• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 247
  • Last Modified:

Why C function free() blows up on MVS, but works fine on NT and UNIX?

Here is the function that I'm working on:

long svgParse (STYH styh, char *fileName, char **pOutBuf, long imID,
    long *sizeX, long *sizeY, SS_NLSCharTab *charTab,
    ImageDescPtr imagePtr)
  R1H           r1h;
  t_xmlhctx     *xmlhctx = NULL;
  long          rc;
  t_xmlf        *xmlapi;
  void          *xmlh;
  t_ntsnlep     ntsnlep;
  void          *xmltree;
  t_ntsnPub     *root;
  SvgContext    svgCtx;
  int isTransparent;
  unsigned char transpIndex;
  RgbColorType *colorMap;
  unsigned char **screenBuffer;
  int screenWidth;
  int screenHeight;
  svgCtx.styh = styh;
  r1h = mbxR(R1H_MBX, MBX_AGN);
  r1h->r1lodctx->r1lodli( r1h->r1lodctx, "XMLH    ",
    (Pfun *)&xmlhctx, &rc );
  if (*xmlhctx == NULL) {
    printf("**** r1lodli() failed\n");
    goto badRet;
  xmlapi = (t_xmlf *) fmalloc(sizeof(t_xmlf));
  if (xmlapi == NULL)
    goto badRet;
  ntsnLoadLib(r1h, &ntsnlep, &rc);  /* init NTMAS */
  if (rc != 0) {
    printf("**** ntsnLoadLib() failed\n");
    goto badRet;
  xmlh = xmlapi->xmlini(r1h, sysctx()->ioh, &ntsnlep, NULL, NULL);
  if (xmlh == NULL) {
    printf("**** xmlini() failed\n");
    goto badRet;
  /* xmltree = xmlapi->xmlparse(xmlh, IOH_XML, XML_SOURCE_BUFFER, xmlInput); */
  xmltree = xmlapi->xmlparse(xmlh, IOH_SVG, XML_SOURCE_FILE,
    fileName, 8);
  if (xmltree == NULL) {
    printf("**** xmlparse() failed\n");
    goto badRet;
  xmlapi->xmlprtree(xmlh, xmltree, "The XML Tree");
  root = xmlapi->GetRealRoot(xmlh, xmltree);
  svgWalk(&svgCtx, xmlh, xmlapi, root, 0);
  xmlapi->xmlfrtree(xmlh, xmltree);
  *sizeX = svgCtx.svgTagAttrib.width;
  *sizeY = svgCtx.svgTagAttrib.height;
  imagePtr->xPixels = svgCtx.svgTagAttrib.xPixels;
  imagePtr->yPixels = svgCtx.svgTagAttrib.yPixels;
  isTransparent = FALSE;
  transpIndex = 0;
  colorMap = NULL;
  screenBuffer = &(svgCtx.outBuf.buffer);
  screenWidth = *sizeX;
  screenHeight = *sizeY;
  dumpImage(styh, SVG_FORMAT, screenBuffer, screenWidth, screenHeight,
      pOutBuf, imID, isTransparent, transpIndex, charTab, colorMap);
  rc = 0;
  goto done;
  rc = 1;
  ffree(xmlapi);  /* Program crashes at this line on MVS */
  return rc;

The program crashes on MVS when trying to do a free() at the end of
svgParse() as follows:
ffree(xmlapi);   /* Program crashes at this line on MVS */

The function ffree() is defined as follows:
#define  ffree(p) do{ if((p)!=NULL) {free(p);(p)=NULL;} } while(0)

The program works fine on NT workstation 4.0.  Since this usually indicates some kind of memory problem, such as overrunning an allocated area, I tested it on UNIX using Purify program, but Purify program didn't report any problems.

Could you please let me know why it crashes on MVS?

Thank you for your help!

2 Solutions
You've probably trashed the heap somehow along the way, it just doesnt show up until you try to free something.

What I do in this case is sprinkle a few calls to a heap-exercizer routine, something like:

void TestHeap( char * Where )
int i, len; char * p; char * hp[ 20 ];
     for(len= 10, i=0; len < 10000 ; len *= 2 )  hp[ i++ ] = malloc(  len );
     while( i >= 0 )  free( hp[--i]  );
     printf( stderr, "Heap probably okay at %s\n", Where );

Sjef BosmanGroupware ConsultantCommented:
From only this snippet I can't tell you what goes wrong. Some analysis:
- you allocate memory xmlapi of size t_xmlf
- I assume you initialize it using (*xmkhctx)
- you call several functions from xmlapi
- you didn't (visibly) alloc svgCtx.outBuf.buffer
- you free xmlapi

Obvious questions:
- what's happening in the initialisation routine?  
- are there more allocs/frees done?
- are you freeing memory that hasn't been alloc'ed?
- who's overwriting the memory administration?

Indeed you can use the suggestion of grg99, for I agree with him that the heap's administration is ruined somewhere, but reviewing your code would also be a good idea.
Are you sure its not crashing because the malloc for xmlapi is failing?
Because in your code,if malloc fails you do a goto to badRet:

but the free code is after that so that,too,would get executed.

and freeing memory that hasnt been allocated can lead to a seg fault.

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Sjef BosmanGroupware ConsultantCommented:
Ankurat: read ffree() thoroughly, free() won't be called when the pointer is NULL
this is what U did with xmlapi
xmlapi = (t_xmlf *) fmalloc(sizeof(t_xmlf));
  if (xmlapi == NULL)
    goto badRet;
Assume fmalloc failed, you proceeded to badRet, which only sets the return, then you attempted to free xmlapi, which memory allocation failed.  This is a potential problem.
I don't know why you are using xlib fmalloc,  code looks like C, smells like C, and crashes like C.  I know fmalloc is " memory leak protection", I could be wrong, but try to use malloc.
starkmanAuthor Commented:
Hi, thanks everyone for your help!

1). I have tried the heap-exercizer routine suggested by grg99, but it didn't report any problems. There seems to be a small error in the
TestHeap() routine, in which:
while( i >= 0 )  free( hp[--i]  );

should be:
while( i > 0 )  free( hp[--i]  );

because when i=0, free(hp[--i]) becomes free(hp[-1]), and it will immediately crash. Everything else seems to be fine. The following is the modified TestHeap() that I used in my test:

void TestHeap(char *Where)
    long i, len;
    char *hp[20];
    for(len = 10, i = 0; len < 10000 ; len *= 2)  
        hp[i++] = malloc(len);  
    while(i > 0)  

    printf("Heap probably okay at %s\n", Where);

Also, since I'm using Microsoft Visual C++ 6.0 as development tool, I tried its debugging function "_heapchk()" to check consistency of heap, but the function didn't report any problems either.

2). Regarding comment by garboua:
function fmalloc() is defined as follows:
#define  fmalloc  malloc

3). I have the following additional questions:
--Are there any other tests that can help me detect heap errors?
--Do I have to go to MVS to do the debugging, which would be the last thing I want to do, because I have never used MVS before (the error was reported by other people)?

Thank you again for your help!


starkmanAuthor Commented:
The accepted answer and Purify tool greatly helped me isolate the problem and be confident that the problem is a MVS specific problem.

What was happening is that the XMLH module couldn't be
found on MVS, and it was jumping to label "badRet:" and trying
to do a ffree(xmlapi), but xmlapi wasn't yet initialized,
so free() was crashing.  I fixed the code to initialize
the xmlapi pointer to NULL, so free() no longer crashes
and you get an error message. Now I'm trying to find out why the XMLH module doesn't exist on MVS.

I would like to thank all of you who provide the help!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now