c - 程序可以工作，但最终检测到**堆栈粉碎**

Question

我已经查看了此讨论:Stack Smashing Detected at End of Program

但这不是同一个问题。

就我而言。我的程序可以工作，但如果我运行 10x: 6x 则没有错误，而 4x 最后会给出“检测到堆栈粉碎”，并显示错误的输出。我发现很多人说是gcc或者linux SO引起的。在在线编译器中，我运行了超过 20 次，但从未出现过此错误。

#include <stdio.h>
#include <stdlib.h>

void bubbleSort(int v[], int tam)
{
    int aux=0, i=0, j=0;
    for (i = 0; i < tam; i++)
    {
        printf("%d\n",i );
        for (j = 0; j < tam - i; j++)
        {
            if (v[j] > v[j + 1])
            {
                printf("a\n");
                aux = v[j];
                printf("b\n");
                v[j] = v[j + 1];
                printf("c\n");
                v[j + 1] = aux;
                printf("d\n");
        }
    }
}
}

int main(void)
{
    int v[10] = {1, 5, 6, 8, 9, 0, 4, 3, 2, 7};
    int n = 10;
    bubbleSort(v, n);

    for (int i = 0; i < n; i++)
    {
        printf("%d,", v[i]);
    }
    printf("\n");
    return 0;
}

我的输出:

0
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
1
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
2
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
3
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
4
a
b
c
d
a
b
c
d
a
b
c
d
a
b
c
d
5
a
b
c
d
a
b
c
d
6
a
b
c
d
7
a
b
c
d
8
a
b
c
d
9
a
b
c
d


-1228779264,0,1,2,3,4,5,6,7,8,
*** stack smashing detected ***

<小时/>

Valgrind 日志:

==7890== 
==7890== Process terminating with default action of signal 6 (SIGABRT)
==7890==    at 0x4E6F428: raise (raise.c:54)
==7890==    by 0x4E71029: abort (abort.c:89)
==7890==    by 0x4EB17E9: __libc_message (libc_fatal.c:175)
==7890==    by 0x4F5315B: __fortify_fail (fortify_fail.c:37)
==7890==    by 0x4F530FF: __stack_chk_fail (stack_chk_fail.c:28)
==7890==    by 0x4006EC: main ()
==7890== 
==7890== HEAP SUMMARY:
==7890==     in use at exit: 0 bytes in 0 blocks
==7890==   total heap usage: 1 allocs, 1 frees, 1,024 bytes allocated
==7890== 
==7890== All heap blocks were freed -- no leaks are possible
==7890== 
==7890== For counts of detected and suppressed errors, rerun with: -v
==7890== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Abortado

<小时/>

->Linux:Ubuntu 16.04

->海湾合作委员会:

Using built-in specs.
COLLECT_GCC=gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/5/lto-wrapper
Target: x86_64-linux-gnu
Configured with: ../src/configure -v --with-pkgversion='Ubuntu 5.4.0-6ubuntu1~16.04.9' --with-bugurl=file:///usr/share/doc/gcc-5/README.Bugs --enable-languages=c,ada,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-5 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --with-default-libstdcxx-abi=new --enable-gnu-unique-object --disable-vtable-verify --enable-libmpx --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-5-amd64/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-5-amd64 --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-5-amd64 --with-arch-directory=amd64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with-arch-32=i686 --with-abi=m64 --with-multilib-list=m32,m64,mx32 --enable-multilib --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu
Thread model: posix
gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.9)  

Answer 1

在 bubbleSort ，当 i是 0，for (j = 0; j < tam - i; j++)是 for (j = 0; j < tam - 0; j++) ，所以j迭代到并包括 tam-1 .

然后，在循环中比较 v[j]与 v[j + 1] 。后者可能是v[tam-1 + 1] ，即v[tam] ，它位于数组之外。仅此一点就是 C 标准不允许的引用。然后代码继续交换 v[j]与 v[j + 1] ，如果比较结果为 true。这会将数据写入数组的范围之外 v ，因此它会损坏进程中的一些内存。