Amr Ayman
Reputation: 1159
Invalid memory read - Valgrind
I am creating a 2d game at the moment, but to avoid all the graphics and sound overhead (which I'm planning to use allegro to deal with, if that helps), I'm prototyping it as a command line game.
The code works as expected, no problems so far. Even when I use valgrind to check if no memory leaks are detected, I see that no leaks are possible as valgrind states.
However, I see some lines state that valgrind detected an invalid read of size 8 .. which is a problem I haven't faced before and ultimately, have no clue how to fix.
This is a sample from the test code
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define MAX_X_GRID (3)
#define MAX_Y_GRID (3)
#define MAX_NUM ((int)(MAX_X_GRID * MAX_Y_GRID))
typedef struct
{
int x;
int y;
} Location;
typedef struct
{
char * description;
char * name;
Location * location;
} Room;
Room *allrooms[MAX_NUM];
int num;
Room *Room_get_at_location(Location locs)
{ /* Get the room at location locs */
Room *r = NULL;
for ( int i = 0; i < MAX_NUM; ++i ) {
r = allrooms[i];
if ((r->location->x == locs.x) && (r->location->y == locs.y))
return r;
}
return NULL;
}
void Room_destroy(Room *room)
{ /* Free Room memory */
free(room->description);
free(room->name);
free(room->location);
free(room);
}
void free_allrooms()
{ /* Destroy all rooms */
Room *r;
for(int x = 1; x <= MAX_X_GRID; ++x)
for(int y = 1; y <= MAX_Y_GRID; ++y)
if ((r = Room_get_at_location((Location){x, y})) != NULL)
Room_destroy(r);
num = 0;
}
Room *Room_create(char *name, char *desc, Location locs)
{ /* Creates a new room */
if (num == MAX_NUM)
return NULL;
Room *r = malloc(sizeof(Room));
r->description = strdup(desc);
r->name = strdup(name);
r->location = malloc(sizeof(Location));
r->location->x = locs.x;
r->location->y = locs.y;
allrooms[num++] = r;
return r;
}
int main(int argc, char const *argv[])
{
num = 0;
Room *r;
for(int x = 1; x <= MAX_X_GRID; ++x) {
for (int y = 1; y <= MAX_Y_GRID; ++y) {
r = Room_create("Main Hall", "Gee, that's the Main Hall .. !", (Location){x, y});
printf("==========\t%s\t[%d, %d]\t==========\n %s\n", r->name, r->location->x, r->location->y, r->description);
}
}
free_allrooms();
return 0;
}
.. and this is the valgrind report
==6137== Memcheck, a memory error detector
==6137== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==6137== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==6137== Command: ./Main
==6137==
==6137== Invalid read of size 8
==6137== at 0x400604: Room_get_at_location (Main.c:30)
==6137== by 0x4006B4: free_allrooms (Main.c:49)
==6137== by 0x40084A: main (Main.c:79)
==6137== Address 0x51d9050 is 16 bytes inside a block of size 24 free'd
==6137== at 0x4C2B200: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==6137== by 0x400680: Room_destroy (Main.c:41)
==6137== by 0x4006CB: free_allrooms (Main.c:50)
==6137== by 0x40084A: main (Main.c:79)
==6137==
==6137== Invalid read of size 4
==6137== at 0x400608: Room_get_at_location (Main.c:30)
==6137== by 0x4006B4: free_allrooms (Main.c:49)
==6137== by 0x40084A: main (Main.c:79)
==6137== Address 0x51d9150 is 0 bytes inside a block of size 8 free'd
==6137== at 0x4C2B200: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==6137== by 0x400674: Room_destroy (Main.c:40)
==6137== by 0x4006CB: free_allrooms (Main.c:50)
==6137== by 0x40084A: main (Main.c:79)
==6137==
==6137== Invalid read of size 8
==6137== at 0x400615: Room_get_at_location (Main.c:30)
==6137== by 0x4006B4: free_allrooms (Main.c:49)
==6137== by 0x40084A: main (Main.c:79)
==6137== Address 0x51d9050 is 16 bytes inside a block of size 24 free'd
==6137== at 0x4C2B200: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==6137== by 0x400680: Room_destroy (Main.c:41)
==6137== by 0x4006CB: free_allrooms (Main.c:50)
==6137== by 0x40084A: main (Main.c:79)
==6137==
==6137== Invalid read of size 4
==6137== at 0x400619: Room_get_at_location (Main.c:30)
==6137== by 0x4006B4: free_allrooms (Main.c:49)
==6137== by 0x40084A: main (Main.c:79)
==6137== Address 0x51d9154 is 4 bytes inside a block of size 8 free'd
==6137== at 0x4C2B200: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==6137== by 0x400674: Room_destroy (Main.c:40)
==6137== by 0x4006CB: free_allrooms (Main.c:50)
==6137== by 0x40084A: main (Main.c:79)
==6137==
========== Main Hall [1, 1] ==========
Gee, that's the Main Hall .. !
========== Main Hall [1, 2] ==========
Gee, that's the Main Hall .. !
========== Main Hall [1, 3] ==========
Gee, that's the Main Hall .. !
========== Main Hall [2, 1] ==========
Gee, that's the Main Hall .. !
========== Main Hall [2, 2] ==========
Gee, that's the Main Hall .. !
========== Main Hall [2, 3] ==========
Gee, that's the Main Hall .. !
========== Main Hall [3, 1] ==========
Gee, that's the Main Hall .. !
========== Main Hall [3, 2] ==========
Gee, that's the Main Hall .. !
