./match_pattern.out: malloc(): memory corruption: 0x0000000013a11600 *** Post: 302553849

Sponsored Content

Top Forums Programming ./match_pattern.out: malloc(): memory corruption: 0x0000000013a11600 *** Post 302553849 by JohnGraham on Friday 9th of September 2011 02:56:10 AM

09-09-2011

Registered User

Quote:

Originally Posted by shoaibjameel123

I reckon its the problem with malloc(), free() pair.

Memory corruption is normally due to you straying outside the bounds of an array - not with malloc()/free() statements matching up. You've probably overwritten some of the space next to a malloc()'d portion of memory that glibc expects to be able to use for keeping track of the memory region - go through with a debugger and have a look for bounds errors.

As an aside, here's the sort of thing you can expect if you did have a problem with malloc()/free() pairs:

Code:

[john@john-laptop tmp.u6Q7IbZntd]$ cat prog.c
#include <stdlib.h>

int main(void)
{
    void *p = malloc(1);
    free(p);
    free(p);
    return 0;
}
[john@john-laptop tmp.u6Q7IbZntd]$ gcc prog.c -o prog
[john@john-laptop tmp.u6Q7IbZntd]$ ./prog
*** glibc detected *** ./prog: double free or corruption (fasttop): 0x09ba3008 ***
======= Backtrace: =========
/lib/libc.so.6(+0x6c501)[0x58b501]
/lib/libc.so.6(+0x6dd70)[0x58cd70]
/lib/libc.so.6(cfree+0x6d)[0x58fe5d]
./prog[0x8048425]
/lib/libc.so.6(__libc_start_main+0xe7)[0x535ce7]
./prog[0x8048361]
======= Memory map: ========
0051f000-00676000 r-xp 00000000 08:04 2793795    /lib/libc-2.12.1.so
00676000-00678000 r--p 00157000 08:04 2793795    /lib/libc-2.12.1.so
00678000-00679000 rw-p 00159000 08:04 2793795    /lib/libc-2.12.1.so
00679000-0067c000 rw-p 00000000 00:00 0 
0091c000-0091d000 r-xp 00000000 00:00 0          [vdso]
00ab9000-00ad3000 r-xp 00000000 08:04 2793551    /lib/libgcc_s.so.1
00ad3000-00ad4000 r--p 00019000 08:04 2793551    /lib/libgcc_s.so.1
00ad4000-00ad5000 rw-p 0001a000 08:04 2793551    /lib/libgcc_s.so.1
00dd4000-00df0000 r-xp 00000000 08:04 2793792    /lib/ld-2.12.1.so
00df0000-00df1000 r--p 0001b000 08:04 2793792    /lib/ld-2.12.1.so
00df1000-00df2000 rw-p 0001c000 08:04 2793792    /lib/ld-2.12.1.so
08048000-08049000 r-xp 00000000 08:04 1220779    /tmp/tmp.u6Q7IbZntd/prog
08049000-0804a000 r--p 00000000 08:04 1220779    /tmp/tmp.u6Q7IbZntd/prog
0804a000-0804b000 rw-p 00001000 08:04 1220779    /tmp/tmp.u6Q7IbZntd/prog
09ba3000-09bc4000 rw-p 00000000 00:00 0          [heap]
b7500000-b7521000 rw-p 00000000 00:00 0 
b7521000-b7600000 ---p 00000000 00:00 0 
b76fc000-b76fd000 rw-p 00000000 00:00 0 
b7714000-b7716000 rw-p 00000000 00:00 0 
bffdf000-c0000000 rw-p 00000000 00:00 0          [stack]
Aborted

JohnGraham

View Public Profile for JohnGraham

Find all posts by JohnGraham

10 More Discussions You Might Find Interesting

1. Programming

malloc gives the same memory to two different nodes. How to deal with it?

When allocating memory for two different nodes, the resulting memory are the same. Clearly, this will lead to a mistake. This happened in a function. And the process must be in a function. (gdb) p tree->list $43 = (node *) 0x8be4180 (gdb) p tree->list $44 = (node *) 0x8be4180 At the...

