free() 无效指针
我遇到了熟悉的 free(): 无效指针错误。在尝试调试时,我最终一一注释掉了代码中的每个 free(),直到没有剩余,但我仍然收到此运行时错误。还有其他人遇到过类似的问题吗?
顺便说一下,我很难使用 gdb 来调试它,因为打印错误消息时整个服务器实际上并没有崩溃,只是处理单个客户端的特定分叉进程崩溃了。
谢谢。
==============================
*** glibc detected *** ./server: free(): invalid pointer: 0x08641a38 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x6b961)[0xefe961]
/lib/i386-linux-gnu/libc.so.6(+0x6d28b)[0xf0028b]
/lib/i386-linux-gnu/libc.so.6(cfree+0x6d)[0xf0341d]
/usr/lib/i386-linux-gnu/libstdc++.so.6(_ZdlPv+0x21)[0x4c74d1]
./server[0x804b499]
./server[0x804b2ad]
./server[0x804aecd]
./server[0x804ad36]
./server[0x804a3a3]
/lib/i386-linux-gnu/libc.so.6(+0x2fa6f)[0xec2a6f]
/lib/i386-linux-gnu/libc.so.6(+0x2facf)[0xec2acf]
./server[0x804966b]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xe7)[0xea9e37]
./server[0x8049331]
======= Memory map: ========
00338000-00352000 r-xp 00000000 08:01 394236 /lib/i386-linux-gnu/libgcc_s.so.1
00352000-00353000 r--p 00019000 08:01 394236 /lib/i386-linux-gnu/libgcc_s.so.1
00353000-00354000 rw-p 0001a000 08:01 394236 /lib/i386-linux-gnu/libgcc_s.so.1
003c1000-003c2000 r-xp 00000000 00:00 0 [vdso]
0041d000-004fc000 r-xp 00000000 08:01 792946 /usr/lib/i386-linux-gnu/libstdc++.so.6.0.14
004fc000-00500000 r--p 000de000 08:01 792946 /usr/lib/i386-linux-gnu/libstdc++.so.6.0.14
00500000-00501000 rw-p 000e2000 08:01 792946 /usr/lib/i386-linux-gnu/libstdc++.so.6.0.14
00501000-00508000 rw-p 00000000 00:00 0
00664000-00688000 r-xp 00000000 08:01 394245 /lib/i386-linux-gnu/libm-2.13.so
00688000-00689000 r--p 00023000 08:01 394245 /lib/i386-linux-gnu/libm-2.13.so
00689000-0068a000 rw-p 00024000 08:01 394245 /lib/i386-linux-gnu/libm-2.13.so
00793000-007af000 r-xp 00000000 08:01 394195 /lib/i386-linux-gnu/ld-2.13.so
007af000-007b0000 r--p 0001b000 08:01 394195 /lib/i386-linux-gnu/ld-2.13.so
007b0000-007b1000 rw-p 0001c000 08:01 394195 /lib/i386-linux-gnu/ld-2.13.so
00960000-0096a000 r-xp 00000000 08:01 394254 /lib/i386-linux-gnu/libnss_files-2.13.so
0096a000-0096b000 r--p 00009000 08:01 394254 /lib/i386-linux-gnu/libnss_files-2.13.so
0096b000-0096c000 rw-p 0000a000 08:01 394254 /lib/i386-linux-gnu/libnss_files-2.13.so
00e93000-00fed000 r-xp 00000000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00fed000-00fee000 ---p 0015a000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00fee000-00ff0000 r--p 0015a000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00ff0000-00ff1000 rw-p 0015c000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00ff1000-00ff4000 rw-p 00000000 00:00 0
08048000-08056000 r-xp 00000000 08:01 1084793 /home/mwrosen/cpe464/prog2/server
08056000-08057000 r--p 0000d000 08:01 1084793 /home/mwrosen/cpe464/prog2/server
08057000-08058000 rw-p 0000e000 08:01 1084793 /home/mwrosen/cpe464/prog2/server
08641000-08662000 rw-p 00000000 00:00 0 [heap]
b7600000-b7621000 rw-p 00000000 00:00 0
b7621000-b7700000 ---p 00000000 00:00 0
b7718000-b771b000 rw-p 00000000 00:00 0
b7729000-b772c000 rw-p 00000000 00:00 0
bfacf000-bfaf0000 rw-p 00000000 00:00 0 [stack]
I'm getting the familiar free(): invalid pointer error. In trying to debug, I ended up commenting out each free() in my code, one by one, until there were none left and I'm still getting this runtime error. Has anyone else run into a similar issue?
By the way - it's difficult for me to debug this using gdb, because the entire server doesn't actually crash when the error message is printed, just the particular forked process that was handling the single client.
Thank you.
