从无效的内存地址读取FD_SET?

时间:2012-03-05 21:11:29

标签: c select pipe

**编辑:我找到了解决方案。**

对于那些敢于阅读以下内容的人,我有一个奇怪的问题:

我正在做家庭作业,需要使用UNIX管道在进程之间发送消息。

我对此代码的意图是在提供的文件描述符上选择()。如果有什么东西可以不受阻塞地阅读,我想要返回它。如果没有,我想返回NULL并继续而不阻塞。

这是我的“getMessage”函数里面的代码,其中fd是文件描述符:

message* getMessage(int fd){
    int messageAvailable = 0;
    struct timeval timeout;
    fd_set fd2;

    //If there's a message available, read it; if not, continue on without delay
    timeout.tv_sec = 0;
    timeout.tv_usec = 0;
    FD_ZERO(&fd2);
    FD_SET(fd,&fd2);
    messageAvailable = select(FD_SETSIZE,&fd2,NULL,NULL,&timeout);
    if(messageAvailable){
        int bytesRead = 0;
        message* m;
        m = malloc(sizeof(message));
        //Get the header
        bytesRead = read(fd,m,sizeof(message));
        //If we got the whole message
        if(bytesRead == sizeof(message)){
            return m;
        }else{
            //If a message wasn't generated, free the space we allocated for it
            free(m);
            return NULL;
        }
    }else{
        return NULL;
    }
}

此代码位于循环内部,该循环在程序的持续时间内持续,并且在完全相同的点(成功传输一条消息后的下一个getMessage()调用)之后会出现段错误。显然,FD_SET线正在从无效的内存位置读取。

如果不发布我的所有代码,是否有人可以猜测在这个简单的宏中导致段错误的原因是什么?

我在下面发布了相关的调试信息,其中第33行与上面的FD_SET行对应:

==1330== Invalid read of size 1
==1330==    at 0x804E819: getMessage (messages.c:33)
==1330==    by 0x8049123: main (messageTest.c:110)
==1330==  Address 0xde88d627 is not stack'd, malloc'd or (recently) free'd
==1330== 
==1330== 
==1330== Process terminating with default action of signal 11 (SIGSEGV)
==1330==  Access not within mapped region at address 0xDE88D627
==1330==    at 0x804E819: getMessage (messages.c:33)
==1330==    by 0x8049123: main (messageTest.c:110)
==1330==  If you believe this happened as a result of a stack
==1330==  overflow in your program's main thread (unlikely but
==1330==  possible), you can try to increase the size of the
==1330==  main thread stack using the --main-stacksize= flag.
==1330==  The main thread stack size used in this run was 8388608.
==1330== 
==1330== HEAP SUMMARY:
==1330==     in use at exit: 344 bytes in 10 blocks
==1330==   total heap usage: 25 allocs, 15 frees, 2,492 bytes allocated
==1330== 
==1330== LEAK SUMMARY:
==1330==    definitely lost: 12 bytes in 1 blocks
==1330==    indirectly lost: 0 bytes in 0 blocks
==1330==      possibly lost: 0 bytes in 0 blocks
==1330==    still reachable: 332 bytes in 9 blocks
==1330==         suppressed: 0 bytes in 0 blocks
==1330== Rerun with --leak-check=full to see details of leaked memory
==1330== 
==1330== For counts of detected and suppressed errors, rerun with: -v
==1330== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 11 from 6)
Segmentation fault

1 个答案:

答案 0 :(得分:0)

哎呀......在我做了一些处理之后,我不小心将-1作为FD传递给了函数(这解释了为什么它在每次运行的同一点发生)。

这个问题可能会被关闭;我不认为它在我的单一用例之外有很多用途。