C - 错误是 "free(): invalid next size (normal) "
C - Error is "free(): invalid next size (normal) "
我就是找不到导致这个问题的原因。
MYSQL *startup(unsigned char *path_to_file, int size_of_path) {
MYSQL *con;
bool path_is_file = false;
bool path_is_directory = false;
FILE *startup_file;
int i;
unsigned char buffer[LINEBUFFERSIZE];
unsigned char string[LINEBUFFERSIZE];
unsigned char c;
//Allocate memory for the new file path
unsigned char *path;
path = (unsigned char *) malloc(size_of_path);
if(path == NULL)
error("Could not allocate memory for path to file.\nIn startup()\n");
//Check if startup file exists or if it is a directory
//Bug is somewehre here!!!!
struct stat s;
printf("%s", path_to_file);
if(stat(path_to_file, &s) == 0) {
if(s.st_mode & S_IFDIR) {
//It's a directory
path_is_directory = true;
//Add the standard startup file name to the directory
path = (unsigned char *) realloc(path, size_of_path + sizeof(STARTUP_FILE));
if(path == NULL)
error("Could not reallocate memory for variable path.\nIn startup()\n");
//Put the strings together
sprintf(path, "%s/%s", path_to_file, STARTUP_FILE);
}
else if(s.st_mode & S_IFREG) {
//It's a file
path_is_file = true;
path = path_to_file;
}//End else if
else //Someting else. abort
error("Given file is neither file or directory.\nIn startup()\n");
}
else //Error
error("Error in looking up type of path.\nIn startup()\n");;
//Check if the startup file exists
fprintf(stderr, "%s\n", path);
if((startup_file = fopen(path, "r")) == NULL) {
//File does not exist, create a basics one for the user to modify
if((startup_file = fopen(path, "w+")) == NULL)
error("Could not create the startup file.\n");
//Write the standard text to the new file, so the user can modify it
//sizeof(STARTUP_FILE_TEXT)-1 as gedit cries if there is a terminator at the end
fwrite(STARTUP_FILE_TEXT, sizeof(STARTUP_FILE_TEXT[0]), sizeof(STARTUP_FILE_TEXT)-1, startup_file);
}//End outer if
//Read from the startup file and find out which tables and database are needed and may have to be created
//While loop will run although if file was just created, fix it
section current;
while(fgets(buffer, sizeof(buffer), startup_file) != NULL) {
if(strcmp(buffer, "[DATABASES]")) {
//Every line now should contain the name of dbs, until new section
current = DATABASES;
}
else if(strcmp(buffer, "[TABLES]")) {
//Every line now should contain the name of dbs, until new section
current = TABLES;
}
else {
//Read the lines and create the table or database
//Ignore everything behind #
//Just numbers and letters are allowed
//Read one line and save it into buffer
//What happens, if the line exceeds buffer length and is split into to?
//Process every character, but do not exceed the buffers limit (also save one for the '[=11=]' termiantor)
for(i = 0; i < (sizeof(buffer)-1); i++) {
//Allowed characters are: A-Z, a-z, 0-9, dash, underscore and space
//Read until '\n' or '#' or if not allowed characters are used print error and do not use it
c = buffer[i];
if(isalnum(c) || (c == '-') || (c == '_') || (c == ' ')) {
//Correct
string[i] = c;
}//End if
else if(c == '\n' || c == '[=11=]') {
//End of line or end of string, not checking for EOF as fgets already does it \
and it would requried the int data type
break;
}//End else if
else {
//Wrong, stop
printf("Wrong character used in setup file.\nWrong characters was: %c\n", c);
break;
}//End else
}//End for
//Add terminator at the end
string[i] = '[=11=]';
//Create table or database
switch(current) {
case DATABASES:
create_db(string, sizeof(string));
break;
case TABLES:
break;
default:
break;
}//End switch
}
}//End while
//Create db and then open the database as a specific user
//create_db();
con = open_db("user1", "passwd", "Vocables");
//Clean up
fclose(startup_file);
free(path);
return con;
}
运行 在 gdb 中我得到:
(gdb) run 8080 ~/Cloud/Decrypted/Porifera-Server/
Starting program: /home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server 8080 ~/Cloud/Decrypted/Porifera-Server/
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
/home/linux/Cloud/Decrypted/Porifera-Server//startup.txt
*** Error in `/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server': free(): invalid next size (normal): 0x0000000000603030 ***
======= Backtrace: =========
/usr/lib/libc.so.6(+0x7198e)[0x7ffff6b0f98e]
/usr/lib/libc.so.6(+0x76dee)[0x7ffff6b14dee]
/usr/lib/libc.so.6(+0x775cb)[0x7ffff6b155cb]
/usr/lib/libc.so.6(+0x6893d)[0x7ffff6b0693d]
/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server[0x4016b8]
/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server[0x4012bc]
