Why C function free() blows up on MVS, but works fine on NT and UNIX?

Posted on 2004-04-30
Last Modified: 2010-04-02
Here is the function that I'm working on:

long svgParse (STYH styh, char *fileName, char **pOutBuf, long imID,
    long *sizeX, long *sizeY, SS_NLSCharTab *charTab,
    ImageDescPtr imagePtr)
  R1H           r1h;
  t_xmlhctx     *xmlhctx = NULL;
  long          rc;
  t_xmlf        *xmlapi;
  void          *xmlh;
  t_ntsnlep     ntsnlep;
  void          *xmltree;
  t_ntsnPub     *root;
  SvgContext    svgCtx;
  int isTransparent;
  unsigned char transpIndex;
  RgbColorType *colorMap;
  unsigned char **screenBuffer;
  int screenWidth;
  int screenHeight;
  svgCtx.styh = styh;
  r1h = mbxR(R1H_MBX, MBX_AGN);
  r1h->r1lodctx->r1lodli( r1h->r1lodctx, "XMLH    ",
    (Pfun *)&xmlhctx, &rc );
  if (*xmlhctx == NULL) {
    printf("**** r1lodli() failed\n");
    goto badRet;
  xmlapi = (t_xmlf *) fmalloc(sizeof(t_xmlf));
  if (xmlapi == NULL)
    goto badRet;
  ntsnLoadLib(r1h, &ntsnlep, &rc);  /* init NTMAS */
  if (rc != 0) {
    printf("**** ntsnLoadLib() failed\n");
    goto badRet;
  xmlh = xmlapi->xmlini(r1h, sysctx()->ioh, &ntsnlep, NULL, NULL);
  if (xmlh == NULL) {
    printf("**** xmlini() failed\n");
    goto badRet;
  /* xmltree = xmlapi->xmlparse(xmlh, IOH_XML, XML_SOURCE_BUFFER, xmlInput); */
  xmltree = xmlapi->xmlparse(xmlh, IOH_SVG, XML_SOURCE_FILE,
    fileName, 8);
  if (xmltree == NULL) {
    printf("**** xmlparse() failed\n");
    goto badRet;
  xmlapi->xmlprtree(xmlh, xmltree, "The XML Tree");
  root = xmlapi->GetRealRoot(xmlh, xmltree);
  svgWalk(&svgCtx, xmlh, xmlapi, root, 0);
  xmlapi->xmlfrtree(xmlh, xmltree);
  *sizeX = svgCtx.svgTagAttrib.width;
  *sizeY = svgCtx.svgTagAttrib.height;
  imagePtr->xPixels = svgCtx.svgTagAttrib.xPixels;
  imagePtr->yPixels = svgCtx.svgTagAttrib.yPixels;
  isTransparent = FALSE;
  transpIndex = 0;
  colorMap = NULL;
  screenBuffer = &(svgCtx.outBuf.buffer);
  screenWidth = *sizeX;
  screenHeight = *sizeY;
  dumpImage(styh, SVG_FORMAT, screenBuffer, screenWidth, screenHeight,
      pOutBuf, imID, isTransparent, transpIndex, charTab, colorMap);
  rc = 0;
  goto done;
  rc = 1;
  ffree(xmlapi);  /* Program crashes at this line on MVS */
  return rc;

The program crashes on MVS when trying to do a free() at the end of
svgParse() as follows:
ffree(xmlapi);   /* Program crashes at this line on MVS */

The function ffree() is defined as follows:
#define  ffree(p) do{ if((p)!=NULL) {free(p);(p)=NULL;} } while(0)

The program works fine on NT workstation 4.0.  Since this usually indicates some kind of memory problem, such as overrunning an allocated area, I tested it on UNIX using Purify program, but Purify program didn't report any problems.

Could you please let me know why it crashes on MVS?

Thank you for your help!

Question by:starkman
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 22

Accepted Solution

grg99 earned 450 total points
ID: 10965415
You've probably trashed the heap somehow along the way, it just doesnt show up until you try to free something.

