I have the following C code:
static void* heap;
static unsigned int ptr;
int main(void) {
...
heap=(void*)malloc(10000*sizeof(char));
ptr=&heap;
/*Actual sniffing*/
pcap_loop(handle,-1,callback,NULL);
return 0;
}
And here is the callback function that gets called every once in a while:
void callback(u_char *useless,const struct pcap_pkthdr* header,const u_char* packet){
const u_char *payload;
...
payload = (u_char *)(packet + size_ethernet + size_ip + size_tcp);
unsigned int hash=DJBHash(payload,strlen(payload));
printf("%u\n",hash); //ok
int len=strlen(payload)*sizeof(u_char);
printf("len:%d, ptr:%d\n",len,ptr); //ok
memcpy(ptr,(char)payload,len*sizeof(u_char)); //I'm getting a seg fault here!
ptr+=len;
}
Here is my dump from valgrind:
==8687== Memcheck, a memory error detector
==8687== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==8687== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==8687== Command: ./ByteCache
==8687==
==8687== Syscall param socketcall.setsockopt(optval) points to uninitialised byte(s)
==8687== at 0x514D12A: setsockopt (syscall-template.S:82)
==8687== by 0x4E34991: ??? (in /usr/lib/libpcap.so.1.1.1)
==8687== by 0x4E34AB2: ??? (in /usr/lib/libpcap.so.1.1.1)
==8687== by 0x401A3F: main (ByteCache.c:123)
==8687== Address 0x7fefffb42 is on thread 1's stack
==8687==
2912431451
len:12, ptr:6304012
==8687== Invalid read of size 8
==8687== at 0x4C2A337: memcpy (mc_replace_strmem.c:635)
==8687== by 0x4018CB: callback (ByteCache.c:77)
==8687== by 0x4E34E24: ??? (in /usr/lib/libpcap.so.1.1.1)
==8687== by 0x4E3A818: pcap_loop (in /usr/lib/libpcap.so.1.1.1)
==8687== by 0x401AB4: main (ByteCache.c:133)
==8687== Address 0x80 is not stack'd, malloc'd or (recently) free'd
==8687==
==8687==
==8687== Process terminating with default action of signal 11 (SIGSEGV)
==8687== Access not within mapped region at address 0x80
==8687== at 0x4C2A337: memcpy (mc_replace_strmem.c:635)
==8687== by 0x4018CB: callback (ByteCache.c:77)
==8687== by 0x4E34E24: ??? (in /usr/lib/libpcap.so.1.1.1)
==8687== by 0x4E3A818: pcap_loop (in /usr/lib/libpcap.so.1.1.1)
==8687== by 0x401AB4: main (ByteCache.c:133)
==8687== If you believe this happened as a result of a stack
==8687== overflow in your program's main thread (unlikely but
==8687== possible), you can try to increase the size of the
==8687== main thread stack using the --main-stacksize= flag.
==8687== The main thread stack size used in this run was 8388608.
==8687==
==8687== HEAP SUMMARY:
==8687== in use at exit: 22,711 bytes in 11 blocks
==8687== total heap usage: 41 allocs, 30 frees, 38,352 bytes allocated
==8687==
==8687== LEAK SUMMARY:
==8687== definitely lost: 0 bytes in 0 blocks
==8687== indirectly lost: 0 bytes in 0 blocks
==8687== possibly lost: 0 bytes in 0 blocks
==8687== still reachable: 22,711 bytes in 11 blocks
==8687== suppressed: 0 bytes in 0 blocks
==8687== Reachable blocks (those to which a pointer was found) are not shown.
==8687== To see them, rerun with: --leak-check=full --show-reachable=yes
==8687==
==8687== For counts of detected and suppressed errors, rerun with: -v
==8687== Use --track-origins=yes to see where uninitialised values come from
==8687== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 4 from 4)
Segmentation fault
Unfortunately, I can't seem to make much sense of it.
