pointer suddenly destroys

Discussion in 'C Programming' started by Eric Sosman, Nov 25, 2005.

  1. Eric Sosman

    Eric Sosman Guest

    Roman Mashak wrote:
    > Hello, All!
    >
    > I faced with unknown problem for me, hopefully local guru can help me out.
    >
    > #define MSGLEN 32
    > #define BUFFLEN 1024
    >
    > typedef struct msg_s {
    > unsigned char msg_flag;
    > unsigned char msg_type;
    > unsigned char msg_rc;
    > char msg_id[MSGLEN];
    > char msg_passwd[MSGLEN];
    > char msg_fqdn[MSGLEN];
    > char msg_ipaddr[MSGLEN];
    > char msg_serialno[MSGLEN];
    > } msg_t;
    > ...
    > msg_t *msg, *msg2;
    > char szQuery[BUFFLEN] = { 0 };
    >
    > msg = malloc( sizeof(msg_t) );
    > msg2 = malloc( sizeof(msg_t) );
    > if ( !msg || !msg2 ) {
    > /* error message */
    > }
    >
    > /* keep copy of buffer */


    Why? It doesn't contain anything valuable: memory
    obtained from malloc() has indeterminate content.

    > memcpy(msg2, msg, sizeof(msg_t));
    > ...
    >
    > Here function is called, which absolutely doesn't deal with 'msg',
    > nevertheless after this 'msg' pointer is crashed and I'm unable to access it
    > properly, resulting with 'segmentation fault'.
    > (for reference: in GDB "print *msg" or "print *msg2" gives "Cannot access
    > memory at address 0x0"). Seems like memory occupied by 'msg' and 'msg2' was
    > corrupted and flew away, but how? Might be there are some common ways,
    > methods or rules to check correctness of memory allocation and keeping? Are
    > there any typical errors to look for in code...


    You haven't provided enough code for a serious attempt
    at debugging, so all I can do is guess. My guess is that
    the mystery function tries to put more characters in szQuery
    than will fit there, possibly with a call like

    strncpy(szQuery, "Hello, world!", BUFSIZ);

    (Note the change from BUFFLEN to BUFSIZ.)

    Of course, I'm only guessing.

    --
    Eric Sosman
    lid
     
    Eric Sosman, Nov 25, 2005
    #1
    1. Advertising

  2. Eric Sosman

    Roman Mashak Guest

    Hello, All!

    I faced with unknown problem for me, hopefully local guru can help me out.

    #define MSGLEN 32
    #define BUFFLEN 1024

    typedef struct msg_s {
    unsigned char msg_flag;
    unsigned char msg_type;
    unsigned char msg_rc;
    char msg_id[MSGLEN];
    char msg_passwd[MSGLEN];
    char msg_fqdn[MSGLEN];
    char msg_ipaddr[MSGLEN];
    char msg_serialno[MSGLEN];
    } msg_t;
    ....
    msg_t *msg, *msg2;
    char szQuery[BUFFLEN] = { 0 };

    msg = malloc( sizeof(msg_t) );
    msg2 = malloc( sizeof(msg_t) );
    if ( !msg || !msg2 ) {
    /* error message */
    }

    /* keep copy of buffer */
    memcpy(msg2, msg, sizeof(msg_t));
    ....

    Here function is called, which absolutely doesn't deal with 'msg',
    nevertheless after this 'msg' pointer is crashed and I'm unable to access it
    properly, resulting with 'segmentation fault'.
    (for reference: in GDB "print *msg" or "print *msg2" gives "Cannot access
    memory at address 0x0"). Seems like memory occupied by 'msg' and 'msg2' was
    corrupted and flew away, but how? Might be there are some common ways,
    methods or rules to check correctness of memory allocation and keeping? Are
    there any typical errors to look for in code...

