Thanks for the fast replies :)

Am 17.06.2011 15:17, schrieb WAROQUIERS Philippe:
>  
>> My program calls malloc(x) several times, where x is never negative nor
>> 0. But on one particular malloc() it always crashes.
>>
>> running my program with valgrind gives me the following hints:
>>
>>
>> - --15446-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11
>> (SIGSEGV) - exiting
>> - --15446-- si_code=1;  Faulting address: 0x2D11153860;  sp: 
>> 0x40317bdd0
>>
>> valgrind: the 'impossible' happened:
>>   Killed by fatal signal
>> ==15446==    at 0x38032A94: unlinkBlock (m_mallocfree.c:245)
>> ==15446==    by 0x3803453D: vgPlain_arena_malloc (m_mallocfree.c:1381)
>> ==15446==    by 0x3800292E: vgMemCheck_new_block 
>> (mc_malloc_wrappers.c:201)
>> ==15446==    by 0x38002C98: vgMemCheck_malloc 
>> (mc_malloc_wrappers.c:238)
>> ==15446==    by 0x3806140E: vgPlain_scheduler (scheduler.c:1394)
>> ==15446==    by 0x3808598A: run_a_thread_NORETURN (syswrap-linux.c:94)
>>
>> sched status:
>>  running_tid=1
>>
>> Thread 1: status = VgTs_Runnable
>> ==15446==    at 0x4C2668A: malloc (vg_replace_malloc.c:236)
>> ==15446==    by 0x4058CD: sort(unsigned int**, unsigned int, unsigned
>> int) (facedetect.cpp:288)
>> ==15446==    by 0x407F31: findScrambledArea(cv::Mat&) 
>> (facedetect.cpp:312)
>> ==15446==    by 0x40AFED: runOperation(Mode, CryptoKey const&,
>> DetectorParams&, std::string, std::string, std::string, bool)
>> (facedetect.cpp:625)
>> ==15446==    by 0x40BCC8: main (facedetect.cpp:700)
>>
>>
>>
>> The code in line 288 of facedetect.cpp looks harmless:
>>
>> int* data = (int*) malloc(10);
>> I tried to run it without valgrind, and for sizes smaller than ~800 my
>> program seems to run. For anything bigger I get a glibc error.
>>
>>
>>
>> *** glibc detected *** ./facescramble: malloc(): memory corruption:
>> 0x000000000062b3a0 ***
>> ======= Backtrace: =========
>> /lib64/libc.so.6(+0x72f66)[0x7f47a5066f66]
>> /lib64/libc.so.6(+0x75ffb)[0x7f47a5069ffb]
>> /lib64/libc.so.6(__libc_malloc+0x70)[0x7f47a506bde0]
>> ./facescramble[0x4058ce]
>> ./facescramble[0x407f32]
>> ./facescramble[0x40afee]
>> ./facescramble[0x40bcc9]
>> /lib64/libc.so.6(__libc_start_main+0xfd)[0x7f47a5012d2d]
>> ./facescramble[0x4041e9]
>>
>>
>> Does anyone have any ideas why that might occur?!
>> My glibc version is: sys-libs/glibc-2.12.2
>> and I just recompiled it on gentoo to enable the splitdebug feature
>> which is necessary to run valgrind.
> 
> Your program seems to have a bug where it corrupts its memory
> (e.g. writes past an allocated block or so).
> This seems to be detected by both Valgrind (through this internal error)
> and by glibc (reporting a memory corruption).
> 
> Is Valgrind reporting other errors before ? Then you should fix these.
> 

I actually ignored three warnings. It's still a bit cryptic for me. For
example, I get the following msg:

Invalid write of size 4
==4427==    at 0x405930: sort(unsigned int**, unsigned int, unsigned
int) (facedetect.cpp:293)
==4427==    by 0x407EA9: findScrambledArea(cv::Mat&) (facedetect.cpp:536)
==4427==    by 0x40AFFD: runOperation(Mode, CryptoKey const&,
DetectorParams&, std::string, std::string, std::string, bool)
(facedetect.cpp:625)
==4427==    by 0x40BCD8: main (facedetect.cpp:700)
==4427==  Address 0x11154010 is 0 bytes after a block of size 2,080 alloc'd
==4427==    at 0x4C2668A: malloc (vg_replace_malloc.c:236)
==4427==    by 0x4058CE: sort(unsigned int**, unsigned int, unsigned
int) (facedetect.cpp:287)
==4427==    by 0x407EA9: findScrambledArea(cv::Mat&) (facedetect.cpp:536)
==4427==    by 0x40AFFD: runOperation(Mode, CryptoKey const&,
DetectorParams&, std::string, std::string, std::string, bool)
(facedetect.cpp:625)
==4427==    by 0x40BCD8: main (facedetect.cpp:700)


My code at that position looks like this:

284 static uint* sort(uint** matrix, uint width, uint height) {
285     uint* data = (uint*) malloc(width * height * sizeof(uint));
286     uint i,j=0;
287     for(i=0; i<height; i++) {
288         for(j=0; j<width; j++) {
289             data[j + i*height] = matrix[i][j];
290         }
291     }
...

