Program crashing on free() with an invalid pointer message

This is a discussion on Program crashing on free() with an invalid pointer message within the C Programming forums, part of the General Programming Boards category; Hello all, This is my first post...I'm just starting to learn C and going through some of the beginner tutorials ...

  1. #1
    Registered User skreaminskull's Avatar
    Join Date
    Jan 2009
    Posts
    7

    Program crashing on free() with an invalid pointer message

    Hello all,

    This is my first post...I'm just starting to learn C and going through some of the beginner tutorials at cprogramming.com. The following code is giving me an error at run time

    Code:
    #include <stdio.h>
    #include <stdlib.h>
    
    int main() {
    
            int x,z;
            int *p; /* initialize a pointer to an integer */
            int *p2 = malloc(sizeof(*p2)); /* dynamic allocation of memory */
    
            x = 12;
            z = 29;
            p = &x;
            p2 = &z;
    
            printf("The value from pointer p at memory address %p is %d\n\n", p, *p);
            printf("The value from pointer p2 at memory address %p is %d\n\n", p2, *p2);
    
            /* release dynamic memory allocation and set pointers to 0 */
            free(p2); 
            p = 0;
            p2 = 0;
    
            getchar();
    
            return 0;
    }
    I don't receive any error messages when compiling with the command "gcc -Wall -o ex2 ex2.c" but when attempting to run, I get the following error message:

    Code:
    *** glibc detected *** ./ex2: free(): invalid pointer: 0x00007fffaa879b38 ***
    ======= Backtrace: =========
    /lib64/libc.so.6[0x31b8877ec8]
    /lib64/libc.so.6(cfree+0x76)[0x31b887a486]
    ./ex2[0x40061b]
    /lib64/libc.so.6(__libc_start_main+0xe6)[0x31b881e576]
    ./ex2[0x4004e9]
    ======= Memory map: ========
    00400000-00401000 r-xp 00000000 fd:00 5865751                            /Develop/c/practice/ex2
    00600000-00601000 rw-p 00000000 fd:00 5865751                            /Develop/c/practice/ex2
    00857000-00878000 rw-p 00857000 00:00 0                                  [heap]
    31b8400000-31b8420000 r-xp 00000000 fd:00 8511798                        /lib64/ld-2.9.so
    31b861f000-31b8620000 r--p 0001f000 fd:00 8511798                        /lib64/ld-2.9.so
    31b8620000-31b8621000 rw-p 00020000 fd:00 8511798                        /lib64/ld-2.9.so
    31b8800000-31b8968000 r-xp 00000000 fd:00 8511800                        /lib64/libc-2.9.so
    31b8968000-31b8b68000 ---p 00168000 fd:00 8511800                        /lib64/libc-2.9.so
    31b8b68000-31b8b6c000 r--p 00168000 fd:00 8511800                        /lib64/libc-2.9.so
    31b8b6c000-31b8b6d000 rw-p 0016c000 fd:00 8511800                        /lib64/libc-2.9.so
    31b8b6d000-31b8b72000 rw-p 31b8b6d000 00:00 0 
    31c3a00000-31c3a16000 r-xp 00000000 fd:00 8511828                        /lib64/libgcc_s-4.3.2-20081105.so.1
    31c3a16000-31c3c16000 ---p 00016000 fd:00 8511828                        /lib64/libgcc_s-4.3.2-20081105.so.1
    31c3c16000-31c3c17000 rw-p 00016000 fd:00 8511828                        /lib64/libgcc_s-4.3.2-20081105.so.1
    7f3d9c000000-7f3d9c021000 rw-p 7f3d9c000000 00:00 0 
    7f3d9c021000-7f3da0000000 ---p 7f3d9c021000 00:00 0 
    7f3da2860000-7f3da2862000 rw-p 7f3da2860000 00:00 0 
    7f3da287a000-7f3da287d000 rw-p 7f3da287a000 00:00 0 
    7fffaa867000-7fffaa87c000 rw-p 7ffffffea000 00:00 0                      [stack]
    7fffaa9fe000-7fffaa9ff000 r-xp 7fffaa9fe000 00:00 0                      [vdso]
    ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
    Aborted
    Any ideas where I'm going wrong? Once I comment out the free() function and re-compile, the program will run fine. I'm running on Fedora 10, 64 bit.

    Thanks in advance for your time!

