英文:
ntdll!RtlIsZeroMemory releasing linked list memory in C [warning: Critical error detected c0000374]
问题
I've translated the code parts for you:
test.h
typedef struct snPng_block {uint8_t size[4];size_t dataSize;uint8_t *data;uint8_t crc[4];struct snPng_block *next;} snPng_block;int snPng_new(snPng_block **obj, size_t length){if (!length) {return snErr_ErrNullData;}snPng_block *head = NULL;snPng_block *ptr = NULL;size_t index;for (index = 0; index < length; ++index) {if (head == NULL) {if (!(head = (snPng_block *)malloc(sizeof(snPng_block)))) {return snErr_Memory;}ptr = head;} else {if (!(ptr->next = (snPng_block *)malloc(sizeof(snPng_block)))) {return snErr_Memory;}ptr = ptr->next;}}ptr->next = NULL;(*obj) = head;return snErr_OK;}int snPng_release(snPng_block **obj){snPng_block *ptr = NULL;for (ptr = (*obj); ptr; ptr = ptr->next) {free(ptr);}return snErr_OK;}
test.c
int main(int argc, char **argv){snPng_block *block = NULL;snPng_new(&block, 9);snPng_block *ptr = NULL;snSize index;for (index = 0, ptr = block; ptr != NULL; ++index, ptr = ptr->next) {printf("%"PRIu64" node: %p\n", index + 1, ptr);}snPng_release(&block);return 0;}
I hope this helps!
英文:
I am trying to write data with a linked list structure. After writing the function used to apply memory for each node in the linked list, I started writing the function used to release memory for each node in the linked list, but it encountered an error.
test.h
typedef struct snPng_block {uint8_t size[4];size_t dataSize;uint8_t *data;uint8_t crc[4];struct snPng_block *next;} snPng_block;int snPng_new(snPng_block **obj, size_t length){if(!length) {return snErr_ErrNullData;}snPng_block *head = NULL;snPng_block *ptr = NULL;size_t index;for(index = 0; index < length; ++index) {if(head == NULL) {if(!(head = (snPng_block *)malloc(sizeof(snPng_block)))) {return snErr_Memory;}ptr = head;} else {if(!(ptr->next = (snPng_block *)malloc(sizeof(snPng_block)))) {return snErr_Memory;}ptr = ptr->next;}}ptr->next = NULL;(*obj) = head;return snErr_OK;}int snPng_release(snPng_block **obj){snPng_block *ptr = NULL;for(ptr = (*obj); ptr; ptr = ptr->next) {free(ptr);}return snErr_OK;}
test.c
int main(int argc, char **argv){snPng_block *block = NULL;snPng_new(&block, 9);snPng_block *ptr = NULL;snSize index;for(index = 0, ptr = block; ptr != NULL; ++index, ptr = ptr->next) {printf("%"PRIu64" node: %p\n", index + 1, ptr);}snPng_release(&block);return 0;}
The following are the results of my debugging using GDB tools.<br>
I don't quite understand why this program generates errors because I check if each node points to an NULL address before releasing it.
Reading symbols from #output\main.exe...(gdb) rStarting program: E:\Projects\Shark_Coast\#output\main.exe[New Thread 13724.0x8ac]1 node: 00000244171955F02 node: 00000244171958303 node: 00000244171958904 node: 000002441719ADA05 node: 000002441719AE006 node: 000002441719AE607 node: 000002441719AEC08 node: 000002441719AF209 node: 00000244171994F0warning: Critical error detected c0000374Thread 1 received signal SIGTRAP, Trace/breakpoint trap.0x00007fff7ab2f633 in ntdll!RtlIsZeroMemory () from C:\WINDOWS\SYSTEM32\ntdll.dll(gdb) backtrace#0 0x00007fff7ab2f633 in ntdll!RtlIsZeroMemory () from C:\WINDOWS\SYSTEM32\ntdll.dll#1 0x00007fff7ab383f2 in ntdll!RtlpNtSetValueKey () from C:\WINDOWS\SYSTEM32\ntdll.dll#2 0x00007fff7ab386da in ntdll!RtlpNtSetValueKey () from C:\WINDOWS\SYSTEM32\ntdll.dll#3 0x00007fff7ab3e361 in ntdll!RtlpNtSetValueKey () from C:\WINDOWS\SYSTEM32\ntdll.dll#4 0x00007fff7aa55b43 in ntdll!RtlGetCurrentServiceSessionId () from C:\WINDOWS\SYSTEM32\ntdll.dll#5 0x00007fff7aa547b1 in ntdll!RtlFreeHeap () from C:\WINDOWS\SYSTEM32\ntdll.dll#6 0x00007fff781bf05b in ucrtbase!_free_base () from C:\WINDOWS\System32\ucrtbase.dll#7 0x00007ff7f3653480 in snPng_release (obj=<optimized out>) at includes/image/test.h:53#8 main (argc=<optimized out>, argv=<optimized out>) at test\test.c:29
答案1
得分: 3
问题似乎是由于不正确的函数 snPng_release 导致的,其中在删除指针所指向的内存后,在表达式 ptr = ptr->next 中使用了无效指针。
此外,在调用函数后,原始指针在表达式 *obj 中引用,将不等于 NULL,这是因为指针是通过引用传递给函数的。
相反,您需要编写如下示例:
int snPng_release(snPng_block **obj){while (*obj){snPng_block *ptr = *obj;*obj = (*obj)->next;// 释放数据成员 data 所指向的内存// 如果它也是动态分配的,类似于 free(ptr->data);free(ptr);}return snErr_OK;}
调用函数后,主函数中声明的原始指针 block 将等于 NULL,如所需。
英文:
It seems the problem exists due to the incorrect function snPng_release
int snPng_release(snPng_block **obj){snPng_block *ptr = NULL;for(ptr = (*obj); ptr; ptr = ptr->next) {free(ptr);}return snErr_OK;}
where there are used invalid pointers in the expression ptr = ptr->next after deleting memory pointed to by the pointers.
Also after calling the function the original pointer referred to by the expression *obj will not be equal to NULL as it is required because the pointer is passed to the function by reference.
Instead you need to write for example
int snPng_release(snPng_block **obj){while ( *obj ){snPng_block *ptr = *obj;*obj = ( *obj )->next;// free the memory pointed to by the data member data// if it also was dynamically allocated// like free( ptr->data );free( ptr );}return snErr_OK;}
After calling the function the original pointer block declared in main will be equal to NULL as required.
答案2
得分: 1
Your snPng_release function is accessing the freed block after having already freed it.
In this for loop:
for(ptr = (*obj); ptr; ptr = ptr->next) {free(ptr);}
After running free(ptr), in the next iteration, it will try to set ptr = ptr->next, but ptr has already been freed.
One solution might be to save a pointer to ptr->next before freeing it:
for(ptr = (*obj); ptr;) {snPng_block *tmp = ptr->next;free(ptr);ptr = tmp;}
英文:
Your snPng_release function is accessing the freed block after having already freed it.
In this for loop:
for(ptr = (*obj); ptr; ptr = ptr->next) {free(ptr);}
After running free(ptr), in the next iteration it will try set ptr = ptr->next, but ptr has already been freed.
One solution might be to save a pointer to ptr->next before freeing it:
for(ptr = (*obj); ptr;) {snPng_block *tmp = ptr->next;free(ptr);ptr = tmp;}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论