/usr/lib/libc.so.6(__libc_start_main+0xf0)[0x7ffff6abe800]
/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server[0x401089]
======= Memory map: ========
00400000-00403000 r-xp 00000000 00:24 261912 /home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server
00602000-00603000 rw-p 00002000 00:24 261912 /home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server
00603000-00624000 rw-p 00000000 00:00 0 [heap]
7ffff5f8a000-7ffff5fa2000 r-xp 00000000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff5fa2000-7ffff61a1000 ---p 00018000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff61a1000-7ffff61a2000 r--p 00017000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff61a2000-7ffff61a3000 rw-p 00018000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff61a3000-7ffff61a7000 rw-p 00000000 00:00 0
7ffff61a7000-7ffff61a9000 r-xp 00000000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff61a9000-7ffff63a9000 ---p 00002000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff63a9000-7ffff63aa000 r--p 00002000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff63aa000-7ffff63ab000 rw-p 00003000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff63ab000-7ffff65f8000 r-xp 00000000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff65f8000-7ffff67f7000 ---p 0024d000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff67f7000-7ffff6815000 r--p 0024c000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff6815000-7ffff6821000 rw-p 0026a000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff6821000-7ffff6825000 rw-p 00000000 00:00 0
7ffff6825000-7ffff6893000 r-xp 00000000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6893000-7ffff6a92000 ---p 0006e000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6a92000-7ffff6a97000 r--p 0006d000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6a97000-7ffff6a9e000 rw-p 00072000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6a9e000-7ffff6c37000 r-xp 00000000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6c37000-7ffff6e37000 ---p 00199000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6e37000-7ffff6e3b000 r--p 00199000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6e3b000-7ffff6e3d000 rw-p 0019d000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6e3d000-7ffff6e41000 rw-p 00000000 00:00 0
7ffff6e41000-7ffff6e57000 r-xp 00000000 08:03 1180909 /usr/lib/libgcc_s.so.1
7ffff6e57000-7ffff7056000 ---p 00016000 08:03 1180909 /usr/lib/libgcc_s.so.1
7ffff7056000-7ffff7057000 rw-p 00015000 08:03 1180909 /usr/lib/libgcc_s.so.1
7ffff7057000-7ffff715a000 r-xp 00000000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff715a000-7ffff735a000 ---p 00103000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff735a000-7ffff735b000 r--p 00103000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff735b000-7ffff735c000 rw-p 00104000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff735c000-7ffff744c000 r-xp 00000000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff744c000-7ffff764c000 ---p 000f0000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff764c000-7ffff7654000 r--p 000f0000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff7654000-7ffff7656000 rw-p 000f8000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff7656000-7ffff766b000 rw-p 00000000 00:00 0
7ffff766b000-7ffff7680000 r-xp 00000000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff7680000-7ffff787f000 ---p 00015000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff787f000-7ffff7880000 r--p 00014000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff7880000-7ffff7881000 rw-p 00015000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff7881000-7ffff7b67000 r-xp 00000000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7b67000-7ffff7d67000 ---p 002e6000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7d67000-7ffff7d6e000 r--p 002e6000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7d6e000-7ffff7dd2000 rw-p 002ed000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7dd2000-7ffff7ddb000 rw-p 00000000 00:00 0
7ffff7ddb000-7ffff7dfd000 r-xp 00000000 08:03 1180654 /usr/lib/ld-2.21.so
7ffff7fc3000-7ffff7fcb000 rw-p 00000000 00:00 0
7ffff7ff6000-7ffff7ff8000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00021000 08:03 1180654 /usr/lib/ld-2.21.so
7ffff7ffd000-7ffff7ffe000 rw-p 00022000 08:03 1180654 /usr/lib/ld-2.21.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
/home/linux/Cloud/Decrypted/Porifera-Server/
Program received signal SIGABRT, Aborted.
