个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
24
4
运行Valgrind中的程序,它表示结构的转换指针处存在“大小为 8 的无效读取”。和calloc有关系吗?如果按原样读取,则为 (nil)。
有一个结构体(称为 trie),其用法如下:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <limits.h>
const int MAX_SIZE = 20;
struct _trie {
int maxNode;
int nextNode;
int** transition;
char* fin;
};
typedef struct _trie * Trie;
Trie createTrie (int maxNode){
Trie trie;
trie = (Trie) malloc(sizeof(Trie));
printf("size of trie: %lu, size of the struct: %lu, size of _trie: %lu\n",sizeof(trie),sizeof(Trie), sizeof(struct _trie));
trie->maxNode = maxNode;
printf("maxNode = %d, size of maxNode: %lu\n",trie->maxNode,sizeof(trie->maxNode));
printf("size of nextNode : %lu, size of transition: %lu, size of fin: %lu\n",
sizeof(trie->nextNode),sizeof(trie->transition),sizeof(trie->fin));
这里,当 valgrid 尝试读取时,它显示“无效读取大小 8”:
//invalid read
printf("transitions points to: %p, address: %p\n",trie->transition,&trie->transition);
来自 char * fin 的相同消息:
//invalid read
printf("fin points to: %p, address: %p\n",trie->fin,&trie->fin);
getchar();
trie->transition = (int**)calloc(maxNode,sizeof(int*));
printf("trie->transition done.\n");
printf("transitions points to: %p, address: %p\n",trie->transition,&trie->transition);
if(trie->transition == NULL){
printf("null for trie->transition\n");
exit(0);
}
printf("Size of transition: %lu, size of int:%lu, pointer: %p\n\n",sizeof(trie->transition),sizeof(int),trie->transition);
for(int counter = 0; counter < maxNode; ++counter){
trie->transition[counter] = calloc(UCHAR_MAX,sizeof(int));
if(trie->transition[counter] == NULL){
printf("null for trie->transition[%d]\n",counter);
exit(0);
}
//printf("size of transition[%d]: %lu\n",counter,sizeof(trie->transition[counter]));
}
printf("\nFilling up trie->transition\n");
for(int counter = 0; counter < maxNode; ++counter){
for(int counter2 = 0; counter2 < UCHAR_MAX; ++counter2){
trie->transition[counter][counter2] = -1;
//printf("size of transition[%d][%d]: %lu, value: %d\n",counter,counter2,sizeof(trie->transition[counter]),trie->transition[counter][counter2]);
}
//getchar();
}
return (trie);
}
void free_all(Trie trie){
for(int counter = 0; counter < trie->maxNode; ++counter){
free(trie->transition[counter]);
}
free(trie->transition);
free(trie);
}
int main(int argc, char *argv[]){
Trie trie = createTrie(MAX_SIZE);
free_all(trie);
return (0);
}
Valgrind 输出:
==3079== Memcheck, a memory error detector
==3079== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==3079== Using Valgrind-3.12.0 and LibVEX; rerun with -h for copyright info
==3079== Command: ./debug_test
==3079==
size of trie: 8, size of the struct: 8, size of _trie: 24
maxNode = 20, size of maxNode: 4
size of nextNode : 4, size of transition: 8, size of fin: 8
==3079== Invalid read of size 8
==3079== at 0x1088AD: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
transitions points to: (nil), address: 0x5201048
==3079== Invalid read of size 8
==3079== at 0x1088D1: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201050 is 8 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
fin points to: (nil), address: 0x5201050
==3079== Invalid write of size 8
==3079== at 0x108907: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
trie->transition done.
