Valgrind - 在用 C 实现的 "readline" 函数中读取大小 1 无效
Valgrind - Invalid read of size 1 in a "readline" function implemented in C
我有以下代码,基本上我在 C 中实现了我自己的 read-line 函数,用于在内存分配等方面锻炼我。在我提出问题之前,但实际上没有人帮助尝试更正我的代码最终除了建议使用 valgrind 之外。由于我以前从未使用过它,所以我很难理解所有内容。
我的代码如下:
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
/**
Gets and a variable-size line from the standard input.
*/
char* readline(){
size_t n = 10;
char* final = calloc(n, sizeof(char));
final[0] = '[=11=]';
char* tmp; // used for allocating memory temporarily
// constant buffer size used to store the read characters
// before storing them in the final buffer
char buf[10];
while(fgets(buf, 10, stdin) != NULL) {
if(buf[strlen(buf) - 1] == '\n') {
if(strlen(buf) > 1) {
if((n - strlen(final)) < (strlen(buf) + 1)) {
// -1 because buf contains also \n at the end
n = strlen(final) + strlen(buf);
tmp = calloc(n, sizeof(char));
for(int i=0; i <= strlen(final); ++i)
tmp[i] = final[i];
free(final);
} else {
tmp = final;
}
int i, j;
for(i = strlen(final), j = 0; j <= (strlen(buf) - 2); ++i, ++j)
tmp[i] = buf[j];
tmp[i] = '[=11=]';
final = tmp;
tmp = NULL;
}
break;
} else { // no newline inserted at the end
if((n - strlen(final)) < (strlen(buf) + 1)) {
n *= 2;
tmp = calloc(n, sizeof(char));
for(int i = 0; i <= strlen(final); ++i)
tmp[i] = final[i];
free(final);
} else {
tmp = final;
}
// Starts inserting from the '[=11=]' char
// Insert also the '[=11=]' at the end
for(int i = strlen(tmp), j = 0; j <= 9; ++i, ++j)
tmp[i] = buf[j];
final = tmp;
tmp = NULL;
}
}
return final;
}
int main(int argc, char *argv[]){
if(argc < 2){
fprintf(stderr, "usage: at least one string as command-line argument.\n");
exit(1);
} else {
char* line = readline();
printf("line = %s\n", line);
printf("size = %lu\n", strlen(line));
free(line);
}
return 0;
}
当我使用命令 运行 valgrind 时:
valgrind ./findword hello
我得到以下输出
==14084== Memcheck, a memory error detector
==14084== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==14084== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==14084== Command: ./findword hello
==14084==
hello world, how are you?
==14084== Invalid read of size 1
==14084== at 0x10000A669: strlen (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C19: readline (findword.c:46)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Address 0x100a78740 is 0 bytes inside a block of size 20 free'd
==14084== at 0x10000927F: free (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C03: readline (findword.c:40)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Block was alloc'd at
==14084== at 0x100009541: calloc (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000D0F: readline (findword.c:61)
==14084== by 0x100000E6C: main (findword.c:93)
==14084==
==14084== Invalid read of size 1
==14084== at 0x10000A672: strlen (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C19: readline (findword.c:46)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Address 0x100a78742 is 2 bytes inside a block of size 20 free'd
==14084== at 0x10000927F: free (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C03: readline (findword.c:40)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Block was alloc'd at
==14084== at 0x100009541: calloc (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000D0F: readline (findword.c:61)
==14084== by 0x100000E6C: main (findword.c:93)
==14084==
line = hello world, how are you?
size = 25
==14084==
==14084== HEAP SUMMARY:
==14084== in use at exit: 30,666 bytes in 189 blocks
==14084== total heap usage: 276 allocs, 87 frees, 36,962 bytes allocated
==14084==
==14084== LEAK SUMMARY:
==14084== definitely lost: 0 bytes in 0 blocks
==14084== indirectly lost: 0 bytes in 0 blocks
==14084== possibly lost: 2,064 bytes in 1 blocks
==14084== still reachable: 4,096 bytes in 1 blocks
==14084== suppressed: 24,506 bytes in 187 blocks
==14084== Rerun with --leak-check=full to see details of leaked memory
==14084==
==14084== For counts of detected and suppressed errors, rerun with: -v
==14084== ERROR SUMMARY: 19 errors from 2 contexts (suppressed: 0 from 0)
显然,我有很多错误,但我没能找到它们。例如,valgrind 声称 Invalid read of size 1,但我看不到任何地方我在内存中读取错误的位置,这会产生未定义的行为。
编辑
我用
重新编译了我的代码
gcc -g -o findword findword.c
我已经替换了上面的新 valgrind 输出。
好吧,首先:你调用了一个新的缓冲区:
tmp = calloc(n, sizeof(char));
并复制内容:
for(int i=0; i <= strlen(final); ++i)
tmp[i] = final[i];
并释放 final:
free(final);
但是您没有分配新指针 final,因此现在 final 指向已释放的内存,但稍后您会在上面 strlen()。
也不要一直调用strlen(),很慢。尤其是在循环条件下。使用 strcpy 或 strncpy 将字符串复制到新数组而不是循环。使用 realloc 来调整内存区域的大小而不是 callocing。 .