0x00007ffff6ad14b7 in raise () from /usr/lib/libc.so.6
在 gdb 中执行单行代码时,您在错误发生之前变得很短:
26 path_is_directory = true;
(gdb) n
28 path = (unsigned char *) realloc(path, size_of_path + sizeof(STARTUP_FILE));
(gdb) n
29 if(path == NULL)
(gdb) n
32 sprintf(path, "%s/%s", path_to_file, STARTUP_FILE);
(gdb) n
51 fprintf(stderr, "%s\n", path);
(gdb) n
/home/linux/Cloud/Decrypted/Porifera-Server//startup.txt
52 if((startup_file = fopen(path, "r")) == NULL) {
(gdb) n
当我执行第 52 行之后的下一行时,问题出现了。
使用 'valgrind --leak-check=yes ./Porifera-Server 8080 ~/Cloud/Decrypted/Porifera-Server' 它实际上运行正确。但是有一份 "errors":
的可指责列表
[linux@linux Debug]$ valgrind --leak-check=yes ./Porifera-Server 8080 ~/Cloud/Decrypted/Porifera-Server
==17917== Memcheck, a memory error detector
==17917== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==17917== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==17917== Command: ./Porifera-Server 8080 /home/linux/Cloud/Decrypted/Porifera-Server
==17917==
==17917== Invalid write of size 8
==17917== at 0x5E53E04: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c8709e is 14 bytes inside a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 8
==17917== at 0x5E53E08: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a6 is 2 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 8
==17917== at 0x5E53E0C: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870ae is 10 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E53D3E: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b6 is 18 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 4
==17917== at 0x5E53D60: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b7 is 19 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E44B8D: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E17F1D: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870bb is 23 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E44B8D: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870bc is 12 bytes after a block of size 32 in arena "client"
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E3AC39: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870c7 is 23 bytes after a block of size 32 in arena "client"
==17917==
==17917== Invalid read of size 1
==17917== at 0x5E18CA2: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a4 is 0 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53DF9: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a0 is 16 bytes inside a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53DFD: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a8 is 4 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 1
==17917== at 0x5E53D3B: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b0 is 12 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 2
==17917== at 0x5E53D4B: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b1 is 13 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 4
==17917== at 0x5E53D5E: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b3 is 15 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53D90: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b7 is 19 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53D93: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870bf is 15 bytes after a block of size 32 in arena "client"
==17917==
/home/linux/Cloud/Decrypted/Porifera-Server/startup.txt
==17917== Syscall param open(filename) points to unaddressable byte(s)
==17917== at 0x5EAB2E0: __open_nocancel (in /usr/lib/libc-2.21.so)
==17917== by 0x5E43524: _IO_file_open (in /usr/lib/libc-2.21.so)
==17917== by 0x5E4366F: _IO_file_fopen@@GLIBC_2.2.5 (in /usr/lib/libc-2.21.so)
==17917== by 0x5E38913: __fopen_internal (in /usr/lib/libc-2.21.so)
==17917== by 0x4016B7: startup (server_func.c:52)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a4 is 0 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
/home/linux/Cloud/Decrypted/Porifera-Server
IPv4 TCP Server started...
