我完全被一段与记忆行为不当的简单代码所困扰(正如Valgrind所报告的那样)。我把它减少到这个简短的测试用例:
#include <vector>
struct el
{
el * next = nullptr;
};
class list
{
public:
list(): tail(nullptr) {}
void push_back()
{
el nw;
m_list.push_back(nw);
if (tail == nullptr)
tail = &m_list.back();
else
{
tail->next = &m_list.back();
tail = tail->next;
}
}
private:
std::vector<el> m_list;
el * tail;
};
int main()
{
list a;
a.push_back();
a.push_back();
return 0;
}
我希望它创建一个包含2个结构的数组,其中第一个具有指向第二个结构的指针。真正的源代码在破坏时崩溃了,所以我认为这个报告很重要:
==1630== Invalid write of size 8
==1630== at 0x400A37: list::push_back() (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400969: main (in /home/ilya/Projects/algos/a.out)
==1630== Address 0x5a86c80 is 0 bytes inside a block of size 8 free'd
==1630== at 0x4C2A8DC: operator delete(void*) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1630== by 0x4011D5: __gnu_cxx::new_allocator<el>::deallocate(el*, unsigned long) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400F79: std::_Vector_base<el, std::allocator<el> >::_M_deallocate(el*, unsigned long) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400DA3: void std::vector<el, std::allocator<el> >::_M_emplace_back_aux<el const&>(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400B42: std::vector<el, std::allocator<el> >::push_back(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x4009FF: list::push_back() (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400969: main (in /home/ilya/Projects/algos/a.out)
==1630== Block was alloc'd at
==1630== at 0x4C29780: operator new(unsigned long) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1630== by 0x4012BB: __gnu_cxx::new_allocator<el>::allocate(unsigned long, void const*) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x4010D2: std::_Vector_base<el, std::allocator<el> >::_M_allocate(unsigned long) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400CC1: void std::vector<el, std::allocator<el> >::_M_emplace_back_aux<el const&>(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400B42: std::vector<el, std::allocator<el> >::push_back(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x4009FF: list::push_back() (in /home/ilya/Projects/algos/a.out)
==1630== by 0x40095D: main (in /home/ilya/Projects/algos/a.out)
==1630==
==1630== Invalid read of size 8
==1630== at 0x400A42: list::push_back() (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400969: main (in /home/ilya/Projects/algos/a.out)
==1630== Address 0x5a86c80 is 0 bytes inside a block of size 8 free'd
==1630== at 0x4C2A8DC: operator delete(void*) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1630== by 0x4011D5: __gnu_cxx::new_allocator<el>::deallocate(el*, unsigned long) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400F79: std::_Vector_base<el, std::allocator<el> >::_M_deallocate(el*, unsigned long) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400DA3: void std::vector<el, std::allocator<el> >::_M_emplace_back_aux<el const&>(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400B42: std::vector<el, std::allocator<el> >::push_back(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x4009FF: list::push_back() (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400969: main (in /home/ilya/Projects/algos/a.out)
==1630== Block was alloc'd at
==1630== at 0x4C29780: operator new(unsigned long) (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==1630== by 0x4012BB: __gnu_cxx::new_allocator<el>::allocate(unsigned long, void const*) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x4010D2: std::_Vector_base<el, std::allocator<el> >::_M_allocate(unsigned long) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400CC1: void std::vector<el, std::allocator<el> >::_M_emplace_back_aux<el const&>(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x400B42: std::vector<el, std::allocator<el> >::push_back(el const&) (in /home/ilya/Projects/algos/a.out)
==1630== by 0x4009FF: list::push_back() (in /home/ilya/Projects/algos/a.out)
==1630== by 0x40095D: main (in /home/ilya/Projects/algos/a.out)
答案 0 :(得分:2)
一旦push_back进入向量或以其他方式改变它,所有引用和指向存储项的指针都将失效,因此所有tail
和next
字段都将包含悬空指针。取消引用它们将导致未定义的行为。您实际上可以使用std::list
或(如果您只是为了学习目的而编写一些列表实现),您可以先填充向量,然后收集存储项的指针,知道它们将保持有效。