我实现了一个程序,该程序使用线程将数组的元素相加。每个线程都会添加一部分数组的元素,并将其放入数组中。最后,另一个线程将这些总结。
该程序似乎可以正常工作,但是我有大量的内存泄漏我似乎无法修复。我正在使用valgrind检测到那些内存泄漏。我敢打赌,我的指针知识缺少一些关键功能。
我还试图在线程返回之前释放结构,但这会转储内核。我尝试在分配内存的任何地方释放内存,但是valgrind报告的释放空间要大于释放空间。
现在,输入一些代码:
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#include <pthread.h>
#define MAX_RAND 100
/**
* @brief global variables shared by threads
* array -> the array of values
* size-> the size of the array
* numberOfThreads -> the number of threads used to compute the sum
*
*/
int *array;
int size;
int numberOfThreads = 3;
/**
* @brief each thread works on disjoint segments of an array(i.e. two or more threads shall never work on the same segment). This
* encapsulates the start and end indexes used by a thread.
*
*/
typedef struct
{
int startIndex;
int endIndex;
} wrapper;
/**
* @brief this is used by the extra thread and contains the array of sums computed by the previous threads, along the size of the results
* array
*
*/
typedef struct
{
int *array;
int size;
} resultsWrapper;
/**
* @brief this computes the sum of a disjoint segment of the shared array
*
* @param args
* @return void*
*/
void *sum_runner(void *args)
{
/**
* @brief cast the argument and retrieve the indexes
*
*/
wrapper *data = (wrapper *)args;
int currentIndex = data->startIndex;
int endIndex = data->endIndex;
int *sum = (int *)malloc(sizeof(int *));
*sum = 0;
/**
* @brief iterate that segment and compute the sum
*
*/
while (currentIndex < endIndex)
{
*sum += array[currentIndex];
currentIndex++;
}
/**
* @brief return the sum
*
*/
pthread_exit((void *)sum);
}
/**
* @brief this is used by the an extra thread to sum up the elements computed by the previouse threads
*
* @param args
* @return void*
*/
void *results_sum_runner(void *args)
{
/**
* @brief cast the arguments and retrieve the array and its size
*
*/
resultsWrapper *results = (resultsWrapper *)args;
int size = results->size;
int *array = results->array;
int *sum = (int *)malloc(sizeof(int *));
*sum = 0;
/**
* @brief sum its elements up
*
*/
for (int i = 0; i < size; i++)
{
*sum += array[i];
}
free(results);
free(array);
/**
* @brief return the result
*
*/
pthread_exit((void *)sum);
}
/**
* @brief populates the given vector with random numbers
*
* @param array the target array
* @param size the size of the array
*/
void populateWithRand(int *array, int size)
{
for (int i = 0; i < size; i++)
{
array[i] = rand() % MAX_RAND;
}
printf("Finished populating vector\n");
}
/**
* @brief this prints a given array
*
* @param array the array to be printed
* @param size the size of the array
*/
void printArray(int *array, int size)
{
printf("Array: \n");
for (int i = 0; i < size; i++)
{
printf("%d ", array[i]);
}
printf("\n");
}
/**
* @brief this creates a normal partition, i.e. a partition containing size/threads elements
*
* @param index the current index in array
* @param quotient the quotient
* @return wrapper returns a new "pair"
*/
wrapper createNormalPartition(int index, int quotient)
{
wrapper normalPartition;
normalPartition.startIndex = index;
normalPartition.endIndex = index + quotient - 1;
printf(" Created normal partition (%d, %d)\n", normalPartition.startIndex, normalPartition.endIndex);
return normalPartition;
}
/**
* @brief this creates an overloaded partition, i.e. a partition containing size/threads+1 elements. We use overloaded partitions to spread
* the load amongst r threads, where r is size%threads
*
* @param index the current index in the array
* @param quotient the quotient
* @return wrapper returns a new "overloaded pair"
*/
wrapper createOverloadedPartition(int index, int quotient)
{
wrapper normalPartition;
normalPartition.startIndex = index;
normalPartition.endIndex = index + quotient;
printf(" Created normal partition (%d, %d)\n", normalPartition.startIndex, normalPartition.endIndex);
return normalPartition;
}
/**
* @brief core function. Splits the entire array by index to each thread
*
* @return wrapper* returns an array of partitions to be used by threads
*/
wrapper *createPartitions()
{
printf("Creating partitions......\n");
/**
* @brief compute the quotient, the remainder and initialize
*
*/
int quotient = size / numberOfThreads;
int remainder = size % numberOfThreads;
int last = 0;
/**
* @brief create the array of partitions
*
*/
wrapper *partitions = (wrapper *)malloc(sizeof(wrapper));
/**
* @brief populate the previously created array. If the we have a remainder, the last r threads will have an extra computation to perform.
