Question

我尝试释放内存时会遇到一些错误。我的所有代码都发布在下面。我正在使用ubuntu并使用gcc编译我的代码。但是当我尝试执行我的代码时，我在尝试释放内存时会出错。我对我的代码发表评论以解释我的疑问。我正在使用堆栈结构。如何在不带错误的情况下释放内存来为char设置空闲内存？如果我没有释放为数据分配的内存（一个char），并且只释放元素的内存（包含char数据），这会在分配给数据的内存中发生？它是免费的吗？

错误

{
    *** glibc detected *** ./pilha: free(): invalid next size (fast):      0x08b86018 ***
======= Backtrace: =========
/lib/i386-linux-gnu/libc.so.6(+0x74f82)[0xb7637f82]
./pilha[0x80485ba]
./pilha[0x804864c]
/lib/i386-linux-gnu/libc.so.6(__libc_start_main+0xf3)[0xb75dc4d3]
./pilha[0x8048411]
    ======= Memory map: ========
}

CODE

#include<stdio.h>
#include<stdlib.h>
#include<string.h>

typedef struct Stack_element{
    char *data;
    struct Stack_element *next;

}Element;

typedef struct Position{
    Element *top;
    int size;
}stack;

void start(stack *aux){
    aux->top = NULL;
    aux->size = 0;
}

int push(stack *aux, char value){

    Element *new_element;
    if ((new_element = (Element*) malloc(sizeof(Element))) == NULL)
        return -1; //an error occur
    if ((new_element->data = (char*) malloc(sizeof(char))) == NULL)
        return -1; //an error occur

    strcpy(new_element->data, &value);

    new_element->next = aux->top;
    aux->top = new_element;
    aux->size++;

}

int empty(stack *aux){

    if ((aux->size) == 0){
        return -1;
    }
    return 0;

}

char pop(stack *aux){

    Element *element;
    char value='0';

    if (empty(aux)){
        return '1';
    }


    element = aux->top;
    aux->top = aux->top->next;

    /*
        To observe the line below. When a element exist in the stack and
        I try remove this element, first I free the data in that node (element)
        so I turn free memory allocated for the element.
        If I didn't free data memory allocated before (in push fuction), I
        don't get any error. But the memory allocated for the data, what happens?
        Does is it continues allocated?
    */

    value = *(element->data);
    free(element->data);//THE ERROR OCCURS HERE, IN THIS LINE
    free(element);//Just after free the data element memory, I also free the element's memory

    aux->size--;
    return value;
}

int main(){

    stack p;
    char value;

    start(&p);

    //no error occurs. there isn't any element at this moment.
    printf("%c\n",pop(&p));

    //valor = 't';
    if (push(&p, 't')){
        printf("Add a char\n");
    }
    pop(&p);//the error occurrs now, after insert an new element in the stack
    printf("The End.");

}

Answer 1

在您的代码中，

strcpy(new_element->data, &value);

不正确。您只为一个char分配了内存，该内存没有空终结符的空间。相反，你应该使用

*(new_element->data) = value;

否则，如果strcpy()使用不当，您可以通过使内存覆盖导致undefined behaviour来搞乱分配的内存。

Answer 2

至少函数push中的此语句无效

strcpy(new_element->data, &value);

你应该写

if ( ( new_element->data = (char*) malloc( 2 * sizeof(char))) == NULL)
{
    free( new_element );
    return -1; //an error occur
}

new_element->data[0] = value;
new_element->data[1] = '\0';

或者

if ( ( new_element->data = (char*) malloc( sizeof(char))) == NULL)
{
    free( new_element );
    return -1; //an error occur
}

*new_element->data = value;

功能空看起来很奇怪。通常在发生某些错误时从函数返回-1。至于函数为空，则不会发生错误。因此，如果堆栈为空，则函数返回1会更好。我会写它像

int empty( stack *aux )
{
    return aux->size == 0; 
}

还不清楚为什么函数pop会返回字符＆＃39; 1＆＃39;当堆栈为空时。如果简单地返回＆＃39; \ 0＆＃39;会更好。而不是

char pop(stack *aux){

    Element *element;
    char value='0';

    if (empty(aux)){
        return '1';
    }
    //,,

我会写

char pop(stack *aux){

    if ( empty( aux ) ) return '\0';

    Element *element;
    //,,

尝试释放内存时出错

错误

2 个答案: