Valgrind reports SIGSEGV and use of uninitialised value
Multi tool use
Valgrind reports SIGSEGV and use of uninitialised value
Edit: All valgrind errors where solved by initialising i.
i
I am working with strings; reading strings from a file, separating them using strsep(), converting them to int using atol(). My code compiles on gcc and runs without errors, but when checked with valgrind I get the error mentioned in the title.
strsep()
atol()
I am trying populate a two-dimensional array grid[20][20] with int values from a text file. The text file contains lines of numbers separated by spaces, something like 20 81 65 07 54 72 13 28 66 95 00 20 00 84 06 30 85 43 15 73n
grid[20][20]
20 81 65 07 54 72 13 28 66 95 00 20 00 84 06 30 85 43 15 73n
My code, (excluding all of the file IO) is as below. (Note that I do handle the file correctly: checking the result of fopen, closing with fclose).
fopen
fclose
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define STR_LEN 20
#define NUM_LINES 20
#define MAX_SIZE 100
int main(void){
char input_str[MAX_SIZE]; //string to hold lines read from file
char * str_array[STR_LEN]; //array of strings to split the lines into
int grid[20][20];
char * token, *str, *tofree;
int line;
for (line = 0; line < NUM_LINES; ++line){ //for every line in the file
if (fgets(input_str, MAX_SIZE, fp)!=NULL){ //read the file's line into input_str
tofree = str = strdup(input_str); //set str to copy of input_string, and tofree to point to beginning of str's memory, to free later
int i = 0;
while ((token = strsep(&str, " "))){ //split str on " ", keeping everything in between in token
str_array[i] = token; //add token to str_array
++i;
}
for (i = 0; i < STR_LEN; ++i){
grid[line][i] = atol(str_array[i]); //convert strings to int and store in num_array
printf("grid[%d][%d]: %dn", line, i, grid[line][i]);
}
free(tofree); //free str by freeing tofree, as tofree points to str's memory
}
}
printf("%d", grid[0][0]);
return 0;
}
I compile this code with gcc -Wall -g -c myfile.c. It both compiles and runs fine, with no errors. Checking the values using printf() just after the values have been passed to grid shows all correct values. However, the last printf() in the code shows that grid[0][0] contains junk, even though it was correct before. In fact, all elements in grid[0] have been corrupted.
gcc -Wall -g -c myfile.c
printf()
grid
printf()
grid[0][0]
grid[0]
Running valgrind with valgrind --leak-check=full --track-origins=yes --dsymutil=yes --show-leak-kinds=all ./productGrid.elf gives me
valgrind --leak-check=full --track-origins=yes --dsymutil=yes --show-leak-kinds=all ./productGrid.elf
$ valgrind --leak-check=full --track-origins=yes --dsymutil=yes --show-leak-kinds=all ./productGrid.elf
==2252== Command: ./productGrid.elf
==2252==
==2252== Use of uninitialised value of size 4
==2252== at 0x106EC: main (in /home/jesse/C/Proj. Euler/productGrid.elf)
==2252== Uninitialised value was created by a stack allocation
==2252== at 0x10656: main (in /home/jesse/C/Proj. Euler/productGrid.elf)
==2252==
==2252== Invalid write of size 4
==2252== at 0x106EC: main (in /home/jesse/C/Proj. Euler/productGrid.elf)
==2252== Address 0x7e2b6c38 is not stack'd, malloc'd or (recently) free'd
==2252==
==2252==
==2252== Process terminating with default action of signal 11 (SIGSEGV)
==2252== Access not within mapped region at address 0x7E2B6C38
==2252== at 0x106EC: main (in /home/jesse/C/Proj. Euler/productGrid.elf)
==2252== If you believe this happened as a result of a stack
==2252== overflow in your program's main thread (unlikely but
==2252== possible), you can try to increase the size of the
==2252== main thread stack using the --main-stacksize= flag.
==2252== The main thread stack size used in this run was 8388608.