Any insight greatly appreciated.
Many thanks in advance,
Thanks to Kerrick SB, I've gotten one step further.
Here now is the output:
eamorr#Compaq6000:/mnt/eamorr/workspace/ByteCache/Debug# ./ByteCache
361457034
len:872, ptr:6304000
46267872
len:12, ptr:-92779411
Segmentation fault
I can see a negative ptr? I have no idea how this is possible. I've even changed ptr to type unsigned int.
I don't think you want to do ptr = &heap, you want ptr = heap. malloc returns a pointer to the memory it allocated, which seems to be what you're trying to refer to in your callback.
You only want to use the & to get the address of something. For example:
MyStructure MyVariable;
void* pAPointer = &MyVariable;
If you're malloc-ing you get a pointer returned so:
MyStructure *pPointerToStructure = malloc(sizeof(MyStructure));
to use the & on pPointerToStructure gives you the pointer to the pointer, not to the allocated memory from the malloc call
memcpy takes void pointers as its arguments, yet you're casting the second argument to a char. To fix this:
memcpy(ptr, (const void *) payload, len * sizeof(u_char));
For that matter, why don't you declare ptr as void** (i.e. say static void ** ptr;)?
Also, why all the excessive casting? You don't need to cast the result of malloc() or of the payload = assignment, as they're already the correct type. Finally, len should probably be of type size_t, because it's a size type (i.e. unsigned).
Related
I using GNU MP to great an array of multi-precision integers. If I initialize, use and clean, all the main function, it works perfect, with no error. I've tried to create auxiliary functions to manage repetitive jobs: initialize an array and clean an array. Unfortunately it did not end up well, I'm getting a memory leak. I made a small example bellow reproducing the error behaviour:
#include <stdio.h>
#include <stdlib.h>
#include <gmp.h>
mpz_t *start(int n)
{
mpz_t *c = malloc(n*sizeof(mpz_t));
for (int i=0; i<n; i++) mpz_init (c[i]);
for (int i=0; i<n; i++) mpz_set_ui (c[i], 1);
}
void finish(mpz_t *x, int n)
{
for (int i=0; i<n; i++) mpz_clear (x[i]);
free(x);
}
int main(int argc, char *argv[])
{
int n = 10;
mpz_t *c = start(n);
finish(c, n);
return 0;
}
The result of running the program is:
Segmentation fault (core dumped)
Bellow follows Valgrind analysis log:
==18807== Memcheck, a memory error detector
==18807== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==18807== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==18807== Command: ./test
==18807==
==18807== Invalid read of size 4
==18807== at 0x4887C60: __gmpz_clear (in /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2)
==18807== by 0x10928B: finish (test.c:14)
==18807== by 0x1092DF: main (test.c:22)
==18807== Address 0xa is not stack'd, malloc'd or (recently) free'd
==18807==
==18807==
==18807== Process terminating with default action of signal 11 (SIGSEGV)
==18807== Access not within mapped region at address 0xA
==18807== at 0x4887C60: __gmpz_clear (in /usr/lib/x86_64-linux-gnu/libgmp.so.10.3.2)
==18807== by 0x10928B: finish (test.c:14)
==18807== by 0x1092DF: main (test.c:22)
==18807== If you believe this happened as a result of a stack
==18807== overflow in your program's main thread (unlikely but
==18807== possible), you can try to increase the size of the
==18807== main thread stack using the --main-stacksize= flag.
==18807== The main thread stack size used in this run was 8388608.