Incoming connection from client having IPv4 address: 127.0.0.1
Message from client: Hello
Value is: 4
==17917==
==17917== HEAP SUMMARY:
==17917== in use at exit: 65,928 bytes in 19 blocks
==17917== total heap usage: 77 allocs, 58 frees, 124,873 bytes allocated
==17917==
==17917== 32 bytes in 1 blocks are possibly lost in loss record 1 of 7
==17917== at 0x4C29F90: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x4E98839: my_malloc (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E94B63: ??? (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E57244: mysql_server_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E5DC76: mysql_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x401B0B: open_db (vocable_trainer.c:48)
==17917== by 0x401858: startup (server_func.c:118)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== 160 bytes in 1 blocks are possibly lost in loss record 2 of 7
==17917== at 0x4C29F90: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x4E98839: my_malloc (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E93D49: ??? (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E69A9D: ??? (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E5724B: mysql_server_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E5DC76: mysql_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x401B0B: open_db (vocable_trainer.c:48)
==17917== by 0x401858: startup (server_func.c:118)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== LEAK SUMMARY:
==17917== definitely lost: 0 bytes in 0 blocks
==17917== indirectly lost: 0 bytes in 0 blocks
==17917== possibly lost: 192 bytes in 2 blocks
==17917== still reachable: 65,736 bytes in 17 blocks
==17917== suppressed: 0 bytes in 0 blocks
==17917== Reachable blocks (those to which a pointer was found) are not shown.
==17917== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==17917==
==17917== For counts of detected and suppressed errors, rerun with: -v
==17917== ERROR SUMMARY: 64 errors from 19 contexts (suppressed: 0 from 0)
我就是找不到;其他有类似错误的人要么在 fopen
函数的文件路径中有一个 '\n',要么没有初始化 ptr 但试图释放它。自上次运行以来,我没有接触过任何无 ptr 功能,目前我还没有找到导致此问题的 ptr。
遇到错误时,从第一个开始,可能是以下错误的原因。
==17917== Invalid write of size 8
==17917== at 0x5E53E04: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c8709e is 14 bytes inside a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
在此堆栈跟踪中,有趣的部分是您的程序代码,因为我们可以假设 runtime/standard 库中的代码可以正常工作。
Valgrind 在这里告诉您两件事:
- 在文件 server_func.c 的第 32 行
的启动函数中,您正在访问不应该访问的内存(大小为 8 的无效写入)
- 您正在访问的内存超出了您在 server_func.c 第 28 行
分配的 20 字节缓冲区之后的 14 字节
第 28 行:path = (unsigned char *) realloc(path, size_of_path + sizeof(STARTUP_FILE));
第 32 行:sprintf(path, "%s/%s", path_to_file, STARTUP_FILE);
所以在第 28 行,您没有为“/”分隔符分配空间,也可能没有为 nul 终止符分配空间。
你还需要确保 size_of_path
是正确的,并且 sizeof(STARTUP_FILE)
给你正确的大小,如果 STARTUP_FILE
是一个字符数组,它会是如果它是 char 指针,则错误。也许你需要使用 strlen(STARTUP_FILE)
假设 size_of_path
是正确的,您可能需要将缓冲区大小计算为 size_of_path + strlen(STARTUP_FILE) + 2
我就是找不到导致这个问题的原因。
MYSQL *startup(unsigned char *path_to_file, int size_of_path) {
MYSQL *con;
bool path_is_file = false;
bool path_is_directory = false;
FILE *startup_file;
int i;
unsigned char buffer[LINEBUFFERSIZE];
unsigned char string[LINEBUFFERSIZE];
unsigned char c;
//Allocate memory for the new file path
unsigned char *path;
path = (unsigned char *) malloc(size_of_path);
if(path == NULL)
error("Could not allocate memory for path to file.\nIn startup()\n");
//Check if startup file exists or if it is a directory
//Bug is somewehre here!!!!
