)
err_quit("there is not enough space\n");

At first I use realloc() to realize the dynamic array, but there is
also Segmentation fault, so I change the code.
The following is what the program print when it ran.
The first time it goes well:
pointer:(nil) size:0
---pointer:0x8051230 new size:100
pointer:0x8051230 size:100
---pointer:0x8051b20 new size:200
pointer:0x8051b20 size:200
---pointer:0x8051cd8 new size:300
pointer:0x8051cd8 size:300
---pointer:0x8051e08 new size:400
pointer:0x8051e08 size:400
---pointer:0x8051fa0 new size:500
pointer:0x8051fa0 size:500
---pointer:0x8051cd8 new size:600
pointer:0x8051cd8 size:600
---pointer:0x8051f38 new size:700
free pointer:0x8051f38

For the second time, there is something wrong, glibc says I have double
free 0x08051230, but I'm sure I don't
pointer:(nil) size:0
---pointer:0x8051230 new size:100
pointer:0x8051230 size:100
---pointer:0x8051b20 new size:200
*** glibc detected *** double free or corruption: 0x08051230 ***
pointer:0x8051b20 size:200
---pointer:0x8052cf8 new size:300
pointer:0x8052cf8 size:300
---pointer:0x8052e28 new size:400
pointer:0x8052e28 size:400
---pointer:0x8052fc0 new size:500
pointer:0x8052fc0 size:500
---pointer:0x8052cf8 new size:600
pointer:0x8052cf8 size:600
---pointer:0x8052f58 new size:700
pointer:0x8052f58 size:700
---pointer:0x8053218 new size:800
pointer:0x8053218 size:800
---pointer:0x8052cf8 new size:900
pointer:0x8052cf8 size:900
---pointer:0x8053080 new size:1000
pointer:0x8053080 size:1000
---pointer:0x8053470 new size:1100
pointer:0x8053470 size:1100
---pointer:0x8052cf8 new size:1200
pointer:0x8052cf8 size:1200
---pointer:0x80531b0 new size:1300
pointer:0x80531b0 size:1300
---pointer:0x80536c8 new size:1400
pointer:0x80536c8 size:1400
---pointer:0x8052cf8 new size:1500
pointer:0x8052cf8 size:1500
---pointer:0x80532d8 new size:1600
pointer:0x80532d8 size:1600
---pointer:0x8053920 new size:1700
free pointer:0x8053920

The third time, I get Segmentation fault
---pointer:0x8051b20 new size:100
pointer:0x8051b20 size:100

Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6

Why?
It troubles me too much.
Please help me!
Thank you!

Nov 14 '05 #1
3 11330
Zheng Da <zh*********@gmail.com> wrote:
It's really strange; I just call malloc() like "tmp=malloc(size);"
the system gives me Segmentation fault I want to write a code to do like a dynamic array, and the code is as
follow:
char *t=space->ptr;
What is `space', and `space->ptr'?
int size=0;
char *tmp=NULL;
printf("pointer:%p\tsize:%d\n" , space->ptr ,
space->capacity*space->unit_size);
space->capacity+=100;
//printf("%s\n" , (char *)space->ptr); //space->ptr=realloc(space->ptr , space->capacity*space->unit_size);
size=space->capacity*space->unit_size;
tmp=malloc(size);
printf("---pointer:%p\tnew size:%d\n" , tmp ,
space->capacity*space->unit_size);
space->ptr=tmp;
memcpy(space->ptr , t , (space->capacity-100)*space->unit_size);
free(t);
if(space->ptr == NULL) (Isn't it a bit too late to check this here, after memcpy()?) err_quit("there is not enough space\n");


There are too many unknowns. No-one can help you until you send
the smallest code that shows the problem, that everybody can
compile.

--
Stan Tobias
mailx `echo si***@FamOuS.BedBuG.pAlS.INVALID | sed s/[[:upper:]]//g`
Nov 14 '05 #2


Zheng Da wrote:
Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40093343 in _int_malloc () from /lib/tls/libc.so.6
#1 0x40094c54 in malloc () from /lib/tls/libc.so.6

It's really strange; I just call malloc() like "tmp=malloc(size);"
the system gives me Segmentation fault

I want to write a code to do like a dynamic array, and the code is as
follow:
char *t=space->ptr;
int size=0;
char *tmp=NULL;
printf("pointer:%p\tsize:%d\n" , space->ptr ,
space->capacity*space->unit_size);
Passing a pointer to printf you should cast it to (void*).
This is not your problem I'd guess.
space->capacity+=100;
//printf("%s\n" , (char *)space->ptr);

//space->ptr=realloc(space->ptr , space->capacity*space->unit_size);
This was a better way to do it. Except that you always need to use a
temporary variable when reallocing to avoid memory leakage/original
pointer loss on failure. i.e. if the realloc fails here, you no longer
have the pointer to
your original space...
size=space->capacity*space->unit_size;
tmp=malloc(size);
printf("---pointer:%p\tnew size:%d\n" , tmp ,
space->capacity*space->unit_size);
space->ptr=tmp;
memcpy(space->ptr , t , (space->capacity-100)*space->unit_size);
free(t);
if(space->ptr == NULL)
You'd have probably crashed before this, because you have copied into
the NULL pointer.
err_quit("there is not enough space\n");

At first I use realloc() to realize the dynamic array, but there is
also Segmentation fault, so I change the code.


