*** glibc detected *** free(): invalid next size (normal): 0x0000000000503e70 ***

Applications Programming
1

hi,
I have made a small C program that make use of malloc and free for processing bitmap images. when i try to run the program, I am getting a error something like

*** glibc detected *** free(): invalid next size (normal): 0x0000000000503e70 ***

I am not sure of which free() is causing this error.

Can anybody of you please tell me,what is the reason for this? and how can I get rid of this?

Any help will be appreciated.

linux 2.6.11.4-21.11-default #1 Thu Feb 2 20:54:26 UTC 2006 x86_64 x86_64 x86_64 GNU/Linux

gcc version 3.3.5 20050117 (prerelease) (SUSE Linux)

glib GNU C Library stable release version 2.3.4 (20050218), by Roland McGrath et al.

here is part of my program


main()
{
	struct tt
	{
		char a[54];
	}g;
	struct ss
	{
		int a[54];
	}e;
	char *f;
	char *b,*chr;
	long p=0,q=0,i=0,j=0;//,r=0;
	long r1=0,r2=0,z1=0,r3=0,r4=0;//width calculation
	int l=0;
	int k=0,flag=0,flag1=0,flag2=0;
        //char ch=' ';
	FILE *fp,*fp1;
	
	fp=fopen("paradise.bmp","rb");
	fp1=fopen("hi1.bmp","w");
	
	fread(&g,54,1,fp);
	for(i=0;i<=53;i++)
	{
		if(g.a<0)
			e.a=255+g.a+1;
		else
			e.a=g.a;
		printf(" %d ",e.a);
	}
	r1=(e.a[18])+e.a[19]*256+e.a[20]*256*256+e.a[21]*256*256*256;
	printf("\n*******r1=%ld*********\n",r1);
	//cheking for zero padding
	if(r1%4==0)
	{
		printf("\n********r1=%ld******\n",r1); 
		//no change;
	}
	else if(r1%3==0)
	{
		z1=r1;
		flag1=2;
	}
	else if(r1%2==0)
	{
		z1=r1*2;
		//printf("\n********z1=%ld******\n",z1); 
		flag1=1;
	}
	else
	{
		//flag1=0;
	}
	r1=r1*2;
	r3=r1;
	r2=e.a[22]+e.a[23]*256+e.a[24]*256*256+e.a[25]*256*256*256;
	printf("\n*****r2=%ld******\n",r2); 
	r2=r2*2;
	r4=r2;
	printf("\n*****r4=%ld******\n",r4);
	printf("\nhi %d\n",r1);
	e.a[21]=(r1)/(16777216);
	printf("\nhi  ");
	g.a[21]=e.a[21];
	r1=r1-e.a[21]*256*256*256;
	e.a[20]=(r1)/(65536);
	g.a[20]=e.a[20];
	r1=r1-e.a[20]*256*256;
	e.a[19]=(r1)/(256);
	g.a[19]=e.a[19];
	r1=r1-e.a[19]*256;
	e.a[18]=r1;
	g.a[18]=e.a[18];
	e.a[25]=(r2)/(16777216);
	g.a[25]=e.a[25];
	r2=r2-e.a[25]*256*256*256;
	e.a[24]=(r2)/(65536);
	g.a[24]=e.a[24];
	r2=r2-e.a[24]*256*256;
	e.a[23]=(r2)/(256);
	g.a[23]=e.a[23];
	r2=r2-e.a[23]*256;
	e.a[22]=r2;
	g.a[22]=e.a[22];
	r1=e.a[2]+e.a[3]*256+e.a[4]*256*256+e.a[5]*256*256*256;
	r1=(r1-z1)*2;
	r2=r1;
	e.a[37]=(r1)/(16777216);
	g.a[37]=e.a[37];
	r1=r1-e.a[37]*256*256*256;
	e.a[36]=(r1)/(65536);
	g.a[36]=e.a[36];
	r1=r1-e.a[36]*256*256;
	e.a[35]=(r1)/(256);
	g.a[35]=e.a[35];
	r1=r1-e.a[35]*256;
	e.a[34]=r1;
	g.a[34]=e.a[34];
	e.a[5]=(r2)/(16777216);
	g.a[5]=e.a[5];
	r2=r2-e.a[5]*256*256*256;
	e.a[4]=(r2)/(65536);
	g.a[4]=e.a[4];
	r2=r2-e.a[4]*256*256;
	e.a[3]=(r2)/(256);
	g.a[3]=e.a[3];
	r2=r2-e.a[3]*256;
	e.a[2]=r2;
	g.a[2]=e.a[2];
	fwrite(&g,54,1,fp1);
	fclose(fp1);
	fclose(fp);
	printf("\n after calculation g.a[] is : ");
	for(i=0;i<=53;i++)
		printf(" %d ",g.a);
	printf("\n hello");
	printf("\n******r3=%ld*****\n",r3);
	if((f=(char *)malloc(r3*3/4))==NULL)
	{
		printf("NO SPACE");
		exit(0);
	}
	printf("\n f[] is : ");
	for(p=0;p<r3*3/2;p++)
	{
		//*(f+p)=128;
		f[p]=128; 
		printf(" %c ",f[p]);
	}
	printf("\n");
	b=(char *)malloc(r3*3/4);
	for(i=0;i<=r4;i++)
	{
		fp=fopen("paradise.bmp","rb");
		if(i==0)
			fseek(fp,54,0L);
		else if((i+1)%2!=0 && flag1==1)
		{
			l++;
			fseek(fp,54+(r3*3/4)*i+(l)*2,0L);
		}
	   	else
			fseek(fp,54+(r3*3/4)*i+(l)*2,0L);
	        chr=(char *)malloc(r3*3/2);
	        fread(chr,r3*3/4,1,fp);
      //		if(i%2==0){
//			for(r=0;r<r3*3/4;r++)

