std :: string :: assign()导致segfault

Question

std :: string :: assign()导致segfault

Dan*_*oof 7 c++ gcc gdb stdstring segmentation-fault

我有一个std::vector<uint8_t>包含特定偏移的字符串.这是一个缩短的转储:

...
@128    00 00 00 00 00 00 00 00 73 6F 6D 65 74 68 69 33 ........somethin
@144    38 36 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ng..............
@160    00 00 00 00 00 00 00 00 31 2E 32 2E 33 00 00 00 ........1.2.3...
@176    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
...

Run Code Online (Sandbox Code Playgroud)

我试图在偏移136处提取数据并将其放入std::string:

std::string x;
x.assign(vec.begin()+136, vec.begin()+168);

Run Code Online (Sandbox Code Playgroud)

但是,这会导致我的应用程序出现段错误.现在我对Linux下的软件开发很陌生,但我知道如何在GDB中启动我的应用并获得回溯,并在此处跟踪问题:

(gdb) backtrace
#0  0xb7536d78 in ?? () from /lib/i686/cmov/libc.so.6
#1  0xb7538cd5 in malloc () from /lib/i686/cmov/libc.so.6
#2  0xb7708957 in operator new(unsigned int) () from /usr/lib/libstdc++.so.6
#3  0xb76e4146 in std::string::_Rep::_S_create(unsigned int, unsigned int, std::allocator<char> const&) () from /usr/lib/libstdc++.so.6
#4  0xb76e63b0 in std::string::_M_mutate(unsigned int, unsigned int, unsigned int) () from /usr/lib/libstdc++.so.6
#5  0xb76e654a in std::string::_M_replace_safe(unsigned int, unsigned int, char const*, unsigned int) () from /usr/lib/libstdc++.so.6
#6  0x0806d651 in std::string::_M_replace_dispatch<__gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > > > (this=0xbfffe464, __i1=..., __i2=..., __k1=..., __k2=...) at /usr/include/c++/4.3/bits/basic_string.tcc:637
#7  0x0806d26e in std::string::replace<__gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > > > (this=0x811c730, vec=...) at /usr/include/c++/4.3/bits/basic_string.h:1390
#8  std::string::assign<__gnu_cxx::__normal_iterator<unsigned char const*, std::vector<unsigned char, std::allocator<unsigned char> > > > (
    this=0x811c730, vec=...) at /usr/include/c++/4.3/bits/basic_string.h:958
#9  myclass::somemethod (this=0x811c730, vec=...) at myclass.cpp:135

Run Code Online (Sandbox Code Playgroud)

打印vec.size()返回200甚至循环遍历向量并打印数据导致我没有问题(正好在崩溃的片段上方!).

我正在使用g ++ 4.3.4在Debian中编译.有关这个问题可能是什么的任何指示？

Answer 1

car*_*arl 14

在您的代码中,其他地方可能存在不匹配的免费/删除,从而延迟了此类症状.当您使用释放的内存时,只要认为合适,操作系统就可以自由继续.

尝试在valgrind中运行该程序.valgrind使用自己的malloc和free,因此它可以提醒您不正确的新闻和删除.确保编译没有优化和-g¹:

g++ -g main.cc -o binary
valgrind --leak-check=full ./binary

Run Code Online (Sandbox Code Playgroud)

确保不要从超出范围的堆栈变量创建指针.例如,这是新开发人员的常见错误:

int *foo() {
    int a = 0;
    // do something to a here
    return &a;
}

Run Code Online (Sandbox Code Playgroud)

由于已超出范围,您将返回指向已释放内存的指针.

¹关于-g,从联机帮助页:以操作系统的本机格式(stabs,COFF,XCOFF或DWARF 2)生成调试信息.GDB可以使用此调试信息.

归档时间：	16 年，5 月前
查看次数：	13635 次
最近记录：	13 年前