以下代码会导致分段错误。可执行文件名为“./struct”
#include <stdio.h>
#define VERSION_NUMBER_LEN 32
#define MAX_DESCRIPTION_COUNT 32
#define DESCRIPTION_LEN 128
int main(void)
{
struct foo {
char number[VERSION_NUMBER_LEN + 1];
char description[MAX_DESCRIPTION_COUNT][DESCRIPTION_LEN];
};
struct foo asdf = {
"1.1", { "clap", "clap", "stomp", NULL }
};
struct foo hjkl = {
"1.2", { "clop", "clop", "stamp", NULL }
};
int i;
printf( "%s\n", asdf.number );
for( i = 0; (asdf.description)[i] != NULL; i++ ){
printf( "\t%s\n", (asdf.description)[i]);
}
printf("\n");
printf( "%s\n", hjkl.number );
for( i = 0; (hjkl.description)[i] != NULL; i++ ){
printf( "\t%s\n", (hjkl.description)[i]);
}
}
输出如下:
1.1
clap
clap
stomp
��
N���~�����������ջ�����e���t�����������A���P���b���������������̽��㽊����,���V���g���y���������������̾�� ���k�����������Ͽ��迊�
迊�
ome/tiger
56
y
vZxy/ssh
ptop:/tmp/.ICE-unix/2710
usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:~/bin:~/vitetris-0.3.6:/var/lib/gems/1.8/bin/
baz
GNOME_KEYRING_PID=2692
t \w\n\$
XDG_DATA_DIRS=/usr/share/gnome:/usr/local/share/:/usr/share/
9a6bf0ef61ded7872065094fca55d1
se
Segmentation fault
我跑了valgrind:
$ valgrind -v --leak-check=full --track-origins=yes ./struct
<snip>
==15228== Conditional jump or move depends on uninitialised value(s)
==15228== at 0x402605B: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Uninitialised value was created by a stack allocation
==15228== at 0x4060B01: (below main) (libc-start.c:96)
==15228==
==15228== Conditional jump or move depends on uninitialised value(s)
==15228== at 0x4026067: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Uninitialised value was created by a stack allocation
==15228== at 0x4060B01: (below main) (libc-start.c:96)
==15228==
==15228== Invalid read of size 1
==15228== at 0x4026058: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Address 0xbec1007c is not stack'd, malloc'd or (recently) free'd
==15228==
==15228==
==15228== Process terminating with default action of signal 11 (SIGSEGV)
==15228== Access not within mapped region at address 0xBEC1007C
==15228== at 0x4026058: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== If you believe this happened as a result of a stack
==15228== overflow in your program's main thread (unlikely but
==15228== possible), you can try to increase the size of the
==15228== main thread stack using the --main-stacksize= flag.
==15228== The main thread stack size used in this run was 8388608.
==15228== Syscall param write(buf) points to uninitialised byte(s)
==15228== at 0x4107DC3: __write_nocancel (syscall-template.S:82)
==15228== by 0x40B0A1E: new_do_write (fileops.c:530)
==15228== by 0x40B0D35: _IO_do_write@@GLIBC_2.1 (fileops.c:503)
==15228== by 0x40B181C: _IO_file_overflow@@GLIBC_2.1 (fileops.c:881)
==15228== by 0x40B2DED: _IO_flush_all_lockp (genops.c:849)
==15228== by 0x40B3A4F: _IO_cleanup (genops.c:1010)
==15228== by 0x41670F0: ??? (in /lib/tls/i686/cmov/libc-2.11.1.so)
==15228== by 0x401F4F3: _vgnU_freeres (vg_preloaded.c:62)
==15228== by 0xBEC0D5F7: ???