	  //	}
		fflush(fp);
	   	fclose(fp);
		for(p=0;p<(r3*3/4);p++)
		{
		//	b[p]=e.a[p];
			//*(b+p)=*(chr+p);
			b[p]=chr[p]; 
		}
	   //job of this loop is to make e.a[] a 582 byte array
		for(p=0,q=0;p<(r3*3/4)*2;)
		{
			if(flag==1)
			{
			   for(k=0;k<=2;k++)
			   {
				//*(chr+p)=128;
				   chr[p]=128;   
				p++;
			   }
			   flag--;
			}
			else
			{
			   for(k=0;k<=2;k++)
			   {
				//*(chr+p)=*(b+q);
				   chr[p]=b[q];
				q++;
				p++;
			   }
			flag++;
			}
		}
	        fp1=fopen("hi1.bmp","a+");
	        if(j%4==0)
		{
		      fseek(fp1,54+j*(r3*3/4)*2,0L);
	//write linefeed code here
                      for(k=0;k<(r3/2)*3;k++)
		      {
			    if(chr[k]==10)// ||*(chr+k)==13)
				chr[k]=12;
		      }
                      fwrite(chr,(r3*3/4)*2,1,fp1);
		      j++;
	         }
	         else if((j-1)%4==0)
		 {
		      fseek(fp1,54+j*(r3*3/4)*2,0L);
	              for(k=0;k<(r3/2)*3;k++)
		      {
			   if(chr[k]==10 )//||*(chr+k)==13)
				chr[k]=12;
		      }
		      fwrite(chr,(r3*3/4)*2,1,fp1);
		      j++;
	         }
	         if(j%4!=0 && (j-1)%4!=0)
		 {
		       fseek(fp1,54+j*(r3*3/4)*2,0L);
		       fwrite(f,(r3*3/4)*2,1,fp1);
		       fwrite(f,(r3*3/4)*2,1,fp1);
		       j+=2;
	         }
		 fflush(stdin);
		 fflush(fp1);
		 fclose(fp1);
                 free(f);
                 free(chr);
		 free(b);
                 f=(char *)malloc(r3*3/2);
                 for(p=0;p<r3*3/2;p++)
                      f[p]=128;
	}
//}
	      	if(i%2==0){
	      	  for(k=0;k<=1;k++)
		       if(flag2==0){
			flag2=1;
			fwrite(&e,582,1,fp1);
		       }
		       else{
			fseek(fp1,55+582*1+582,0L);
			fwrite(&e,582,1,fp1);
			flag2=0;
		       }

		}
		else{
			fwrite(&f,582,1,fp1);
			flag1=2;
		}
			 

	if(i==2||i==34){
		if(i==34)
			fputc(48,fp1);
		else
			fputc(102,fp1);
		fputc(228,fp1);
		fputc(6,fp1);
		i=i+2;
	}
	else if(i==18 || i==22){
		fputc(132,fp1);
		fputc(1,fp1);
		i++;
	}
	else
		fputc(e.a,fp1); 
}

Any help will be appreciated

Thanks & Regards

Vijay

2

You never call malloc to create b, line 223 you call free(b)