Search code examples
crealloc

realloc: invalid next size and malloc: memory corruption (fast)

I am doing an exercise for fun from K and R C programming book. The program is for finding the longest line from a set of lines entered by the user and then prints it.

Inputs:

This is a test

This is another long test

this is another long testthis is another long test

Observation:

It runs fine for the first two inputs but fails for the larger string (3rd input)

Errors:

Error in `./longest': realloc(): invalid next size: 0x000000000246e010 ***
Error in `./longest': malloc(): memory corruption (fast): 0x000000000246e030 ***

My efforts:

I have been trying to debug this since 2 days (rubber duck debugging) but the logic seems fine. GDB points to the realloc call in the _getline function and shows a huge backtrace with glibc.so memory allocation calls at the top.

Here is what I have written (partially, some part is taken from the book directly):-

#include <stdio.h>
#include <stdlib.h>

int MAXLINE =  10;
int INCREMENT = 10;

char* line = NULL, *longest = NULL;

void _memcleanup(){
    free(line);
    free(longest);      
}

void copy(char longest[], char line[]){
    int i=0;
    char* temp = realloc(longest,(MAXLINE)*sizeof(char));
    if(temp == NULL){
        printf("%s","Unable to allocate memory");
        _memcleanup();
        exit(1);
    }
    longest = temp;

    while((longest[i] = line[i]) != '\0'){
        ++i;
    }    
}

int _getline(char s[]){
  int i,c;
  for(i=0; ((c=getchar())!=EOF && c!='\n'); i++){
    if(i == MAXLINE - 1){
      char* temp = realloc(s,(MAXLINE + INCREMENT)*sizeof(char));
      if(temp == NULL){
        printf("%s","Unable to allocate memory");
        _memcleanup();
        exit(1);
      }

      s= temp;
      MAXLINE += INCREMENT;
    }
    s[i] = c;
  }

  if(c == '\n'){
      s[i++] = c;
  }

  s[i]= '\0';

  return i;
} 

int main(){
  int max=0, len;

  line = malloc(MAXLINE*sizeof(char));
  longest = malloc(MAXLINE*sizeof(char));

  while((len = _getline(line)) > 0){
    printf("%d%d", len, MAXLINE);
    if(len > max){
      max = len;
      copy(longest, line);
    }
  }
  if(max>0){
    printf("%s",longest);
  }

  _memcleanup();
  return 0;
}
Solution

  • You´re reallocating on copied addresses (because parameters).
    A parameter in C is a copy of the original value everytime; in case of
    a pointer it will point to the same location but the address itself is copied.

    realloc resizes the buffer asociated with the address, everything fine so far.
    But it can relocate the whole thing and assign a completely new address,
    and this new address (if it happens) will be lost after the function returns to main.

    Use a double pointer:
    Pass a char **s instead of char *s (==char s[]) as formal parameter,
    pass &xyz intead of xyz as actual value, and inside the function,
    use *xyz and **xyz (or (*xyz)[index]) for address and value.

    Other things:
    Global variables are ugly (and confusing when named same as parameters),
    multiplying with sizeof(char) is nonsense because it´s be 1 everytime,
    and names in capitals should be used for #define´s rather than variables.