• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 367
  • Last Modified:

strcat() -- segmentation fault Core Dumping

0
Deepikak
Asked:
Deepikak
  • 4
  • 2
  • 2
  • +1
1 Solution
 
umangjoshiCommented:
blank??
0
 
DeepikakAuthor Commented:
Hello Experts,
   We are running our server on 4 machines hence the load is shared. once every day at one point one of the servers core dunmps. This would not happen earlier. recently from when we have done some enhancement we are comming acoss this problem. but the enhancement is not anywhere related to this function shown. I am pasting a portion of the code, where in there is a core dump. and also the list of functions in dbx of the core.
Below is the function:
 In this funciton
AdObj isj_MorphoProcE is a liberary function which splits a japanese word into logical words and stores it in jd.
getJpAdText(Memory memory, AdGroup ag, char *keyword)
{
    AdObj ad = (AdObj)0;
    char *buf1 = (char *)seek_malloc_r(memory, strlen(keyword)+3);
    char *buf2 = (char *)seek_malloc_r(memory, strlen(keyword)+3);
    int cur = 0;
    MorphoWordInfoE *JapaneseWords, *jd;
    int NumWords,MorphoResults;
    int loop;
   
    MorphoResults = isj_MorphoProcE(keyword,&JapaneseWords,&NumWords);

    if (MorphoResults == MORPHO_ERR ) {
      fprintf(stderr,"Morpho Failed!!!\n");
      seek_free_r( memory, buf1 );
      seek_free_r( memory, buf2 );
      return (0);
    }

    jd = JapaneseWords;
   
    for (loop = NumWords; loop > 0; loop--, jd++) {
      if ((jd->pos_flag) == MORPHO_ON)
      {
          if (*(jd->stem_norm) != NULL )
          {
            if ( ad = getAdText(ag,jd->stem_norm))
            {
                seek_free_r( memory, buf1 );
                seek_free_r( memory, buf2 );
                return (ad);
            }
            else
                if (buf1)
                {
                  buf2 = strcat(buf1,jd->stem_norm);
                  if (ad = getAdText(ag,buf2))  
                  {
                      seek_free_r( memory, buf );
                      seek_free_r( memory, buf1 );
                      seek_free_r( memory, buf2 );
                      return (ad);
                  }
                  else {
                      strcpy(buf1,jd->stem_norm);
                  }
                }
                else {
                  strcpy(buf1,jd->stem_norm);
                }
          }
          else
            if (ad = getAdText(ag,jd->stem))
            {
                seek_free_r( memory, buf1 );
                seek_free_r( memory, buf2 );
                return (ad);
            }
            else
                if (buf1)
                {
                  buf2 = strcat(buf1,jd->stem);
                  if (ad = getAdText(ag,buf2))
                  {
                      seek_free_r( memory, buf1 );
                      seek_free_r( memory, buf2 );
                      return (ad);
                  }
                  else
                  {
                      strcpy(buf1,jd->stem);
                  }
                }
                else
                {
                  strcpy(buf1,jd->stem);
                }
      }
    }
    seek_free_r( memory, buf1 );
    seek_free_r( memory, buf2 );
    return (0);
}

Below is the list of function when "where -v" is executed in dbx of core
=>[1] strcat(0x1dd060fc, 0x0, 0xedbf4db8, 0x15de17d8, 0x0, 0x0), at 0xef4d002c
  [2] getJpAdText(0x1dd05ad8, 0x15dda4d8, 0xedbf4e88, 0x15de17d8, 0x1dd060fc, 0x2910b550), at 0x397f0
  [3] getAdKeyword(0x4, 0x1dd05e58, 0xedbf5968, 0x0, 0x0, 0x4), at 0x3a0ac
  [4] getAdOfHighPrice(0x1dd05ad8, 0x0, 0x15dda4d8, 0xedbf59ed, 0xedbf59a7, 0xedbf5986), at 0x3b490
  [5] BlitzenSeekAdsServer::getTips(0xedbf5a19, 0xedbf54e8, 0xedc0da94, 0x5befe0, 0x81010100, 0xff0000), at 0x54db4
  [6] BlitzenSeekAdsServer::getAd(0x257e6adc, 0xedbf5904, 0xedbf6884, 0x0, 0x0, 0x0), at 0x3c99c
  [7] SeekAdsAdServerClient::GetAd_CountImpression(0x257e6ad8, 0xedbf5904, 0xedbf6884, 0x0, 0xedc0da94, 0x1), at 0x32738  [8] InfoSeekAdServer::DispatchLoop(0x1a2030, 0xedbf57d4, 0xedc0f888, 0x0, 0x0, 0x0), at 0x3135c
  [9] InfoSeekAdServer::Dispatch(0x1a2030, 0xedbf5870, 0xedbf6870, 0xedc0f888, 0x1000, 0x0), at 0x2f4f0
  [10] Sake_Server_Thread(0x19e90948, 0xef5ca620, 0x816, 0x2cfcb, 0x1992b400, 0x19e90948), at 0x2e148