==18807==
==18807== HEAP SUMMARY:
==18807== in use at exit: 240 bytes in 11 blocks
==18807== total heap usage: 11 allocs, 0 frees, 240 bytes allocated
==18807==
==18807== 240 (160 direct, 80 indirect) bytes in 1 blocks are definitely lost in loss record 2 of 2
==18807== at 0x483A7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==18807== by 0x1091E8: start (test.c:7)
==18807== by 0x1092CA: main (test.c:21)
==18807==
==18807== LEAK SUMMARY:
==18807== definitely lost: 160 bytes in 1 blocks
==18807== indirectly lost: 80 bytes in 10 blocks
==18807== possibly lost: 0 bytes in 0 blocks
==18807== still reachable: 0 bytes in 0 blocks
==18807== suppressed: 0 bytes in 0 blocks
==18807==
==18807== For lists of detected and suppressed errors, rerun with: -s
==18807== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
Segmentation fault (core dumped)
What is wrong? How to fix it?
Flowing off the end of a value-returning function (except main) without a return statement is undefined behavior.
In your example, mpz_t *start(int n) doesn't actually return anything, which leads to UB.
I'm trying to track down where valgrind is finding this invalid write of size 8 in some code, but am having a hard time seeing it. I'm sure valgrind is correct, I just don't see it. I've reproduced the original error by stripping out the function and doing the same thing, more or less, with the following code:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
double* do_realloc(double* orig_graph, int graph_width, int* graph_allocated)
{
double *graph = (double *)(realloc(orig_graph, (graph_width + 1) * sizeof(*graph)));
printf("reallocing graph from %d to %d\n", *graph_allocated, graph_width);
if (!orig_graph) {
/* initialize */
memset(graph, 0, graph_width * sizeof(double));
} else if (graph) {
if (graph_width > *graph_allocated) {
/* initialize the new region */
printf("old region: %p, new region: %p, offset: %d, length: %d\n", orig_graph, graph,
(*graph_allocated * sizeof(double)),
(graph_width - *graph_allocated) * sizeof(*graph));
memset(graph + (*graph_allocated * sizeof(*graph)),
0,
(graph_width - *graph_allocated) * sizeof(*graph));
}
} else {
printf("reallocing FAILED\n");
graph = orig_graph;
graph_width = *graph_allocated;
}
*graph_allocated = graph_width;
return graph;
}
int main()
{
double* graph = NULL;
int allocated = 0;
graph = do_realloc(graph, 307, &allocated);
graph = do_realloc(graph, 300, &allocated);
graph = do_realloc(graph, 307, &allocated);
}
And the valgrind output is:
$ valgrind ./t
==4250== Memcheck, a memory error detector
==4250== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==4250== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==4250== Command: ./t
==4250==
reallocing graph from 0 to 307
reallocing graph from 307 to 300
reallocing graph from 300 to 307
old region: 0x51d4e60, new region: 0x51d5800, offset: 2400, length: 56
==4250== Invalid write of size 8
==4250== at 0x4C348BE: memset (vg_replace_strmem.c:1094)
==4250== by 0x4007A9: do_realloc(double*, int, int&) (in /home/dmcbride/tmp/v/t)
==4250== by 0x400842: main (in /home/dmcbride/tmp/v/t)
==4250== Address 0x51da300 is 16,672 bytes inside an unallocated block of size 4,185,600 in arena "client"
==4250==
==4250== Invalid write of size 8
==4250== at 0x4C348E6: memset (vg_replace_strmem.c:1094)
==4250== by 0x4007A9: do_realloc(double*, int, int&) (in /home/dmcbride/tmp/v/t)
==4250== by 0x400842: main (in /home/dmcbride/tmp/v/t)
==4250== Address 0x51da320 is 16,704 bytes inside an unallocated block of size 4,185,600 in arena "client"
==4250==
==4250== Invalid write of size 8
