释放 malloc 内存时程序停止工作

program stop working when free malloc memory

我使用 malloc 初始化了一个全局变量 page_table,如下所示。里面的每个元素都是一个结构:

page* page_table;

void init_clock(FILE* fd,int num_of_frames){
    total_frames = num_of_frames;
    fp = fd;
    page_table = malloc(sizeof(page)*num_of_frames);
    int i;
    for(i=0;i<num_of_frames;i++){
        page_table[i].page_number = -1;
        page_table[i].dirty = 0;
        page_table[i].valid = 0;
        page_table[i].referenced = 0;
        page_table[i].virtual_time = -1;
    }
}

在我的另一个方法中,每次都会生成一个页面结构。如果它已经在页面 table 中,它将被更新。如果在页面table中没有,但有可用space,则会添加。否则,从页面 table 中逐出一个页面。

void execute_clock(){
    int available_frames = total_frames;
    int next = 0;   // next location in the page table
    int page_to_examine = 0;  // next page that will be evicted
    unsigned int address;
    char mode;
    while(fscanf(fp,"%x %c", &address, &mode) != EOF){
        printf("%08x,%c\n",address,mode);
        page new_access = {address>>12,1,mode=='W',1,mem_access};
        /* add the frame into the frame array */
        int location_in_table = already_in_table(new_access);
        if( location_in_table != -1){       // if page is already in table, update stats
            page_table[location_in_table].referenced = 1;
            if(new_access.dirty) page_table[location_in_table].dirty = 1;
//            printf("hit\n");
        }
        else if(available_frames){           // if there are spaces available, add directly
            page_table[next] = new_access;
            available_frames--;
            next = (next+1)%total_frames;
            page_faults++;
//            printf("page fault - no eviction\n");
        }
        else{                             // evict page out of table
            /* find the page to evict */
            int found = 0;
            while(!found){
                if (page_table[page_to_examine].referenced == 0){
                    found = 1;
                }
                else page_table[page_to_examine].referenced = 0;
                page_to_examine = (page_to_examine+1)%total_frames;
            }
            /* evict the page */
            int evict = page_to_examine == 0?total_frames-1:page_to_examine-1;
            if(page_table[evict].dirty == 1){
                disk_writes++;
                printf("evict dirty %08x\n",page_table[evict].page_number);
            }else{
                printf("evict clean %08x\n",page_table[evict].page_number);
            }
            page_table[page_to_examine-1] = new_access;
            page_faults++;
        }
        mem_access++;
        print_table();
    }
}

我的问题是在 运行 上面的代码之后,当我尝试使用以下方法释放内存时:

   void exit_clock(){
    free(page_table);
}

程序刚刚停止运行。错误是:

*** glibc detected *** ./main: free(): invalid next size (normal): 0x00000000006                                                                                                                                   02010 ***
======= Backtrace: =========
/lib64/libc.so.6[0x34ff676166]
/lib64/libc.so.6[0x34ff678ca3]
/lib64/libc.so.6(fclose+0x14d)[0x34ff6667cd]
./main[0x400d7a]
./main[0x40075f]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x34ff61ed1d]
./main[0x400629]
======= Memory map: ========
00400000-00402000 r-xp 00000000 00:1a 2136211636                         /afs/pi                                                                                                                                   tt.edu/home/z/i/ziz19/private/cs1550/project3/main
00601000-00602000 rw-p 00001000 00:1a 2136211636                         /afs/pi                                                                                                                                   tt.edu/home/z/i/ziz19/private/cs1550/project3/main
00602000-00623000 rw-p 00000000 00:00 0                                  [heap]
34fee00000-34fee20000 r-xp 00000000 fd:00 127                            /lib64/                                                                                                                                   ld-2.12.so
34ff01f000-34ff020000 r--p 0001f000 fd:00 127                            /lib64/                                                                                                                                   ld-2.12.so
34ff020000-34ff021000 rw-p 00020000 fd:00 127                            /lib64/                                                                                                                                   ld-2.12.so
34ff021000-34ff022000 rw-p 00000000 00:00 0
34ff600000-34ff78b000 r-xp 00000000 fd:00 131                            /lib64/                                                                                                                                   libc-2.12.so
34ff78b000-34ff98a000 ---p 0018b000 fd:00 131                            /lib64/                                                                                                                                   libc-2.12.so
34ff98a000-34ff98e000 r--p 0018a000 fd:00 131                            /lib64/                                                                                                                                   libc-2.12.so
34ff98e000-34ff98f000 rw-p 0018e000 fd:00 131                            /lib64/                                                                                                                                   libc-2.12.so
34ff98f000-34ff994000 rw-p 00000000 00:00 0
3505a00000-3505a16000 r-xp 00000000 fd:00 609                            /lib64/                                                                                                                                   libgcc_s-4.4.7-20120601.so.1
3505a16000-3505c15000 ---p 00016000 fd:00 609                            /lib64/                                                                                                                                   libgcc_s-4.4.7-20120601.so.1
3505c15000-3505c16000 rw-p 00015000 fd:00 609                            /lib64/                                                                                                                                   libgcc_s-4.4.7-20120601.so.1
7ffff7fd3000-7ffff7fd6000 rw-p 00000000 00:00 0
7ffff7ffb000-7ffff7ffe000 rw-p 00000000 00:00 0
7ffff7ffe000-7ffff7fff000 r-xp 00000000 00:00 0                          [vdso]
7ffffffea000-7ffffffff000 rw-p 00000000 00:00 0                          [stack]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsysca                                                                                                                                   ll]
Aborted (core dumped)

我不确定为什么会出现这个问题。我仅在 execute_clock 方法中将本地页面结构分配给 page_table。即使局部变量被破坏,这也不应该影响我释放 malloc 内存。

我发现了问题。这是我没有正确更新的循环数组的索引。