1

I have a case where I am calling a function twice, using two different sets of variables. The first call results in a segmentation fault, the second call returns successfully.

The parameters are identical, short of the variable names. What could be the cause of this behavior?

#include <stdio.h>
#include <stdlib.h>
#include "euler-v2.h"

#define POWER 1000

int main(void)
{
    int i;

    int base[] = { 2 };
    int *r;
    int *rlength;

    // The below line causes a segmentation fault
    r = power_arr(base, sizeof(base) / sizeof(int), 2, rlength);

    int n[] = { 2 };
    int *pow;
    int *length;

    pow = power_arr(n, sizeof(n) / sizeof(int), 2, length);


    exit(0); 
}

The function prototype in a separate header file:

int *power_arr(int *n, int nlength, int exp, int *res_length);

I cant discern any difference between the first call to power_arr and the second call. Any insight into what exactly is occurring here?

EDIT:

Source for function power_arr:

int *power_arr(int *n, int nlength, int exp, int *res_length)
{
    int i, j, tmp_length;
    int *res, *tmp;

    res = n;

    printf("Step 1\n"); // Last printed line
    *res_length = nlength;
    printf("Step 2\n"); // Never reaches here

    while (--exp > 0)
    {
        tmp_length = *res_length;
        tmp = malloc(sizeof(int) * tmp_length);

        if (!tmp)
        {
            return NULL;
        }

        copy(tmp, res, *res_length);

        for (i = *n - 1; i > 0; i--)
        {
            res = sum(res, *res_length, tmp, tmp_length, res_length);
        }

        if (!res)
        {
            return NULL;
        }

            free(tmp);
    }
        return res;
}

Note, I have placed to printf statements for debugging. I have commented where the code execution fails.

Vlad from Moscow
  • 301,070
  • 26
  • 186
  • 335
hermetik
  • 115
  • 9
  • Can you post also the implementation of `power_arr`? The issue may be there... – nnn Nov 26 '15 at 00:03
  • 1
    I don't quite understand how the second call can be made if the first has seg-faulted. Is this your code or "something like my code"? – Weather Vane Nov 26 '15 at 00:12
  • @Weather Vane. My apologizes. I originally had the first call - which produced a segmentation fault. Prior to this, I tested the function call in another source file, so I simply copied the block of statements (variables and second function call). Commented out the first, re-ran the second successfully. I was left scratching my head as to why the call was failing, when I tested the call seconds prior. The inclusion of both calls was to show that I have used identical variable types and calling conventions. – hermetik Nov 26 '15 at 00:16
  • You're never allocating any space for `rlength` to point to. So `power_arr()` is indirecting through an uninitialized pointer. – Barmar Nov 26 '15 at 00:17
  • @Barmer. That makes total sense, but then, why would the second call succeed every time? *length is an uninitialized pointer as well. Also, *rlength is initialized in power_arr; the call `*res_length = nlength. – hermetik Nov 26 '15 at 00:20
  • Don't expect to draw *any* conclusions when UB happens to work. – Weather Vane Nov 26 '15 at 00:20

1 Answers1

1

The program has undefined behaviour because pointer rlength was not initialized and has indetermined value.

int *rlength;

On the other hand in the function you are trying to write to an unallocated memory using this pointer.

*res_length = nlength;
Vlad from Moscow
  • 301,070
  • 26
  • 186
  • 335