这是在Windows XP的VisualStudio中用C / C ++开发的多线程应用程序。

用户报告说它崩溃并显示错误“ Stack Overflow”

调试后,发现在计算机内存不足时,在导致“堆栈溢出”的线程之一中调用srand() 令人惊讶的是,在调用srand()的线程函数中没有引起大堆栈(静态数组等)的事情。

崩溃后的堆栈如下所示:

 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 217    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x57674054, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x5767c1ec)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x57675158, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x5767c1ec)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x57675158, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x5767c1ec)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x57675158, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x5767c1ec)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x5767c1ec)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x5767c1ec)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x5767c974, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x57684b0c)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x5767da78, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x57684b0c)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x5767da78, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x57684b0c)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x5767da78, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x57684b0c)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x57684b0c)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x57684b0c)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x57685294, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x5768d42c)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x57686398, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x5768d42c)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x57686398, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x5768d42c)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x57686398, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x5768d42c)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x5768d42c)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x5768d42c)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x5768dbb4, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x57695d4c)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x5768ecb8, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x57695d4c)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x5768ecb8, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x57695d4c)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x5768ecb8, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x57695d4c)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x57695d4c)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x57695d4c)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x576964d4, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x5769e66c)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x576975d8, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x5769e66c)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x576975d8, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x5769e66c)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x576975d8, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x5769e66c)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x5769e66c)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x5769e66c)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x5769edf4, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x576a6f8c)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x5769fef8, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x576a6f8c)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x5769fef8, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x576a6f8c)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x5769fef8, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x576a6f8c)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x576a6f8c)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x576a6f8c)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C

 MyApplication.exe!_LocaleUpdate::_LocaleUpdate(localeinfo_struct * plocinfo=0x00000000)  Line 243 + 0x5 bytes    C++
 MyApplication.exe!_woutput_s_l(_iobuf * stream=0x576a7714, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * argptr=0x576af8ac)  Line 1023    C++
 MyApplication.exe!_vswprintf_helper(int (_iobuf *, const wchar_t *, localeinfo_struct *, char *)* woutfn=0x0047d580, unsigned short * string=0x576a8818, unsigned int count=4076, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x576af8ac)  Line 157 + 0x13 bytes    C
 MyApplication.exe!_vsnwprintf_s_l(unsigned short * string=0x576a8818, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, localeinfo_struct * plocinfo=0x00000000, char * ap=0x576af8ac)  Line 324 + 0x21 bytes    C
 MyApplication.exe!_vsnwprintf_s(unsigned short * string=0x576a8818, unsigned int sizeInWords=4096, unsigned int count=4075, const wchar_t * format=0x0049aca0, char * ap=0x576af8ac)  Line 376 + 0x1b bytes    C
 MyApplication.exe!_VCrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x576af8ac)  Line 515 + 0x36 bytes    C
 MyApplication.exe!_CrtDbgReportWV(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, char * arglist=0x576af8ac)  Line 241 + 0x1d bytes    C++
 MyApplication.exe!_CrtDbgReportW(int nRptType=1, const wchar_t * szFile=0x00000000, int nLine=0, const wchar_t * szModule=0x00000000, const wchar_t * szFormat=0x0049aca0, ...)  Line 258 + 0x1d bytes    C++
 MyApplication.exe!_NMSG_WRITE(int rterrnum=16)  Line 215 + 0x11 bytes    C
 MyApplication.exe!_amsg_exit(int rterrnum=16)  Line 441 + 0x9 bytes    C
 MyApplication.exe!_getptd()  Line 525 + 0x7 bytes    C
 MyApplication.exe!srand(unsigned int seed=231)  Line 37 + 0x5 bytes    C
>MyApplication.exe!ThreadFunction()  Line 126 + 0xa bytes   C++

因此,我们可以清楚地看到递归的调用块最终导致“堆栈溢出”

我想知道内存不足是否真的会导致堆栈溢出。 因此,我编写了试用代码来分配内存,直到内存变满,然后调用具有大堆栈分配的函数。

但是,程序没有失败。 下面是代码:

void CallFunctionWithBigStack()
{
    char stack[10240];
    stack[10231] = 123; // Let's use 'stack' array so that optimizer won't discard it while compiling
    srand(stack[10231]);
}

void AllocateMem (int ChunkSize)
{
    unsigned char* ptr;
    unsigned int i=0;
    while(1)
    {
        ptr = (unsigned char*) malloc (ChunkSize);

        if (ptr)
            printf ("\nAllocating %d bytes", ChunkSize);
        else
        {
            printf ("\nERROR allocating memory");
            break;
        }

        i++;
    }
}

int _tmain(int argc, _TCHAR* argv[])
{
    // Allocate memory till it gets full
    AllocateMem (1024*1024*10); // Allocate in 10 of Megabytes
    AllocateMem (1024*1024); // Allocate in Megabytes
    AllocateMem (1024); // Allocate in Kilobytes

