From owner-freebsd-questions@FreeBSD.ORG  Sat Sep 20 14:04:10 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5825F1065674
	for <freebsd-questions@freebsd.org>;
	Sat, 20 Sep 2008 14:04:10 +0000 (UTC)
	(envelope-from unga888@yahoo.com)
Received: from web57001.mail.re3.yahoo.com (web57001.mail.re3.yahoo.com
	[66.196.97.105]) by mx1.freebsd.org (Postfix) with SMTP id DB6248FC12
	for <freebsd-questions@freebsd.org>;
	Sat, 20 Sep 2008 14:04:04 +0000 (UTC)
	(envelope-from unga888@yahoo.com)
Received: (qmail 31290 invoked by uid 60001); 20 Sep 2008 14:04:04 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=X-YMail-OSG:Received:X-Mailer:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Message-ID;
	b=v4QEVNyMXJRPLqXi2KiiXh+kv4qqzAfKr+l43jfT6kF+OwlMKD3VrA03eyUvHvptLXOuznMusA0eMobenGoPZpsNTSS7PmA+lK9ObXsyhQIlosKUJcuEvWtySG5HTpz0szVleMs1S5E1JjfpzUPLETrtkb3GtdxEBuUJ8/WseJ4=;
X-YMail-OSG: swEnVoMVM1mdtTB3vuykrPaTWzLF7SJgkV8NPoEIIG8JaSPiSmY4n7ON2B8.BNDdUy2JdV6R2iDcNeftXsH9KzLZ_MsTd8seQzWufNb2YF3ERC71BsWMDx5DNsRv3TLsbvxXQRs3F1Ns5enunYQJGitAxm.vQDn_IJMNq091KHGMngHfHkJM
Received: from [220.255.7.139] by web57001.mail.re3.yahoo.com via HTTP;
	Sat, 20 Sep 2008 07:04:03 PDT
X-Mailer: YahooMailWebService/0.7.218.2
Date: Sat, 20 Sep 2008 07:04:03 -0700 (PDT)
From: Unga <unga888@yahoo.com>
To: Giorgos Keramidas <keramida@ceid.upatras.gr>
In-Reply-To: <87bpyj9qi9.fsf@kobe.laptop>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <55974.31287.qm@web57001.mail.re3.yahoo.com>
Cc: freebsd-questions@freebsd.org, Nash Nipples <trashy_bumper@yahoo.com>
Subject: Re: Segmentation fault when free [SOLVED]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: unga888@yahoo.com
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Sep 2008 14:04:10 -0000

--- On Sat, 9/20/08, Giorgos Keramidas <keramida@ceid.upatras.gr> wrote:

> > ktrace.out shows:
> > malloc_init()
> > 0x8103400 = malloc(1024)
> > malloc_init()
> > malloc_init()
> > 0x810b0b0 = malloc(400)
> > :
> > so many malloc
> > :
> > so many free
> > :
> > malloc/free combinations
> > :
> > free(0xbfbfc9c9)
> >
> > 1. This clearly shows my program is trying to free a
> memory that has
> > not been allocated. How it could have happened?
> 
> Aha.  This looks remarkably like an address in the runtime
> stack.  It
> usually happens when you have a function that returns the
> address of a
> 'local' variable, instead of a newly allocated heap
> area, i.e.:
> 
>     char *
>     function(void)
>     {
>         char buffer[100];
> 
>         return buf;
>     }
> 

This was indeed the case, worst yet, I was trying to free a part of the buffer (as per your example above) by mistake which was not allocated by malloc.

Thank you all who helped me. 

Best regards
Unga