All geek questions in one place

Glibc detected: double freedom or corruption

I will explain the brief coding steps that I did, and the area where I ran into the problem

main.cpp

int main() { int cnt_map,i=1,value; /* My question is about this char pointer "key" */ char *key =(char*)malloc(sizeof(char) * 25); if(key!=NULL) { printf("Key value is not NULL,its value is:%x\n",key) ; cout<< "Enter the number of elements required in container map"<<endl; cin >> cnt_map; for (i=1;i<=cnt_map;i++) { cout << "Enter the key : "; cin >>key; cout << "Enter the key value:" ; cin >>value; printf("value pointed by ptr key: %s, value in ptr: %x\n", key,key); c -> add_map1(key,value); //Function inserts value to map container key+=sizeof(key); } c -> size_map1(); //Function displays size of map container c -> display_map1(); //Function displays contents of map container if(key) { printf("FINALLY:value pointed by ptr key: %s, value in ptr: %x,size:%d\n",key, key, sizeof(key)); free(key); } } return 0; }

when I tried to compile and run the above code, I can successfully compile the code, but when I tried to start the application I got "glibc detection: double free or corrupt".

Now my question is: I created a char pointer ( char *key =(char*)malloc(sizeof(char) * 25); ) and successfully assigned it memory using malloc. After completing my process, when I tried to free this char pointer, I get a double error or corruption error. I found out that any variable assigned to memory with malloc / calloc should be permanently freed. Please tell me why I get an error, why shouldn't I? Please tell me how memory operations go on with char* key (if possible clearly).

Note: the above code is not complete code, I just explained where I get the problem, and if I do not release the pointer variable, my application runs successfully.

Any help is appreciated. Thank you very much in advance.

+4
source share
4 answers

What is because of this line: key+=sizeof(key); . key doen't contains the same address as the returned malloc address.

For instance:

char *key =(char*)malloc(sizeof(char) * 25);

Say malloc returns the address 20000 (a completely dumb address, this is just an example).

Now you do key+=sizeof(key); , so key = 20000 + 4 = 20004. The problem is that you are trying to free key , which points to the address 20004 instead of 20000.

To fix this, try the following:

 int main() { int cnt_map,i=1,value; char *key_save; /* My question is about this char pointer "key" */ char *key =(char*)malloc(sizeof(char) * 25); key_save = key; if(key!=NULL) { printf("Key value is not NULL,its value is:%x\n",key) ; cout<< "Enter the number of elements required in container map"<<endl; cin >> cnt_map; for (i=1;i<=cnt_map;i++) { cout << "Enter the key : "; cin >>key; cout << "Enter the key value:" ; cin >>value; printf("value pointed by ptr key: %s, value in ptr: %x\n", key,key); c -> add_map1(key,value); //Function inserts value to map container key+=sizeof(key); } c -> size_map1(); //Function displays size of map container c -> display_map1(); //Function displays contents of map container if(key) { printf("FINALLY:value pointed by ptr key: %s, value in ptr: %x,size:%d\n",key, key, sizeof(key)); free(key_save); } } return 0; }
+5
source

By doing this:

 key+=sizeof(key);

your key variable no longer points to the beginning of the allocated memory. You must pass the original pointer to free() . You need to save the original pointer in another variable so that you can correctly free() at the end.

(You can simply delete this line - I'm not sure what it does, given that sizeof(key) is 4 or 8. I suspect this is redundant.)

+7
source

Just delete the line:

 key+=sizeof(key);

key not a pointer to an array of strings; it is a pointer to a single string. Each time you increase this value, you reduce the available space in the row. When you first read the key, 25 bytes are available. The next time you increased key by 4 or 8 bytes, but the end of the allocated space has not changed, so now only 21 or 17 bytes are available. The third time it is only 17 or 9 bytes, etc. After several iterations, you will increase the key beyond the end of the memory block you allocated and begin writing to unallocated memory (or the memory assigned to other data structures). This behavior is undefined and is likely to cause unpredictable crashes in your program.

Since you are using C ++, you should use std::string instead of char[] for strings, and std::vector instead of regular arrays. These data structures automatically expand as needed, so you avoid buffer overflows like this.

+1
source

this does not take your code into account, but I had the same problem in reading Reader (operating systems) http://en.wikipedia.org/wiki/Readers%E2%80%93writers_problem .

This is due to the fact that the file pointer is global, so whenever a reader tried to read, but in b / w another reading reads and closes the file pointer, therefore, when another reader who has not finished reading, tried close the file pointer after reading. therefore, it happened that the file pointer is already closed, it does not point to any file. The solution I used. Instead of declaring a pointer to a global file, I declared it local to the reader function that he or you can check the file pointer for NULL, and if NULL, do not close the file pointer.

 #include<stdio.h> #include<semaphore.h> #include<pthread.h> #include<string.h> #include<stdlib.h> sem_t x,wsem; int rc=0; char ch; char str[20]; void *reader(void *); void *writer(void *); int main() { int nw,nr,i=0,j=0; pthread_t w[10],r[10]; sem_init(&x,0,1); sem_init(&wsem,0,1); rc=0; printf("Enter the no of readers:"); scanf("%d",&nr); printf("Enter the no of writers"); scanf("%d",&nw); while(i<nw || j<nr) { if(i<nw) { pthread_create(&w[i],NULL,writer,(void *)i); i++; } if(j<nr) { pthread_create(&r[j],NULL,reader,(void *)j); j++; } } for(i=0;i<nw;i++) { pthread_join(w[i],NULL); } for(j=0;j<nr;j++) { pthread_join(r[j],NULL); } return 0; } void *reader(void *arg) { FILE *fptr; sem_wait(&x); rc++; if(rc==1) sem_wait(&wsem); sem_post(&x); printf("\nreader %d:",arg); fptr=fopen("temp.txt","r+"); while(fgets(str,10,fptr)!=NULL) { printf("%s",str); } printf("\n"); fclose(fptr); sem_wait(&x); rc--; if(rc==0) sem_post(&wsem); sem_post(&x); } void *writer(void *arg) { FILE *fptr1; sem_wait(&wsem); printf("\nwriter-%d:\n",arg); fptr1=fopen("temp.txt","a+"); printf("enter the string:"); scanf("%s",str); fputs(str,fptr1); fclose(fptr1); sem_post(&wsem); }
0
source

Source: https://habr.com/ru/post/1488498/

More articles:


All Articles