I don't see why I'm using an invalid write of size 4. I'm retrieving an
uint and I'm writing an uint.

Furthermore, I get...

==4446== Use of uninitialised value of size 8
==4446==    at 0x79CA8B2: ??? (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x79CF6D2: std::ostreambuf_iterator<char,
std::char_traits<char> > std::num_put<char,
std::ostreambuf_iterator<char, std::char_traits<char> >
>::_M_insert_int<unsigned long>(std::ostreambuf_iterator<char,
std::char_traits<char> >, std::ios_base&, char, unsigned long) const (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x79CF8CD: std::num_put<char,
std::ostreambuf_iterator<char, std::char_traits<char> >
>::do_put(std::ostreambuf_iterator<char, std::char_traits<char> >,
std::ios_base&, char, unsigned long) const (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x79E12B9: std::ostream& std::ostream::_M_insert<unsigned
long>(unsigned long) (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x405934: sort(unsigned int**, unsigned int, unsigned
int) (ostream:195)
==4446==    by 0x407E39: findScrambledArea(cv::Mat&) (facedetect.cpp:531)
==4446==    by 0x40AFFD: runOperation(Mode, CryptoKey const&,
DetectorParams&, std::string, std::string, std::string, bool)
(facedetect.cpp:620)
==4446==    by 0x40BCD8: main (facedetect.cpp:695)
==4446==
==4446== Conditional jump or move depends on uninitialised value(s)
==4446==    at 0x79CA8C0: ??? (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x79CF6D2: std::ostreambuf_iterator<char,
std::char_traits<char> > std::num_put<char,
std::ostreambuf_iterator<char, std::char_traits<char> >
>::_M_insert_int<unsigned long>(std::ostreambuf_iterator<char,
std::char_traits<char> >, std::ios_base&, char, unsigned long) const (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x79CF8CD: std::num_put<char,
std::ostreambuf_iterator<char, std::char_traits<char> >
>::do_put(std::ostreambuf_iterator<char, std::char_traits<char> >,
std::ios_base&, char, unsigned long) const (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x79E12B9: std::ostream& std::ostream::_M_insert<unsigned
long>(unsigned long) (in
/usr/lib64/gcc/x86_64-pc-linux-gnu/4.4.5/libstdc++.so.6.0.13)
==4446==    by 0x405934: sort(unsigned int**, unsigned int, unsigned
int) (ostream:195)
==4446==    by 0x407E39: findScrambledArea(cv::Mat&) (facedetect.cpp:531)
==4446==    by 0x40AFFD: runOperation(Mode, CryptoKey const&,
DetectorParams&, std::string, std::string, std::string, bool)
(facedetect.cpp:620)
==4446==    by 0x40BCD8: main (facedetect.cpp:695)


which looks like something I cannot influence.
And that's it. After that, my program seg faults.

> Otherwise, the line above seeems strange: you are allocating 10 bytes
> assuming this will be used by a pointer to "integer".
> I would expect that you would allocate a number of bytes multiple of 4
> (or 8 maybe). Allocating 10 bytes is strange if you will use this as a
> pointer
> to an array of int.

Right, actually I just wanted to try some simple calls. My actuall
malloc call (as you can also see above) is

int* data = (int*) malloc(width * height * sizeof(int))

In any case, the parameter should not affect the behavior, because it
crashes in the malloc function. I don't have a chance to go beyond it
and do something with the int*.


> Maybe this is the cause of the error somewhere else ?
> 
> Philippe

Any other ideas?

cheers, Stephanie

> 
> ____
>  
> This message and any files transmitted with it are legally privileged and 
> intended for the sole use of the individual(s) or entity to whom they are 
> addressed. If you are not the intended recipient, please notify the sender by 
> reply and delete the message and any attachments from your system. Any 
> unauthorised use or disclosure of the content of this message is strictly 
> prohibited and may be unlawful.
>  
> Nothing in this e-mail message amounts to a contractual or legal commitment 
> on the part of EUROCONTROL, unless it is confirmed by appropriately signed 
> hard copy.
>  
> Any views expressed in this message are those of the sender.


------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Valgrind-users mailing list
Valgrind-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/valgrind-users

Reply via email to