Skip to main content

The Bug Zoo

The program crashes: Segmentation fault



This family of problem is extremely large and contains two main sort of errors: access to non-authorized part of the memory and system calls with incorrect parameter values.

Unauthorized memory access

It when you try to read or write to a memory address

1. totally meaningless (for instance a non-initialized pointer)

2. out of bounds

3. not allocated anymore
Note that a memory access with an unitialized pointer may corrupt the memory
without actually crashing the program. For instance

#include <iostream>
int main(int argc, char **argv) {
int b;
int a[10];
b = 4;
for(int i = 0; i < 100; i++) {
a[i] = 12;
cout << b << " "; cout.flush();
}
}

displays
4 4 4 4 4 4 4 4 4 4 4 4 4 4 4 12 12 12 12 12 12 12 12 12
12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12
12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12
12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12
12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12 12
Segmentation fault

First, the loop fills the a array, then it erases b (which is just after a in the
memory) but the program still does not crash because the operating system
has allocated a minimum amount of memory larger than what is specified in
the source code. When the counter leaves the allocated area, the CPU tries to
access a non-authorized part and the operating system kills it.

Such errors can be extremely tricky, since an incorrect memory access can crash
the program after a while

#include <iostream>
int main(int argc, char **argv) {
int *b;
int a[10];
b = new int[10];
for(int i = 0; i < 20; i++) a[i] = 12;
cout << "We are here!\n";
b[2] = 13; // kaboom
}
prints out

We are here!
Segmentation fault

Here b was correctly initialized, then erased by an out-of-bound access of array
a, and the crash occurs when then not-anymore correct value of b is used.

Incorrect system call

The second case occurs when you use a system call with wrong parameter values.
It can be explicit (for instance the UNIX fclose with a non-initialized value) or
implicit through the C++ memory allocation / deallocation system (for instance
if you delete[] the same array twice)

#include <iostream>
int main(int argc, char **argv) {
int *b = new int[123];
delete[] b;
delete[] b; // kaboom
}

The program crashes: Floating point exception


This happens when you try a division by 0 with integer numbers. Note that
the floating-point types are extremely tolerant to meaningless operations. Since
those types can carry values such as nan, inf and -inf, computating values
such as logarithm of negative numbers, square root of negative numbers and
inverse of 0 will not crash the program (but will most of the time lead to a
wrong result).
Labels:

Popular posts from this blog

C++ Program to find the sum, difference, product and quotient of two integers

#include <iostream.h> #include <conio.h> void main() {   clrscr();   int x = 10;   int y = 2;   int sum, difference, product, quotient;   sum = x + y;   difference = x - y;   product = x * y;   quotient = x / y;   cout << "The sum of " << x << " & " << y << " is " << sum << "." << endl;   cout << "The difference of " << x << " & " << "y <<  is " << difference << "." << endl;   cout << "The product of " << x << " & " << y << " is " << product << "." << endl;   cout << "The quotient of " << x << " & " << y << " is " << quotient << "." << endl;   getch(); }
Read more

Program of virtual piano

//////////////Tested And Created By C++/////////////////////////////// #include<stdio.h> #include<dos.h> #include<conio.h> #include<stdlib.h> #define SHOW 1 #define HIDE 2 union REGS input,output; class piano {  public:int BIGKEY,MIDKEY,back,border;     piano()//init constructor     {         BIGKEY=15;         MIDKEY=1;         back=7;         border=15;     } }color; void drawpiano(int x,int y); int check_xy(int x,int y); void BOX(int c,int r,int c1,int r1,int col); int initmouse(); void setupscreen(); void pointer(int on); void restrictmouse(int x1,int y1,int x2,int y2); void check_keys(int x,int y); void getmouse(int *button,int *x,int *y); float freq[7] = {130.81, 146.83, 164.81, 174.61,196, 220, 246.94 } ; int n=0,a=4,backcolor=2,exitcode=1; void showbar(int t) {  if(t>65) t=65;  if(t<1) t=1;  textcolor(15);  for(int q=0;q<=t;t++)  {     gotoxy(3+q,4);     cprintf("Û");  } } void main() {  int
Read more

Putimage function in c

putimage function outputs a bit image onto the screen. Declaration:- void putimage(int left, int top, void *ptr, int op); putimage puts the bit image previously saved with getimage back onto the screen, with the upper left corner of the image placed at (left, top). ptr points to the area in memory where the source image is stored. The op argument specifies a operator that controls how the color for each destination pixel on screen is computed, based on pixel already on screen and the corresponding source pixel in memory. c smiling face animation This animation using c draws a smiling face which appears at random position on screen. See output below the code, it will help you in understanding the code easily. C programming code #include<graphics.h> #include<conio.h> #include<stdlib.h>   main() { int gd = DETECT, gm, area, temp1, temp2, left = 25, top = 75; void *p;   initgraph(&gd,&gm,"C:\\TC\\BGI");   setcolor(YELLOW);
Read more