*
*/
for (int i = 0; i < numberOfThreads; i++)
{
/**
* @brief check the current index and create the appropriate partitions
*
*/
if (i < numberOfThreads - remainder)
{
partitions[i] = createNormalPartition(last, quotient);
last += quotient;
continue;
}
wrapper temp = createOverloadedPartition(last, quotient);
partitions[i] = temp;
last += quotient + 1;
}
printf("Finished creating partitions......\n");
/**
* @brief return the previously-populated partitions
*
*/
return partitions;
}
/**
* @brief this is a utility function. This creates the threads and assigns them the working partition
*
* @param threads the array of threads
*/
void createThreads(pthread_t *threads)
{
/**
* @brief create a dummy wrapper to store the pairs at every step
*
*/
wrapper *partitions = createPartitions();
printf("Creating threads......\n");
/**
* @brief create some threads
*
*/
for (int i = 0; i < numberOfThreads; i++)
{
pthread_create(&threads[i], NULL, sum_runner, (void *)&partitions[i]);
printf(" Created thread %lu\n", threads[i]);
}
free(partitions);
printf("Finished creating threads......\n");
}
/**
* @brief this is a utility function. This performs join in the threads and stores the sums computed
*
* @param threads the array of threads
* @return int* the array of computed sums
*/
int *startThreads(pthread_t *threads)
{
printf("Starting threads...\n");
/**
* @brief initialize local variables
*
*/
int *temp;
int *results = (int *)malloc(sizeof(int *) * numberOfThreads);
/**
* @brief performs join on threads and store the sums computed
*
*/
for (int i = 0; i < numberOfThreads; i++)
{
temp = (int *)malloc(sizeof(temp));
printf(" Starting thread %lu\n", threads[i]);
pthread_join(threads[i], (void **)&temp);
results[i] = *temp;
free(temp);
}
printf("Exiting...\n");
/**
* @brief return the array of computed sums
*
*/
return results;
}
/**
* @brief this function calls the utility functions and computes the final sum using a separate thread
*
* @return int
*/
int run()
{
/**
* @brief create the threads ids array
*
*/
int *results;
int *finalResult;
pthread_t *threads = (pthread_t *)malloc(sizeof(pthread_t *));
pthread_t summingThread;
/**
* @brief pass the threads id's to create them
*
*/
createThreads(threads);
/**
* @brief get the sums
*
*/
results = startThreads(threads);
/**
* @brief print the array
*
*/
printArray(results, numberOfThreads);
/**
* @brief create a new thread and let him compute the final sum
*
*/
resultsWrapper *resultData = (resultsWrapper *)malloc(sizeof(resultsWrapper *));
resultData->size = numberOfThreads;
resultData->array = results;
/**
* @brief add up the sums computed by the threads
*
*/
pthread_create(&summingThread, NULL, results_sum_runner, (void *)resultData);
pthread_join(summingThread, (void *)&finalResult);
/**
* @brief return the sum
*
*/
free(threads);
free(resultData);
free(results);
return *finalResult;
}
/**
* @brief this is the entry point
*
* @return int success
*/
int main()
{
/**
* @brief initialize variables, run the program and print the result
*
*/
size = 47;
array = calloc(sizeof(array), size);
populateWithRand(array, size);
printArray(array, size);
int sum;
sum = run();
free(array);
printf("Sum of the array is %d\n", sum);
}
示例输出:
Finished populating vector
Array:
83 86 77 15 93 35 86 92 49 21 62 27 90 59 63 26 40 26 72 36 11 68 67 29 82 30 62 23 67 35 29 2 22 58 69 67 93 56 11 42 29 73 21 19 84 37 98
Creating partitions......
