* malloc segfaults
@ 2003-09-02 13:35 Juergen Bohn
2003-09-02 20:51 ` Bill C. Riemers
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Juergen Bohn @ 2003-09-02 13:35 UTC (permalink / raw)
To: cygwin
Tested with cygwin1.dll 1.5.3-1 and 1.3.22-1 on Win2000-SP4, malloc() does
not (always)
return NULL if there is no more memory available. Try, for example, simple
loops like:
x = malloc(10000);
for (i=0; x != NULL; i++)
{
x = malloc(10000);
if (x == NULL) printf("x is NULL\n");
}
My application terminates with a segmentation violation, but all attempts
to handle this by signal() or atexit() fail. Unfortunately, also sysconf()
does not work to get the number of available pages (_SC_AVPHYS_PAGES, I get
always the same but wrong value).
While testing, I detected that errno is set to 12 ("Not enough memory")
after enough iterations through the for-loop above, while variable x still
is not zero. But still my application crashes even when I break the loop
at errno!=0.
Is there any secure way to find out, how much memory is available (or hope
that the malloc() problems will be solved)?
Many thanks,
Juergen
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: malloc segfaults
2003-09-02 13:35 malloc segfaults Juergen Bohn
@ 2003-09-02 20:51 ` Bill C. Riemers
2003-09-03 13:20 ` Christopher Faylor
[not found] ` <20030903094303.GB19365@linux_rln.harvest>
2003-09-04 11:03 ` Corinna Vinschen
2 siblings, 1 reply; 5+ messages in thread
From: Bill C. Riemers @ 2003-09-02 20:51 UTC (permalink / raw)
To: Juergen Bohn, cygwin
Definitely looks like a cygwin1.dll bug to me. I see consistently the
traceback either terminates in
strdup() called from mmap64(), or mktime() called from strdup(). There are
a number of hacks you
can do to work around the bug. i..e.:
void *malloc_wrapper(size_t t)
{
static const size_t reserved_size=32768;
static void *reserved=NULL;
void *retval=NULL;
printf("reserved=%x,%x\n",reserved,t+reserved_size);
if(reserved != NULL)
{
free(reserved);
}
reserved = malloc(t+reserved_size);
unsigned int w=(unsigned int)reserved;
if(!(0xff800000&(unsigned int)reserved))
{
free(reserved);
}
else if(reserved != NULL)
{
free(reserved);
retval=malloc(t);
}
reserved=malloc(reserved_size);
return retval;
}
However, none are really satifactory.
Bill
----- Original Message -----
From: "Juergen Bohn" <bohn@osc-es.de>
To: <cygwin@cygwin.com>
Sent: Tuesday, September 02, 2003 9:35 AM
Subject: malloc segfaults
> Tested with cygwin1.dll 1.5.3-1 and 1.3.22-1 on Win2000-SP4, malloc() does
> not (always)
> return NULL if there is no more memory available. Try, for example,
simple
> loops like:
>
> x = malloc(10000);
> for (i=0; x != NULL; i++)
> {
> x = malloc(10000);
> if (x == NULL) printf("x is NULL\n");
> }
>
> My application terminates with a segmentation violation, but all attempts
> to handle this by signal() or atexit() fail. Unfortunately, also
sysconf()
> does not work to get the number of available pages (_SC_AVPHYS_PAGES, I
get
> always the same but wrong value).
>
> While testing, I detected that errno is set to 12 ("Not enough memory")
> after enough iterations through the for-loop above, while variable x still
> is not zero. But still my application crashes even when I break the loop
> at errno!=0.
>
> Is there any secure way to find out, how much memory is available (or hope
> that the malloc() problems will be solved)?
>
> Many thanks,
> Juergen
>
>
>
> --
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
> Problem reports: http://cygwin.com/problems.html
> Documentation: http://cygwin.com/docs.html
> FAQ: http://cygwin.com/faq/
>
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: malloc segfaults
2003-09-02 20:51 ` Bill C. Riemers
@ 2003-09-03 13:20 ` Christopher Faylor
0 siblings, 0 replies; 5+ messages in thread
From: Christopher Faylor @ 2003-09-03 13:20 UTC (permalink / raw)
To: cygwin
On Tue, Sep 02, 2003 at 04:50:40PM -0400, Bill C. Riemers wrote:
>Definitely looks like a cygwin1.dll bug to me. I see consistently the
>traceback either terminates in
>strdup() called from mmap64(), or mktime() called from strdup().
Do you see a strdup anywhere in mmap64 or a call to mktime() (?) from
strdup?
I don't. That would indicate that your traceback is highly suspect.
cgf
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: malloc segfaults
[not found] ` <20030903094303.GB19365@linux_rln.harvest>
@ 2003-09-03 22:03 ` Juergen Bohn
0 siblings, 0 replies; 5+ messages in thread
From: Juergen Bohn @ 2003-09-03 22:03 UTC (permalink / raw)
To: Ronald Landheer-Cieslak, cygwin, Bill C. Riemers
Thanks for the hints.
gdb and strace show the buggy behavior on my machine.
Starting program: /cygdrive/e/verify/malloc/malltest.exe
Program received signal SIGSEGV, Segmentation fault.
0x61042e26 in strdup () from /usr/bin/cygwin1.dll
(gdb) bt
#0 0x61042e26 in strdup () from /usr/bin/cygwin1.dll
#1 0x6104326b in mmap64 () from /usr/bin/cygwin1.dll
#2 0x61043849 in mmap () from /usr/bin/cygwin1.dll
#3 0x610401bc in mktime () from /usr/bin/cygwin1.dll
#4 0x61040413 in mktime () from /usr/bin/cygwin1.dll
#5 0x610413e6 in malloc () from /usr/bin/cygwin1.dll
#6 0x004010e7 in main (argc=1, argv=0xa042630) at malltest.c:10
and
448 1192931 [main] malltest 1472 mmap64: 630000 = mmap() succeeded
249 1193180 [main] malltest 1472 mmap64: addr 0, len 1048576, prot 3,
flags 22, fd -1, off 0
202 1193382 [main] malltest 1472 handle_exceptions: In
cygwin_except_handler exc 0xC0000005 at 0x61042E26 sp 0x22FCB4
123 1193505 [main] malltest 1472 handle_exceptions: In
cygwin_except_handler sig = 11 at 0x61042E26
118 1193623 [main] malltest 1472 handle_exceptions: In
cygwin_except_handler calling 0x0
1193743 [main] malltest 1472 handle_exceptions: Exception:
STATUS_ACCESS_VIOLATION
120 1193743 [main] malltest 1472 handle_exceptions: Exception:
STATUS_ACCESS_VIOLATION
The wrapper from Bill Riemer's reply works, at least when I wrap my own
malloc() calls.
More tips are still appreciated.
Best regards,
Juergen
Ronald Landheer-Cieslak wrote:
> Your code may have an unexpected side-effect: printf allocates memory as well.
> Try using this:
>
> #include <stdlib.h>
>
> int main(void)
> {
> void * x;
>
> x = malloc(1000000);
> while (x != NULL)
> {
> x = malloc(1000000);
> if (x == NULL)
> write(2, "malloc returned NULL\n", 21);
> }
>
> return(0);
> }
>
> I've tested it under gdb and with strace, both say "malloc returned NULL". OTOH,
> when simply run from the command-line, I do get a segmentation fault.
>
> HTH
>
> rlc
>
> On Tue, Sep 02, 2003 at 03:35:04PM +0200, Juergen Bohn wrote:
>
>>Tested with cygwin1.dll 1.5.3-1 and 1.3.22-1 on Win2000-SP4, malloc() does
>>not (always)
>>return NULL if there is no more memory available. Try, for example, simple
>>loops like:
>>
>> x = malloc(10000);
>> for (i=0; x != NULL; i++)
>> {
>> x = malloc(10000);
>> if (x == NULL) printf("x is NULL\n");
>> }
>>
>>My application terminates with a segmentation violation, but all attempts
>>to handle this by signal() or atexit() fail. Unfortunately, also sysconf()
>>does not work to get the number of available pages (_SC_AVPHYS_PAGES, I get
>>always the same but wrong value).
>>
>>While testing, I detected that errno is set to 12 ("Not enough memory")
>>after enough iterations through the for-loop above, while variable x still
>>is not zero. But still my application crashes even when I break the loop
>>at errno!=0.
>>
>>Is there any secure way to find out, how much memory is available (or hope
>>that the malloc() problems will be solved)?
>>
>>Many thanks,
>>Juergen
>>
>>
>>
>>--
>>Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
>>Problem reports: http://cygwin.com/problems.html
>>Documentation: http://cygwin.com/docs.html
>>FAQ: http://cygwin.com/faq/
>
>
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: malloc segfaults
2003-09-02 13:35 malloc segfaults Juergen Bohn
2003-09-02 20:51 ` Bill C. Riemers
[not found] ` <20030903094303.GB19365@linux_rln.harvest>
@ 2003-09-04 11:03 ` Corinna Vinschen
2 siblings, 0 replies; 5+ messages in thread
From: Corinna Vinschen @ 2003-09-04 11:03 UTC (permalink / raw)
To: cygwin
On Tue, Sep 02, 2003 at 03:35:04PM +0200, Juergen Bohn wrote:
> Tested with cygwin1.dll 1.5.3-1 and 1.3.22-1 on Win2000-SP4, malloc() does
> not (always)
> return NULL if there is no more memory available. Try, for example, simple
> loops like:
>
> x = malloc(10000);
> for (i=0; x != NULL; i++)
> {
> x = malloc(10000);
> if (x == NULL) printf("x is NULL\n");
> }
>
> My application terminates with a segmentation violation, but all attempts
I've applied a patch to cygwin which solves this problem. You should
get NULL at one point instead.
> to handle this by signal() or atexit() fail. Unfortunately, also sysconf()
> does not work to get the number of available pages (_SC_AVPHYS_PAGES, I get
> always the same but wrong value).
I've changed sysconf to return a more accurate value for _SC_AVPHYS_PAGES.
However, this is not a value you can rely on. Cygwin processes might run
out of memory even though there are still a lot of physical pages available.
This is related to the fact that small allocations (less than 1 Meg) are
taken from the applications heap which might be unraisable for some reason.
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Problem reports: http://cygwin.com/problems.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2003-09-04 11:03 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-09-02 13:35 malloc segfaults Juergen Bohn
2003-09-02 20:51 ` Bill C. Riemers
2003-09-03 13:20 ` Christopher Faylor
[not found] ` <20030903094303.GB19365@linux_rln.harvest>
2003-09-03 22:03 ` Juergen Bohn
2003-09-04 11:03 ` Corinna Vinschen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).