2. UNIX for Dummies Questions & Answers

'memory corruption' error when using Awk

Hello, everyone. I got the following error when I am using awk to analysis some text file: *** glibc detected *** awk: malloc(): memory corruption: 0x080c67f8 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6 /lib/tls/i686/cmov/libc.so.6...

3. Programming

Why memory allocated through malloc should be freed ?

Actually for a process to run it needs text, stack , heap and data segments. All these find a place in the physical memory. Out of these 4 only heap does exist after the termination of the process that created it. I want to know the exact reason why this happens. Also why the other process need to...

4. Programming

Why does this occur? * glibc detected * malloc(): memory corruption: 0x10013ff8 ***

there seems not to be error in this segment. In some computers, it can work well. But in others, it will give a failure. why it ocurrs and how to deal with it? in a function: if( *ver == NULL ) { *ver = (vertex *) malloc(sizeof(vertex)); //this line ...

5. Programming

readdir and dynamic array memory corruption

Hi everyone I am developing an utility. At some part of it I read directory entries to a dynamic array: struct list It stores pointers to items: list.entries, which are structures: struct entry If a number of files in a directory is greater then number of elements an array was initially...

6. Programming

* glibc detected * ./a.out: malloc(): memory corruption (fast):

*** glibc detected *** ./a.out: malloc(): memory corruption (fast): Posted A minute ago M trying to make multiway tree and dont know what happend when this part of code get executed: 01void ins(NODE *ptr) 02{ 03 //working 04 if(ptr!=NULL) 05 { 06 SNODE *var=NULL; 07 var=(SNODE...

7. Programming

* glibc detected * : malloc(): memory corruption (fast)

Hi Friends, while executing the below code, am getting *** glibc detected *** ./ok: malloc(): memory corruption (fast) error, please suggest how to solve this issue. #include <stdio.h> #include <string.h> #include <sqlca.h> #include <alloca.h> /* Define constants for VARCHAR...

8. Programming

* glibc detected * ./a.out malloc() memory corruption

I am facing a problem of memory corruption. The loop runs for the first time but does not go through the second time. What could be the problem? for(int z=0;z<2;z++) { fp=fopen("poly.dat","r"); /*do something which reads this file into a 2D array*/ fclose(fp); ...

9. Solaris

Solaris 10 Shared Memory Corruption with X11

I am having a problem with shared memory corruption. I have two 86 servers running Solaris 10 (150400-06). One of the servers is accessed by a Sun Ray thin client Version 11.1.3.0.2.6. I login into server one from the thin client. I then ssh -X to server two. When a process that contains a...

10. Programming

Memory corruption in dynamic array of strings

I put together a C function to add strings to a dynamic array of strings (mostly for educational purpose to explain pointers to my kid). It works, but sometimes one or two strings in the array becomes corrupted. Running example on 64 bit Ubuntu, gcc ver. 4.8.4 Hope my code is self-explanatory: ...

LEARN ABOUT LINUX

backtrace_symbols

BACKTRACE(3)						     Linux Programmer's Manual						      BACKTRACE(3)

NAME

       backtrace, backtrace_symbols, backtrace_symbols_fd - support for application self-debugging

SYNOPSIS

       #include <execinfo.h>

       int backtrace(void **buffer, int size);

       char **backtrace_symbols(void *const *buffer, int size);

       void backtrace_symbols_fd(void *const *buffer, int size, int fd);

DESCRIPTION

       backtrace()  returns a backtrace for the calling program, in the array pointed to by buffer.  A backtrace is the series of currently active
       function calls for the program.	Each item in the array pointed to by buffer is of type void *, and is the return address from  the  corre-
       sponding  stack	frame.	 The  size  argument  specifies the maximum number of addresses that can be stored in buffer.  If the backtrace is
       larger than size, then the addresses corresponding to the size most recent function calls are returned; to obtain the  complete	backtrace,
       make sure that buffer and size are large enough.

