Falk Hueffner wrote: > the fact that your program crashes in glibc memory manangement makes > it quite unlikely that this is a compiler bug. Can you try valgrind? I can see why you would think that now. Let me explain why the free() call is segfaulting: #0 0xb7e6bab9 in free () from /lib/tls/libc.so.6 #1 0x08056627 in StringSet (str=0xb7f37ff4, content=0x80686f0 "e", length=27) at types.c:218 #2 0x080525ab in nreadutfString (dest=0x8068600) at network.c:291 Again if you look at the sources, it should be the case that str == dest. But it doesn't. So when StringSet() does free(str->string) it looks at memory near 0xb7f37ff4 and pulls out a pointer, which could be any random data, and passes it to free(). It's no wonder free() crashes. It's more of a wonder that the str->string dereference doesn't crash for str being out of the allocated memory space. If you throw a random number at free() of course it's going to crash there. -- Chris Howie http://www.chrishowie.com -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GCS/IT d-(--) s:- a--->? C++(+++)$> UL++++ P++++$ L+++>++++ E--- W++ N o++ K? w--$ O M- V- PS--(---) PE++ Y+ PGP++ t+ 5? X- R(+)>- tv-(--) b- DI+> D++ G>+++ e>++ h(--)>--- !r>+++ y->+++ ------END GEEK CODE BLOCK------
Attachment:
signature.asc
Description: OpenPGP digital signature