Created normal partition (0, 14)
Created normal partition (15, 30)
Created normal partition (31, 46)
Finished creating partitions......
Creating threads......
Created thread 139720910055168
Created thread 139720901662464
Created thread 139720893269760
Finished creating threads......
Starting threads...
Starting thread 139720910055168
Starting thread 139720901662464
Starting thread 139720893269760
Exiting...
Array:
875 674 683
Sum of the array is 2232
Valgrind的报告:
==4725== Memcheck, a memory error detector
==4725== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.==4725== Using Valgrind-3.14.0.GIT and LibVEX; rerun with -h for copyright info==4725== Command: ./counter
==4725==Finished populating vector
Array:
83 86 77 15 93 35 86 92 49 21 62 27 90 59 63 26 40 26 72 36 11 68 67 29 82 30 62 23 67 35 29 2 22 58 69 67 93 56 11 42 29 73 21 19 84 37 98
Creating partitions......
Created normal partition (0, 14)
Created normal partition (15, 30)
==4725== Invalid write of size 8
==4725== at 0x109505: createPartitions (counter.c:215)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61698 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10948F: createPartitions (counter.c:195)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Created normal partition (31, 46)
Finished creating partitions......
Creating threads......
Created thread 90576640
==4725== Invalid write of size 8
==4725== at 0x48812C8: pthread_create@@GLIBC_2.2.5 (in /usr/lib/libpthread-2.28.so)
==4725== by 0x1095A8: createThreads (counter.c:248)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Invalid read of size 8
==4725== at 0x1095BD: createThreads (counter.c:249)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Created thread 98969344
Created thread 107362048
==4725== Thread 3:
==4725== Invalid read of size 4
==4725== at 0x1091F1: sum_runner (counter.c:52)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Address 0x4a61698 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10948F: createPartitions (counter.c:195)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Invalid read of size 4
==4725== at 0x1091FA: sum_runner (counter.c:53)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Address 0x4a6169c is 4 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10948F: createPartitions (counter.c:195)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Finished creating threads......
Starting threads...
Starting thread 90576640
==4725== Thread 1:
==4725== Invalid read of size 8
==4725== at 0x10966B: startThreads (counter.c:278)
==4725== by 0x109746: run (counter.c:318)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Starting thread 98969344
==4725== Invalid read of size 8
==4725== at 0x109696: startThreads (counter.c:279)
==4725== by 0x109746: run (counter.c:318)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Starting thread 107362048
Exiting...