   Please get back to me on this considering this as important. My advance thanks to you for your response.
Regards
Deepika
0
 
KocilCommented:
I saw two things.

1. Not enough allocation
Allocation:
char *buf1 = (char *)seek_malloc_r(memory,strlen(keyword)+3);
Then you cat buff1 with jd-stem.
buf2 = strcat(buf1,jd->stem);
Is buf1 have enough memory to hold it ?
You may add some more, not only +3;

2. Invalid free
You assign the result of strcat (buf1) to buf2,
but then you free it.
   buf2 = strcat(buf1,jd->stem); // buf2 == buf1
   if (ad = getAdText(ag,buf2))
   {
      seek_free_r( memory, buf1 );
      seek_free_r( memory, buf2 ); // you free buf1 again
      // and the buf2 will lost -> memory leak
      return (ad);
   }

The solution is simple.
   strcat(buf1,jd->stem);
   if (ad = getAdText(ag,buf1))
   {
      ....
   }

regards
               
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
KrypCommented:
[1] strcat(0x1dd060fc, 0x0, 0xedbf4db8, 0x15de17d8, 0x0, 0x0), at 0xef4d002c
So you have
strcat( dest, NULL );

I think you should look at your 'jd' data structure.
>  for (loop = NumWords; loop > 0; loop--, jd++) {
Perhaps jd on the last iteration is pointing at a blank entry?

> if (ad = getAdText(ag,jd->stem))
Assignments in conditionals are usually bugs
Be specific if you really mean
if ( (ad = getAdText(ag,jd->stem)) != NULL )

Or perhaps you mean
if ( ad == getAdText(ag,jd->stem) )

0
 
DeepikakAuthor Commented:
Thank you for the response...
Kocil -- I accept with you explanation that there is a memory leak. but i doubt is that why does it cordumps always in strcat() .. it there is a memory leak, usually when there is no memory at any point of time it should core dump. Can you please clarify my doubt on this.
i accept that this is a problem to be fixed but is it the solution of the present problem.

Kryp -- Thank you for this suggestion, i did think in these lines but in
[1] strcat(0x1dd060fc, 0x0, 0xedbf4db8, 0x15de17d8, 0x0, 0x0), at 0xef4d002c i am not very clear as to which argument corresponse to which value. strcat() has to have 2 arguments and hence i am getting confused as to what is what. please explain me which is the source and destination.
 
Findly let me know on this -- thanking you
Deepika


0
 
KrypCommented:
Compile it with debug if you want to see anything other than 6 "arguments" for each function.
Eg
gcc -ggdb prog.c

Otherwise, just read from the left for as many arguments as you know the function takes.  The debugger doesn't know how many parameters, so it just takes 6 words off the stack and prints them, hoping that covers it.

This is my last message here at EE, so goodbye and good luck to all.
0
 
KocilCommented:
You said it would coredump after running several time.
So i guess, the memory was leaking little by little, then there was not enough memory you can malloc for buf1, then core dump.

Maybe :)

0
 
DeepikakAuthor Commented:
Dear Experts,
  Thank you for your response. I have taken care of the memory leak and the validation of the arguments for the strcat(). Took this long to accept the answer as we had to put it on live and test. it is all fine now.
I thank you once again
Deepika
0
 
DeepikakAuthor Commented:
 Can anyone pelase tell me what would be the impact on the performance if i compile it with debug mode.
Eg-
gcc -ggdb prog.c
  My question is as to what would be the difference in processing a request if a program is complied with debug information.
Eg-
  if it is 1 sec will it increase to 2 sec ...or so.
Deepika
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now