void *do_chld(void *arg)
{
char *sub;
sub = malloc(255 * sizeof(char));
/*
------ Some Code ----
*/
free(sub);
pthread_exit((void *)0);
}
The above function is passed to pthreads. When the program executes I get a segmentation fault. Once I comment the call to free(sub)
my code works fine. I am unable to figure out why? Cant we dynamically free memory in threads? Since the heap is shared among all the peer threads associated with the main thread.
Edit 1- full code
void *do_chld(void *arg)
{
int new_fd = (int) arg;
int i,n,val;
char buf[255];
char *sub;
sub = malloc(255 * sizeof(char));
printf("Child thread [%d]: Socket number = %d\n", pthread_self(), new_fd);
/* read from the given socket */
n = read(new_fd,buf,100);
if(n<0){
fprintf(stderr,"Receieving Failed\n");
exit(2);
}
//process
printf("Received %s \n",buf);
val = checkSpelling(buf) ;
if(val){
sub = "Correct Spelling";
}
else{
sub = "InCorrect Spelling";
}
n = 0 ;
n = write(new_fd,sub,strlen(sub));
if(n<0){
fprintf(stderr,"Sending Failed\n");
exit(2);
}
/* close the socket and exit this thread*/
close(new_fd);
free(sub);
pthread_exit开发者_如何学Python((void *)0);
}
You are assigning a string literal - the "Correct spelling"/"Incorect spelling" strings - to the sub
pointer and then you are trying to free it with free()
. String literals are allocated statically in the code and cannot be freed.
Essentially the sub
pointer at the time of the free()
call is pointing at something that has not been allocated with malloc()
.
I think the main issue, though, is that you perform a pointer assignment, when you probably want to do a string copy, so that the contents of the string are in the area you got from malloc()
.
EDIT:
You may want to have a look at the strcpy()
and strdup()
functions. strcpy()
would be fine in your case, although it would be better if you got used to strncpy()
instead.
strdup()
is roughly a combination of strlen() + malloc() + strcpy()
and is usally the most simple option when you want to have a copy of a string in the heap memory areas, so that it can be later be freed with free()
.
EDIT 2:
In your code above you use the sub
buffer only for the response messages, and then free it. If that will be the final behaviour of your code, you can simply remove the malloc()
and free()
calls and it would probably be fine.
This sounds like heap corruption to me - have you tried running your program without the /* -- Some Code -- */
?
Although the code you have shown looks fine, its possible that the code not shown may have overwritten (corrupted) parts of the heap outside of the allocated memory. Although this may not have caused a failure at the point where the memory is corrupted and wouldn't cause a failure when the process terminates, you could very easily have modified the data structure that describes the allocated memory in a way that causes the call to free
to fail.
Update: Looking at your second code posting it could in fact be that you are inadvertently modifying the value of the sub
pointer (a.k.a. stack corruption) - possibly by writing past the end of buf
. This would almost certainly cause free
to fail.
Check the value of sub
just after the malloc
call, and then once again just before the free
to make sure it has not changed.
Update 2: Scratch that - thkala Has the correct answer.
Because 'sub' lost the reference which is the address of the result of malloc(). At first, 'sub' pointed the beginning address of the result of malloc(). when you, however, let 'sub' "Correct spelling", 'sub' didn't point the malloc()-ed memory. it became the beginning address of that String - "Corr--" -. If you use 'sub' to try to free the malloc()-ed memory, compiler would send you an error because 'sub' doen't point malloc()-ed address as well as you cannot free the string(char arrary).
you don't miss that the sub is one of the pointer value, not the memory itself.
精彩评论