segmentation fault, malloc error

[mathieu.dutour]

Dear all,

I am new to C and I have a problem with "segmentation fault" occurring
unexpectedly, i.e., not immediately after a programming error. I
presume
I allocated wrongly before, but I can't find the error, after
extensive search.

This is new situation to me as the vector class of C++ and the GAP
programming language (for algebraic computation) when a seg fault
happens, the error source was rather direct.

What advice would you give for finding the bug?
C is mandatory, since extreme speed is sought.

The source is available on www.liga.ens.fr/~dutour/Sending/ForDebug.tar.gz
if you are interested in helping

Thanks in advance for any help or advice.

Mathieu

 

[Tor Rustad]

Dear all,

I am new to C and I have a problem with "segmentation fault" occurring
unexpectedly, i.e., not immediately after a programming error. I
presume
I allocated wrongly before, but I can't find the error, after
extensive search.

This is new situation to me as the vector class of C++ and the GAP
programming language (for algebraic computation) when a seg fault
happens, the error source was rather direct.

What advice would you give for finding the bug?

Check out these tools: valgrind or electric-fence.

I didn't check your source, but I guess you haven't used any assert()
checks, those are very useful to track down memory faults.

 

[mathieu.dutour]

Check out these tools: valgrind or electric-fence.

I didn't check your source, but I guess you haven't used any assert()
checks, those are very useful to track down memory faults.

Thanks for that, I will read the manual of those programs.

I don't understand why assert is supposed to be used. man assert is
not
so helpful. Can you give me an example of use of assert for tracking
memory faults?

In my code, I put systematically the following
if ((TheReg = (int*)malloc(nbVert*sizeof(int))) == 0)
exit (EXIT_FAILURE);

 

[Tor Rustad]

Thanks for that, I will read the manual of those programs.

I don't understand why assert is supposed to be used. man assert is
not
so helpful. Can you give me an example of use of assert for tracking
memory faults?

In my code, I put systematically the following
if ((TheReg = (int*)malloc(nbVert*sizeof(int))) == 0)

Writing it this way:

if (NULL == (TheReg = malloc(nbVert*sizeof(*TheReg))))

is less error prone.

exit (EXIT_FAILURE);

Here is a function, not too trivial and not too difficult, and it
demonstrate usage of assert(). I left in the doxygen comments.

The idea of this function, was to pick fixed sized fields, from a buffer
like this:

char array[] = "1234567890ADDRESS-FIELD-1 ADDRESS-FIELD-2 ";

Hence, a call like

char s[40];
size_t n;
n = str_acpy(s, sizeof s, array+10, 20);

should copy "ADDRESS-FIELD-1 " into object 's' without overflow.


/**
* \fn size_t str_acpy(char *s, size_t max_s, const char *a, size_t alen)
*
* \brief str_acpy() copy array of chars 'a', into a string 's'.
* 1. always null terminate output buffer 's'
* 2. never overflow output buffer 's'
* 3. truncatination is an error.
* \param s - target buffer
* \param max_s - size of target buffer
* \param a - array of chars
* \param alen - max lenght of input array
*
* \return strlen(s)
* (size_t)-1 on input errors,
* (size_t)-2 on truncate error
*/
size_t str_acpy(char *s, size_t max_s, const char *a, size_t alen)
{
size_t i,
rc = 0;
char *dst = s;
const char *src = a;
int has_been_null_terminated = 0;

/* pre-condition */
assert(s != NULL);
assert(a != NULL);
assert(max_s > 1); /* require '\0' to be written */
assert(alen > 0); /* require input to have data */
assert(alen < max_s); /* overflow check */

/* run-time checks - Remark 'max_s <= alen' is omitted */
if (s == NULL || max_s < 1 || a == NULL || alen < 1)
{
rc = (size_t)-1;
}
else
{
/* do copy */
for (i=0; i<max_s && i<alen; i++)
{
if (*src == '\0')
has_been_null_terminated = 1;

*dst++ = *src++;

if (has_been_null_terminated)
break;
rc++;
}

/* always null terminate destination string,
set error on trunc*/
if ( !has_been_null_terminated)
{
if (alen < max_s)
{
s[alen] = '\0';
}
else
{
s[max_s - 1] = '\0';
rc = (size_t)-2;
}
}

}

/* post-condition */
assert(rc < max_s);
assert(rc <= alen);

return rc;
}

 