What I do in this case is sprinkle a few calls to a heap-exercizer routine, something like:

void TestHeap( char * Where )
int i, len; char * p; char * hp[ 20 ];
     for(len= 10, i=0; len < 10000 ; len *= 2 )  hp[ i++ ] = malloc(  len );
     while( i >= 0 )  free( hp[--i]  );
     printf( stderr, "Heap probably okay at %s\n", Where );

LVL 46

Assisted Solution

by:Sjef Bosman
Sjef Bosman earned 50 total points
ID: 10966761
From only this snippet I can't tell you what goes wrong. Some analysis:
- you allocate memory xmlapi of size t_xmlf
- I assume you initialize it using (*xmkhctx)
- you call several functions from xmlapi
- you didn't (visibly) alloc svgCtx.outBuf.buffer
- you free xmlapi

Obvious questions:
- what's happening in the initialisation routine?  
- are there more allocs/frees done?
- are you freeing memory that hasn't been alloc'ed?
- who's overwriting the memory administration?

Indeed you can use the suggestion of grg99, for I agree with him that the heap's administration is ruined somewhere, but reviewing your code would also be a good idea.

Expert Comment

ID: 10971948
Are you sure its not crashing because the malloc for xmlapi is failing?
Because in your code,if malloc fails you do a goto to badRet:

but the free code is after that so that,too,would get executed.

and freeing memory that hasnt been allocated can lead to a seg fault.

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

LVL 46

Expert Comment

by:Sjef Bosman
ID: 10972070
Ankurat: read ffree() thoroughly, free() won't be called when the pointer is NULL

Expert Comment

ID: 10987106
this is what U did with xmlapi
xmlapi = (t_xmlf *) fmalloc(sizeof(t_xmlf));
  if (xmlapi == NULL)
    goto badRet;
Assume fmalloc failed, you proceeded to badRet, which only sets the return, then you attempted to free xmlapi, which memory allocation failed.  This is a potential problem.
I don't know why you are using xlib fmalloc,  code looks like C, smells like C, and crashes like C.  I know fmalloc is " memory leak protection", I could be wrong, but try to use malloc.

Author Comment

ID: 11010408
Hi, thanks everyone for your help!

1). I have tried the heap-exercizer routine suggested by grg99, but it didn't report any problems. There seems to be a small error in the
TestHeap() routine, in which:
while( i >= 0 )  free( hp[--i]  );

should be:
while( i > 0 )  free( hp[--i]  );

because when i=0, free(hp[--i]) becomes free(hp[-1]), and it will immediately crash. Everything else seems to be fine. The following is the modified TestHeap() that I used in my test:

void TestHeap(char *Where)
    long i, len;
    char *hp[20];
    for(len = 10, i = 0; len < 10000 ; len *= 2)  
        hp[i++] = malloc(len);  
    while(i > 0)  

    printf("Heap probably okay at %s\n", Where);

Also, since I'm using Microsoft Visual C++ 6.0 as development tool, I tried its debugging function "_heapchk()" to check consistency of heap, but the function didn't report any problems either.

2). Regarding comment by garboua:
function fmalloc() is defined as follows:
#define  fmalloc  malloc

3). I have the following additional questions:
--Are there any other tests that can help me detect heap errors?
--Do I have to go to MVS to do the debugging, which would be the last thing I want to do, because I have never used MVS before (the error was reported by other people)?

Thank you again for your help!



Author Comment

ID: 11389968
The accepted answer and Purify tool greatly helped me isolate the problem and be confident that the problem is a MVS specific problem.

What was happening is that the XMLH module couldn't be
found on MVS, and it was jumping to label "badRet:" and trying
to do a ffree(xmlapi), but xmlapi wasn't yet initialized,
so free() was crashing.  I fixed the code to initialize
the xmlapi pointer to NULL, so free() no longer crashes
and you get an error message. Now I'm trying to find out why the XMLH module doesn't exist on MVS.

I would like to thank all of you who provide the help!


Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

An Outlet in Cocoa is a persistent reference to a GUI control; it connects a property (a variable) to a control.  For example, it is common to create an Outlet for the text field GUI control and change the text that appears in this field via that Ou…
This tutorial is posted by Aaron Wojnowski, administrator at  To view more iPhone tutorials, visit This is a very simple tutorial on finding the user's current location easily. In this tutorial, you will learn ho…
The goal of this video is to provide viewers with basic examples to understand how to create, access, and change arrays in the C programming language.
The goal of this video is to provide viewers with basic examples to understand and use switch statements in the C programming language.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question