我有以下代码,基本上我在 C 中实现了我自己的 read-line 函数,用于在内存分配等方面锻炼我。在我提出问题之前,但实际上没有人帮助尝试更正我的代码最终除了建议使用 valgrind 之外。由于我以前从未使用过它,所以我很难理解所有内容。
我的代码如下:
#include<stdio.h>
#include<stdlib.h>
#include<string.h>
/**
Gets and a variable-size line from the standard input.
*/
char* readline(){
size_t n = 10;
char* final = calloc(n, sizeof(char));
final[0] = '[=11=]';
char* tmp; // used for allocating memory temporarily
// constant buffer size used to store the read characters
// before storing them in the final buffer
char buf[10];
while(fgets(buf, 10, stdin) != NULL) {
if(buf[strlen(buf) - 1] == '\n') {
if(strlen(buf) > 1) {
if((n - strlen(final)) < (strlen(buf) + 1)) {
// -1 because buf contains also \n at the end
n = strlen(final) + strlen(buf);
tmp = calloc(n, sizeof(char));
for(int i=0; i <= strlen(final); ++i)
tmp[i] = final[i];
free(final);
} else {
tmp = final;
}
int i, j;
for(i = strlen(final), j = 0; j <= (strlen(buf) - 2); ++i, ++j)
tmp[i] = buf[j];
tmp[i] = '[=11=]';
final = tmp;
tmp = NULL;
}
break;
} else { // no newline inserted at the end
if((n - strlen(final)) < (strlen(buf) + 1)) {
n *= 2;
tmp = calloc(n, sizeof(char));
for(int i = 0; i <= strlen(final); ++i)
tmp[i] = final[i];
free(final);
} else {
tmp = final;
}
// Starts inserting from the '[=11=]' char
// Insert also the '[=11=]' at the end
for(int i = strlen(tmp), j = 0; j <= 9; ++i, ++j)
tmp[i] = buf[j];
final = tmp;
tmp = NULL;
}
}
return final;
}
int main(int argc, char *argv[]){
if(argc < 2){
fprintf(stderr, "usage: at least one string as command-line argument.\n");
exit(1);
} else {
char* line = readline();
printf("line = %s\n", line);
printf("size = %lu\n", strlen(line));
free(line);
}
return 0;
}
当我使用命令 运行 valgrind 时:
valgrind ./findword hello
我得到以下输出
==14084== Memcheck, a memory error detector
==14084== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==14084== Using Valgrind-3.12.0.SVN and LibVEX; rerun with -h for copyright info
==14084== Command: ./findword hello
==14084==
hello world, how are you?
==14084== Invalid read of size 1
==14084== at 0x10000A669: strlen (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C19: readline (findword.c:46)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Address 0x100a78740 is 0 bytes inside a block of size 20 free'd
==14084== at 0x10000927F: free (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C03: readline (findword.c:40)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Block was alloc'd at
==14084== at 0x100009541: calloc (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000D0F: readline (findword.c:61)
==14084== by 0x100000E6C: main (findword.c:93)
==14084==
==14084== Invalid read of size 1
==14084== at 0x10000A672: strlen (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C19: readline (findword.c:46)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Address 0x100a78742 is 2 bytes inside a block of size 20 free'd
==14084== at 0x10000927F: free (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000C03: readline (findword.c:40)
==14084== by 0x100000E6C: main (findword.c:93)
==14084== Block was alloc'd at
==14084== at 0x100009541: calloc (in /usr/local/Cellar/valgrind/HEAD/lib/valgrind/vgpreload_memcheck-amd64-darwin.so)
==14084== by 0x100000D0F: readline (findword.c:61)
==14084== by 0x100000E6C: main (findword.c:93)
==14084==
line = hello world, how are you?
size = 25
==14084==
==14084== HEAP SUMMARY:
==14084== in use at exit: 30,666 bytes in 189 blocks
==14084== total heap usage: 276 allocs, 87 frees, 36,962 bytes allocated
==14084==
==14084== LEAK SUMMARY:
==14084== definitely lost: 0 bytes in 0 blocks
==14084== indirectly lost: 0 bytes in 0 blocks
==14084== possibly lost: 2,064 bytes in 1 blocks
==14084== still reachable: 4,096 bytes in 1 blocks
==14084== suppressed: 24,506 bytes in 187 blocks
==14084== Rerun with --leak-check=full to see details of leaked memory
==14084==
==14084== For counts of detected and suppressed errors, rerun with: -v
==14084== ERROR SUMMARY: 19 errors from 2 contexts (suppressed: 0 from 0)
显然,我有很多错误,但我没能找到它们。例如,valgrind 声称 Invalid read of size 1,但我看不到任何地方我在内存中读取错误的位置,这会产生未定义的行为。
编辑
我用
重新编译了我的代码 gcc -g -o findword findword.c
我已经替换了上面的新 valgrind 输出。
好吧,首先:你调用了一个新的缓冲区:
tmp = calloc(n, sizeof(char));
并复制内容:
for(int i=0; i <= strlen(final); ++i)
tmp[i] = final[i];
并释放 final:
free(final);
但是您没有分配新指针 final,因此现在 final 指向已释放的内存,但稍后您会在上面 strlen()。
也不要一直调用strlen(),很慢。尤其是在循环条件下。使用 strcpy 或 strncpy 将字符串复制到新数组而不是循环。使用 realloc 来调整内存区域的大小而不是 callocing。