facing segmentation fault when i tried to free dynamic memory...

[Ram]

Hi,

there are two instances where my code is crashing dute to
Segmentation fault when i tried to free memory.



Code 1:

while(..)
{

....

if((objects = (object_list * )calloc(1, sizeof(object_list))) ==
NULL)
return -1
tail = node_append(&head_file, tail_file, objects, sizeof
*objects);

//inside this function, i am using memcpy to copy the objects into
node.

free(objects);
//after returning form the above function, i did free(objects).. here
program giving segmentation fault after reaching last node.

}

case 2:

while(..)
{
char *file_pathname;
char *file_name = NULL;

if((file_name = (char *)malloc(some_size)) == NULL)
return -1;

file_pathname = get_name();
//do some operations on file path name & get only filename
....
strcpy(file_name, file_pathname); //segfault if no malloc for
file_name??

some_func(file_name); // inside the func, i will strcpy the
filename to some other string.

free(file_name); // now here sgnentation fault??

}

even, do i really need to malloc file_name in this case??

please bare and forgive me with my bad style of explanation? if still
not clear what i am doing please find complete code here-->


code.c

my_func(ss *t)
{


object_list *objects = NULL;

char *filepath_name = NULL;
char *filename = NULL;

int newObj = 0;
int id = 0;

node *head = NULL;
node *tail = NULL;




while ((i = read(t)) == 0)
{


filepath_name = get_pathname(t);

if((objects = (object_list * )calloc(1, sizeof
(object_list))) ==
NULL)
return -1;

newObj = obj_id++;
nObjects++;

objects->object_id= newObj;
//DO SOME MORE STUFF HERE
tail = node_append(&head, tail,
objects, sizeof *objects);
if (tail == NULL)
break;




if (some_logic)
{

info.first = head;
info.last = tail;
info.cmpfunc = cmp_dirPath;
found = list_search(&info, pathname);

if (found != NULL)
{
object_list *xx = found->data;
id = xx->object_id;
filename = strrchr
( filepath_name, '/')+1;
}
else
{
id = 1;
(void)strcpy(filename,
filepath_name);

}



}

write_header(newObj, id, filename);

free(filename); // very first in while loop giving
segfault
free(objects); // at the end of while loop list, i.e
after last node
giving segfault

}



node_free(head, free);


return (i == 1 ? 0 : -1);

}



Thank for your time !

-Ram

 

[Eric Sosman]

Hi,

there are two instances where my code is crashing dute to
Segmentation fault when i tried to free memory.



Code 1:

while(..)
{

....

if((objects = (object_list * )calloc(1, sizeof(object_list))) ==
NULL)
return -1
tail = node_append(&head_file, tail_file, objects, sizeof
*objects);

//inside this function, i am using memcpy to copy the objects into
node.

free(objects);
//after returning form the above function, i did free(objects).. here
program giving segmentation fault after reaching last node.

You must not try to free the same memory twice. After
free(objects) inside the function, the memory is "gone" and
you must not try to touch it in any way. Trying to free()
it a second time in the calling function produces unpredictable
results. (Technically, "undefined behavior.")

}

case 2:

while(..)
{
char *file_pathname;
char *file_name = NULL;

if((file_name = (char *)malloc(some_size)) == NULL)
return -1;

file_pathname = get_name();
//do some operations on file path name & get only filename
....
strcpy(file_name, file_pathname); //segfault if no malloc for
file_name??

If you do not allocate any memory for file_name to point
to, the attempt to copy data into the memory-that-isn't-there
produces undefined behavior.

some_func(file_name); // inside the func, i will strcpy the
filename to some other string.

free(file_name); // now here sgnentation fault??

Impossible to say why; you've snipped away too much of
the context. Perhaps you've already called free() on the
memory, perhaps you've tried to fill the memory with a longer
string than it can hold, perhaps ...

please bare and forgive me with my bad style of explanation?

For future reference: "Bear with me" is what I think you
meant. "Bare with me" means "Let's get naked."

 

[Ram]

     You must not try to free the same memory twice.  After
free(objects) inside the function, the memory is "gone" and
you must not try to touch it in any way.  Trying to free()
it a second time in the calling function produces unpredictable
results.  (Technically, "undefined behavior.")










     If you do not allocate any memory for file_name to point
to, the attempt to copy data into the memory-that-isn't-there
produces undefined behavior.



     Impossible to say why; you've snipped away too much of
the context.  Perhaps you've already called free() on the
memory, perhaps you've tried to fill the memory with a longer
string than it can hold, perhaps ...


     For future reference: "Bear with me" is what I think you
meant.  "Bare with me" means "Let's get naked."

--
Eric Sosman
(e-mail address removed)- Hide quoted text -

- Show quoted text -- Hide quoted text -

- Show quoted text -

please go through my complete code, which i have pasted. I am not
freeing twice. i am freeing only once in my entire program.
In a while loop, i am allocating calloc for objects(its a pointer to a
struct) and for a character string 'filename' (char *filename) and i
am trying to free() it after its usage.

help me if you understand what i am doing..

-Ram

 

[Ben Bacarisse]

there are two instances where my code is crashing dute to
Segmentation fault when i tried to free memory.

please bare and forgive me with my bad style of explanation? if still
not clear what i am doing please find complete code here-->


code.c

my_func(ss *t)

Implicit int is not good style and is forbidden in C99.

{


object_list *objects = NULL;

char *filepath_name = NULL;
char *filename = NULL;

int newObj = 0;
int id = 0;

node *head = NULL;
node *tail = NULL;




while ((i = read(t)) == 0)

i is undeclared. I hope it is not global!

{


filepath_name = get_pathname(t);

In some cases (see below) this is the pointer that you free. It would
help to know what this function does.

if((objects = (object_list * )calloc(1, sizeof
(object_list))) ==
NULL)
return -1;

newObj = obj_id++;
nObjects++;

objects->object_id= newObj;
//DO SOME MORE STUFF HERE
tail = node_append(&head, tail,
objects, sizeof *objects);
if (tail == NULL)
break;




if (some_logic)

Eh? I think this is not the code you are compiling. It really helps
to post the real code.

{

info.first = head;
info.last = tail;
info.cmpfunc = cmp_dirPath;
found = list_search(&info, pathname);

if (found != NULL)
{
object_list *xx = found->data;
id = xx->object_id;
filename = strrchr
( filepath_name, '/')+1;
}
else
{
id = 1;
(void)strcpy(filename,
filepath_name);

If this branch is taken you will be in trouble. filename is NULL.

}



}

write_header(newObj, id, filename);

free(filename); // very first in while loop giving
segfault

What kind of pointer does get_pathname return? That is the storage
that you free here.

free(objects); // at the end of while loop list, i.e
after last node
giving segfault

I don't follow the comment -- this free call is in the while loop.
The pointer that is freed is passed to node_append. The problem may
well be in that function.

 

[Guest]

later on you say "please go through my complete code"


"...." is not valid C code. I think you mean you've missed a bit out.
Therefore
you are *not* posting complete code.


unnecessary cast

please go through my complete code, which i have pasted. I am not
freeing twice. i am freeing only once in my entire program.
In a while loop, i am allocating calloc for objects(its a pointer to a
struct) and for a character string 'filename' (char *filename) and  i
am trying to free() it after its usage.

help me if you understand what i am doing..

--
Nick Keighley

the unemployed programmer had a problem. "I know", said the
programmer, "I'll just learn perl." the unemployed programmer
now had two problems.
Eric Naggum (comp.lang.lisp)