==============================
*** glibc detected *** ./server: free(): invalid pointer: 0x08641a38 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x6b961)[0xefe961]
/lib/i386-linux-gnu/libc.so.6(+0x6d28b)[0xf0028b]
/lib/i386-linux-gnu/libc.so.6(cfree+0x6d)[0xf0341d]
/usr/lib/i386-linux-gnu/libstdc++.so.6(_ZdlPv+0x21)[0x4c74d1]
./server[0x804b499]
./server[0x804b2ad]
./server[0x804aecd]
./server[0x804ad36]
./server[0x804a3a3]
/lib/i386-linux-gnu/libc.so.6(+0x2fa6f)[0xec2a6f]
/lib/i386-linux-gnu/libc.so.6(+0x2facf)[0xec2acf]
./server[0x804966b]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xe7)[0xea9e37]
./server[0x8049331]
======= Memory map: ========
00338000-00352000 r-xp 00000000 08:01 394236 /lib/i386-linux-gnu/libgcc_s.so.1
00352000-00353000 r--p 00019000 08:01 394236 /lib/i386-linux-gnu/libgcc_s.so.1
00353000-00354000 rw-p 0001a000 08:01 394236 /lib/i386-linux-gnu/libgcc_s.so.1
003c1000-003c2000 r-xp 00000000 00:00 0 [vdso]
0041d000-004fc000 r-xp 00000000 08:01 792946 /usr/lib/i386-linux-gnu/libstdc++.so.6.0.14
004fc000-00500000 r--p 000de000 08:01 792946 /usr/lib/i386-linux-gnu/libstdc++.so.6.0.14
00500000-00501000 rw-p 000e2000 08:01 792946 /usr/lib/i386-linux-gnu/libstdc++.so.6.0.14
00501000-00508000 rw-p 00000000 00:00 0
00664000-00688000 r-xp 00000000 08:01 394245 /lib/i386-linux-gnu/libm-2.13.so
00688000-00689000 r--p 00023000 08:01 394245 /lib/i386-linux-gnu/libm-2.13.so
00689000-0068a000 rw-p 00024000 08:01 394245 /lib/i386-linux-gnu/libm-2.13.so
00793000-007af000 r-xp 00000000 08:01 394195 /lib/i386-linux-gnu/ld-2.13.so
007af000-007b0000 r--p 0001b000 08:01 394195 /lib/i386-linux-gnu/ld-2.13.so
007b0000-007b1000 rw-p 0001c000 08:01 394195 /lib/i386-linux-gnu/ld-2.13.so
00960000-0096a000 r-xp 00000000 08:01 394254 /lib/i386-linux-gnu/libnss_files-2.13.so
0096a000-0096b000 r--p 00009000 08:01 394254 /lib/i386-linux-gnu/libnss_files-2.13.so
0096b000-0096c000 rw-p 0000a000 08:01 394254 /lib/i386-linux-gnu/libnss_files-2.13.so
00e93000-00fed000 r-xp 00000000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00fed000-00fee000 ---p 0015a000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00fee000-00ff0000 r--p 0015a000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00ff0000-00ff1000 rw-p 0015c000 08:01 394208 /lib/i386-linux-gnu/libc-2.13.so
00ff1000-00ff4000 rw-p 00000000 00:00 0
08048000-08056000 r-xp 00000000 08:01 1084793 /home/mwrosen/cpe464/prog2/server
08056000-08057000 r--p 0000d000 08:01 1084793 /home/mwrosen/cpe464/prog2/server
08057000-08058000 rw-p 0000e000 08:01 1084793 /home/mwrosen/cpe464/prog2/server
08641000-08662000 rw-p 00000000 00:00 0 [heap]
b7600000-b7621000 rw-p 00000000 00:00 0
b7621000-b7700000 ---p 00000000 00:00 0
b7718000-b771b000 rw-p 00000000 00:00 0
b7729000-b772c000 rw-p 00000000 00:00 0
bfacf000-bfaf0000 rw-p 00000000 00:00 0 [stack]
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如果您的代码废弃了其他代码使用的指针,则其他代码可能最终会在无效指针上调用
free。您可能正在访问一些不属于您的内存。发生这种情况的方式有很多种,以下是两种常见的:
1) 如果您声明一个像
int f[7];这样的数组,则最后一个数组元素是f[6].修改f[7]可能会损坏其他人的内存。2)如果您保存指向在堆栈上分配的对象的指针,该对象超出范围,然后您通过该指针修改某些内容,则可能会损坏其他人的内存。
If your code trashes a pointer used by some other code, other code may wind up calling
freeon an invalid pointer. Likely you are accessing some memory you don't own.There are many ways this can happen, here are two common ones:
1) If you declare an array like
int f[7];, the last array element isf[6]. Modifyingf[7]can corrupt someone else's memory.2) If you save a pointer to an object allocated on the stack, that object goes out of scope, and then you modify something through that pointer, you can corrupt someone else's memory.
尝试使用 valgrind 来调试您的问题。
如果即使删除了所有
free,错误仍然存在,则可能是因为某些代码溢出了其内存区域(例如缓冲区溢出)。Try to use valgrind to debug your issue.
If your error persist even with all
freeremoved, it could be because some code is overflowing its memory zone (e.g. a buffer overflow).