为什么在创建pthread时会出现Segmentation Fault?

时间:2014-10-21 00:17:00

标签: c multithreading segmentation-fault valgrind

我在C中运行程序,我遇到了分段错误。 在运行Valgrind以了解有点错误之后我得到了错误:

==7905== Process terminating with default action of signal 11 (SIGSEGV)
==7905==  Access not within mapped region at address 0x4
==7905==    at 0x8049A65: agregar_nuevo_segmento_al_proceso (msp.c:597)
==7905==    by 0x804990E: cargar_segmento_en_estructuras (msp.c:536)
==7905==    by 0x80498B4: CrearSegmento (msp.c:345)
==7905==    by 0x8049313: comunicacionConMSP (msp.c:161)
==7905==    by 0x804924B: escuchar_kernel (msp.c:135)
==7905==    by 0x8049592: conexion_nueva (msp.c:242)
==7905==    by 0x404AD4B: start_thread (pthread_create.c:308)
==7905==    by 0x4182D3D: clone (clone.S:130)
==7905==  If you believe this happened as a result of a stack
==7905==  overflow in your program's main thread (unlikely but
==7905==  possible), you can try to increase the size of the
==7905==  main thread stack using the --main-stacksize= flag.
==7905==  The main thread stack size used in this run was 8388608.
==7905== 

正如你所看到的,错误从函数clone开始,所以我在那里寻找错误,但我不知道为什么会这样。

int main(int argc, char *argv[]) {
    logger = log_create("Log.txt", "MSP", false, LOG_LEVEL_DEBUG);
    //int resultado = GenerarEStructurasAdministrativas();

    LeerArchivoCfg(argv[1]);
    GenerarEstructurasAdministrativas(cantidad_memoria,cantidad_swap);

    pthread_t th1;
    pthread_t conexiones[BACKLOG];
    int cant_conexiones = 0;
    memoria = malloc(cantidad_memoria);

    //Creo hilo para escuchar la consola de la msp
    pthread_create(&th1, NULL, (void *) consola, NULL );
    log_error(logger, "Se ha creado el hilo para atender la consola de la MSP");

    int yes = 1;
    int sock = 0;
    int newsock = 0;
    struct sockaddr_in my_addr;
    struct sockaddr_in their_addr;
    socklen_t sin_size;

    my_addr.sin_family = AF_INET;
    my_addr.sin_port = htons(puerto);
    my_addr.sin_addr.s_addr = INADDR_ANY;
    memset(&(my_addr.sin_zero), 0, 8);

    //creo el socket
    if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
        log_error(logger, "Error al abrir el socket");
        close(sock);
        exit(1);
    }
    if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(int)) == -1) {
        log_error(logger, "Error en setsockopt.");
        close(sock);
        exit(1);

    }
    if (bind(sock, (struct sockaddr *) &my_addr, sizeof(struct sockaddr))
            == -1) {
        log_error(logger, "Error en funcion bind");
        close(sock);
        exit(1);
    }

    if (listen(sock, BACKLOG) == -1) {
        log_error(logger, "Error en funcion listen");
        close(sock);
        exit(1);
    }

    //acepto la conexión y creo un nuevo hilo que atienda dicha conexion
    while (1) {
        sin_size = sizeof(struct sockaddr_in);
        if ((newsock = accept(sock, (struct sockaddr *) &their_addr, &sin_size))
                == -1) {
            log_error(logger, "Error en accept.");
            continue;
        }
        int p = pthread_create(&conexiones[cant_conexiones], NULL,
                (void *) conexion_nueva, (void *) &newsock);
        cant_conexiones++;
        log_info(logger,p);
    }
    pthread_join(th1, NULL );

    log_destroy(logger);
    free(memoria);
    close(sock);
    return 0;
}

1 个答案:

答案 0 :(得分:1)

一个原因可能是您在conexiones数组的末尾写入内存。也就是说,conexiones只有BACKLOG个项目的空间,但你的while(1)循环继续无限增加cant_conexiones,直到你传递的指针作为pthread_create的第一个参数超过了数组,然后当pthread_create尝试写入它时,会发生未定义的行为(和崩溃)。

另一个原因是msp.c的第597行(在agregar_nuevo_segmento_al_proceso函数内)的代码试图取消引用NULL指针(具有4字节的偏移量)。由于该代码未发布,我不能说为什么,但这就是堆栈跟踪的顶部告诉你的。