Array:
875 674 683
==4725== Invalid write of size 4
==4725== at 0x109777: run (counter.c:331)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a62508 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109768: run (counter.c:330)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Thread 2:
==4725== Invalid read of size 4
==4725== at 0x10926E: results_sum_runner (counter.c:87)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Address 0x4a62508 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109768: run (counter.c:330)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Thread 1:
==4725== Invalid free() / delete / delete[] / realloc()
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1097CE: run (counter.c:346)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a62500 is 0 bytes inside a block of size 8 free'd
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1092DB: results_sum_runner (counter.c:101)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Block was alloc'd at
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109768: run (counter.c:330)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Invalid free() / delete / delete[] / realloc()
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1097DA: run (counter.c:347)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61b20 is 0 bytes inside a block of size 24 free'd
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1092E7: results_sum_runner (counter.c:102)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Block was alloc'd at
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109638: startThreads (counter.c:269)
==4725== by 0x109746: run (counter.c:318)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Sum of the array is 2232
==4725==
==4725== HEAP SUMMARY:
==4725== in use at exit: 1,652 bytes in 8 blocks
==4725== total heap usage: 21 allocs, 15 frees, 3,996 bytes allocated
==4725==
==4725== LEAK SUMMARY:
==4725== definitely lost: 32 bytes in 4 blocks
==4725== indirectly lost: 0 bytes in 0 blocks
==4725== possibly lost: 0 bytes in 0 blocks
==4725== still reachable: 1,620 bytes in 4 blocks
==4725== suppressed: 0 bytes in 0 blocks
==4725== Rerun with --leak-check=full to see details of leaked memory
==4725==
==4725== For counts of detected and suppressed errors, rerun with: -v
==4725== ERROR SUMMARY: 20 errors from 11 contexts (suppressed: 0 from 0)
答案 0 :(得分:1)
在查找泄漏之前先修复invalid write,
首先,在createPartitions中为partitions分配内存,但仅足以存储单个wrapper
wrapper *partitions = (wrapper *)malloc(sizeof(wrapper));
然后循环运行numberOfThreads次(3),并将其复制到上述数组中。第二次及以后的写操作超出了数组的范围,并导致invalid write。
您需要为partitions分配更多的内存,例如
wrapper *partitions = (wrapper *)malloc(numberOfThreads*sizeof(wrapper));
答案 1 :(得分:1)
当然,这里有一些内存泄漏,但是您遇到的更为紧迫的问题是,在已分配的内存末尾和两次释放之后,有多个读/写实例。
让我们一次从顶部开始:
==4725== Invalid write of size 8
==4725== at 0x109505: createPartitions (counter.c:215)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61698 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10948F: createPartitions (counter.c:195)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725==
这是抱怨写超出分配的部分。这是同时进行分配和无效访问的代码:
wrapper *partitions = (wrapper *)malloc(sizeof(wrapper));
for (int i = 0; i < numberOfThreads; i++)
{
if (i < numberOfThreads - remainder)
{
partitions[i] = createNormalPartition(last, quotient);
last += quotient;
continue;
}
wrapper temp = createOverloadedPartition(last, quotient);
partitions[i] = temp;
last += quotient + 1;
}
您要为wrapper的单个实例分配空间,但是要像写numberOfThreads实例数组那样对其进行写入。您需要为许多实例分配空间:
wrapper *partitions = malloc(sizeof(wrapper) * numberOfThreads);
下一个:
==4725== Invalid write of size 8
==4725== at 0x48812C8: pthread_create@@GLIBC_2.2.5 (in /usr/lib/libpthread-2.28.so)
==4725== by 0x1095A8: createThreads (counter.c:248)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Invalid read of size 8
