2023年5月14日 03:53:21go评论66阅读模式

英文:

ntdll!RtlIsZeroMemory releasing linked list memory in C [warning: Critical error detected c0000374]

问题

I've translated the code parts for you:

test.h

typedef struct snPng_block {
    uint8_t size[4];
    size_t  dataSize;
    uint8_t *data;
    uint8_t crc[4];
    struct snPng_block *next;
} snPng_block;

int snPng_new(snPng_block **obj, size_t length)
{
    if (!length) {
        return snErr_ErrNullData;
    }
    snPng_block *head = NULL;
    snPng_block *ptr = NULL;
    size_t index;

    for (index = 0; index < length; ++index) {
        if (head == NULL) {
            if (!(head = (snPng_block *)malloc(sizeof(snPng_block)))) {
                return snErr_Memory;
            }
            ptr = head;
        } else {
            if (!(ptr->next = (snPng_block *)malloc(sizeof(snPng_block)))) {
                return snErr_Memory;
            }
            ptr = ptr->next;
        }
    }

    ptr->next = NULL;
    (*obj) = head;

    return snErr_OK;
}

int snPng_release(snPng_block **obj)
{
    snPng_block *ptr = NULL;
    for (ptr = (*obj); ptr; ptr = ptr->next) {
        free(ptr);
    }

    return snErr_OK;
}

test.c

int main(int argc, char **argv)
{
    snPng_block *block = NULL;
    snPng_new(&block, 9);
    snPng_block *ptr = NULL;
    snSize index;

    for (index = 0, ptr = block; ptr != NULL; ++index, ptr = ptr->next) {
        printf("%"PRIu64" node: %p\n", index + 1, ptr);
    }
    snPng_release(&block);
    return 0;
}

I hope this helps!

英文:

I am trying to write data with a linked list structure. After writing the function used to apply memory for each node in the linked list, I started writing the function used to release memory for each node in the linked list, but it encountered an error.

test.h

typedef struct snPng_block {
    uint8_t size[4];
    size_t  dataSize;
    uint8_t *data;
    uint8_t crc[4];
    struct snPng_block *next;
} snPng_block;

int snPng_new(snPng_block **obj, size_t length)
{
    if(!length) {
        return snErr_ErrNullData;
    }
    snPng_block *head = NULL;
    snPng_block *ptr = NULL;
    size_t index;

    for(index = 0; index &lt; length; ++index) {
        if(head == NULL) {
            if(!(head = (snPng_block *)malloc(sizeof(snPng_block)))) {
                return snErr_Memory;
            }
            ptr = head;
        } else {
            if(!(ptr-&gt;next = (snPng_block *)malloc(sizeof(snPng_block)))) {
                return snErr_Memory;
            }
            ptr = ptr-&gt;next;
        }
    }

    ptr-&gt;next = NULL;
    (*obj) = head;

    return snErr_OK;
}

int snPng_release(snPng_block **obj)
{
    snPng_block *ptr = NULL;
    for(ptr = (*obj); ptr; ptr = ptr-&gt;next) {
        free(ptr);
    }

    return snErr_OK;
}

test.c

int main(int argc, char **argv)
{
    snPng_block *block = NULL;
    snPng_new(&amp;block, 9);
    snPng_block *ptr = NULL;
    snSize index;

    for(index = 0, ptr = block; ptr != NULL; ++index, ptr = ptr-&gt;next) {
        printf(&quot;%&quot;PRIu64&quot; node: %p\n&quot;, index + 1, ptr);
    }
    snPng_release(&amp;block);
    return 0;
}

The following are the results of my debugging using GDB tools.<br>
I don't quite understand why this program generates errors because I check if each node points to an NULL address before releasing it.

Reading symbols from #output\main.exe...
(gdb) r
Starting program: E:\Projects\Shark_Coast\#output\main.exe
[New Thread 13724.0x8ac]
1 node: 00000244171955F0
2 node: 0000024417195830
3 node: 0000024417195890
4 node: 000002441719ADA0
5 node: 000002441719AE00
6 node: 000002441719AE60
7 node: 000002441719AEC0
8 node: 000002441719AF20
9 node: 00000244171994F0
warning: Critical error detected c0000374

Thread 1 received signal SIGTRAP, Trace/breakpoint trap.
0x00007fff7ab2f633 in ntdll!RtlIsZeroMemory () from C:\WINDOWS\SYSTEM32\ntdll.dll