==2252==
==2252== HEAP SUMMARY:
==2252== in use at exit: 413 bytes in 2 blocks
==2252== total heap usage: 3 allocs, 1 frees, 4,509 bytes allocated
==2252==
==2252== 61 bytes in 1 blocks are still reachable in loss record 1 of 2
==2252== at 0x483E380: malloc (vg_replace_malloc.c:299)
==2252== by 0x48E188B: strdup (strdup.c:42)
==2252== by 0x106C9: main (in /home/jesse/C/Proj. Euler/productGrid.elf)
==2252==
==2252== 352 bytes in 1 blocks are still reachable in loss record 2 of 2
==2252== at 0x483E380: malloc (vg_replace_malloc.c:299)
==2252== by 0x48D11F3: __fopen_internal (iofopen.c:69)
==2252== by 0x10681: main (in /home/jesse/C/Proj. Euler/productGrid.elf)
==2252==
==2252== LEAK SUMMARY:
==2252== definitely lost: 0 bytes in 0 blocks
==2252== indirectly lost: 0 bytes in 0 blocks
==2252== possibly lost: 0 bytes in 0 blocks
==2252== still reachable: 413 bytes in 2 blocks
==2252== suppressed: 0 bytes in 0 blocks
==2252==
==2252== For counts of detected and suppressed errors, rerun with: -v
==2252== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 6 from 3)
Segmentation fault
Any ideas on what I'm doing wrong?
i
str_array[i] = token; ++i;
@alk: Real stupid of me! That must have happened when I moved it. Thanks! No more valgrind errors, but grid is still getting corrupted.
– Jǝssǝ
Jun 30 at 10:27
Please not that by default Valgrind tests heap memory access only. So the stack allocated array(s) are not tested for out-of-bound access.
– alk
Jun 30 at 11:13
On how to do stack checking using Valgrind you might like to read this valgrind.org/docs/manual/sg-manual.html
– alk
Jun 30 at 11:14
Very important to know, thank you.
– Jǝssǝ
Jun 30 at 11:50
3 Answers
3
i is used uninitialised here:
i
str_array[i] = token;
++i;
Note:
If you compile with symbols (option -g to GCC) then Valgrind annotates its logging with references to the source lines.
-g
I have been trying to fix those missing source lines for weeks now, no luck. I do compile with -g (as stated in the question). I have also tried many other things, no go.
– Jǝssǝ
Jun 30 at 10:33
I can't comment, so I post a new answer. As @alk said, i it's uninitialized and if you just initialize it at the definition, the while won't work. Use a for(;;), as you need the assignment.
i
for(;;)
Update your code if you are still having issues.
Reading it again, you take it to
STR_LEN so you are accessing outside the array.– Mance Rayder
Jun 30 at 10:50
STR_LEN
It reaches 20; the condition ends on 20, but the
while has some other increments.– Mance Rayder
Jun 30 at 10:56
while
You are writing str_array from i = 20 to 39... there's a SIGSEGV there.. Most probably it's not raising because you overwrite another variable's memory.
– Mance Rayder
Jun 30 at 11:01
Assuming everything else works:
i starts at 0, the while iterates until it reaches 20, the for loop resets it and iterates up to 20 again (not 19), when the next line is read, the while loop does not modify the start point, so it starts at 20, up to 40, and the cycle repeats from the for loop.– Mance Rayder
Jun 30 at 11:07
i
0
@Mander I get you now. I am now declaring and initialising
i just before the while loop, so that is no longer an issue. Thanks a lot! (I'll update my code)– Jǝssǝ
Jun 30 at 11:22
i
You should initialize i at the beginning.
Also about this piece of code:
while ((token = strsep(&str, " "))){
str_array[i] = token; //add token to str_array
++i;
}
for (i = 0; i < STR_LEN; ++i){
grid[line][i] = atol(str_array[i]);
printf("grid[%d][%d]: %dn", line, i, grid[line][i]);
}
why are you counting the i if you are going to zero it below? Maybe you should use a different counter and loop until this and not STR_LEN.
Hope this helps.
I see.. About the for loop if you have put in str_array less than STR_LEN this will not work. You should check how many you have inserted I think..
– Alex G
Jun 30 at 11:38
Thankfully I know that I will always get 20 numbers from each line in the file :)
– Jǝssǝ
Jun 30 at 11:40
Really good suggestion by the way, if I didn't know how many I would get from each line, this would be vital. Deserves an upvote, so +1 ; )
– Jǝssǝ
Jun 30 at 11:53
By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.
iis used uninitialised herestr_array[i] = token; ++i;.– alk
Jun 30 at 10:24