==4725== at 0x1095BD: createThreads (counter.c:249)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
另一无效写入以及无效读取。这是run中的分配:
pthread_t *threads = (pthread_t *)malloc(sizeof(pthread_t *));
在createThreads中的读/写操作:
for (int i = 0; i < numberOfThreads; i++)
{
pthread_create(&threads[i], NULL, sum_runner, (void *)&partitions[i]);
printf(" Created thread %lu\n", threads[i]);
}
像以前一样,您要为单个实例而不是数组分配空间。另外,您正在为pthread_t *而不是pthread_t分配空间,该空间可能太小了。更改分配以为数组腾出空间,并使用对象类型,而不是指针类型:
pthread_t *threads = malloc(sizeof(pthread_t) * numberOfThreads);
下一步:
==4725== Invalid read of size 4
==4725== at 0x1091F1: sum_runner (counter.c:52)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Address 0x4a61698 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10948F: createPartitions (counter.c:195)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Invalid read of size 4
==4725== at 0x1091FA: sum_runner (counter.c:53)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Address 0x4a6169c is 4 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10948F: createPartitions (counter.c:195)
==4725== by 0x109550: createThreads (counter.c:238)
==4725== by 0x10973A: run (counter.c:312)
==4725== by 0x10985C: main (counter.c:367)
==4725==
一对无效的读取,源自同一行中相同的分配和访问。这与我们已经解决的第一条消息中的无效分配相同。下一个:
==4725== Thread 1:
==4725== Invalid read of size 8
==4725== at 0x10966B: startThreads (counter.c:278)
==4725== by 0x109746: run (counter.c:318)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
Starting thread 98969344
==4725== Invalid read of size 8
==4725== at 0x109696: startThreads (counter.c:279)
==4725== by 0x109746: run (counter.c:318)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61648 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x10972A: run (counter.c:305)
==4725== by 0x10985C: main (counter.c:367)
==4725==
一对无效读,指向第二条消息中的相同错误分配。这已经得到解决。下一个:
==4725== Invalid write of size 4
==4725== at 0x109777: run (counter.c:331)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a62508 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109768: run (counter.c:330)
==4725== by 0x10985C: main (counter.c:367)
==4725==
==4725== Thread 2:
==4725== Invalid read of size 4
==4725== at 0x10926E: results_sum_runner (counter.c:87)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Address 0x4a62508 is 0 bytes after a block of size 8 alloc'd
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109768: run (counter.c:330)
==4725== by 0x10985C: main (counter.c:367)
源自相同分配的无效读取和写入。这是run中的分配:
resultsWrapper *resultData = (resultsWrapper *)malloc(sizeof(resultsWrapper *));
读入results_sum_runner:
resultsWrapper *results = (resultsWrapper *)args;
int size = results->size;
然后写入run:
resultData->size = numberOfThreads;
在这里,您是为指针分配给resultsWrapper的空间,而不是resultsWrapper的 instance 的空间。修改分配如下:
resultsWrapper *resultData = malloc(sizeof(resultsWrapper));
下一个:
==4725== Invalid free() / delete / delete[] / realloc()
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1097CE: run (counter.c:346)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a62500 is 0 bytes inside a block of size 8 free'd
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1092DB: results_sum_runner (counter.c:101)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Block was alloc'd at
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109768: run (counter.c:330)
==4725== by 0x10985C: main (counter.c:367)
==4725==
这里是双重免费。分配和第二个free在run中:
resultsWrapper *resultData = (resultsWrapper *)malloc(sizeof(resultsWrapper *));
resultData->size = numberOfThreads;
resultData->array = results;
pthread_create(&summingThread, NULL, results_sum_runner, (void *)resultData);
pthread_join(summingThread, (void *)&finalResult);
free(threads);
free(resultData);
free(results);
这是free中的第一个results_sum_runner:
void *results_sum_runner(void *args)
{
resultsWrapper *results = (resultsWrapper *)args;
int size = results->size;