struct stat s;
printf("%s", path_to_file);
if(stat(path_to_file, &s) == 0) {
if(s.st_mode & S_IFDIR) {
//It's a directory
path_is_directory = true;
//Add the standard startup file name to the directory
path = (unsigned char *) realloc(path, size_of_path + sizeof(STARTUP_FILE));
if(path == NULL)
error("Could not reallocate memory for variable path.\nIn startup()\n");
//Put the strings together
sprintf(path, "%s/%s", path_to_file, STARTUP_FILE);
}
else if(s.st_mode & S_IFREG) {
//It's a file
path_is_file = true;
path = path_to_file;
}//End else if
else //Someting else. abort
error("Given file is neither file or directory.\nIn startup()\n");
}
else //Error
error("Error in looking up type of path.\nIn startup()\n");;
//Check if the startup file exists
fprintf(stderr, "%s\n", path);
if((startup_file = fopen(path, "r")) == NULL) {
//File does not exist, create a basics one for the user to modify
if((startup_file = fopen(path, "w+")) == NULL)
error("Could not create the startup file.\n");
//Write the standard text to the new file, so the user can modify it
//sizeof(STARTUP_FILE_TEXT)-1 as gedit cries if there is a terminator at the end
fwrite(STARTUP_FILE_TEXT, sizeof(STARTUP_FILE_TEXT[0]), sizeof(STARTUP_FILE_TEXT)-1, startup_file);
}//End outer if
//Read from the startup file and find out which tables and database are needed and may have to be created
//While loop will run although if file was just created, fix it
section current;
while(fgets(buffer, sizeof(buffer), startup_file) != NULL) {
if(strcmp(buffer, "[DATABASES]")) {
//Every line now should contain the name of dbs, until new section
current = DATABASES;
}
else if(strcmp(buffer, "[TABLES]")) {
//Every line now should contain the name of dbs, until new section
current = TABLES;
}
else {
//Read the lines and create the table or database
//Ignore everything behind #
//Just numbers and letters are allowed
//Read one line and save it into buffer
//What happens, if the line exceeds buffer length and is split into to?
//Process every character, but do not exceed the buffers limit (also save one for the '[=11=]' termiantor)
for(i = 0; i < (sizeof(buffer)-1); i++) {
//Allowed characters are: A-Z, a-z, 0-9, dash, underscore and space
//Read until '\n' or '#' or if not allowed characters are used print error and do not use it
c = buffer[i];
if(isalnum(c) || (c == '-') || (c == '_') || (c == ' ')) {
//Correct
string[i] = c;
}//End if
else if(c == '\n' || c == '[=11=]') {
//End of line or end of string, not checking for EOF as fgets already does it \
and it would requried the int data type
break;
}//End else if
else {
//Wrong, stop
printf("Wrong character used in setup file.\nWrong characters was: %c\n", c);
break;
}//End else
}//End for
//Add terminator at the end
string[i] = '[=11=]';
//Create table or database
switch(current) {
case DATABASES:
create_db(string, sizeof(string));
break;
case TABLES:
break;
default:
break;
}//End switch
}
}//End while
//Create db and then open the database as a specific user
//create_db();
con = open_db("user1", "passwd", "Vocables");
//Clean up
fclose(startup_file);
free(path);
return con;
}
运行 在 gdb 中我得到:
(gdb) run 8080 ~/Cloud/Decrypted/Porifera-Server/
Starting program: /home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server 8080 ~/Cloud/Decrypted/Porifera-Server/
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
/home/linux/Cloud/Decrypted/Porifera-Server//startup.txt
*** Error in `/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server': free(): invalid next size (normal): 0x0000000000603030 ***
======= Backtrace: =========
/usr/lib/libc.so.6(+0x7198e)[0x7ffff6b0f98e]
/usr/lib/libc.so.6(+0x76dee)[0x7ffff6b14dee]
/usr/lib/libc.so.6(+0x775cb)[0x7ffff6b155cb]
/usr/lib/libc.so.6(+0x6893d)[0x7ffff6b0693d]
/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server[0x4016b8]
/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server[0x4012bc]
/usr/lib/libc.so.6(__libc_start_main+0xf0)[0x7ffff6abe800]
/home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server[0x401089]
======= Memory map: ========
00400000-00403000 r-xp 00000000 00:24 261912 /home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server
00602000-00603000 rw-p 00002000 00:24 261912 /home/linux/Cloud/Decrypted/Porifera-Server/bin/Debug/Porifera-Server
