C語言擴展動態內存報錯:realloc(): invalid next size: 0x0000000002365010 ***
阿新 • • 發佈:2019-04-01
har tac gcc main put ascend 那一刻 heap invalid
晚上被這個內存擴展崩潰的問題折騰的有點崩潰,當答案揭曉的那一刻,恍然大悟,原來如此簡單。
練習題目:輸入一個字符串,根據字母進行排序,說白了就是一個簡單的冒泡
#include <stdio.h> #include <stdlib.h> #include <stdbool.h> #include <string.h> #define BUF_LEN 100 #define COUNT 5 int main(void) { char buf[BUF_LEN]; size_t str_count= 0; size_t capacity = COUNT; char **pS = calloc(capacity, sizeof(char*)); char **psTemp = NULL; char *pTemp = NULL; size_t str_len = 0; bool sorted = false; printf("Enter strings to be sorted, one per line. Press Enter to end:\n");char *ptr = NULL; while(true) { ptr = fgets(buf, BUF_LEN, stdin); if(!ptr) { printf("Error reading string.\n"); free(pS); pS = NULL;return 1; } if(*ptr == ‘\n‘) break; if(str_count == capacity) { capacity += capacity/4; if(!(psTemp = realloc(pS, capacity))) return 1; pS = psTemp; } str_len = strlen(buf) + 1; if(!(pS[str_count] = malloc(str_len))) return 2; strcpy(pS[str_count++], buf); } while(!sorted) { sorted = true; size_t i = 0; for(; i < str_count - 1; i++) { if(strcmp(pS[i], pS[i+1]) > 0) { sorted = false; pTemp = pS[i]; pS[i] = pS[i+1]; pS[i + 1] = pTemp; } } } printf("Your input sorted in ascending sequence is:\n\n"); size_t i = 0; for(; i < str_count; i++) { printf("%s", pS[i]); free(pS[i]); pS[i] = NULL; } free(pS); pS = NULL; return 0; }
上面標黃處,首先是通過calloc進行內存分配,初始是capacity的長度是5,接著判斷當輸入的字符串個數等於5了,那麽就動態的擴展內存,繼續按25%的速度增長。就是在擴展這裏,一直報錯:
*** Error in `./program714.out‘: realloc(): invalid next size: 0x0000000002365010 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7f5d4)[0x7f476bff35d4] /lib64/libc.so.6(+0x83bd8)[0x7f476bff7bd8] /lib64/libc.so.6(realloc+0x1d2)[0x7f476bff9832] ./program714.out[0x4008ea] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7f476bf963d5] ./program714.out[0x400729] ======= Memory map: ======== 00400000-00401000 r-xp 00000000 fd:01 1321539 /home/wlf/practice/program714.out 00600000-00601000 r--p 00000000 fd:01 1321539 /home/wlf/practice/program714.out 00601000-00602000 rw-p 00001000 fd:01 1321539 /home/wlf/practice/program714.out 02365000-02386000 rw-p 00000000 00:00 0 [heap] 7f4764000000-7f4764021000 rw-p 00000000 00:00 0 7f4764021000-7f4768000000 ---p 00000000 00:00 0 7f476bd5e000-7f476bd73000 r-xp 00000000 fd:01 655380 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 7f476bd73000-7f476bf72000 ---p 00015000 fd:01 655380 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 7f476bf72000-7f476bf73000 r--p 00014000 fd:01 655380 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 7f476bf73000-7f476bf74000 rw-p 00015000 fd:01 655380 /usr/lib64/libgcc_s-4.8.5-20150702.so.1 7f476bf74000-7f476c136000 r-xp 00000000 fd:01 658657 /usr/lib64/libc-2.17.so 7f476c136000-7f476c336000 ---p 001c2000 fd:01 658657 /usr/lib64/libc-2.17.so 7f476c336000-7f476c33a000 r--p 001c2000 fd:01 658657 /usr/lib64/libc-2.17.so 7f476c33a000-7f476c33c000 rw-p 001c6000 fd:01 658657 /usr/lib64/libc-2.17.so 7f476c33c000-7f476c341000 rw-p 00000000 00:00 0 7f476c341000-7f476c363000 r-xp 00000000 fd:01 658372 /usr/lib64/ld-2.17.so 7f476c557000-7f476c55a000 rw-p 00000000 00:00 0 7f476c55e000-7f476c562000 rw-p 00000000 00:00 0 7f476c562000-7f476c563000 r--p 00021000 fd:01 658372 /usr/lib64/ld-2.17.so 7f476c563000-7f476c564000 rw-p 00022000 fd:01 658372 /usr/lib64/ld-2.17.so 7f476c564000-7f476c565000 rw-p 00000000 00:00 0 7ffde3137000-7ffde3158000 rw-p 00000000 00:00 0 [stack] 7ffde31c5000-7ffde31c7000 r-xp 00000000 00:00 0 [vdso] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] Aborted
代碼看來看去發現沒毛病,唯一能懷疑的地方就是內存擴展的那一行,經過幾番折騰,發現只要一到需要增長調用realloc就報錯,最後回去看calloc,只能一拍大腿罵娘了,字節計算的類型不對啊,一個是按char*(相當於二維數組pS[][]中的子數組pS[])來計算字節,一個是按字符(char)來計算字節,得到的內存大小必然不同啊。把realloc的第二個參數加上這個就解決了:
if(!(psTemp = realloc(pS, capacity*sizeof(char*))))
編碼需謹慎,差之毫厘,謬之千裏,一點小小的bug都能讓程序崩潰。
C語言擴展動態內存報錯:realloc(): invalid next size: 0x0000000002365010 ***