==4250== at 0x4C348F3: memset (vg_replace_strmem.c:1094)
==4250== by 0x4007A9: do_realloc(double*, int, int&) (in /home/dmcbride/tmp/v/t)
==4250== by 0x400842: main (in /home/dmcbride/tmp/v/t)
==4250== Address 0x51da328 is 16,712 bytes inside an unallocated block of size 4,185,600 in arena "client"
==4250==
==4250== Invalid write of size 8
==4250== at 0x4C348FD: memset (vg_replace_strmem.c:1094)
==4250== by 0x4007A9: do_realloc(double*, int, int&) (in /home/dmcbride/tmp/v/t)
==4250== by 0x400842: main (in /home/dmcbride/tmp/v/t)
==4250== Address 0x51da330 is 16,720 bytes inside an unallocated block of size 4,185,600 in arena "client"
==4250==
==4250==
==4250== HEAP SUMMARY:
==4250== in use at exit: 2,456 bytes in 1 blocks
==4250== total heap usage: 4 allocs, 3 frees, 8,336 bytes allocated
==4250==
==4250== LEAK SUMMARY:
==4250== definitely lost: 2,456 bytes in 1 blocks
==4250== indirectly lost: 0 bytes in 0 blocks
==4250== possibly lost: 0 bytes in 0 blocks
==4250== still reachable: 0 bytes in 0 blocks
==4250== suppressed: 0 bytes in 0 blocks
==4250== Rerun with --leak-check=full to see details of leaked memory
==4250==
==4250== For counts of detected and suppressed errors, rerun with: -v
==4250== ERROR SUMMARY: 7 errors from 4 contexts (suppressed: 0 from 0)
The original code has much more than this, but I'm only trying to solve the first problem right now, and will continue investigating other problems after this. I think this is related to the crash that the main application is having right after this point, every single time.
(Someone removed the "C" tag because I had left some C++-isms in, but that seems to me to be missing the purpose, so I removed all C++-isms and got the same results.)
from my analysis of the posted code,
The problem is in the call to memset() (which goes along with most of the valgrind error messages.)
Where writing a sizeof(double) beyond the end of the allocated memory area.
And failing to pass the allocated memory to free() before exiting the program.
I am very novice in working with malloc/realloc in C and so need some help. The following is short snippet of a big program where I intend to read a big (fasta) file almost 80000 line numbers and store the first line marked with > (name) and following line (sequence) in two separate arrays- fasta_name and fasta_seq. I have used a standard library which gives the output as a structure but I need to change it into arrays since later on the program I need to check input provided by the user with each of the fasta entries in the file..
The inputfile format is:
P21306\n
MSAWRKAGISYAAYLNVAAQAIRSSLKTELQTASVLNRSQTDAFYTQYKNGTAASEPTPITK\n
P38077\n
MLSRIVSNNATRSVMCHQAQVGILYKTNPVRTYATLKEVEMRLKSIKNIEKITKTMKIVASTRLSKAEKA\n
=======================
The code is:
KSEQ_INIT(gzFile, gzread) ///EXTERNAL LIBRARY FOR BIOLOGISTS READING FASTA FORMAT FILE///
int main(int argc,char *argv[])
{
char **fasta_name=(char **)malloc(sizeof(char *)*80000);
for(i=0;i<size;i++)
{
fasta_name[i]=(char*)malloc(sizeof(char)*50);
}
char **fasta_seq=(char**)malloc(sizeof(char *)*80000);
for(i=0;i<size;i++)
{
fasta_seq[i]=(char*)malloc(sizeof(char)*5000);
}
fpf = gzopen("fasta_seq_nr_uniprot.txt", "r");
seq = kseq_init(fpf);
while((l = kseq_read(seq)) >= 0)
{
strcpy(fasta_name[index1],seq->name.s);
strcpy(fasta_seq[index1],seq->seq.s);
index1++;
}
kseq_destroy(seq);
gzclose(fpf);
for(i=0;i<size;i++)
{
free(fasta_name[i]);
}
for(i=0;i<size;i++)
{
free(fasta_seq[i]);
}
free(fasta_name);
free(fasta_seq);
The program shows no compilation errors but the following memory errors and segmentation fault using Valgrind.