00603000-00624000 rw-p 00000000 00:00 0 [heap]
7ffff5f8a000-7ffff5fa2000 r-xp 00000000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff5fa2000-7ffff61a1000 ---p 00018000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff61a1000-7ffff61a2000 r--p 00017000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff61a2000-7ffff61a3000 rw-p 00018000 08:03 1180623 /usr/lib/libpthread-2.21.so
7ffff61a3000-7ffff61a7000 rw-p 00000000 00:00 0
7ffff61a7000-7ffff61a9000 r-xp 00000000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff61a9000-7ffff63a9000 ---p 00002000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff63a9000-7ffff63aa000 r--p 00002000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff63aa000-7ffff63ab000 rw-p 00003000 08:03 1180634 /usr/lib/libdl-2.21.so
7ffff63ab000-7ffff65f8000 r-xp 00000000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff65f8000-7ffff67f7000 ---p 0024d000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff67f7000-7ffff6815000 r--p 0024c000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff6815000-7ffff6821000 rw-p 0026a000 08:03 1226972 /usr/lib/libcrypto.so.1.0.0
7ffff6821000-7ffff6825000 rw-p 00000000 00:00 0
7ffff6825000-7ffff6893000 r-xp 00000000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6893000-7ffff6a92000 ---p 0006e000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6a92000-7ffff6a97000 r--p 0006d000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6a97000-7ffff6a9e000 rw-p 00072000 08:03 1226971 /usr/lib/libssl.so.1.0.0
7ffff6a9e000-7ffff6c37000 r-xp 00000000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6c37000-7ffff6e37000 ---p 00199000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6e37000-7ffff6e3b000 r--p 00199000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6e3b000-7ffff6e3d000 rw-p 0019d000 08:03 1180590 /usr/lib/libc-2.21.so
7ffff6e3d000-7ffff6e41000 rw-p 00000000 00:00 0
7ffff6e41000-7ffff6e57000 r-xp 00000000 08:03 1180909 /usr/lib/libgcc_s.so.1
7ffff6e57000-7ffff7056000 ---p 00016000 08:03 1180909 /usr/lib/libgcc_s.so.1
7ffff7056000-7ffff7057000 rw-p 00015000 08:03 1180909 /usr/lib/libgcc_s.so.1
7ffff7057000-7ffff715a000 r-xp 00000000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff715a000-7ffff735a000 ---p 00103000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff735a000-7ffff735b000 r--p 00103000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff735b000-7ffff735c000 rw-p 00104000 08:03 1180659 /usr/lib/libm-2.21.so
7ffff735c000-7ffff744c000 r-xp 00000000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff744c000-7ffff764c000 ---p 000f0000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff764c000-7ffff7654000 r--p 000f0000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff7654000-7ffff7656000 rw-p 000f8000 08:03 1180915 /usr/lib/libstdc++.so.6.0.20
7ffff7656000-7ffff766b000 rw-p 00000000 00:00 0
7ffff766b000-7ffff7680000 r-xp 00000000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff7680000-7ffff787f000 ---p 00015000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff787f000-7ffff7880000 r--p 00014000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff7880000-7ffff7881000 rw-p 00015000 08:03 1183894 /usr/lib/libz.so.1.2.8
7ffff7881000-7ffff7b67000 r-xp 00000000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7b67000-7ffff7d67000 ---p 002e6000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7d67000-7ffff7d6e000 r--p 002e6000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7d6e000-7ffff7dd2000 rw-p 002ed000 08:03 1223645 /usr/lib/libmysqlclient.so.18.0.0
7ffff7dd2000-7ffff7ddb000 rw-p 00000000 00:00 0
7ffff7ddb000-7ffff7dfd000 r-xp 00000000 08:03 1180654 /usr/lib/ld-2.21.so
7ffff7fc3000-7ffff7fcb000 rw-p 00000000 00:00 0
7ffff7ff6000-7ffff7ff8000 rw-p 00000000 00:00 0
7ffff7ff8000-7ffff7ffa000 r--p 00000000 00:00 0 [vvar]
7ffff7ffa000-7ffff7ffc000 r-xp 00000000 00:00 0 [vdso]
7ffff7ffc000-7ffff7ffd000 r--p 00021000 08:03 1180654 /usr/lib/ld-2.21.so
7ffff7ffd000-7ffff7ffe000 rw-p 00022000 08:03 1180654 /usr/lib/ld-2.21.so
7ffff7ffe000-7ffff7fff000 rw-p 00000000 00:00 0
7ffffffde000-7ffffffff000 rw-p 00000000 00:00 0 [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
/home/linux/Cloud/Decrypted/Porifera-Server/
Program received signal SIGABRT, Aborted.