==3079== Invalid read of size 8
==3079== at 0x108923: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
transitions points to: 0x5201910, address: 0x5201048
==3079== Invalid read of size 8
==3079== at 0x10893F: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x108962: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
Size of transition: 8, size of int:4, pointer: 0x5201910
==3079== Invalid read of size 8
==3079== at 0x108991: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x1089B9: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
Filling up trie->transition
==3079== Invalid read of size 8
==3079== at 0x108A20: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x108A84: free_all (in /projects/trie/debug_test)
==3079== by 0x108AF8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x108AB3: free_all (in /projects/trie/debug_test)
==3079== by 0x108AF8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079==
==3079== HEAP SUMMARY:
==3079== in use at exit: 0 bytes in 0 blocks
==3079== total heap usage: 24 allocs, 24 frees, 22,616 bytes allocated
==3079==
==3079== All heap blocks were freed -- no leaks are possible
==3079==
==3079== For counts of detected and suppressed errors, rerun with: -v
==3079== ERROR SUMMARY: 5167 errors from 11 contexts (suppressed: 0 from 0)
最佳答案
==3079== Invalid read of size 8
==3079== at 0x1088AD: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
这表示您的代码正在尝试从无效地址读取 8 字节值。
该地址位于通过 createTrie 中的 malloc 分配的 8 字节 block 之后。换句话说,这一行:
trie = (Trie) malloc(sizeof(Trie));
为什么它认为trie只指向8字节内存?因为您分配了 sizeof (Trie) 字节,并且 Trie 为
typedef struct _trie * Trie;
或者换句话说,当您打算为整个结构分配足够的内存时,您为指针分配了内存。
正是出于这个原因,强烈建议不要将指针隐藏在 typedef 后面。
建议修复:
typedef struct Trie Trie;
struct Trie {
int maxNode;
int nextNode;
int** transition;
char* fin;
};
Trie *createTrie(int maxNode) {
Trie *trie;
trie = malloc(sizeof *trie);
注释:
struct Trie 和(裸)Trie 使用相同的名称 (Trie),因为其他任何内容都会造成不必要的混淆。<*。malloc 的返回值,因为这将是另一个潜在的错误来源。sizeof *trie 来获取 trie 指向的类型中的正确字节数,无论 trie 是如何声明的.关于c - 为什么读取结构体指针字段无效?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46622614/
24
4
0
我刚接触 C 语言几周,所以对它还很陌生。 我见过这样的事情 * (variable-name) = -* (variable-name) 在讲义中,但它到底会做什么?它会否定所指向的值吗? 最佳答案
我有一个指向内存地址的void 指针。然后,我做 int 指针 = void 指针 float 指针 = void 指针 然后,取消引用它们以获取值。 { int x = 25; vo
我正在与计算机控制的泵进行一些串行端口通信,我用来通信的 createfile 函数需要将 com 端口名称解析为 wchar_t 指针。 我也在使用 QT 创建一个表单并获取 com 端口名称作为
#include "stdio.h" #include "malloc.h" int main() { char*x=(char*)malloc(1024); *(x+2)=3; --
#include #include main() { int an_int; void *void_pointer = &an_int; double *double_ptr = void
对于每个时间步长,我都有一个二维矩阵 a[ix][iz],ix 从 0 到 nx-1 和 iz 从 0 到 nz-1。 为了组装所有时间步长的矩阵,我定义了一个长度为 nx*nz*nt 的 3D 指针
我有一个函数,它接受一个指向 char ** 的指针并用字符串填充它(我猜是一个字符串数组)。 *list_of_strings* 在函数内部分配内存。 char * *list_of_strings
我试图了解当涉及到字符和字符串时,内存分配是如何工作的。 我知道声明的数组的名称就像指向数组第一个元素的指针,但该数组将驻留在内存的堆栈中。 另一方面,当我们想要使用内存堆时,我们使用 malloc,
我有一个 C 语言的 .DLL 文件。该 DLL 中所有函数所需的主要结构具有以下形式。 typedef struct { char *snsAccessID; char *
指针, C语言的精髓 莫队先咕几天, 容我先讲完树剖 (因为后面树上的东西好多都要用树剖求 LCA). 什么是指针 保存变量地址的变量叫做指针. 这是大概的定义, 但是Defad认为
我得到了以下数组: let arr = [ { children: [ { children: [], current: tru
#include int main(void) { int i; int *ptr = (int *) malloc(5 * sizeof(int)); for (i=0;
我正在编写一个程序,它接受一个三位数整数并将其分成两个整数。 224 将变为 220 和 4。 114 将变为 110 和 4。 基本上,您可以使用模数来完成。我写了我认为应该工作的东西,编译器一直说
好吧,我对 C++ 很陌生,我确定这个问题已经在某个地方得到了回答,而且也很简单,但我似乎找不到答案.... 我有一个自定义数组类,我将其用作练习来尝试了解其工作原理,其定义如下: 标题: class
1) this 指针与其他指针有何不同?据我了解,指针指向堆中的内存。如果有指向它们的指针,这是否意味着对象总是在堆中构造? 2)我们可以在 move 构造函数或 move 赋值中窃取this指针吗?
这个问题在这里已经有了答案: 关闭 11 年前。 Possible Duplicate: C : pointer to struct in the struct definition 在我的初学者类
我有两个指向指针的结构指针 typedef struct Square { ... ... }Square; Square **s1; //Representing 2D array of say,
变量在内存中是如何定位的?我有这个代码 int w=1; int x=1; int y=1; int z=1; int main(int argc, char** argv) { printf
#include #include main() { char *q[]={"black","white","red"}; printf("%s",*q+3); getch()
我在“C”类中有以下函数 class C { template void Func1(int x); template void Func2(int x); }; template void
我是一名优秀的程序员,十分优秀!