$ valgrind --track-origins=yes --leak-check=full ./Gwidd_uniprot_map2 xaa==3511== Memcheck, a memory error detector
==3511== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==3511== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==3511== Command: ./map2 xaa
==3511==
--3511-- ./map2:
--3511-- dSYM directory has wrong UUID; consider using --dsymutil=yes
Opening file xaa
==3511== Use of uninitialised value of size 8
==3511== at 0x100012C43: __strcpy_chk (mc_replace_strmem.c:893)
==3511== by 0x100001A78: __inline_strcpy_chk (in ./map2)
==3511== by 0x10000183E: main (in ./map2)
==3511== Uninitialised value was created by a heap allocation
==3511== at 0x100011345: malloc (vg_replace_malloc.c:236)
==3511== by 0x10000170C: main (in ./map2)
==3511==
==3511== Invalid write of size 1
==3511== at 0x100012C43: __strcpy_chk (mc_replace_strmem.c:893)
==3511== by 0x100001A78: __inline_strcpy_chk (in ./map2)
==3511== by 0x10000183E: main (in ./map2)
==3511== Address 0x0 is not stack'd, malloc'd or (recently) free'd
==3511==
==3511==
==3511== Process terminating with default action of signal 11 (SIGSEGV)
==3511== Access not within mapped region at address 0x0
==3511== at 0x100012C43: __strcpy_chk (mc_replace_strmem.c:893)
==3511== by 0x100001A78: __inline_strcpy_chk (in ./map2)
==3511== by 0x10000183E: main (in ./map2)
==3511== If you believe this happened as a result of a stack
==3511== overflow in your program's main thread (unlikely but
==3511== possible), you can try to increase the size of the
==3511== main thread stack using the --main-stacksize= flag.
==3511== The main thread stack size used in this run was 8388608.
==3511==
==3511== HEAP SUMMARY:
==3511== in use at exit: 6,674,813 bytes in 3,664 blocks
==3511== total heap usage: 3,807 allocs, 143 frees, 6,698,108 bytes allocated
==3511==
==3511== LEAK SUMMARY:
==3511== definitely lost: 0 bytes in 0 blocks
==3511== indirectly lost: 0 bytes in 0 blocks
==3511== possibly lost: 0 bytes in 0 blocks
==3511== still reachable: 6,674,813 bytes in 3,664 blocks
==3511== suppressed: 0 bytes in 0 blocks
==3511== Reachable blocks (those to which a pointer was found) are not shown.
==3511== To see them, rerun with: --leak-check=full --show-reachable=yes
==3511==
==3511== For counts of detected and suppressed errors, rerun with: -v
==3511== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 0 from 0)
Segmentation fault
CODE EDITED AS:
char **fasta_name=(char **)malloc(sizeof(char *)*80000);
if(fasta_name == NULL)
{
printf("Unable to allocate memory.\n");
exit(EXIT_FAILURE);
}
for(i=0;i<size;i++)
{
fasta_name[i]=(char*)malloc(sizeof(char)*50);
if(fasta_name[i] == NULL)
{
printf("Unable to allocate memory.\n");
exit(EXIT_FAILURE);
}
}
char **fasta_seq=(char**)malloc(sizeof(char *)*80000);
if(fasta_seq == NULL)
{
printf("Unable to allocate memory.\n");
exit(EXIT_FAILURE);
}
for(i=0;i<size;i++)
{
fasta_seq[i]=(char*)malloc(sizeof(char)*5000);
if(fasta_seq[i] == NULL)
{
printf("Unable to allocate memory.\n");
exit(EXIT_FAILURE);
}
}
fpf = gzopen("fasta_seq_nr_uniprot.txt", "r");
seq = kseq_init(fpf);
while((l = kseq_read(seq)) >= 0)
{
strcpy(fasta_name[index1],seq->name.s);
strcpy(fasta_seq[index1],seq->seq.s);
index1++;
}
kseq_destroy(seq);
gzclose(fpf);
Based on the error Access not within mapped region at address, I would say that you are accessing memory that's out of bounds, causing your segmentation fault. Check that malloc() doesn't return NULL to you after calling it, otherwise you risk accessing memory you don't actually own.
