0

I have the following c++ code running in a multi-threaded environment:

A* a = (A*) (_x->b); a->DoStuff();

A is a concrete class, _x is a member of A (let's say of type X*) and b is a void *.

In addition, this is also an A*, and it has a different memory location, but similar data to what the dump shows is at _x->b.

I am encountering an inexplicable crash at the dereference. The dump file that's generated is very detailed, and it shows me that _x is in good state and _x->b points to a valid non-zero memory address. The dump also shows that at the second statement, a is 0, which is the reason the crash occurred in the first place.

My question: is the cause of this crash a definite heap corruption, or could it be something more fundamental? I am planning to debug this with heap tracking tools such as gflags or valgrind, but I was curious if there is any other reason where a seemingly valid pointer would somehow become null after a c-style cast.

Marcin
  • 12,245
  • 9
  • 42
  • 49
  • 2
    Are the members within `A` that can be examined for validity for the address held as `a`? I ask because there should be *something* identifiable at that memory to hint you're on the right path. If nothing else added a head/tail member (BA53BA11) is my favorite) uint32_t to the object layout if possible just to *know* that `a`'s memory is as sound as you think it is. `b` member is clearly NOT stored as an `A*` otherwise the cast would not be needed, but you can check there as well. Finally, I don't suppose valgrind has had a chance at this? – WhozCraig Nov 15 '12 at 22:29
  • I added a new piece of detail that you were right to ask for: "In addition, this is also an A*, and it has a different memory location, but similar data to what the dump shows is at _x->b." – Marcin Nov 15 '12 at 22:32
  • Why do you need to store b as a `void *`? Also, shouldn't you use `reinterpret_cast` to do the cast? – didierc Nov 15 '12 at 22:38
  • Which deference causes the crash? `_x->b` or `a->DoStuff()`? How certain are you that `_x->b` holds an `A*` that was cast to a `void*` directly from an `A*` (and not, say, from a `B*` where `B` is a child class of `A`)? Is `A` POD? Does it have any `virtual` functions or inheritance? – Yakk - Adam Nevraumont Nov 15 '12 at 22:39
  • Can you reproduce this event, or is it a one-off event? – Yakk - Adam Nevraumont Nov 15 '12 at 22:40

0 Answers0