Search code examples
c++heap-corruptionmemory-corruption

Heap corruption - Vector push_back

I seem to have a corrupted heap, I cannot figure out why this is happening....

Following is the trace from valgrind..

==12697== Use of uninitialised value of size 4
==12697==    at 0xDD0725: __gnu_cxx::__atomic_add(int volatile*, int) (in /usr/lib/libstdc++.so.6.0.7)
==12697==    by 0x1C3AD9BB: chargeRate::chargeRate(chargeRate const&) (in /root//app/libapp++.so)
==12697==    by 0x1C4C9C22: __gnu_cxx::__mt_alloc_base<chargeRate>::construct(chargeRate*, chargeRate const&) (mt_allocator.h:585)
==12697==    by 0x1C4CAC9F: std::vector<chargeRate, std::allocator<chargeRate> >::_M_insert_aux(__gnu_cxx::__normal_iterator<chargeRate*, std::vector<chargeRate, std::allocator<chargeRate> > >, chargeRate const&) (vector.tcc:284)
==12697==    by 0x1C4CAF9E: std::vector<chargeRate, std::allocator<chargeRate> >::push_back(chargeRate const&) (stl_vector.h:610)
==12697==    by 0x1C4C8A03: WebTranslations::getChargeDetails(std::vector<std::string, std::allocator<std::string> >&, std::vector<chargeRate, std::allocator<chargeRate> >&) (WebTranslations.cpp:427)
==12697==    by 0x1C4C8F83: WebTranslations::getChargeTranslations(std::vector<std::string, std::allocator<std::string> >&, std::vector<std::string, std::allocator<std::string> >&) (WebTranslations.cpp:1172)

==12697== 
==12697== Invalid read of size 4
==12697==    at 0xDB468B: std::string::string(std::string const&) (in /usr/lib/libstdc++.so.6.0.7)
==12697==    by 0x1C3AD9E0: chargeRate::chargeRate(chargeRate const&) (in /root//app/libapp++.so)
==12697==    by 0x1C4C9C22: __gnu_cxx::__mt_alloc_base<chargeRate>::construct(chargeRate*, chargeRate const&) (mt_allocator.h:585)
==12697==    by 0x1C4CAC9F: std::vector<chargeRate, std::allocator<chargeRate> >::_M_insert_aux(__gnu_cxx::__normal_iterator<chargeRate*, std::vector<chargeRate, std::allocator<chargeRate> > >, chargeRate const&) (vector.tcc:284)
==12697==    by 0x1C4CAF9E: std::vector<chargeRate, std::allocator<chargeRate> >::push_back(chargeRate const&) (stl_vector.h:610)
==12697==    by 0x1C4C8A03: WebTranslations::getChargeDetails(std::vector<std::string, std::allocator<std::string> >&, std::vector<chargeRate, std::allocator<chargeRate> >&) (WebTranslations.cpp:427)
==12697==    by 0x1C4C8F83: WebTranslations::getChargeTranslations(std::vector<std::string, std::allocator<std::string> >&, std::vector<std::string, std::allocator<std::string> >&) (WebTranslations.cpp:1172)
==12697==    by 0x1C299E48: zif__get_charge_translations (in /usr/lib/php4/.so)
==12697==    by 0x1BCE0916: zend_do_fcall_common_helper (in /usr/lib/httpd/modules/libphp5.so)
==12697==    by 0x1BCF1088: zend_do_fcall_handler (in /usr/lib/httpd/modules/libphp5.so)
==12697==    by 0x1BCDDD92: execute (in /usr/lib/httpd/modules/libphp5.so)
==12697==    by 0x1BCE02A9: zend_do_fcall_common_helper (in /usr/lib/httpd/modules/libphp5.so)
==12697==  Address 0xFFFFFFFC is not stack'd, malloc'd or (recently) free'd
==12697== 
==12697== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==12697==  GPF (Pointer out of bounds?)
==12697==    at 0xDB468B: std::string::string(std::string const&) (in /usr/lib/libstdc++.so.6.0.7)
==12697==    by 0x1C3AD9E0: chargeRate::chargeRate(chargeRate const&) (in /root//app/libapp++.so)
==12697==    by 0x1C4C9C22: __gnu_cxx::__mt_alloc_base<chargeRate>::construct(chargeRate*, chargeRate const&) (mt_allocator.h:585)
==12697==    by 0x1C4CAC9F: std::vector<chargeRate, std::allocator<chargeRate> >::_M_insert_aux(__gnu_cxx::__normal_iterator<chargeRate*, std::vector<chargeRate, std::allocator<chargeRate> > >, chargeRate const&) (vector.tcc:284)
==12697==    by 0x1C4CAF9E: std::vector<chargeRate, std::allocator<chargeRate> >::push_back(chargeRate const&) (stl_vector.h:610)
==12697==    by 0x1C4C8A03: WebTranslations::getChargeDetails(std::vector<std::string, std::allocator<std::string> >&, std::vector<chargeRate, std::allocator<chargeRate> >&) (WebTranslations.cpp:427)
==12697==    by 0x1C4C8F83: WebTranslations::getChargeTranslations(std::vector<std::string, std::allocator<std::string> >&, std::vector<std::string, std::allocator<std::string> >&) (WebTranslations.cpp:1172)

The code is just pushing a structure into a vector. The structure has a few string variables in it. Please let me know if the source is required for further debugging.

Some source:

typedef struct{
  string chargeType; // The name of the charge type, eg "Date Units"
  string unitSize;
  string rate;
  bool perConnection;
  string cap;
  bool useMaxDailyCharge;
  string maxDailyCharge;
  string identifier;
} chargeRate;

getChargeDetails :

vector<chargeRate> my_vector;
my_vector.push_back(this->getChargeRateDetails(chargeStructureNames[i]));

getChargeRateDetails : 

where : vector<vector<string> > StringMatrix
StringMatrix *results; //used to retrive results from database.
chargeRate chargeInformation;
...
//populate results, check them
..
chargeInformation.chargeType = (*results)[FIRST_ROW][CHARGE_TYPE];
return chargeInformation;

Edit : I am aware this is returning a "copy" .. this is done test out a few things, i am inserting the same into a copy of vector passed by reference.

Cheers!

Solution

  • In case getChargeRateDetails returns by reference you are trying to use a reference to a variable that is already out of scope.