glibc detected

Hi,
My program is working well when I input small numbers. But, when the numbers increase, I receive this error:

*** glibc detected *** ./code: free(): invalid next size (fast): 0x09c503f0 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x6ebc2)[0xb75b4bc2]
/lib/i386-linux-gnu/libc.so.6(+0x6f862)[0xb75b5862]
/lib/i386-linux-gnu/libc.so.6(cfree+0x6d)[0xb75b894d]
/usr/lib/i386-linux-gnu/libstdc++.so.6(_ZdlPv+0x1f)[0xb778e80f]
/usr/lib/i386-linux-gnu/libstdc++.so.6(_ZNSs4_Rep10_M_destroyERKSaIcE+0x1b)[0xb7775c4b]
/usr/lib/i386-linux-gnu/libstdc++.so.6(+0x94c8c)[0xb7775c8c]
/usr/lib/i386-linux-gnu/libstdc++.so.6(_ZNSs7reserveEj+0x88)[0xb7776ee8]
/usr/lib/i386-linux-gnu/libstdc++.so.6(_ZNSspLEc+0x46)[0xb77775c6]
./code[0x8048c7f]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xb755f113]
./code[0x80489c1]


Well, I think the error is in this following function:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
bool contain (const char ** array, long size, string str) {
   char * ch = new char[str.length()+1];
   char* c = (char*)malloc( sizeof(char)*((str.length())+1) ); 

   if (c != NULL) strcpy(c, str.c_str());
   for (int i = 0; *(c+i) != '\0'; i++) ch[i] = *(c+i);
   ch[str.length()] = '\0';
   c = NULL;

   for (int i = 0; i < size; i++) if (!strcmp(array[i],ch)) return true;

   return false;

}


Thanks in advance!
Someone?
Why the bejesus are you using malloc when you're clearly quite happy using new?

You've got a memory leak in there; you set c to NULL without ever calling free on the memory that was malloced. c then falls off the stack at end of scope anyway.

You've got another memory leak in that ch simply falls off the end of scope, so you've got no way to ever delete that memory.

Stop using malloc and free. Just use new and delete.

Then, build your code with debug symbols (the -g option) and run it under valgrind, and then gdb. This will tell you the exact lines that are going wrong.
Last edited on
Actually I know this code doesn't make much sense, this is only an amount of tries to fix the real code.
I tried to run the program with this changes you mentioned, but also this doesn't work.
So I'm trying to understand what in fact is the problem...

Just to clarify: I'm using malloc to convert from string to char*. Then, I'm copying this char* to other char, but this was only for check. I removed all of ch, but I still got an error.

1
2
3
4
5
6
7
8
9
bool contain (const char ** array, long size, string str) {
   char* c = (char*)malloc( sizeof(char)*((str.length())+1) ); 
   strcpy(c, str.c_str());

   for (int i = 0; i < size; i++) if (!strcmp(array[i],c)) return true;

   return false;

}


Above is the new function. I'll try to run valgrind, anyway.

Someone has another suggestion?

Thanks :)
How are you making array?

The following code works on my machine without problems and without leaks:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
#include <iostream>
#include <string>
#include <cstdlib>
#include <string.h>

using namespace std;

bool contain (char ** array, long size, string str) {
   char* c = (char*)malloc( sizeof(char)*((str.length())+1) ); 
   strcpy(c, str.c_str());

   for (int i = 0; i < size; i++) if (!strcmp(array[i],c)){free (c); return true;}
   
   free (c);
   return false;

}

int main()
{
  
  string a;
  cout << "What word? ";
  cin >> a;
  cout << endl;
  
  long size = 2;
  char* array[2];
  array[0] = "beans";
  array[1] = "eggs";

  cout << contain(array, size, a) << endl;
  return 0;
  
}
Last edited on
Hi Moschops, thanks for your patience :)

I tried to run without mallocs but the erros persist. So I think you're right and the error is in the array.
Well, here is my full code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#include <iostream>
#include <string>
#include <cstring>
#include <stdio.h>
#include <cstdlib>

using namespace std;

bool contain (const char ** array, long size, string str, int pos) {
   char* c = (char*)malloc( sizeof(char)*((str.length())+1) ); 
   strcpy(c, str.c_str());
   for (int i = 0; i < size; i++) if (!strcmp(array[i],c)) return true;
   array[pos] = c;
   return false;
}

int main() {
   char * word = new char[1];
   cin >> word;
   long size = 0;
   for (int i = 0; word[i] != '\0'; i++) size+=1;
   long nsize = size*(size+1)/2;
   const char ** array = new const char*[nsize];
   for (int i = 0; i < nsize; i++) array[i] = "";
   int pos = 0;
   for (int i = 0; i < size; i++) {
      for (int j = i; j < size; j++) {
         string s = "";
         for (int k = i; k < j+1; k++) s+=word[k];
         if (!contain(array, nsize, s, pos)) pos+=1;
      }
   }   
   int result = 0;
   for (int i = 0; i < nsize; i++) if (array[i] != "") result+=1;
   for (int i = 0; i < nsize; i++) array[i] = NULL;
   delete [] word;
   delete [] array;
   cout << result << endl;
   return 0;
}


Just to explain: it's a program that count the amout of substrings in a string. For example, if word = abc, then result = 6. When I pass strings with size greater than 14, the program crash.

Thanks again!
1
2
 char * word = new char[1];
   cin >> word;


word is a pointer to an array of size one. The array can thus hold a single char (without even a terminating zero, so it's not a properly formed c-style string). Do you mean it to be a single char? I suspect not, as when you end up on this line of code:

for (int k = i; k < j+1; k++) s+=word[k];

which valgrind reveals to be the problem line, when k is two, you're trying to read word[2] which does not exist. Of course, by entering more than one letter in your input, you've already trashed a whole bunch of memory that isn't yours.
Last edited on
No, I mean this to store a string with any size. Is that properly wrong?
Yes, that is wrong. A char array of size one can hold a single char. If you change that to, for example,

char * word = new char[100];

you'll find that your 14 character word no longer makes it break, but of course a very very long word will overflow the array again.

If you insist on using a char array, but you cannot know the size of the word until runtime, you can use a string to hold it while you organise a char array of the right size, much like you already did in the function above.

1
2
3
4
5
6
7
8
9
string a;
cin >> a;
char* pToArray = new char[a.length()+1];
strcpy(pToArray, a.c_str());

...

delete pToArray;
Very very thanks :)
Now I understand... thanks a lot again for your patience!
Topic archived. No new replies allowed.