[Lukás Polok]

what you write is allright, but the problem is more likely that you
overwrite part of memory somewhere (by writing out of array bounds) and then
the next malloc likely fails. happens to me sometimes ...

assert is when you want to make sure something's right in your algorithm (as
can be done with if), but you don't want it to be included in release
version. example of use:

for(int i = ...; ...; i = f(i)) {
assert(i >= 0 && i < array_size); // does this cycle really work?
pointer = blah; // now that i'm sure i've got the right index, i can
fearlessly do this
}

see? the idea is there's some complicated cycle (or for example index is
looked up from some table) and you're checking wheter it's working
correctly. the programmer writing this thinks it -should- work, and
therefore it's not worth if, along with an error message, etc ... but people
do mistakes and this can help find them.

good luck ...

 

[mathieu.dutour]

Thank you, valgrind already gave me good idea of the problem.

Thanks also for the assert code, I will look at how to make
the memory management correctly.

Mathieu

Writing it this way:

if (NULL == (TheReg = malloc(nbVert*sizeof(*TheReg))))

is less error prone.

exit (EXIT_FAILURE);

Here is a function, not too trivial and not too difficult, and it
demonstrate usage of assert(). I left in the doxygen comments.

The idea of this function, was to pick fixed sized fields, from a buffer
like this:

char array[] = "1234567890ADDRESS-FIELD-1 ADDRESS-FIELD-2 ";

Hence, a call like

char s[40];
size_t n;
n = str_acpy(s, sizeof s, array+10, 20);

should copy "ADDRESS-FIELD-1 " into object 's' without overflow.

/**
* \fn size_t str_acpy(char *s, size_t max_s, const char *a, size_t alen)
*
* \brief str_acpy() copy array of chars 'a', into a string 's'.
* 1. always null terminate output buffer 's'
* 2. never overflow output buffer 's'
* 3. truncatination is an error.
* \param s - target buffer
* \param max_s - size of target buffer
* \param a - array of chars
* \param alen - max lenght of input array
*
* \return strlen(s)
* (size_t)-1 on input errors,
* (size_t)-2 on truncate error
*/
size_t str_acpy(char *s, size_t max_s, const char *a, size_t alen)
{
size_t i,
rc = 0;
char *dst = s;
const char *src = a;
int has_been_null_terminated = 0;

/* pre-condition */
assert(s != NULL);
assert(a != NULL);
assert(max_s > 1); /* require '\0' to be written */
assert(alen > 0); /* require input to have data */
assert(alen < max_s); /* overflow check */

/* run-time checks - Remark 'max_s <= alen' is omitted */
if (s == NULL || max_s < 1 || a == NULL || alen < 1)
{
rc = (size_t)-1;
}
else
{
/* do copy */
for (i=0; i<max_s && i<alen; i++)
{
if (*src == '\0')
has_been_null_terminated = 1;

*dst++ = *src++;

if (has_been_null_terminated)
break;
rc++;
}

/* always null terminate destination string,
set error on trunc*/
if ( !has_been_null_terminated)
{
if (alen < max_s)
{
s[alen] = '\0';
}
else
{
s[max_s - 1] = '\0';
rc = (size_t)-2;
}
}

}

/* post-condition */
assert(rc < max_s);
assert(rc <= alen);

return rc;

}

 

[CBFalconer]

.... snip ...

I don't understand why assert is supposed to be used. man assert
is not so helpful. Can you give me an example of use of assert
for tracking memory faults?

In my code, I put systematically the following

if ((TheReg = (int*)malloc(nbVert*sizeof(int))) == 0)
exit (EXIT_FAILURE);

You should NEVER cast the return value from malloc. The preferred
mechanism is:

if (!(TheReg = malloc(sizeof *TheReg))) exit(EXIT_FAILIRE);

or whatever recovery mechanism you use. This avoids ever making
sizeof operand mistakes and ensures you have #include <stdlib.h>
(else error message). Also make a practice of setting freed
pointers to NULL, i.e.:

free(TheReg); TheReg = NULL;

which will catch erroneous attempts to reuse TheReg.

 

[mathieu.dutour]

what you write is allright, but the problem is more likely that you
overwrite part of memory somewhere (by writing out of array bounds) and then
the next malloc likely fails. happens to me sometimes ...

Yes, it was new to me. But valgrind was helpful in finding the spot.

Otherwise, yes assert is certainly helpful in a C context.
I experienced long ago that making error messages early is a good
thing.

Mathieu