Question

我正在尝试实现一个存储非负整数的链表。我的实现如下所示：

我对内存泄漏感到好奇，因此我尝试使用命令“ valgrind --leak-check = yes”来调用名为Valgrind的工具。

==2540== error calling PR_SET_PTRACER, vgdb might block
==2540== Invalid write of size 4
==2540==    at 0x10875E: node_create (in LinkedList/bin/main)
==2540==    by 0x108832: list_append (in LinkedList/bin/main)
==2540==    by 0x108920: main (in LinkedList/bin/main)
==2540==  Address 0x522d098 is 0 bytes after a block of size 8 alloc'd
==2540==    at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2540==    by 0x10874B: node_create (in LinkedList/bin/main)
==2540==    by 0x108832: list_append (in LinkedList/bin/main)
==2540==    by 0x108920: main (in LinkedList/bin/main)
   .
   .
   .
==2540== Invalid read of size 4
==2540==    at 0x1088BA: list_pop (in LinkedList/bin/main)
==2540==    by 0x1089E1: main (in LinkedList/bin/main)
==2540==  Address 0x522d138 is 0 bytes after a block of size 8 alloc'd
==2540==    at 0x4C2FB0F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==2540==    by 0x10874B: node_create (in LinkedList/bin/main)
==2540==    by 0x108832: list_append (in LinkedList/bin/main)
==2540==    by 0x108942: main (in LinkedList/bin/main)
   .
   .
   .
==2540== HEAP SUMMARY:
==2540==     in use at exit: 0 bytes in 0 blocks
==2540==   total heap usage: 10 allocs, 10 frees, 584 bytes allocated
==2540==
==2540== All heap blocks were freed -- no leaks are possible

相应的功能实现如下：

struct Node {
    struct Node* next;
    int value;
};

struct List {
    struct Node* head;
};

typedef struct Node* Node;
typedef struct List* List;

Node node_create(int value, Node nextNode) {
    if(value < 0) {
        printf("Error: Could not create node, value is negative.\n");
        return NULL;
    }

    Node node = malloc(sizeof(Node));
    if(node != NULL)
    {
        node->value = value;
        node->next = nextNode;
    } else {
        printf("Error: Could not create node, malloc returned NULL.\n");
    }

    return node;
}

int list_append(List listHandle, int value) {
    Node current = listHandle->head;
    Node new = node_create(value, NULL);

    if(new == NULL) {
        return -1;
    }

    if(current == NULL) {
        listHandle->head = new;
    } else {
        while(current->next != NULL) {
            current = current->next;
        }
        current->next = new;
    }

    return value;
}

int list_pop(List listHandle) {
    if(listHandle->head == NULL) {
        printf("Error: Trying to pop an empty list.\n");
        return -1;
    }

    Node temp = listHandle->head;
    int value = temp->value;

    if(temp->next == NULL)
    {
        listHandle->head = NULL;
    } else {
        listHandle->head = temp->next;
    }

    free(temp);
    return value;
}

我在做什么错？如何改善代码？这甚至是个问题吗，还是Valgrind只是过于腐？

Answer 1

typedef struct Node* Node;

Node node = malloc(sizeof(Node));

这将分配sizeof(Node) == sizeof(struct Node*)个内存字节。因此Node node不会指向sizeof(struct Node)字节的内存。您最终将获得超出范围的/无效的内存访问。

要修复代码，请取消引用结构节点的指针或隐式使用具有sizeof的结构节点：

Node node = malloc(sizeof(*node));
Node node = malloc(sizeof(struct Node));

这只是一个解决方法。它使您的代码更加混乱，并且您刚刚发现了为什么typedef后面的隐藏指针是一个坏主意。该行：

Node node = malloc(sizeof(*Node));

@ptx在注释中指出，

将不起作用，因为Node命名了一种类型，因此无法取消引用。

我个人强烈建议重写所有要使用的代码：

 typedef struct Node Node;

 Node *node_create(int value, Node *nextNode)  {
      ...
      Node *node = malloc(sizeof(Node));
      ...
 }

现在，任何立即查看函数node_create的程序员都将知道，它返回了指向一些可能动态分配的数据的指针。 Is更具可读性，并且不会隐藏指针分配。

Answer 2

Node node = malloc(sizeof(Node));

Node实际上是struct Node *-一个指针。繁荣！您只是为单个指针分配了内存，而不是为结构分配了指针，而该结构至少需要多sizeof(int)个字节。这就是为什么您没有typedef指针。

为什么Valgrind会抱怨此代码？

2 个答案: