[Search for users] [Overall Top Noters] [List of all Conferences] [Download this site]

Conference caldec::wrl_atom

Title:ATOM Tool Development System
Moderator:CALDEC::SCHMIDT
Created:Tue Sep 07 1993
Last Modified:Fri Jun 06 1997
Last Successful Update:Fri Jun 06 1997
Number of topics:309
Total number of notes:979

294.0. "Invalid Heap ??" by RHETT::HALETKY () Wed Mar 12 1997 10:20

    Hello,
    
    We have a cusotemr who needs to understand the following error:
    
    Third Degree version 4.2
    bk.third run by elh on manowar.astroarch.com, Thu Apr  4 20:19:34 1996
    
    No .third or /usr/users/elh/.third file found.
    
    ---------------------------------------------------------------- wih --
    0 --
    bk.c: 35: writing invalid heap at byte 23952 of 24000-byte block
        main                           bk, bk.c, line 35
        __start                        bk
    
    This block at address 0x14000b850 was allocated at:
        calloc                         libc.so
        NxtSampleObj                   bk, bk.c, line 52
        main                           bk, bk.c, line 27
        __start                        bk
    
    This block was freed at:
        realloc                        libc.so
        NxtSampleObj                   bk, bk.c, line 54
        main                           bk, bk.c, line 35
        __start                        bk
    
    
    To WHat is the invalid heap error referring?
    
    Best regards,
    Ed Haletky
    Digital CSC
T.RTitleUserPersonal
Name		DateLines
294.1AUSS::BELLCaritas Patiens estWed Mar 12 1997 17:386
    I'd have a close look at what was happening on line 35 for bk.c
    
    It looks like it is writing to a location that has just been released
    by a call to realloc.
    
Peter.
294.2Suggestions?SMURF::JPWJohn P Williams, DUDE, USG, 381-2079Thu Mar 13 1997 08:536
The answer in .1 sounds correct. To help us improve the Third Degree tool,
could anyone suggest a way in which we could make the error clearer, or
could the customer tell us what it is about the error message that makes
it difficult to understand?

		Thanks
294.3lhs static pointer?!?!?RHETT::HALETKYMon Mar 17 1997 12:369
    What I don't understand then is how this can be true with the code
    provided. This implies that the lhs of the realloc is set before the
    call to realloc and that the lhs can never change.
    
    This does not seem possible to me.
    
    Best regards,
    Ed Haletky
    Digital CSC
294.4AUSS::BELLCaritas Patiens estMon Mar 17 1997 16:264
    Can you include the code in a note here?
    
Peter.
294.5The SourceRHETT::HALETKYWed Mar 19 1997 12:0871
    #include <stdio.h>
    #include <stdlib.h>
    #include <string.h>
    
    typedef struct tSampleObj
    {       long            Left;
            long            Right;
            long            Prev;
    }t_SampleObj;
    
    t_SampleObj             *SampleObj = NULL;
    long                    nSampleObjs = 0;
    long                    iSampleObj;
    
    #define bSAMPLEOBJ      1000
    #define sSAMPLEOBJ      sizeof(t_SampleObj)
    #define pSAMPLEOBJ      (t_SampleObj *)
    #define SAMPLEOBJ       SampleObj[iSampleObj]
    #define NullFld(s, n) memset((char *) s, '\0', n)
    
    long    NxtSampleObj();
    
    int main()
    {
    int             i;
    
            iSampleObj = NxtSampleObj();
    
            for (i = 0; i < 3000; i++)
            {
    /* if the call to NxtSampleObj() causes realloc
       assignment is to address of memory freed by realloc
       why is the address of SAMPLEOBJ fixed before the call to
    NxtSampleObj() ????
    */
                    SAMPLEOBJ.Left  = NxtSampleObj();
                    SAMPLEOBJ.Right = -1;
                    SAMPLEOBJ.Prev  = -1;
                    iSampleObj = SAMPLEOBJ.Left;
            }
            return 0;
    }
    long NxtSampleObj()
    {
    static int    mSampleObjs = 0;
    
        nSampleObjs++;
        if (nSampleObjs >= mSampleObjs)
        {
            mSampleObjs += bSAMPLEOBJ;
    
            if (!SampleObj)
                SampleObj = (t_SampleObj *) calloc(mSampleObjs,
    sSAMPLEOBJ);
            else
                SampleObj = (t_SampleObj *) realloc(SampleObj, mSampleObjs
    * sSAMPLE
    OBJ);
    
            if (!SampleObj)
            {
                fprintf(stderr, "NxtSampleObj - Unable To Allocate");
                perror("NxtSampleObj");
                exit(1);
            }
            NullFld(&SampleObj[mSampleObjs - bSAMPLEOBJ], bSAMPLEOBJ *
    sSAMPLEOBJ);
        }
        return (nSampleObjs - 1);
    }
294.6Compiler can rearrange order of evaluation of expressionsSMURF::JPWJohn P Williams, DUDE, USG, 381-2079Thu Mar 20 1997 11:2514
I added a local variable "long next;" and split line 35 into two parts:

<                 SAMPLEOBJ.Left  = NxtSampleObj();
---
>                 nxt  = NxtSampleObj();
>                 SAMPLEOBJ.Left  = nxt;

This made the Third Degree warning go away.

I figure the reason is that a C compiler is allowed to rearrange the 
order in which an expression is evaluated. Assignment is an expression 
in C, so the compiler is allowed to evaluate the left hand side before
the right hand side, which in this case changes the left hand side.
That is, the program is erroneous.