       Given  the  set	of addresses returned by backtrace() in buffer, backtrace_symbols() translates the addresses into an array of strings that
       describe the addresses symbolically.  The size argument specifies the number of addresses in buffer.  The symbolic representation  of  each
       address	consists  of  the function name (if this can be determined), a hexadecimal offset into the function, and the actual return address
       (in hexadecimal).  The address of the array of string pointers is returned as the function result of backtrace_symbols().   This  array	is
       malloc(3)ed  by backtrace_symbols(), and must be freed by the caller.  (The strings pointed to by the array of pointers need not and should
       not be freed.)

       backtrace_symbols_fd() takes the same buffer and size arguments as backtrace_symbols(), but instead of returning an array of strings to the
       caller,	it  writes  the  strings,  one per line, to the file descriptor fd.  backtrace_symbols_fd() does not call malloc(3), and so can be
       employed in situations where the latter function might fail.

RETURN VALUE

       backtrace() returns the number of addresses returned in buffer, which is not greater than size.	If the return value  is  less  than  size,
       then  the  full	backtrace  was	stored; if it is equal to size, then it may have been truncated, in which case the addresses of the oldest
       stack frames are not returned.

       On success, backtrace_symbols() returns a pointer to the array malloc(3)ed by the call; on error, NULL is returned.

VERSIONS

       backtrace(), backtrace_symbols(), and backtrace_symbols_fd() are provided in glibc since version 2.1.

CONFORMING TO

       These functions are GNU extensions.

NOTES

       These functions make some assumptions about how a function's return address is stored on the stack.  Note the following:

       *  Omission of the frame pointers (as implied by any of gcc(1)'s nonzero optimization levels) may cause these assumptions to be violated.

       *  Inlined functions do not have stack frames.

       *  Tail-call optimization causes one stack frame to replace another.

       The symbol names may be unavailable without the use of special linker options.  For systems using the GNU linker, it is	necessary  to  use
       the -rdynamic linker option.  Note that names of "static" functions are not exposed, and won't be available in the backtrace.

EXAMPLE

       The  program  below  demonstrates the use of backtrace() and backtrace_symbols().  The following shell session shows what we might see when
       running the program:

	   $ cc -rdynamic prog.c -o prog
	   $ ./prog 3
	   backtrace() returned 8 addresses
	   ./prog(myfunc3+0x5c) [0x80487f0]
	   ./prog [0x8048871]
	   ./prog(myfunc+0x21) [0x8048894]
	   ./prog(myfunc+0x1a) [0x804888d]
	   ./prog(myfunc+0x1a) [0x804888d]
	   ./prog(main+0x65) [0x80488fb]
	   /lib/libc.so.6(__libc_start_main+0xdc) [0xb7e38f9c]
	   ./prog [0x8048711]

   Program source

       #include <execinfo.h>
       #include <stdio.h>
       #include <stdlib.h>
       #include <unistd.h>

       void
       myfunc3(void)
       {
	   int j, nptrs;
       #define SIZE 100
	   void *buffer[100];
	   char **strings;

	   nptrs = backtrace(buffer, SIZE);
	   printf("backtrace() returned %d addresses
", nptrs);

	   /* The call backtrace_symbols_fd(buffer, nptrs, STDOUT_FILENO)
	      would produce similar output to the following: */

	   strings = backtrace_symbols(buffer, nptrs);
	   if (strings == NULL) {
	       perror("backtrace_symbols");
	       exit(EXIT_FAILURE);
	   }

	   for (j = 0; j < nptrs; j++)
	       printf("%s
", strings[j]);

	   free(strings);
       }

       static void   /* "static" means don't export the symbol... */
       myfunc2(void)
       {
	   myfunc3();
       }

       void
       myfunc(int ncalls)
       {
	   if (ncalls > 1)
	       myfunc(ncalls - 1);
	   else
	       myfunc2();
       }

       int
       main(int argc, char *argv[])
       {
	   if (argc != 2) {
	       fprintf(stderr, "%s num-calls
", argv[0]);
	       exit(EXIT_FAILURE);
	   }

	   myfunc(atoi(argv[1]));
	   exit(EXIT_SUCCESS);
       }

SEE ALSO

       gcc(1), ld(1), dlopen(3), malloc(3)

COLOPHON

       This page is part of release 3.27 of the Linux man-pages project.  A description of the project, and information about reporting bugs,  can
       be found at http://www.kernel.org/doc/man-pages/.

GNU
								    2008-06-14							      BACKTRACE(3)