在Valgrind中运行程序时,它表示在结构的转换指针处存在"大小为8的无效读取"。跟胼胝体有关?如果按原样读取,则为(零)。
有一个结构(称为trie),它的使用如下:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <limits.h>
const int MAX_SIZE = 20;
struct _trie {
int maxNode;
int nextNode;
int** transition;
char* fin;
};
typedef struct _trie * Trie;
Trie createTrie (int maxNode){
Trie trie;
trie = (Trie) malloc(sizeof(Trie));
printf("size of trie: %lu, size of the struct: %lu, size of _trie: %lun",sizeof(trie),sizeof(Trie), sizeof(struct _trie));
trie->maxNode = maxNode;
printf("maxNode = %d, size of maxNode: %lun",trie->maxNode,sizeof(trie->maxNode));
printf("size of nextNode : %lu, size of transition: %lu, size of fin: %lun",
sizeof(trie->nextNode),sizeof(trie->transition),sizeof(trie->fin));
这里,当valgrid尝试读取时,它会显示"大小为8的无效读取":
//invalid read
printf("transitions points to: %p, address: %pn",trie->transition,&trie->transition);
来自char*fin:的相同消息
//invalid read
printf("fin points to: %p, address: %pn",trie->fin,&trie->fin);
getchar();
trie->transition = (int**)calloc(maxNode,sizeof(int*));
printf("trie->transition done.n");
printf("transitions points to: %p, address: %pn",trie->transition,&trie->transition);
if(trie->transition == NULL){
printf("null for trie->transitionn");
exit(0);
}
printf("Size of transition: %lu, size of int:%lu, pointer: %pnn",sizeof(trie->transition),sizeof(int),trie->transition);
for(int counter = 0; counter < maxNode; ++counter){
trie->transition[counter] = calloc(UCHAR_MAX,sizeof(int));
if(trie->transition[counter] == NULL){
printf("null for trie->transition[%d]n",counter);
exit(0);
}
//printf("size of transition[%d]: %lun",counter,sizeof(trie->transition[counter]));
}
printf("nFilling up trie->transitionn");
for(int counter = 0; counter < maxNode; ++counter){
for(int counter2 = 0; counter2 < UCHAR_MAX; ++counter2){
trie->transition[counter][counter2] = -1;
//printf("size of transition[%d][%d]: %lu, value: %dn",counter,counter2,sizeof(trie->transition[counter]),trie->transition[counter][counter2]);
}
//getchar();
}
return (trie);
}
void free_all(Trie trie){
for(int counter = 0; counter < trie->maxNode; ++counter){
free(trie->transition[counter]);
}
free(trie->transition);
free(trie);
}
int main(int argc, char *argv[]){
Trie trie = createTrie(MAX_SIZE);
free_all(trie);
return (0);
}
Valgrind输出:
==3079== Memcheck, a memory error detector
==3079== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==3079== Using Valgrind-3.12.0 and LibVEX; rerun with -h for copyright info
==3079== Command: ./debug_test
==3079==
size of trie: 8, size of the struct: 8, size of _trie: 24
maxNode = 20, size of maxNode: 4
size of nextNode : 4, size of transition: 8, size of fin: 8
==3079== Invalid read of size 8
==3079== at 0x1088AD: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
transitions points to: (nil), address: 0x5201048
==3079== Invalid read of size 8
==3079== at 0x1088D1: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201050 is 8 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
fin points to: (nil), address: 0x5201050
==3079== Invalid write of size 8
==3079== at 0x108907: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
trie->transition done.
==3079== Invalid read of size 8
==3079== at 0x108923: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
transitions points to: 0x5201910, address: 0x5201048
==3079== Invalid read of size 8
==3079== at 0x10893F: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x108962: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
Size of transition: 8, size of int:4, pointer: 0x5201910
==3079== Invalid read of size 8
==3079== at 0x108991: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x1089B9: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
Filling up trie->transition
==3079== Invalid read of size 8
==3079== at 0x108A20: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x108A84: free_all (in /projects/trie/debug_test)
==3079== by 0x108AF8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079== Invalid read of size 8
==3079== at 0x108AB3: free_all (in /projects/trie/debug_test)
==3079== by 0x108AF8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079==
==3079==
==3079== HEAP SUMMARY:
==3079== in use at exit: 0 bytes in 0 blocks
==3079== total heap usage: 24 allocs, 24 frees, 22,616 bytes allocated
==3079==
==3079== All heap blocks were freed -- no leaks are possible
==3079==
==3079== For counts of detected and suppressed errors, rerun with: -v
==3079== ERROR SUMMARY: 5167 errors from 11 contexts (suppressed: 0 from 0)
==3079== Invalid read of size 8
==3079== at 0x1088AD: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
==3079== Address 0x5201048 is 0 bytes after a block of size 8 alloc'd
==3079== at 0x4C2DB2F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==3079== by 0x108835: createTrie (in /projects/trie/debug_test)
==3079== by 0x108AE8: main (in /projects/trie/debug_test)
这表示您的代码正试图从无效地址读取一个8字节的值。
该地址刚好在通过CCD_ 2中的CCD_ 1分配的8字节块之后。换句话说,这一行:
trie = (Trie) malloc(sizeof(Trie));
为什么它认为trie只指向8字节的内存?因为您分配了sizeof (Trie)字节,而Trie是
typedef struct _trie * Trie;
换句话说,当您打算为整个结构分配足够的内存时,您为指针分配了内存。
强烈建议不要将指针隐藏在typedef后面,正是因为这个原因。
建议修复:
typedef struct Trie Trie;
struct Trie {
int maxNode;
int nextNode;
int** transition;
char* fin;
};
Trie *createTrie(int maxNode) {
Trie *trie;
trie = malloc(sizeof *trie);
注:
- 我们对
struct Trie和(裸)Trie都使用相同的名称(Trie),因为其他任何东西都会不必要地混淆 - 所有指针都明显地声明为指针,使用
* - 我们不强制转换
malloc0的返回值,因为这将是另一个潜在的错误来源 - 我们使用
sizeof *trie来获得trie所指向的类型中的正确字节数,无论trie是如何声明的