crash when calling library

Question

Let's hope I can dumb this down without leaving out crucial details...

I've got a test program:

#include <lib.h>

const char * INPUT  = "xyz";

int main()
{
    initializeLib();
    LibProcess * process = createLibProcess();
    fprintf( stderr, "Before run(%s)\n", INPUT );
    process->run(INPUT);
    fprintf( stderr, "After run(%s)\n", INPUT );
    return 0;
}

This test program I compile (gcc 4.1.2) and run as:

g++ -g -o test test.c -L /path/to/lib -I /path/to/include -lnameoflib
export LD_LIBRARY_PATH=/path/to/lib
./test

The library is rather complex, and not-too-smart in some places, and most importantly not-written-by-me, so don't flame me for the architecture of the functions involved:

class ProcessBase
{
    public:
        virtual int run( const char* buffer = NULL ) = 0;
}

class LibProcess : ProcessBase
{
    public:
        LibProcess()
        {
            fprintf( "Reached LibProcess().\n" );
        }

        int  run( const char* buffer = NULL )
        {
            fprintf( stderr, "Reached run().\n" );
        }
};            

void initializeLib()
{
    // Preparing some data
}

ProcessBase * createLibProcess()
{
    ProcessBase * process = new LibProcess();
    fprintf( stderr, "Created Process.\n" );
    return (ProcessBase *) process;
}

So far, so good. But the output of it really had me baffled:

Reached LibProcess().
Created Process.
Before run(xyz)

SEGFAULT

I know the error is (most likely) somewhere completely different. But how is this at all possible?

I would understand if the test died on calling the library the first time. I would understand if the test died when creating the process, or when it actually does something in run().

But how can it die between the calling of the function and actually reaching that function?

I'm clueless, especially I don't know how to continue debugging this. Help?

Edit: Yes, I checked process to have a non-NULL value after createLibProcess(). A subsequent call to two different member functions of process, left out of the example, also worked beautifully. But the second member function call trashed memory due to a buffer overflow, and zeroed process.

This makes the question invalid. Of course is calling NULL->run() a segfaulting offense.

Question can be closed as "no longer relevant". Thanks anyway!

Answer 1

If:

LibProcess * process = createLibProcess();

returns NULL, or a process that is invalid in some way, you will get exactly the behaviour you are seeing.

Answer 2

Is process definitely set to a non-NULL valid pointer before it is dereferenced to call run?