int *array = results->array;
int *sum = (int *)malloc(sizeof(int *));
*sum = 0;
for (int i = 0; i < size; i++)
{
*sum += array[i];
}
free(results);
free(array);
pthread_exit((void *)sum);
}
在这里,您正在为resultData分配内存,并将其传递给线程函数results_sum_runner。该线程释放了内存,但是随后调用线程也释放了。删除free(resultData)中的run或free(results)中的results_sum_runner。
最后一个:
==4725== Invalid free() / delete / delete[] / realloc()
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1097DA: run (counter.c:347)
==4725== by 0x10985C: main (counter.c:367)
==4725== Address 0x4a61b20 is 0 bytes inside a block of size 24 free'd
==4725== at 0x48389AB: free (vg_replace_malloc.c:530)
==4725== by 0x1092E7: results_sum_runner (counter.c:102)
==4725== by 0x4880A9C: start_thread (in /usr/lib/libpthread-2.28.so)
==4725== by 0x4995B22: clone (in /usr/lib/libc-2.28.so)
==4725== Block was alloc'd at
==4725== at 0x483777F: malloc (vg_replace_malloc.c:299)
==4725== by 0x109638: startThreads (counter.c:269)
==4725== by 0x109746: run (counter.c:318)
==4725== by 0x10985C: main (counter.c:367)
==4725==
另一双免费,类似于最后一个。 free(results)中的run和free(array)中的results_sum_runner引用相同的内存,因此请摆脱其中之一。
现在,如果我们对这些更改进行编译并在valgrind下再次运行,则会再遇到一个问题:
==24305== Invalid read of size 4
==24305== at 0x40090E: sum_runner (x1.c:52)
==24305== by 0x4E416B9: start_thread (pthread_create.c:333)
==24305== Address 0x54216a8 is 8 bytes inside a block of size 24 free'd
==24305== at 0x4C2EDEB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24305== by 0x400CEF: createThreads (x1.c:251)
==24305== by 0x400E3C: run (x1.c:312)
==24305== by 0x400F5C: main (x1.c:367)
==24305== Block was alloc'd at
==24305== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24305== by 0x400B98: createPartitions (x1.c:195)
==24305== by 0x400C57: createThreads (x1.c:238)
==24305== by 0x400E3C: run (x1.c:312)
==24305== by 0x400F5C: main (x1.c:367)
==24305==
==24305== Invalid read of size 4
==24305== at 0x400917: sum_runner (x1.c:53)
==24305== by 0x4E416B9: start_thread (pthread_create.c:333)
==24305== Address 0x54216ac is 12 bytes inside a block of size 24 free'd
==24305== at 0x4C2EDEB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24305== by 0x400CEF: createThreads (x1.c:251)
==24305== by 0x400E3C: run (x1.c:312)
==24305== by 0x400F5C: main (x1.c:367)
==24305== Block was alloc'd at
==24305== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==24305== by 0x400B98: createPartitions (x1.c:195)
==24305== by 0x400C57: createThreads (x1.c:238)
==24305== by 0x400E3C: run (x1.c:312)
==24305== by 0x400F5C: main (x1.c:367)
==24305==
在这里,我们从已经释放的内存块中读取了一对数据。读取发生在sum_runner:
wrapper *data = (wrapper *)args;
int currentIndex = data->startIndex;
int endIndex = data->endIndex;
还有createThreads中的免费版本:
for (int i = 0; i < numberOfThreads; i++)
{
pthread_create(&threads[i], NULL, sum_runner, (void *)&partitions[i]);
printf(" Created thread %lu\n", threads[i]);
}
free(partitions);
基于代码中其他位置的注释,您似乎给人一种印象,即调用pthread_join将启动线程。不是这种情况。调用pthread_create实际上会启动线程,而pthread_join则告诉调用线程等待给定线程完成。因此,您最终在线程有机会使用它之前释放了该内存。
因此,删除此free并更改createThreads以返回此指针。然后在run(调用createThreads的地方)中,在调用startThreads(实际上应该重命名为类似waitForThreadsToFinish之类的东西)之后在此处免费:
wrapper *createThreads(pthread_t *threads)
{
wrapper *partitions = createPartitions();
printf("Creating threads......\n");
for (int i = 0; i < numberOfThreads; i++)
{
pthread_create(&threads[i], NULL, sum_runner, (void *)&partitions[i]);
printf(" Created thread %lu\n", threads[i]);
}
// remove free
printf("Finished creating threads......\n");
return partitions;
}
...
int run()
{
...
wrapper *partitions = createThreads(threads);
results = startThreads(threads);
free(partitions);
这应该处理无效的访问。
在一些地方,您应该为int *(或int *的数组)分配空间,而在这里应该为一个或多个int分配空间。因为int *至少和int一样大,这不会对您的系统造成问题,但是无论如何您仍应使用正确的类型。
还要注意,我建议的更改删除了对malloc返回值的强制转换。有关更多详细信息,请参见Do I cast the result of malloc?。
如果将--leak-check=full传递给valgrind,仍然会发现一些内存泄漏,但是我将其留给读者练习。