不可能发生了!这是什么意思?

时间:2013-09-28 00:36:33

标签: c gcc segmentation-fault valgrind fatal-error

我遇到了一个有趣的运行时错误。我认为这是某种内存泄漏。我写了以下程序:

C代码: 

#include <gmp.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#define  PRECISION 4096
#define  DECIMAL_POINT 1
#define  NULL_TERMINATOR 1

void     gatherSquares(const uint32_t limit, uint32_t ** const arr, uint32_t * const count);
uint32_t inList(const uint32_t n, const uint32_t * const arr, const uint32_t count);
void     print_help(const char * const str);

int main(int argc, char* argv[]) {
  uint32_t limit  = 100; /* default */
  uint32_t digits = 100; /* default */
  uint32_t i,j,sum,bufLen,charCount,sqCount=10;
  uint32_t *squares;
  char     *buffer;
  mpf_t    irrational;

  if(argc > 1 && !strcmp(argv[1],"--help"))
    return print_help(argv[0]), EXIT_SUCCESS;
  if(argc > 1)    sscanf(argv[1],"%u",&limit );
  if(argc > 2)    sscanf(argv[2],"%u",&digits);

  mpf_set_default_prec(PRECISION);
  mpf_init(irrational);

  charCount = digits + DECIMAL_POINT;
  bufLen    = charCount + NULL_TERMINATOR;

  gatherSquares(limit,&squares,&sqCount);
  buffer  = malloc(bufLen * sizeof *buffer);

  for(i=sum=0; i<=limit; ++i) {
    if(inList(i,squares,sqCount))
      continue;
    mpf_sqrt_ui(irrational,i);
    gmp_snprintf(buffer,bufLen,"%.*Ff",charCount,irrational);
    for(j=0; j<digits+DECIMAL_POINT; ++j)
      if(buffer[j]!='.')
        sum += buffer[j]-'0';
  }
  printf("%u\n",sum);
  return EXIT_SUCCESS;
}

void gatherSquares(const uint32_t limit, uint32_t ** const arr, uint32_t * const count) {
  uint32_t i,sq,size;
  size=10;
  *arr   = malloc(size * sizeof **arr);
  for(i=0; (sq=i*i)<=limit; ++i) {
    if(*count > size)
      *arr = realloc(*arr, (size*=2) * sizeof **arr);
    (*arr)[i] = sq;
  }
  *arr = realloc(*arr, i * sizeof **arr);
  *count = i;
}

uint32_t inList(const uint32_t n, const uint32_t * const arr, const uint32_t count) {
  uint32_t hi,mid,low;
  hi  = count; /* exclusive upper bound */
  low = 0;     /* inclusive lower bound */
  while(low < hi) {
    mid = low/2 + hi/2;
    if(arr[mid]==n)
      return 1;
    if(arr[mid] >n)
      hi  = mid;
    else
      low = mid + 1;
  }
  return 0;
}

void print_help(const char * const str) {
  printf("  Usage: %s <limit> <digits>\n",str);
  printf("  Calculates the digital sum of the first <digits> digits \n");
  printf("  of each irrational square root <= <limit>\n");
  printf("  * limit    : a decimal number\n");
  printf("             : default = 100\n");
  printf("  * digits   : a decimal number\n");
  printf("             : default = 100\n");
}

我使用默认设置./a.out运行程序,一切都正常运行。然后我决定尝试使用更高的搜索空间./a.out 1000来运行程序。这产生了以下输出:

user@comp:~/Current/Working/Directory ./a.out 1000 
a.out: malloc.c:2369: sysmalloc: Assertion `(old_top == (((mbinptr) (((char *)
&((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk,fd)))) &&
old_size == 0) || ((unsigned long) (old_size) >= 
(unsigned long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+
((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) - 1))) && 
((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) == 0)' failed.
Aborted (core dumped)

我认为必须有一些内存泄漏,所以我启动valgrind来帮助找到问题。我对输出感到沮丧:

user@comp:~/Current/Working/Directory valgrind ./a.out 1000 
==4032== Memcheck, a memory error detector
==4032== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==4032== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==4032== Command: ./ans-0080 1000
==4032== 
==4032== Invalid write of size 4
==4032==    at 0x8048920: gatherSquares (prog.c:59)
==4032==    by 0x80486C4: main (prog.c:36)
==4032==  Address 0x427b288 is 0 bytes after a block of size 40 alloc'd
==4032==    at 0x402C418: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==4032==    by 0x804890F: gatherSquares (prog.c:55)
==4032==    by 0x80486C4: main (prog.c:36)
==4032== 
--4032-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--4032-- si_code=1;  Faulting address: 0x66656220;  sp: 0x625b8a80

valgrind: the 'impossible' happened:
   Killed by fatal signal
==4032==    at 0x380DA208: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==4032==    by 0x380DAAB1: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==4032==    by 0x38054133: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==4032==    by 0x38054206: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==4032==    by 0x38052115: ??? (in /usr/lib/valgrind/memcheck-x86-linux)
==4032==    by 0x20657360: ???

sched status:
  running_tid=1

Thread 1: status = VgTs_Runnable
==4032==    at 0x402C63E: realloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==4032==    by 0x8048979: gatherSquares (prog.c:61)
==4032==    by 0x80486C4: main (prog.c:36)

注意第valgrind: the 'impossible' happened:行!发生了什么不可能的事这是什么意思?

PS:
如果您知道该程序的编写内容,请不要发布对搜索引擎的引用以进行索引!

3 个答案:

答案 0 :(得分:5)

我怀疑这不是内存泄漏,而是你在分配的缓冲区开始之前或结束之后编写,因此覆盖了malloc用来维护数据结构的数据,因此malloc失败了。

我无法编译您的代码进行测试,但在快速目视检查中,这看起来很可疑(在gatherSquares()中):

if(*count > size)
  *arr = realloc(*arr, (size*=2) * sizeof **arr);

您需要根据i重新分配,而不是*计数点。

答案 1 :(得分:1)

此行在我的gdb中有问题

*arr = realloc(*arr, i * sizeof **arr);

gdb报告

*检测到glibc /run/shm/a.out:realloc():下一个大小无效:0x0000000000603230 * *

答案 2 :(得分:0)

该消息与 Valgrind 有关。 Valgrind 默认有一定数量的线程。您可以使用下一个命令所需的新线程数再次运行 Valgrind:

使用--max-threads=INT 指定更多的线程数 并重新运行 valgrind

相关问题
最新问题