问题描述
所以基本上我有一组结构 A 的实例。我想提取一个实例,修改字段。其中一个字段是唯一的ptr。我不太擅长阅读 c++ 错误,看起来该字段在提取时被删除了。 IE。调用唯一指针的析构函数。
示例:当我尝试访问字段“重量”时
我得到了一些类似的东西:
SUMMARY: AddressSanitizer: heap-use-after-free /usr/lib/llvm-11/include/c++/v1/memory:2490:19 in std::__1::unique_ptr<int,std::__1::default_delete<int> >::get() const
[ctest] Shadow bytes around the buggy address:
[ctest] 0x0c0e7fff84a0: fd fd fd fd fd fa fa fa fa fa fd fd fd fd fd fd
[ctest] 0x0c0e7fff84b0: fd fd fd fa fa fa fa fa fd fd fd fd fd fd fd fd
[ctest] 0x0c0e7fff84c0: fd fa fa fa fa fa fd fd fd fd fd fd fd fd fd fa
[ctest] 0x0c0e7fff84d0: fa fa fa fa 00 00 00 00 00 00 00 00 00 fa fa fa
[ctest] 0x0c0e7fff84e0: fa fa 00 00 00 00 00 00 00 00 00 fa fa fa fa fa
[ctest] =>0x0c0e7fff84f0: fd fd fd fd fd fd fd fd[fd]fa fa fa fa fa 00 00
[ctest] 0x0c0e7fff8500: 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa fa
[ctest] 0x0c0e7fff8510: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[ctest] 0x0c0e7fff8520: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[ctest] 0x0c0e7fff8530: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[ctest] 0x0c0e7fff8540: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
[ctest] Shadow byte legend (one shadow byte represents 8 application bytes):
[ctest] Addressable: 00
[ctest] Partially addressable: 01 02 03 04 05 06 07
[ctest] Heap left redzone: fa
[ctest] Freed heap region: fd
[ctest] Stack left redzone: f1
[ctest] Stack mid redzone: f2
[ctest] Stack right redzone: f3
[ctest] Stack after return: f5
[ctest] Stack use after scope: f8
[ctest] Global redzone: f9
[ctest] Global init order: f6
[ctest] Poisoned by user: f7
[ctest] Container overflow: fc
[ctest] Array cookie: ac
[ctest] Intra object redzone: bb
[ctest] ASan internal: fe
[ctest] Left alloca redzone: ca
[ctest] Right alloca redzone: cb
[ctest] Shadow gap: cc
Struct A {
std::unique_ptr<int> weight;
}
auto& element = set_.extract(set_iterator).value();
std::cout << *(element.weight);
解决方法
该节点在提取时不会被删除,而是在您使用之前不久被删除。
具体来说,您不保存节点句柄 .extract()
返回值,而是直接获取对其管理的部分节点的引用。
在完整语句的末尾,该引用变得悬空,因为没有人让拥有它的节点句柄保持活动状态。
因此,AddressSanitizer 检测heap-use-after-free。
存储节点句柄,或保存您想要的节点部分,但避免悬空引用。