  2. #2
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    21,439
    Let's concentrate on those statements that involve p2:
    Code:
    int *p2 = malloc(sizeof(*p2));
    p2 = &z;
    printf("The value from pointer p2 at memory address %p is %d\n\n", p2, *p2);
    free(p2);
    It is clear that you assign the address of z to p2. This means that p2 no longer points to dynamically allocated memory, hence it is incorrect to call free() with it. The error is the assignment of the address of z to p2 since it causes the dynamically allocated memory to be "orphaned". What you probably want to do is assign the value of z to the object pointed to by p2:
    Code:
    *p2 = z;
    By the way, the comment on this line is misleading:
    Code:
    int *p; /* initialize a pointer to an integer */
    It is more of an instruction than a comment of what the line does, but in the first place the comment is unnecessary since in the place where it would make sense (p = &x; ) it would be redundant.
    C + C++ Compiler: MinGW port of GCC
    Version Control System: Bazaar

    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  3. #3
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Classic case of "trying to free something that didn't come from malloc"

    Code:
            p2 = &z;
    overwrites the value of p2 that you got back from malloc. Since free expects to see some data before the pointer you pass in, that holds a bit of data to so that free can do it's job, this is not the case when the memory didn't come from malloc, and that is what is causing your crash.

    As a consequence of overwriting your p2 value, you also have a memory leak, because you have lost your pointer from malloc, and can't free it.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  4. #4
    Registered User skreaminskull's Avatar
    Join Date
    Jan 2009
    Posts
    7
    Thank you laserlight and matsp!

    Right, I was trying to get p2 to be a pointer to z and get in some practice with malloc. With my misunderstanding of pointers though, I thought I needed to point to z's address to p2 to accomplish this. Thanks to your explanation, I realize I lost the memory address that malloc allocated for me and replaced it with z's address. Makes total sense now. Wow, only a couple simple programs in and I've already created a memory leak!

    Thank you both for the thorough explanation; I now understand pointers and malloc much better than about a half hour ago. I changed the statement p2 = &z; to *p2 = z; as laserlight suggested in order to maintain the memory address malloc provided and it works now.

    Thanks again, I appreciate your feedback!

  5. #5
    Kernel hacker
    Join Date
    Jul 2007
    Location
    Farncombe, Surrey, England
    Posts
    15,677
    Note that there is a big difference between p2 pointing at z (and you do not need malloc in that case) and the value p2 points at being the same as z. If we make two examples:
    Code:
    int *p2;
    int z = 7;
    p2 = malloc(sizeof(*p2));
    *p2 = z;
    z = 8;
    printf("*p2 = %d, z = %d\n", *p2, z);
    and
    int *p2;
    int z = 7;
    p2 = &z;
    z = 8;
    printf("*p2 = %d, z = %d\n", *p2, z);
    *p2 = 9;
    printf("*p2 = %d, z = %d\n", *p2, z);
    [/code]

    Note how the value of z changes independently of the value of *p2 in the first case, and in the second case, changes to z or *p2 will change both *p2 and z in one case.

    --
    Mats
    Compilers can produce warnings - make the compiler programmers happy: Use them!
    Please don't PM me for help - and no, I don't do help over instant messengers.

  6. #6
    Registered User skreaminskull's Avatar
    Join Date
    Jan 2009
    Posts
    7
    Thanks Mats!

    Point well noted...I think I'm starting to get it.

    The way I am understanding this is that in the first code example, p2 is storing the the value of z in its own memory address that was allocated by malloc(). z has a different memory address from p2. When the value of z changes from 7 to 8, p2 remains at 7 because it was only assigned the value of z at the time of assignment and does not reflect the current value of z when changed because they are not using the same memory address.

    The second example has p2 and z using the same memory address, therefore a change in value using either variable name affects both since they both have the same address.

    Thanks again for the noting that difference...

  7. #7
    C++まいる!Cをこわせ! Elysia's Avatar
    Join Date
    Oct 2007
    Posts
    22,449
    *applaud*
    Well done. Many people have trouble with pointers.
    Now, if you want extra exercise, you can try out pointer to pointers! That part confuses yet more people.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Client-server system with input from separate program
    By robot-ic in forum Networking/Device Communication
    Replies: 3
    Last Post: 01-16-2009, 02:30 PM
  2. Message class ** Need help befor 12am tonight**
    By TransformedBG in forum C++ Programming
    Replies: 1
    Last Post: 11-29-2006, 10:03 PM
  3. towers of hanoi problem
    By aik_21 in forum C Programming
    Replies: 1
    Last Post: 10-02-2004, 01:34 PM
  4. Quick question about SIGSEGV
    By Cikotic in forum C Programming
    Replies: 30
    Last Post: 07-01-2004, 07:48 PM
  5. Tab Controls - API
    By -KEN- in forum Windows Programming
    Replies: 7
    Last Post: 06-02-2002, 09:44 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21