像这样使用 malloc 有什么问题吗?
我遇到以下代码的分段错误,有人可以帮助我理解为什么吗?
typedef struct ClientData {
int _clientId;
char _msg[200];
} ClientData_t;
// in a function
char *id = malloc(50);
char *msg = malloc(sizeof(MESSAGE_LENGTH));
memset(id, 0, 50);
memset(msg, 0, MESSAGE_LENGTH);
strcpy(id, &(buffer[1]));
strcpy(msg, &(buffer[50]));
free(id);
printf("this message can be printed\n");
ClientData_t *newData = malloc(sizeof(ClientData_t));
// I got segmentation fault for this malloc here
第二次,我从上面删除了 free(id); 调用,并保留了其余部分,调用最后一个 malloc 后,我收到以下错误:
mainClient1: malloc.c:3074: sYSMALLOc: Assertion `(old_top == (((mbinptr) (((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk, fd)))) && old_size == 0) || ((unsigned long) (old_size) >= (unsigned long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) - 1))) && ((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) == 0)' failed.
Abort
最后,在更改前两个后,一切正常函数中的行:
char id[50];
char msg[MESSAGE_LENGTH];
这是为什么?什么可能导致断言失败?谢谢。
I got segmentation fault for the following code, could someone help me understand why?
typedef struct ClientData {
int _clientId;
char _msg[200];
} ClientData_t;
// in a function
char *id = malloc(50);
char *msg = malloc(sizeof(MESSAGE_LENGTH));
memset(id, 0, 50);
memset(msg, 0, MESSAGE_LENGTH);
strcpy(id, &(buffer[1]));
strcpy(msg, &(buffer[50]));
free(id);
printf("this message can be printed\n");
ClientData_t *newData = malloc(sizeof(ClientData_t));
// I got segmentation fault for this malloc here
The second time, I removed free(id); call from above, and kept the rest, I got the following error once the last malloc is called:
mainClient1: malloc.c:3074: sYSMALLOc: Assertion `(old_top == (((mbinptr) (((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk, fd)))) && old_size == 0) || ((unsigned long) (old_size) >= (unsigned long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) - 1))) && ((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) == 0)' failed.
Abort
and finally, everything worked after I changed the first two lines in the function to:
char id[50];
char msg[MESSAGE_LENGTH];
Why is this? what could cause the assertion fail? Thank you.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
如果 MESSAGE_LENGTH 是整数,则 sizeof( MESSAGE_LENGTH ) 与 MESSAGE_LENGTH 有很大不同。 (可能是 4 或 8。)您需要 malloc( MESSAGE_LENGTH ),而不是 malloc( sizeof( MESSAGE_LENGTH ))。
If MESSAGE_LENGTH is an integer, then sizeof( MESSAGE_LENGTH ) is very different from MESSAGE_LENGTH. (It is likely 4 or 8.) You want malloc( MESSAGE_LENGTH ), not malloc( sizeof( MESSAGE_LENGTH )).
char *msg = malloc(sizeof(MESSAGE_LENGTH));
可能没有按照您的想法进行。我假设
MESSAGE_LENGTH是一些#define,如果是这样,那么您可能会得到sizeof(int)左右,而不是分配MESSAGE_LENGTH字节块。char *msg = malloc(sizeof(MESSAGE_LENGTH));Is probably not doing what you're thinking. I'm assuming
MESSAGE_LENGTHis some#define, and if so, then it's likely you're getting thesizeof(int)or so, rather than allocating a block ofMESSAGE_LENGTHbytes.某物的大小不是它的值:
如果您需要 50 个字节,请使用
MSG_LEN,而不是它的大小。代码:将分配四个字节(假设
MESSAGE_LENGTH实际上计算为整数(在具有四字节整数的系统上(标准不强制这样做))),但尝试填充< /em> 五十个字节,不是一个好主意。The size of something is not its value:
If you want fifty bytes, use
MSG_LEN, not its size. The code:will allocate four bytes (assuming
MESSAGE_LENGTHactually evaluates as an integer (on a system with four-byte integers (the standard doesn't mandate this))) but try to fill fifty bytes, not a good idea.