Graphviz Issue Tracker
Mantis Bug Tracker

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000404graphvizDotpublic2004-06-02 19:072011-04-28 04:02
ReporterRobert McNally 
Assigned Toellson 
PlatformOS*-*-OS Version
Summary0000404: free of block not malloced traced to shapes.c

I am developing on Mac OS X, but this looks like a bug on any platform, whether or
not it manifests.

When working to embed dotneato and associated libraries in an application,
I kept getting runtime errors like the following:

*** malloc[28157]: Deallocation of a pointer not malloced: 0x1407af70;
This could be a double free(), or free() called with the middle of an allocated block;
Try setting environment variable MallocHelp to see tools to help debug

All I was doing was creating a very simple graph with a single node, where that node's
"shape" attribute was set to "point", and then calling dot_layout(), then dot_cleanup() on it.
The error occurred in the bowels of dot_cleanup().

After working with GDB stepping through the dotneato code, I discovered the source
of the problem. Notice shapes.c, line 955:

                /* adjust label to "" */
        p = ND_label(n);
        ND_label(n) = &ptlabel; <-----------

ptlabel is a statically allocated textlabel_t upon which, unfortunately, free() will later
be called. This is bad, and was causing my implementation of free() to complain.
TagsNo tags attached.
The fix is to just create a new empty label, rather than try to share a single empty label:

       ND_label(n) = NEW(textlabel_t);
STATUS-COMMENTFixed (2 June 2004)
VERSION     1.13.20040528.0415
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2011-04-28 04:02 user1 New Issue
2011-04-28 04:02 user1 Assigned To => user695

MantisBT 1.2.5[^]
Copyright © 2000 - 2011 MantisBT Group
Powered by Mantis Bugtracker