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Address 0x402a054 is not stack'd, malloc'd or (recently) free'd
==15228== Uninitialised value was created by a stack allocation
==15228== at 0x4060B01: (below main) (libc-start.c:96)
<snip>
==15228== HEAP SUMMARY:
==15228== in use at exit: 0 bytes in 0 blocks
==15228== total heap usage: 0 allocs, 0 frees, 0 bytes allocated
==15228==
==15228== All heap blocks were freed -- no leaks are possible
==15228==
==15228== ERROR SUMMARY: 7 errors from 4 contexts (suppressed: 12 from 7)
==15228==
==15228== 1 errors in context 1 of 4:
==15228== Syscall param write(buf) points to uninitialised byte(s)
==15228== at 0x4107DC3: __write_nocancel (syscall-template.S:82)
==15228== by 0x40B0A1E: new_do_write (fileops.c:530)
==15228== by 0x40B0D35: _IO_do_write@@GLIBC_2.1 (fileops.c:503)
==15228== by 0x40B181C: _IO_file_overflow@@GLIBC_2.1 (fileops.c:881)
==15228== by 0x40B2DED: _IO_flush_all_lockp (genops.c:849)
==15228== by 0x40B3A4F: _IO_cleanup (genops.c:1010)
==15228== by 0x41670F0: ??? (in /lib/tls/i686/cmov/libc-2.11.1.so)
==15228== by 0x401F4F3: _vgnU_freeres (vg_preloaded.c:62)
==15228== by 0xBEC0D5F7: ???
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Address 0x402a054 is not stack'd, malloc'd or (recently) free'd
==15228== Uninitialised value was created by a stack allocation
==15228== at 0x4060B01: (below main) (libc-start.c:96)
==15228==
==15228==
==15228== 1 errors in context 2 of 4:
==15228== Invalid read of size 1
==15228== at 0x4026058: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Address 0xbec1007c is not stack'd, malloc'd or (recently) free'd
==15228==
==15228==
==15228== 1 errors in context 3 of 4:
==15228== Conditional jump or move depends on uninitialised value(s)
==15228== at 0x402605B: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Uninitialised value was created by a stack allocation
==15228== at 0x4060B01: (below main) (libc-start.c:96)
==15228==
==15228==
==15228== 4 errors in context 4 of 4:
==15228== Conditional jump or move depends on uninitialised value(s)
==15228== at 0x4026067: __GI_strlen (mc_replace_strmem.c:284)
==15228== by 0x408A79E: vfprintf (vfprintf.c:1617)
==15228== by 0x40912BF: printf (printf.c:35)
==15228== by 0x8048910: main (in /home/tiger/dev/development/c/play/struct)
==15228== Uninitialised value was created by a stack allocation
==15228== at 0x4060B01: (below main) (libc-start.c:96)
==15228==
--15228--
--15228-- used_suppression: 12 dl-hack3-cond-1
==15228==
==15228== ERROR SUMMARY: 7 errors from 4 contexts (suppressed: 12 from 7)
好的...所以我有几个内存位置,valgrind显示为未初始化,但我不知道如何...内部的结构和字符串是静态定义的,并且结构的每个实例都是显式声明的
我认为当访问第二个结构(hjkl)中的一个元素时会发生分段错误。
跑gdb ......
(gdb) p asdf
$1 = {number = "1.1", '\000' <repeats 29 times>, description = {"clap", '\000' <repeats 123 times>, "clap", '\000' <repeats 123 times>,
"stomp", '\000' <repeats 122 times>, '\000' <repeats 127 times> <repeats 29 times>}}
(gdb) p hjkl
$2 = {number = "1.2", '\000' <repeats 29 times>, description = {"clop", '\000' <repeats 123 times>, "clop", '\000' <repeats 123 times>,
"stamp", '\000' <repeats 122 times>, '\000' <repeats 127 times> <repeats 29 times>}}
我只是没有看到导致分段错误的原因......
答案 0 :(得分:4)
您的测试(asdf.description)[i] != NULL
已被破坏,永远不会成真。这是修复:
#include <stdio.h>
#define VERSION_NUMBER_LEN 32
#define MAX_DESCRIPTION_COUNT 32
#define DESCRIPTION_LEN 128
int main(void)
{
struct foo {
char number[VERSION_NUMBER_LEN + 1];
char description[MAX_DESCRIPTION_COUNT][DESCRIPTION_LEN];
};
struct foo asdf = {
"1.1", { "clap", "clap", "stomp", "" }
};
struct foo hjkl = {
"1.2", { "clop", "clop", "stamp", "" }
};
int i;
printf( "%s\n", asdf.number );
for( i = 0; (asdf.description)[i][0] != 0; i++ ){
printf( "\t%s\n", (asdf.description)[i]);
}
printf("\n");
printf( "%s\n", hjkl.number );
for( i = 0; (hjkl.description)[i][0] != 0; i++ ){
printf( "\t%s\n", (hjkl.description)[i]);
}
}
答案 1 :(得分:4)
问题不在于你的初始化字符串本身,而在于字符数组与字符指针的混淆。
特别是,这不符合你的想法:
struct foo asdf = {
"1.1", { "clap", "clap", "stomp", NULL }
};
您正在使用字符串clap,clap和stomp OK初始化foo::description[][]
,但之后您将第二个字符串的第一个字符分配给{{ 1}}。如果您指定指针,这将有效,但您尝试将NULL
转换为字符数组,而不是将指向字符的指针设置为NULL
,如果这有意义的话。 / p>
您正在检查指针是否为NULL,因为数组是预先声明的,所以它永远不会出现。
简单地改变
NULL
到
for( i = 0; (hjkl.description)[i] != NULL; i++ ){
也就是说,检查数组中每个字符串的第一个索引中的for( i = 0; *(hjkl.description)[i] != NULL; i++ ){
字符,而不是尝试检查字符指针的(不可能)条件本身就是NULL
。
最终完成的代码:
NULL
如果结构如下所示,您的代码将工作:
#include <stdio.h>
#define VERSION_NUMBER_LEN 32
#define MAX_DESCRIPTION_COUNT 32
#define DESCRIPTION_LEN 128
int main(void)
{
struct foo {
char number[VERSION_NUMBER_LEN + 1];
char description[MAX_DESCRIPTION_COUNT][DESCRIPTION_LEN];
};
struct foo asdf = {
"1.1", { "clap", "clap", "stomp", NULL }
};
struct foo hjkl = {
"1.2", { "clop", "clop", "stamp", NULL }
};
int i;
printf( "%s\n", asdf.number );
for( i = 0; *(asdf.description)[i] != NULL; i++ ){
printf( "\t%s\n", (asdf.description)[i]);
}
printf("\n");
printf( "%s\n", hjkl.number );
for( i = 0; *(hjkl.description)[i] != NULL; i++ ){
printf( "\t%s\n", (hjkl.description)[i]);
}
}
基本上,我(从我所看到的)没有真正需要对实际描述字符数组本身进行硬编码,只需要编写它们的数量。你的其余代码就可以了。
另外,如果您在编译期间查看警告(假设struct foo {
char number[VERSION_NUMBER_LEN + 1];
char *description[MAX_DESCRIPTION_COUNT];
};
被定义为NULL
,就像在大多数现代C编译器上一样),您将收到以下警告:
((void *)0)
答案 2 :(得分:3)
虽然宏NULL
意图(至少是由那些首先定义它的人)专门用作指针值,但它通常是#define
d一个简单的:
#define NULL 0
这可能适用于您的实施(这里不重要,除了插图;它可以定义为(void *)0
而不更改下面的结果 - 但这会导致编译时抱怨您的初始化)。让我们首先考虑以上内容扩展第一个for
循环:
for (i = 0; (asdf.description)[i] != 0; i++) {
printf( "\t%s\n", (asdf.description)[i]);
}
(旁注:这里的括号不是必需的,因为.
和下标运算符的绑定已经是括号强制的绑定。)每个asdf.description[i]
命名一个完整的数组(大小为{ {1}} {1}}。因此,您正在比较:
DESCRIPTION_LEN
数组对象的“值”是指向数组第一个元素的指针,因此其含义与:
char
指针值(<some array of char> != 0
)与整数常量零的比较测试指针是否为NULL(不是“宏&asdf.description[i][0] != 0
而是”系统的NULL指针的内部表示“)。有效指针的地址永远不会比较等于0,所以循环运行(实际上)“永远”(当然直到i> = 32)。
最后,对&asdf.description[i][0]
的调用会传递一个指针值,导致您看到的细分错误。
据推测,你真正要做的是在最后一个有全零字节NULL
s(或至少是一个初始零字节)的有效数据之后初始化数组。在这种情况下,循环测试应为:
printf
您可能还会考虑32元素数组(char
的数组asdf.description[i][0] != '\0'
)完全填充有效的char-char数组的可能性。在这种情况下,您应该在查看DESCRIPTION_LEN
之前检查char
的值:
i