Your code above looks basically OK. Crashes in malloc are often
far removed from the scene of the crime, which makes them hard
to diagnose. For example, if in other code you overwrote the bounds
of dynamically allocated memory, the problem might only manifest
itself here. Since I see above that this is a char* string (based
on your commented out printf), such problems often include failure
to account for the '\0' character that is at the end of the string
resulting in a 1 byte overrun.

If you can provide a small self contained (and compilable) set of code,
I expect folks here would see the problem in moments. If not, I
recommend
you find some tools on your system that are good at diagnosing this
sort of problem (examples include
valgrind/purify/boundschecker/electric fence/glibc
MALLOC_CHECK/insure++). Note that questions on these tools
should be addressed to a newsgroup dedicated to your system, for
example comp.unix.programmer if you are using unix.

-David

Nov 14 '05 #3
Zheng Da wrote:
Program received signal SIGSEGV, Segmentation fault.
0x40093343 in _int_malloc () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40093343 in _int_malloc () from /lib/tls/libc.so.6
#1 0x40094c54 in malloc () from /lib/tls/libc.so.6

It's really strange; I just call malloc() like "tmp=malloc(size);"
the system gives me Segmentation fault
<snip><snip>
Why?
It troubles me too much.
Please help me!
Thank you!

Okay, very generic comment, but might come in handy.
I have seen mallocs and frees give segmentation fault when you have memory
corruption in your code BEFORE you call that malloc /free. The generic
reason is, malloc/free work on a linked list of memory blocks. If you
overwrite some of the control areas of this link-list (which generally
reside just after or before the memory blocks, making them prone to buffer
overflows), malloc/free can generate a segmentation fault as they could be
trying to access some wrong locations as next free/allocated block.

Check your code again to see if there are such issues before the call to
malloc.
--
-IG
Nov 14 '05 #4

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

13
by: Steve Zimmerman | last post by:
Esteemed contributors to clc: Thank you for all the responses. Experiments 2 and 3 below are identical, except that experiment 2 does not call free(), while experiment 3 does. With such a...
7
by: Alexandre | last post by:
Hello, Maybe it's a little OT, but the fact is that I don't necessarly want to know "how to correct?", but "why it happens?" I have a program who "segment fault" (ok, that's "normal"... ;-)...
25
by: sabads | last post by:
Hello everyone: I have a problem like this : typedef struct node { char *data; struct node *next; }lnode; when I allocate space for node p : p = (lnode *)malloc(sizeof(struct node)); it...
15
by: Stanley S | last post by:
Hi, I'm puzzled. Why does the following cause a seg fault? Notwithstanding that I've already malloc() a certain space for "Hello". I do understand that using a fixed length array will work...
12
by: nae zot bba la | last post by:
Hi, very short code here. Basically I want to open a file called instruction in a++ mode and then write data of %s type to it, then read from the same file and print to screen. The code compiles...
19
by: SP | last post by:
I am learning C and have a question re: malloc(). I wrote simple program which assigns a value to a structure and then prints it as follow: #include <stdio.h> #include <stdlib.h> struct...
58
by: Jorge Peixoto de Morais Neto | last post by:
I was reading the code of FFmpeg and it seems that they use malloc just too much. The problems and dangers of malloc are widely known. Malloc also has some overhead (although I don't know what is...
173
by: Marty James | last post by:
Howdy, I was reflecting recently on malloc. Obviously, for tiny allocations like 20 bytes to strcpy a filename or something, there's no point putting in a check on the return value of malloc....
25
by: jbholman | last post by:
I am pretty new to C and doing my first project in C. I actually read almost the entire FAQ, but can't seem to figure out this problem. I have a structure. I have a list of these structures. ...
0
by: MeoLessi9 | last post by:
I have VirtualBox installed on Windows 11 and now I would like to install Kali on a virtual machine. However, on the official website, I see two options: "Installer images" and "Virtual machines"....
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: Aftab Ahmad | last post by:
Hello Experts! I have written a code in MS Access for a cmd called "WhatsApp Message" to open WhatsApp using that very code but the problem is that it gives a popup message everytime I clicked on...
0
by: Aftab Ahmad | last post by:
So, I have written a code for a cmd called "Send WhatsApp Message" to open and send WhatsApp messaage. The code is given below. Dim IE As Object Set IE =...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
by: marcoviolo | last post by:
Dear all, I would like to implement on my worksheet an vlookup dynamic , that consider a change of pivot excel via win32com, from an external excel (without open it) and save the new file into a...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.