0x00007ffff6ad14b7 in raise () from /usr/lib/libc.so.6
在 gdb 中执行单行代码时,您在错误发生之前变得很短:
26 path_is_directory = true;
(gdb) n
28 path = (unsigned char *) realloc(path, size_of_path + sizeof(STARTUP_FILE));
(gdb) n
29 if(path == NULL)
(gdb) n
32 sprintf(path, "%s/%s", path_to_file, STARTUP_FILE);
(gdb) n
51 fprintf(stderr, "%s\n", path);
(gdb) n
/home/linux/Cloud/Decrypted/Porifera-Server//startup.txt
52 if((startup_file = fopen(path, "r")) == NULL) {
(gdb) n
当我执行第 52 行之后的下一行时,问题出现了。
使用 'valgrind --leak-check=yes ./Porifera-Server 8080 ~/Cloud/Decrypted/Porifera-Server' 它实际上运行正确。但是有一份 "errors":
的可指责列表 [linux@linux Debug]$ valgrind --leak-check=yes ./Porifera-Server 8080 ~/Cloud/Decrypted/Porifera-Server
==17917== Memcheck, a memory error detector
==17917== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==17917== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
==17917== Command: ./Porifera-Server 8080 /home/linux/Cloud/Decrypted/Porifera-Server
==17917==
==17917== Invalid write of size 8
==17917== at 0x5E53E04: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c8709e is 14 bytes inside a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 8
==17917== at 0x5E53E08: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a6 is 2 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 8
==17917== at 0x5E53E0C: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870ae is 10 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E53D3E: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b6 is 18 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 4
==17917== at 0x5E53D60: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b7 is 19 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E44B8D: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E17F1D: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870bb is 23 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E44B8D: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870bc is 12 bytes after a block of size 32 in arena "client"
==17917==
==17917== Invalid write of size 1
==17917== at 0x5E3AC39: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870c7 is 23 bytes after a block of size 32 in arena "client"
==17917==
==17917== Invalid read of size 1
==17917== at 0x5E18CA2: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a4 is 0 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53DF9: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a0 is 16 bytes inside a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53DFD: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a8 is 4 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 1
==17917== at 0x5E53D3B: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b0 is 12 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 2
==17917== at 0x5E53D4B: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b1 is 13 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 4
==17917== at 0x5E53D5E: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b3 is 15 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53D90: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870b7 is 19 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== Invalid read of size 8
==17917== at 0x5E53D93: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E19960: buffered_vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E145D4: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F096: fprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x4016A6: startup (server_func.c:51)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870bf is 15 bytes after a block of size 32 in arena "client"
==17917==
/home/linux/Cloud/Decrypted/Porifera-Server/startup.txt
==17917== Syscall param open(filename) points to unaddressable byte(s)
==17917== at 0x5EAB2E0: __open_nocancel (in /usr/lib/libc-2.21.so)
==17917== by 0x5E43524: _IO_file_open (in /usr/lib/libc-2.21.so)
==17917== by 0x5E4366F: _IO_file_fopen@@GLIBC_2.2.5 (in /usr/lib/libc-2.21.so)
==17917== by 0x5E38913: __fopen_internal (in /usr/lib/libc-2.21.so)
==17917== by 0x4016B7: startup (server_func.c:52)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c870a4 is 0 bytes after a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
==17917==
/home/linux/Cloud/Decrypted/Porifera-Server
IPv4 TCP Server started...