Do this after every single malloc() call. For example:
int *i = (int *) malloc(sizeof(int));
if(!i){
fprintf(stderr, "Something went wrong with malloc(), exiting...\n");
exit(1);
}
Another thing to check is to see if index1 is out of bounds of your allocations. I don't see where it's declared or initialized. Is it possible that your allocation for fasta_name and others is too small, given that you read information using a while loop that keeps incrementing the index?
I am running breadth first search and bellman ford algorithms on large sets of graph data in the format (u, v, weight) from an input file.
I initialize in the breadth first search, that all vertex's should be marked 0 for unvisited.
Later in the program, since I am calling BFS after every time I add an edge, rather than at the end of the program all together (it's part of a research project on bellman ford and BFS even though it doesn't quite make sense) I reinitialize the vertex array to unvisited.
However, I am getting a segmentation fault when I run larger sets it seems when I reinitialize the vertex array. I make the assumption about larger sets because I have a few smaller sets of test data going from 8 vertices, to 10, then at 100 and larger it fails.
Here is how I initialize at the very beginning of the program:
for(i=0;i<numberVertices;i++)
{
vertexArray[i].v = i+1;
vertexArray[i].adj = NULL;
vertexArray[i].marked = 0;
if(i==0)
{
vertexArray[i].weight = 0;
}
else{
vertexArray[i].weight = 10000;
}
}
And here is how I reinitialize at the end of a while loop set to break when it reaches the end of the file directly after BFS finishes:
BFS(q, u)
for(i=0;i<numberVertices;i++)
{
vertexArray[i].marked = 0;
}
Like I said it seems to work for smaller data sets, but I do not understand why when I reinitialize it seems to seg fault.
Please let me know your thoughts and suggestions!
Valgrind Output On An Example Case:
==6634== Memcheck, a memory error detector
==6634== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==6634== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==6634== Command: ./a.out 100S.txt
==6634==
==6634== Conditional jump or move depends on uninitialised value(s)
==6634== at 0x400C13: checkonqueue (bfs.c:160)
==6634== by 0x400B7F: BFS (bfs.c:142)
==6634== by 0x40094A: main (bfs.c:103)
==6634==
==6634== Invalid write of size 4
==6634== at 0x40096E: main (bfs.c:107)
==6634== Address 0x4d00000041 is not stack'd, malloc'd or (recently) free'd
==6634==
==6634==
==6634== Process terminating with default action of signal 11 (SIGSEGV)
==6634== Access not within mapped region at address 0x4D00000041
==6634== at 0x40096E: main (bfs.c:107)
==6634== If you believe this happened as a result of a stack
==6634== overflow in your program's main thread (unlikely but
==6634== possible), you can try to increase the size of the
==6634== main thread stack using the --main-stacksize= flag.
==6634== The main thread stack size used in this run was 10485760.
==6634==
==6634== HEAP SUMMARY:
==6634== in use at exit: 3,448 bytes in 181 blocks
==6634== total heap usage: 181 allocs, 0 frees, 3,448 bytes allocated
==6634==
==6634== LEAK SUMMARY:
==6634== definitely lost: 0 bytes in 0 blocks
==6634== indirectly lost: 0 bytes in 0 blocks
==6634== possibly lost: 0 bytes in 0 blocks
==6634== still reachable: 3,448 bytes in 181 blocks
==6634== suppressed: 0 bytes in 0 blocks
==6634== Reachable blocks (those to which a pointer was found) are not shown.
