Segmentation fault when free
Giorgos Keramidas
keramida at ceid.upatras.gr
Sat Sep 20 08:21:52 UTC 2008
On Sat, 20 Sep 2008 00:31:41 -0700 (PDT), Unga <unga888 at yahoo.com> wrote:
> --- On Sat, 9/20/08, Giorgos Keramidas <keramida at ceid.upatras.gr> wrote:
>> You are probably calling free() multiple times for the same buffer.
>>
>> Try tracing the malloc and free calls, using the information from
>> this message:
>>
>> http://lists.freebsd.org/pipermail/freebsd-questions/2008-July/179480.html
>
> Hi Giorgos, thank you very much for your reply.
You are welcome :)
> ktrace.out shows:
> malloc_init()
> 0x8103400 = malloc(1024)
> malloc_init()
> malloc_init()
> 0x810b0b0 = malloc(400)
> :
> so many malloc
> :
> so many free
> :
> malloc/free combinations
> :
> free(0xbfbfc9c9)
>
> 1. This clearly shows my program is trying to free a memory that has
> not been allocated. How it could have happened?
Aha. This looks remarkably like an address in the runtime stack. It
usually happens when you have a function that returns the address of a
'local' variable, instead of a newly allocated heap area, i.e.:
char *
function(void)
{
char buffer[100];
return buf;
}
> 2. Is it correct to have many malloc_init()?
Yes, that's ok. If your program is threaded, FreeBSD's pthread
implementation calls malloc(3) and malloc_init() takes special care of
initializing the internal malloc state only one time.
More information about the freebsd-questions
mailing list