Incoming connection from client having IPv4 address: 127.0.0.1
Message from client: Hello
Value is: 4
==17917==
==17917== HEAP SUMMARY:
==17917== in use at exit: 65,928 bytes in 19 blocks
==17917== total heap usage: 77 allocs, 58 frees, 124,873 bytes allocated
==17917==
==17917== 32 bytes in 1 blocks are possibly lost in loss record 1 of 7
==17917== at 0x4C29F90: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x4E98839: my_malloc (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E94B63: ??? (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E57244: mysql_server_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E5DC76: mysql_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x401B0B: open_db (vocable_trainer.c:48)
==17917== by 0x401858: startup (server_func.c:118)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== 160 bytes in 1 blocks are possibly lost in loss record 2 of 7
==17917== at 0x4C29F90: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x4E98839: my_malloc (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E93D49: ??? (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E69A9D: ??? (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E5724B: mysql_server_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x4E5DC76: mysql_init (in /usr/lib/libmysqlclient.so.18.0.0)
==17917== by 0x401B0B: open_db (vocable_trainer.c:48)
==17917== by 0x401858: startup (server_func.c:118)
==17917== by 0x4012BB: main (server.c:23)
==17917==
==17917== LEAK SUMMARY:
==17917== definitely lost: 0 bytes in 0 blocks
==17917== indirectly lost: 0 bytes in 0 blocks
==17917== possibly lost: 192 bytes in 2 blocks
==17917== still reachable: 65,736 bytes in 17 blocks
==17917== suppressed: 0 bytes in 0 blocks
==17917== Reachable blocks (those to which a pointer was found) are not shown.
==17917== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==17917==
==17917== For counts of detected and suppressed errors, rerun with: -v
==17917== ERROR SUMMARY: 64 errors from 19 contexts (suppressed: 0 from 0)
我就是找不到;其他有类似错误的人要么在 fopen
函数的文件路径中有一个 '\n',要么没有初始化 ptr 但试图释放它。自上次运行以来,我没有接触过任何无 ptr 功能,目前我还没有找到导致此问题的 ptr。
遇到错误时,从第一个开始,可能是以下错误的原因。
==17917== Invalid write of size 8
==17917== at 0x5E53E04: __GI_mempcpy (in /usr/lib/libc-2.21.so)
==17917== by 0x5E44BDD: _IO_default_xsputn (in /usr/lib/libc-2.21.so)
==17917== by 0x5E18C61: vfprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E3AC2A: vsprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x5E1F266: sprintf (in /usr/lib/libc-2.21.so)
==17917== by 0x401647: startup (server_func.c:32)
==17917== by 0x4012BB: main (server.c:23)
==17917== Address 0x6c8709e is 14 bytes inside a block of size 20 alloc'd
==17917== at 0x4C2C29E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==17917== by 0x40160B: startup (server_func.c:28)
==17917== by 0x4012BB: main (server.c:23)
在此堆栈跟踪中,有趣的部分是您的程序代码,因为我们可以假设 runtime/standard 库中的代码可以正常工作。
Valgrind 在这里告诉您两件事:
- 在文件 server_func.c 的第 32 行 的启动函数中,您正在访问不应该访问的内存(大小为 8 的无效写入)
- 您正在访问的内存超出了您在 server_func.c 第 28 行 分配的 20 字节缓冲区之后的 14 字节
第 28 行:path = (unsigned char *) realloc(path, size_of_path + sizeof(STARTUP_FILE));
第 32 行:sprintf(path, "%s/%s", path_to_file, STARTUP_FILE);
所以在第 28 行,您没有为“/”分隔符分配空间,也可能没有为 nul 终止符分配空间。
你还需要确保 size_of_path
是正确的,并且 sizeof(STARTUP_FILE)
给你正确的大小,如果 STARTUP_FILE
是一个字符数组,它会是如果它是 char 指针,则错误。也许你需要使用 strlen(STARTUP_FILE)
假设 size_of_path
是正确的,您可能需要将缓冲区大小计算为 size_of_path + strlen(STARTUP_FILE) + 2