The code suddenly works as it should. I can't recall having changed the code at all from when it crashed to now, other than adding some printfs for debugging. I just removed the comment from free(c); and now it works.
So please remove this question
The free on line 48 is the one in question. Once I remove it, my program runs fine, but with memory leakage of course. The string is malloced, filled by sprintf and attempted freed, but unsuccessfully.
I've pastebinned the function by demand
int extcommand(char** param)
The free line causes the following carnage:
*** glibc detected *** ./bin/tomashell: free(): invalid next size (fast): 0x094e7030 *** ======= Backtrace: ========= /lib/i686/cmov/libc.so.6(+0x6b281)[0xb7656281] /lib/i686/cmov/libc.so.6(+0x6cad8)[0xb7657ad8] /lib/i686/cmov/libc.so.6(cfree+0x6d)[0xb765abbd] ./bin/tomashell[0x8048ffb] ./bin/tomashell[0x8048e28] ./bin/tomashell[0x8048c37] /lib/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xb7601c76] ./bin/tomashell[0x8048751] ======= Memory map: ======== 08048000-0804a000 r-xp 00000000 08:01 5578979 /root/Dropbox/UIO/INF1060/hjemmeeksamen-1/tomashell/bin/tomashell 0804a000-0804b000 rw-p 00001000 08:01 5578979 /root/Dropbox/UIO/INF1060/hjemmeeksamen-1/tomashell/bin/tomashell 094e7000-09508000 rw-p 00000000 00:00 0 [heap] b7400000-b7421000 rw-p 00000000 00:00 0 b7421000-b7500000 ---p 00000000 00:00 0 b75c5000-b75e2000 r-xp 00000000 08:01 1843203 /lib/libgcc_s.so.1 b75e2000-b75e3000 rw-p 0001c000 08:01 1843203 /lib/libgcc_s.so.1 b75ea000-b75eb000 rw-p 00000000 00:00 0 b75eb000-b772b000 r-xp 00000000 08:01 1860235 /lib/i686/cmov/libc-2.11.2.so b772b000-b772d000 r--p 0013f000 08:01 1860235 /lib/i686/cmov/libc-2.11.2.so b772d000-b772e000 rw-p 00141000 08:01 1860235 /lib/i686/cmov/libc-2.11.2.so b772e000-b7731000 rw-p 00000000 00:00 0 b7736000-b773a000 rw-p 00000000 00:00 0 b773a000-b773b000 r-xp 00000000 00:00 0 [vdso] b773b000-b7756000 r-xp 00000000 08:01 1843225 /lib/ld-2.11.2.so b7756000-b7757000 r--p 0001a000 08:01 1843225 /lib/ld-2.11.2.so b7757000-b7758000 rw-p 0001b000 08:01 1843225 /lib/ld-2.11.2.so bf9f8000-bfa0d000 rw-p 00000000 00:00 0 [stack] Aborted
Why can't I free my string?
Here is some extra information
root@chu:~/sc/tomashell# gcc --version gcc (Debian 4.4.5-8) 4.4.5 Copyright (C) 2010 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. root@chu:~/sc/tomashell# uname -a Linux chu 2.6.32-5-686 #1 SMP Mon Jun 13 04:13:06 UTC 2011 i686 GNU/Linux root@chu:~/sc/tomashell#
Well, the obvious answer is that the sprintf is printing more characters than there is allocated space, so that some info on the end of the block (containing bookkeeping info for the memory manager) is being overwritten. Without examining the whole program, there are too many uncertainties here for us to diagnose it perfectly. For example, we don't know what param points to, and how you guarantee it's not too long. You could use snprintf to do this more safely.