(gdb) backtrace
#0  0x00007fff7ab2f633 in ntdll!RtlIsZeroMemory () from C:\WINDOWS\SYSTEM32\ntdll.dll
#1  0x00007fff7ab383f2 in ntdll!RtlpNtSetValueKey () from C:\WINDOWS\SYSTEM32\ntdll.dll
#2  0x00007fff7ab386da in ntdll!RtlpNtSetValueKey () from C:\WINDOWS\SYSTEM32\ntdll.dll
#3  0x00007fff7ab3e361 in ntdll!RtlpNtSetValueKey () from C:\WINDOWS\SYSTEM32\ntdll.dll
#4  0x00007fff7aa55b43 in ntdll!RtlGetCurrentServiceSessionId () from C:\WINDOWS\SYSTEM32\ntdll.dll
#5  0x00007fff7aa547b1 in ntdll!RtlFreeHeap () from C:\WINDOWS\SYSTEM32\ntdll.dll
#6  0x00007fff781bf05b in ucrtbase!_free_base () from C:\WINDOWS\System32\ucrtbase.dll
#7  0x00007ff7f3653480 in snPng_release (obj=&lt;optimized out&gt;) at includes/image/test.h:53
#8  main (argc=&lt;optimized out&gt;, argv=&lt;optimized out&gt;) at test\test.c:29

答案1

得分: 3

问题似乎是由于不正确的函数 snPng_release 导致的，其中在删除指针所指向的内存后，在表达式 ptr = ptr->next 中使用了无效指针。

此外，在调用函数后，原始指针在表达式 *obj 中引用，将不等于 NULL，这是因为指针是通过引用传递给函数的。

相反，您需要编写如下示例：

int snPng_release(snPng_block **obj)
{
    while (*obj)
    {
        snPng_block *ptr = *obj;
        *obj = (*obj)->next;
        // 释放数据成员 data 所指向的内存
        // 如果它也是动态分配的，类似于 free(ptr->data);
        free(ptr);
    } 

    return snErr_OK;
}

调用函数后，主函数中声明的原始指针 block 将等于 NULL，如所需。

英文:

It seems the problem exists due to the incorrect function snPng_release

int snPng_release(snPng_block **obj)
{
    snPng_block *ptr = NULL;
    for(ptr = (*obj); ptr; ptr = ptr-&gt;next) {
        free(ptr);
    }

    return snErr_OK;
}

where there are used invalid pointers in the expression ptr = ptr->next after deleting memory pointed to by the pointers.

Also after calling the function the original pointer referred to by the expression *obj will not be equal to NULL as it is required because the pointer is passed to the function by reference.

Instead you need to write for example

int snPng_release(snPng_block **obj)
{
    while ( *obj )
    {
        snPng_block *ptr = *obj;
        *obj = ( *obj )-&gt;next;
        // free the memory pointed to by the data member data
        // if it also was dynamically allocated 
        // like free( ptr-&gt;data );
        free( ptr );
    } 

    return snErr_OK;
}

After calling the function the original pointer block declared in main will be equal to NULL as required.

答案2

得分: 1

Your snPng_release function is accessing the freed block after having already freed it.

In this for loop:

for(ptr = (*obj); ptr; ptr = ptr->next) {
    free(ptr);
}

After running free(ptr), in the next iteration, it will try to set ptr = ptr->next, but ptr has already been freed.

One solution might be to save a pointer to ptr->next before freeing it:

for(ptr = (*obj); ptr;) {
    snPng_block *tmp = ptr->next;
    free(ptr);
    ptr = tmp;
}

英文:

Your snPng_release function is accessing the freed block after having already freed it.

In this for loop:

for(ptr = (*obj); ptr; ptr = ptr-&gt;next) {
    free(ptr);
}

After running free(ptr), in the next iteration it will try set ptr = ptr->next, but ptr has already been freed.

One solution might be to save a pointer to ptr->next before freeing it:

for(ptr = (*obj); ptr;) {
    snPng_block *tmp = ptr-&gt;next;
    free(ptr);
    ptr = tmp;
}

通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库，让每个人都能够通过互相帮助和分享经验来进步。

ntdll!RtlIsZeroMemory 在 C 中释放链表内存 [警告：检测到关键错误 c0000374]

问题

test.h

test.c

test.h

test.c

答案1

答案2

Array of structs not updating in C project.

我看不到我的网络原始数据包在C中

在OS X中以编程方式获取正在运行的应用程序包。

最小距离使用深度优先搜索 (DFS)

What's the correct way to type hint an empty list as a literal in python?

如何在Highcharts Gantt中更改本地化的星期名称

如何在同一个流中使用多个过滤器和映射函数？

如何使用Map/Set来将代码优化到O(n)？

.NET MAUI Android在GitHub Actions上构建失败，错误代码为1。

如何在Playwright视觉比较中屏蔽多个定位器？

在C++中，可以使用可变模板参数来检索类型的内部类型。

selenium.common.exceptions.StaleElementReferenceException: Message: stale element reference: stale element not found

Creating and opening a URL to log in to Website via Basic Auth with Robot Framework/Selenium (Python)

AG Grid 在上下文菜单中以大文本形式打开

发表评论