    // Now that memory is full, try calling function that has 10K stack
    CallFunctionWithBigStack();
    return 0;
}

所以我的问题是:

  1. 内存不足会导致“堆栈溢出”吗,尤其是当堆栈上没有太多内容且没有递归时。

  2. 还有什么可能导致srand()在函数迭代中进行,从而导致堆栈溢出。

  3. 如果异常处理程序无法捕获“堆栈溢出”,那么当内存不足时如何处理该异常,该如何处理。

===============>>#1 票数:0

  1. 在这种情况下, srand正在调用另一个函数,该函数由于内存不足而失败,因此无法很好地恢复。 因此,递归和堆栈溢出。
  2. 请参阅答案1。这看起来像C运行时库中的错误。

您尝试了哪种异常处理?

  ask by Atul translate from so

未解决问题?本站智能推荐:

6回复

什么导致堆栈溢出?

您可能认为这是一个巧合,我的问题的主题类似于论坛的名称,但我实际上是通过谷歌搜索“堆栈溢出”一词来到这里。 我使用OPNET网络模拟器,我使用C编程。我认为我遇到了大数组大小的问题。 看来我正在达到某种内存分配限制。 它可能与OPNET,Windows,我的笔记本电脑内存或最有可能的C
2回复

为什么我没有堆栈溢出?

编辑在你兴奋之前,最后看到重要的编辑,如果你仍然好奇,这些被报道为: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=696222 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug
4回复

分段错误和堆栈溢出之间有什么区别?

例如,当我们调用一个递归函数时,后续调用将存储在堆栈中。 但是,由于错误(如果无限进行),该错误是“分段错误”(如GCC所示)。 难道不是“堆栈溢出”吗? 两者之间的基本区别是什么? 顺便说一句,一种解释将比维基百科链接更有用(通过该链接,但对特定查询没有答案)。
3回复

Java使用的内存大于分配的内存

今天早上,我正在用Java测试一些东西,然后运行了这段代码,期望出现一个OutOfMemoryError : 令我惊讶的是,我的计算机在耗尽所有内存和交换空间后崩溃了几秒钟。 这也适用: 发生了什么事? 为什么内存不受Xmx的限制?
1回复

查找堆栈缓冲区溢出

我已经阅读了有关Stack Buffer Overflows和Heap溢出的5篇论文/文章和2个视频。 我编写了一个容易被溢出和利用的程序,在端口7777上运行了一个易受攻击,溢出和利用的服务器。 但我不明白的是如何在Windows(或其他操作系统)或软件中查找漏洞。 我正在使用gcc和g
1回复

“粉碎堆栈中的乐趣和利润”中的内存地址计算

我正在阅读“ 为乐趣和利润粉碎堆栈 ” 在“缓冲区溢出”一节中,我看到: “我们可以看到,当调用function()时,RET将是0x8004a8,我们想跳过0x80004ab的赋值。我们要执行的下一条指令是0x8004b2。一点数学告诉我们距离是8字节。 “ 我在这里得不到
2回复

堆上的结构元素与堆栈

所以,我正在创建一个目前需要大量内存的结构。 我希望将来减少它,但就目前而言,它就是它。 因此,我需要在堆上分配一些元素,因为如果将它们放在堆栈上,我会得到堆栈溢出。 是的,我增加了堆栈大小,但在目标平台上我只有这么多。 在这种情况下,在堆上分配每个结构元素,或者将一些结构元素放在堆
2回复

堆栈粉碎后如何处理错误信息

我在Linux上的C程序遇到了一些问题。 它在Windows上编译并运行得很好。 Linux终端返回以下信息: 我可以用这些信息来追踪问题?
1回复

C中内存的局部变量存储

这些天我正在阅读有关堆栈溢出的文档,发现一句话让我很困惑。 顺便说一下,在堆栈上推送的项目只能放在字边界,这意味着地址必须是字长的倍数。 因此,如果程序包含仅使用一个字节的局部变量,那么使用完整的单词来存储该变量! 这是否意味着存储在32位机器堆栈上的短int(2字节)局部变
2回复

当没有足够的内存在C中运行我的程序时,我该怎么办? [重复]

可能重复: 如何使用双指针分配2D数组? 我使用VB 2012 Express制作迷宫程序。 即使我将ROW*COLUMN设置为499*499 ,它也能很好地工作(迷宫是一个数组: unsigned char maze[ROW][COLUMN] )。 但有一次我试图制