    Big thanks for any help~

    With best regards, Roman Mashak. E-mail:
     
    Roman Mashak, Nov 25, 2005
    #2
    1. Advertising

  3. Eric Sosman

    Michael Mair Guest

    Roman Mashak wrote:
    > Hello, All!
    >
    > I faced with unknown problem for me, hopefully local guru can help me out.
    >
    > #define MSGLEN 32
    > #define BUFFLEN 1024
    >
    > typedef struct msg_s {
    > unsigned char msg_flag;
    > unsigned char msg_type;
    > unsigned char msg_rc;
    > char msg_id[MSGLEN];
    > char msg_passwd[MSGLEN];
    > char msg_fqdn[MSGLEN];
    > char msg_ipaddr[MSGLEN];
    > char msg_serialno[MSGLEN];
    > } msg_t;
    > ...
    > msg_t *msg, *msg2;
    > char szQuery[BUFFLEN] = { 0 };
    >
    > msg = malloc( sizeof(msg_t) );
    > msg2 = malloc( sizeof(msg_t) );
    > if ( !msg || !msg2 ) {
    > /* error message */
    > }
    >
    > /* keep copy of buffer */
    > memcpy(msg2, msg, sizeof(msg_t));
    > ...
    >
    > Here function is called, which absolutely doesn't deal with 'msg',
    > nevertheless after this 'msg' pointer is crashed and I'm unable to access it
    > properly, resulting with 'segmentation fault'.
    > (for reference: in GDB "print *msg" or "print *msg2" gives "Cannot access
    > memory at address 0x0"). Seems like memory occupied by 'msg' and 'msg2' was
    > corrupted and flew away, but how? Might be there are some common ways,
    > methods or rules to check correctness of memory allocation and keeping? Are
    > there any typical errors to look for in code...


    You don't provide enough information for us to help you.
    <OT>
    Use gdb's watch command; I have not worked with it for a while
    but IIRC you have to abuse it to get what you want. Something
    along the lines of getting the address of msg and watching
    *((msg_t *)address) (otherwise, the watchpoint evaporates when
    in the new function. With this, you just continue and wait until
    the break at the watch point when the contents at &msg are
    changed.
    Try it or ask for details in gnu.gcc.help as my memory may be
    wrong.
    </OT>

    Cheers
    Michael
    --
    E-Mail: Mine is an /at/ gmx /dot/ de address.
     
    Michael Mair, Nov 25, 2005
    #3
  4. Eric Sosman

    Roman Mashak Guest

    Hello, Eric!
    You wrote on Fri, 25 Nov 2005 10:38:14 -0500:

    ES> You haven't provided enough code for a serious attempt
    ES> at debugging, so all I can do is guess. My guess is that
    ES> the mystery function tries to put more characters in szQuery
    ES> than will fit there, possibly with a call like

    ES> strncpy(szQuery, "Hello, world!", BUFSIZ);

    ES> (Note the change from BUFFLEN to BUFSIZ.)

    ES> Of course, I'm only guessing.
    Thank you for reply, seems like I missed the correct version of MySQL header
    files and library while linking code. Perhaps it caused the above-mentioned
    behavior, when I made connection to MySQL. At least now pointer is not
    corrupted.

    With best regards, Roman Mashak. E-mail:
     
    Roman Mashak, Nov 26, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    6
    Views:
    542
    Brendan Reynolds
    Jun 30, 2005
  2. Stefan Kuhr
    Replies:
    2
    Views:
    605
    Stefan Kuhr
    Nov 21, 2006
  3. Replies:
    2
    Views:
    780
  4. Realloc destroys?

    , Oct 10, 2005, in forum: C Programming
    Replies:
    18
    Views:
    692
    Niklas Norrthon
    Oct 13, 2005
  5. Adrienne Boswell

    Re: Client Destroys My Validated HTML

    Adrienne Boswell, Jul 31, 2008, in forum: HTML
    Replies:
    0
    Views:
    398
    Adrienne Boswell
    Jul 31, 2008
Loading...

Share This Page