我修复了内存泄漏后,valgrind向我展示了一堆行错误,如下所示,我不知道如何修复它。是因为我释放的空间比我需要的还要多吗?
第39行:root = importTree(*(argv+1));
第72行:
printf("Result found for %d:\n city: %s\n state:%s\n", zip, new->city, new->state);
Node *importTree(char *filename) {
Node *root = NULL;
FILE *fp = fopen(filename, "r");
if (!fp) {
printf("Error opening file.\n");
return NULL;
}
while (!feof(fp)) {
Node *new = malloc(sizeof(Node));
if (!new) {
printf("Failed to allocate memory. Ending read.\n");
exit(1);
fclose(fp);
}
new->city = malloc(sizeof(char) * MAXCITYNAME);
if (!(new->city)) {
printf("Failed to allocate memory. Ending read.\n");
exit(1);
fclose(fp);
}
new->left = NULL;
new->right = NULL;
char *line = malloc(sizeof(char) * MAXLINELENGTH);
if (!line) {
printf("Failed to allocate memory. Ending read.\n");
exit(1);
fclose(fp);
}
if (fgets(line, MAXLINELENGTH, fp) == NULL) {
if (!feof(fp)) {
printf("File reading ended prematurely. Check for errors in the file.\n");
exit(1);
fclose(fp);
}
free(new->city);
free(line);
free(new);
fclose(fp);
break;
}
char *tmp = strtok(line, ",");
new->zipCode = atoi(tmp);
tmp = strtok(NULL, ",");
strcpy(new->city, tmp);
new->city[strlen(tmp) + 1] = '\0';
tmp = strtok(NULL, ",");
strcpy(new->state, tmp);
new->state[2] = '\0';
root = addNode(root, new);
if (!root) {
printf("Root of tree is still NULL! Ending read.\n");
exit(1);
}
free(line);
free(new->city); \\this is the line 220
}
fclose(fp);
return root;
}
这是valgrind的输出:
Invalid read of size 1
==7879== at 0x517FAB4: vfprintf (vfprintf.c:1635)
==7879== by 0x5188C98: printf (printf.c:34)
==7879== by 0x400BBD: main (hw3.c:72)
==7879== Address 0x5657a30 is 0 bytes inside a block of size 30 free'd
==7879== at 0x4C2AD17: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7879== by 0x40103F: importTree (hw3.c:220)
==7879== by 0x400A31: main (hw3.c:39)
==7879==
==7879== Invalid read of size 1
==7879== at 0x51ADA99: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:1342)
==7879== by 0x517FA6C: vfprintf (vfprintf.c:1635)
==7879== by 0x5188C98: printf (printf.c:34)
==7879== by 0x400BBD: main (hw3.c:72)
==7879== Address 0x5657a37 is 7 bytes inside a block of size 30 free'd
==7879== at 0x4C2AD17: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==7879== by 0x40103F: importTree (hw3.c:220)
==7879== by 0x400A31: main (hw3.c:39)
==7879==
==7879== Invalid read of size 1
==7879== at 0x51ADAAC: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:1342)
==7879== by 0x517FA6C: vfprintf (vfprintf.c:1635)
==7879== by 0x5188C98: printf (printf.c:34)
==7879== by 0x400BBD: main (hw3.c:72)
==7879== Address 0x5657a36 is 6 bytes inside a block of size 30 free'd
答案 0 :(得分:2)
为什么在树中插入节点后free city new成员while (!feof(fp))成员?它属于结构,当你解除分配树时它将被释放两次。
您的代码中还有其他问题:
for(;;)总是错的。在您的情况下,只需使用fgets()永远运行,并在new在文件末尾失败时正常退出循环。node作为标识符,它会混淆代码着色器(和读取器),因为它是C ++中的关键字。只需将其称为np或new->city[strlen(tmp) + 1] = '\0';。strcpy()最多无用,可能会导致缓冲区溢出。strdup()来复制行块之前,您不会检查大小。这可能会调用未定义的行为。fgets()为线段分配正确的大小,并通过一个简单的步骤复制内容。strtok()之后分配节点可以简化错误案例。NULL的返回值。无效的文件内容可能导致返回值为Node *importTree(const char *filename) {
char line[MAXLINELENGTH];
Node *root = NULL;
FILE *fp = fopen(filename, "r");
if (!fp) {
printf("Error opening file.\n");
return NULL;
}
while (fgets(line, MAXLINELENGTH, fp) != NULL) {
Node *node = malloc(sizeof(Node));
if (!node) {
printf("Failed to allocate memory. Ending read.\n");
fclose(fp);
exit(1);
}
new->left = NULL;
new->right = NULL;
char *tmp = strtok(line, ",");
if (!tmp) {
printf("Invalid file contents. Ending read.\n");
fclose(fp);
exit(1);
}
new->zipCode = atoi(tmp);
tmp = strtok(NULL, ",");
if (!tmp) {
printf("Invalid file contents. Ending read.\n");
fclose(fp);
exit(1);
}
node->city = strdup(tmp);
if (!(new->city)) {
printf("Failed to allocate memory. Ending read.\n");
fclose(fp);
exit(1);
}
tmp = strtok(NULL, ",");
if (!tmp) {
printf("Invalid file contents. Ending read.\n");
fclose(fp);
exit(1);
}
tmp[2] = '\0';
node->state = strdup(tmp);
if (!node->state) {
printf("Failed to allocate memory. Ending read.\n");
fclose(fp);
exit(1);
}
root = addNode(root, node);
if (!root) {
printf("Root of tree is still NULL! Ending read.\n");
fclose(fp);
exit(1);
}
}
if (!feof(fp)) {
printf("File reading ended prematurely. Check for errors in the file.\n");
fclose(fp);
exit(1);
}
fclose(fp);
return root;
}
,从而调用未定义的行为而不是正常的致命错误。这是一个更简单的更正版本:
$color