Mail Archives: djgpp/2000/01/13/23:25:30
here's some more info. the bits of code are the files and line numbers in
question. i really don't believe i'm running over the array bounds in
either case. what information does dynamic memory store besides the actual
data? i mean what is stored besides the data in djgpp dynamic memory? it
seemed that in gdb, eight bytes extra were stored before and after the
array, outside the defined size of the array. these eight bytes before and
after the array never changed after the new and before the delete. once
deleted, the first bit would change from 0 to 1. anyway, here's the dump
and code. i'm hoping you may have seen something similar sometime or can
give me a clue into what's wrong.
====BEGIN
scrbuf.cpp
34 scrBuffer::~scrBuffer()
35 {
36 Update(_SCRBUFFER_SAVED);
37
38 #ifdef __BORLANDC__
39 delete huge[] BufferAttributes;
40 delete huge[] Buffer;
41 #else
42 #ifdef __GNUC__
43 delete [] BufferAttributes;
44 delete [] Buffer;
45 #else
46 #error "Unknown Compiler"
47 #endif
48 #endif
49 delete [] Display;
50 delete [] Saved;
51 }
...
72 int scrBuffer::SetBuffer(unsigned int L, unsigned int C, unsigned int
R)
73 {
74 Update(_SCRBUFFER_SAVED);
75
76 #ifdef __BORLANDC__
77 delete huge[] BufferAttributes;
78 delete huge[] Buffer;
79 #else
80 #ifdef __GNUC__
81 delete [] BufferAttributes;
82 delete [] Buffer;
83 #else
84 #error "Unknown Compiler"
85 #endif
86 #endif
87 delete [] Display;
88 delete [] Saved;
89
90 BufferAttributes = NULL;
91 Buffer = NULL;
92 Display = NULL;
93 Saved = NULL;
94
95 if (C) Columns = C;
96 if (R) Rows = R;
97 if (L) Lines = L;
98
99 D_Bytes = Columns * Rows;
100 B_Bytes = Lines + Rows;
101 B_Bytes *= Columns;
102
103 Saved = new unsigned char[D_Bytes << 1];
104 Display = new unsigned char[D_Bytes << 1];
105 if (Saved == NULL || Display == NULL) {
106 State = _SCRBUFFER_ERROR;
107 return State;
108 }
109
110 #ifdef __BORLANDC__
111 BufferAttributes = new unsigned char huge[B_Bytes];
112 Buffer = new unsigned char huge[B_Bytes];
113 #else
114 #ifdef __GNUC__
115 BufferAttributes = new unsigned char[B_Bytes];
116 Buffer = new unsigned char[B_Bytes];
117 #else
118 #error "Unknown Compiler"
119 #endif
120 #endif
121 if (Buffer == NULL || BufferAttributes == NULL) {
122 State = _SCRBUFFER_ERROR;
123 return State;
124 }
125
126 if (State == _SCRBUFFER_ERROR) State = _SCRBUFFER_ON;
127
128 Clear();
129 return State;
130 }
Exiting due to signal SIGSEGV
General Protection Fault at eip=000160e7
eax=002a2f30 ebx=000a8b94 ecx=000a8b94 edx=002c9ac8 esi=000aaabc
edi=000a8bcc
ebp=000a98d8 esp=000a98cc program=M:\USERS\RABBITT\DST\SEADST.EXE
cs: sel=00a7 base=10000000 limit=000bffff
ds: sel=00af base=10000000 limit=000bffff
es: sel=00af base=10000000 limit=000bffff
fs: sel=008f base=0003efb0 limit=0000ffff
gs: sel=00bf base=00000000 limit=0010ffff
ss: sel=00af base=10000000 limit=000bffff
App stack: [000a9b68..00029b68] Exceptn stack: [00029ac4..00027b84]
Call frame traceback EIPs:
0x000160e7 _free+119
0x0000f167 ___builtin_delete+23, line 0 of new2.cc
0x0000cd12 __$_9scrBuffer+142, line 50 of scrbuf.cpp
0x00007f9c _BufferClear__12seaInterface+36, line 685 of seaintfc.cpp
0x000027e6 _main+3630, line 238 of seadst.cpp
0x00011392 ___crt1_startup+178
seadst.cpp
124 textptr = new char[81];
125 strcpy(textptr, "Viewing File "); strcpy(&textptr[13], text);
126 while (fgets(text, 80, file) == text) {
127 sea->Buffer(text);
128 }
129 fclose(file); file = NULL;
130 sea->Status(textptr, "\xb3 \x18/\x19=Scroll \xb3 Esc=Back");
131 sea->BufferTop();
132 while (key != ESC) {
133 key = sea->View();
134 switch (key) {
135 case EXTENDED:
136 getch();
137 break;
138 default: ;
139 }
140 }
141 delete [] textptr; textptr = NULL;
Exiting due to signal SIGSEGV
General Protection Fault at eip=00016167
eax=cc8195a0 ebx=000a909c ecx=000a912b edx=cc840138 esi=000a912b
edi=73206568
ebp=000a9938 esp=000a992c program=M:\USERS\RABBITT\DST\SEADST.EXE
cs: sel=00a7 base=10000000 limit=000bffff
ds: sel=00af base=10000000 limit=000bffff
es: sel=00af base=10000000 limit=000bffff
fs: sel=008f base=0003efb0 limit=0000ffff
gs: sel=00bf base=00000000 limit=0010ffff
ss: sel=00af base=10000000 limit=000bffff
App stack: [000a9b68..00029b68] Exceptn stack: [00029ac4..00027b84]
Call frame traceback EIPs:
0x00016167 _free+247
0x0000f237 ___builtin_vec_delete+23, line 0 of new2.cc
0x0000211a _main+1890, line 141 of seadst.cpp
0x00011392 ___crt1_startup+178
====END
"Eli Zaretskii" <eliz AT is DOT elta DOT co DOT il> wrote in message
news:Pine DOT SUN DOT 3 DOT 91 DOT 1000112090254 DOT 28074Q-100000 AT is...
On 11 Jan 2000, Chad Rabbitt wrote:
> 0x..... _free+somenumber
> 0x..... ___builtin_vec_delete+somenumber, line 0 of new2.cc
> 0x..... _main+somenumber, line xx of main.cpp
> etc...
>
> what is causing sigsegv's on a delete [] statement?
Usually this happens when you either write past the end of allocated
buffers, or try to free them more than once.
Try using YAMD to find this bug.
If you want more intelligent help, post the entire crash message,
complete with registers' dump and call frame traceback, after running
SYMIFY on it.
- Raw text -