==6634== To see them, rerun with: --leak-check=full --show-reachable=yes
==6634==
==6634== For counts of detected and suppressed errors, rerun with: -v
==6634== Use --track-origins=yes to see where uninitialised values come from
==6634== ERROR SUMMARY: 16120 errors from 2 contexts (suppressed: 6 from 6)
Segmentation fault (core dumped)
check on queue function:
int checkonqueue(int * q, int value)
{
int i = 0;
for(i=0;i < max;i++)
{
if(q[i] == value)
{
return 1;
}
}
return 0;
}
line 160 is the line of the if condition
I am running breadth first search and bellman ford algorithms on large sets of graph data in the format (u, v, weight) from an input file.
I initialize in the breadth first search, that all vertex's should be marked 0 for unvisited.
Later in the program, since I am calling BFS after every time I add an edge, rather than at the end of the program all together (it's part of a research project on bellman ford and BFS even though it doesn't quite make sense) I reinitialize the vertex array to unvisited.
However, I am getting a segmentation fault when I run larger sets it seems when I reinitialize the vertex array. I make the assumption about larger sets because I have a few smaller sets of test data going from 8 vertices, to 10, then at 100 and larger it fails.
Here is how I initialize at the very beginning of the program:
for(i=0;i<numberVertices;i++)
{
vertexArray[i].v = i+1;
vertexArray[i].adj = NULL;
vertexArray[i].marked = 0;
if(i==0)
{
vertexArray[i].weight = 0;
}
else{
vertexArray[i].weight = 10000;
}
}
And here is how I reinitialize at the end of a while loop set to break when it reaches the end of the file directly after BFS finishes:
BFS(q, u)
for(i=0;i<numberVertices;i++)
{
vertexArray[i].marked = 0;
}
Like I said it seems to work for smaller data sets, but I do not understand why when I reinitialize it seems to seg fault.
Please let me know your thoughts and suggestions!
Valgrind Output On An Example Case:
==6634== Memcheck, a memory error detector
==6634== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==6634== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==6634== Command: ./a.out 100S.txt
==6634==
==6634== Conditional jump or move depends on uninitialised value(s)
==6634== at 0x400C13: checkonqueue (bfs.c:160)
==6634== by 0x400B7F: BFS (bfs.c:142)
==6634== by 0x40094A: main (bfs.c:103)
==6634==
==6634== Invalid write of size 4
==6634== at 0x40096E: main (bfs.c:107)
==6634== Address 0x4d00000041 is not stack'd, malloc'd or (recently) free'd
==6634==
==6634==
==6634== Process terminating with default action of signal 11 (SIGSEGV)
==6634== Access not within mapped region at address 0x4D00000041
==6634== at 0x40096E: main (bfs.c:107)
==6634== If you believe this happened as a result of a stack
==6634== overflow in your program's main thread (unlikely but
==6634== possible), you can try to increase the size of the
==6634== main thread stack using the --main-stacksize= flag.
==6634== The main thread stack size used in this run was 10485760.
==6634==
==6634== HEAP SUMMARY:
==6634== in use at exit: 3,448 bytes in 181 blocks
==6634== total heap usage: 181 allocs, 0 frees, 3,448 bytes allocated
==6634==
==6634== LEAK SUMMARY:
==6634== definitely lost: 0 bytes in 0 blocks
==6634== indirectly lost: 0 bytes in 0 blocks
==6634== possibly lost: 0 bytes in 0 blocks
==6634== still reachable: 3,448 bytes in 181 blocks
==6634== suppressed: 0 bytes in 0 blocks
==6634== Reachable blocks (those to which a pointer was found) are not shown.
==6634== To see them, rerun with: --leak-check=full --show-reachable=yes
==6634==
==6634== For counts of detected and suppressed errors, rerun with: -v
==6634== Use --track-origins=yes to see where uninitialised values come from
==6634== ERROR SUMMARY: 16120 errors from 2 contexts (suppressed: 6 from 6)
Segmentation fault (core dumped)
check on queue function:
int checkonqueue(int * q, int value)
{
int i = 0;
for(i=0;i < max;i++)
{
if(q[i] == value)
{
return 1;
}
}
return 0;
}
line 160 is the line of the if condition