========== Main Hall [3, 3] ==========
Gee, that's the Main Hall .. !
==6137==
==6137== HEAP SUMMARY:
==6137== in use at exit: 0 bytes in 0 blocks
==6137== total heap usage: 36 allocs, 36 frees, 657 bytes allocated
==6137==
==6137== All heap blocks were freed -- no leaks are possible
==6137==
==6137== For counts of detected and suppressed errors, rerun with: -v
==6137== ERROR SUMMARY: 90 errors from 4 contexts (suppressed: 0 from 0)
What have I done wrong ?
Upvotes: 0
Views: 587
Answers (1)
starrify
Reputation: 14731
Reason:
There is problem in the function Room_get_at_location. As you're freeing the rooms one by one, it's possible that at some point when Room_get_at_location is invoked, some of the rooms are already freed. Keep testing fields of r = allrooms[i] on freed entries would generate undefined behaviours.
Solution:
Assign NULL to the entry in array allrooms after freeing it (changing the return value of Room_get_at_location a pointer to pointer would do), and then skip them in Room_get_at_location:
Room *Room_get_at_location(Location locs)
{ /* Get the room at location locs */
Room *r = NULL;
for ( int i = 0; i < MAX_NUM; ++i ) {
r = allrooms[i];
if (!r)
continue;
if ((r->location->x == locs.x) && (r->location->y == locs.y))
return r;
}
return NULL;
}
EDITED:
I've edited the code according to the solution above, and this time valgrind gives no complain.
The edited code is given below. Please notice this is just for testing and I do think this fix looks ugly. You could definitely redesign it.
#define _POSIX_C_SOURCE 201401L
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#define MAX_X_GRID (3)
#define MAX_Y_GRID (3)
#define MAX_NUM ((int)(MAX_X_GRID * MAX_Y_GRID))
typedef struct
{
int x;
int y;
} Location;
typedef struct
{
char * description;
char * name;
Location * location;
} Room;
Room *allrooms[MAX_NUM];
int num;
Room **Room_get_at_location(Location locs)
{ /* Get the room at location locs */
Room **r = NULL;
for ( int i = 0; i < MAX_NUM; ++i ) {
r = &allrooms[i];
if (!*r)
continue;
if (((*r)->location->x == locs.x) && ((*r)->location->y == locs.y))
return r;
}
return NULL;
}
void Room_destroy(Room *room)
{ /* Free Room memory */
free(room->description);
free(room->name);
free(room->location);
free(room);
}
void free_allrooms()
{ /* Destroy all rooms */
Room **r;
for(int x = 1; x <= MAX_X_GRID; ++x)
for(int y = 1; y <= MAX_Y_GRID; ++y)
{
r = Room_get_at_location((Location){x, y});
if (*r)
{
Room_destroy(*r);
*r = NULL;
}
}
num = 0;
}
Room *Room_create(char *name, char *desc, Location locs)
{ /* Creates a new room */
if (num == MAX_NUM)
return NULL;
Room *r = malloc(sizeof(Room));
r->description = strdup(desc);
r->name = strdup(name);
r->location = malloc(sizeof(Location));
r->location->x = locs.x;
r->location->y = locs.y;
allrooms[num++] = r;
return r;
}
int main(int argc, char const *argv[])
{
num = 0;
Room *r;
for(int x = 1; x <= MAX_X_GRID; ++x) {
for (int y = 1; y <= MAX_Y_GRID; ++y) {
r = Room_create("Main Hall", "Gee, that's the Main Hall .. !", (Location){x, y});
printf("==========\t%s\t[%d, %d]\t==========\n %s\n", r->name, r->location->x, r->location->y, r->description);
}
}
free_allrooms();
return 0;
}
The result:
[pengyu@GLaDOS tmp]$ gcc a.c -std=c11 -Wall -ggdb
[pengyu@GLaDOS tmp]$ valgrind ./a.out
==20749== Memcheck, a memory error detector
==20749== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==20749== Using Valgrind-3.10.0 and LibVEX; rerun with -h for copyright info
==20749== Command: ./a.out
==20749==
========== Main Hall [1, 1] ==========
Gee, that's the Main Hall .. !
========== Main Hall [1, 2] ==========
Gee, that's the Main Hall .. !
========== Main Hall [1, 3] ==========
Gee, that's the Main Hall .. !
========== Main Hall [2, 1] ==========
Gee, that's the Main Hall .. !
========== Main Hall [2, 2] ==========
Gee, that's the Main Hall .. !
========== Main Hall [2, 3] ==========
Gee, that's the Main Hall .. !
========== Main Hall [3, 1] ==========
Gee, that's the Main Hall .. !
========== Main Hall [3, 2] ==========
Gee, that's the Main Hall .. !
========== Main Hall [3, 3] ==========
Gee, that's the Main Hall .. !
==20749==
==20749== HEAP SUMMARY:
==20749== in use at exit: 0 bytes in 0 blocks
==20749== total heap usage: 36 allocs, 36 frees, 657 bytes allocated
==20749==
==20749== All heap blocks were freed -- no leaks are possible
==20749==
==20749== For counts of detected and suppressed errors, rerun with: -v
==20749== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Upvotes: 1
Related Questions
- Valgrind giving error but everything seems fine
- How to fix valgrind memory?
- Invalid write/read of size 1 in valgrind, no answer found
- valgrind error: invalid read
- invalid read memory - valgrind
- Invalid Read in Valgrind
- Valgrind, "uninitialized value(s)" error
- solve memory problems checked by valgrind
- Valgrind: Invalid read/write of size 8
- What does this error mean in Valgrind