交换二叉树节点时,为什么GDB监视点在不相关的行上停止?
[英]Why does a GDB watchpoint stop on an irrelevant line when swapping binary tree nodes?
问题描述
I am trying to swap two nodes A and B in a binary tree so that the places they are actually stored in memory change but the tree topology is not changed. 
我试图交换二叉树中的两个节点A和B ,以便它们实际存储在内存中的位置发生更改,但树形拓扑未更改。 I added special handling for swapping a node with its parent, but it still seems that it doesn't work. 我为与父节点交换节点添加了特殊处理,但似乎仍然无法正常工作。 I'm using Valgrind with vgdb so that I can catch memory errors and also get consistent addresses. 我将Valgrind与vgdb一起使用,以便可以捕获内存错误并获得一致的地址。 If I have a tree like 如果我有一棵像
78
\
40
/ \
5c c5
And then I try to swap A=40 and B=5c , the links get messed up. 然后我尝试交换A=40和B=5c ,链接变得混乱。 Specifically, 40->right . 具体来说,是40->right 。 Setting a watchpoint on it ( watch -l ), I found that 40->right is being set to 5c->right ( NULL ) by memcpy as it should be, but then also that it is being changed to A later by if(a_l.left == b){ which is clearly impossible. 在其上设置观察点( watch -l ),我发现memcpy将40->right设置为5c->right ( NULL ),但后来又通过if(a_l.left == b){将其更改为A if(a_l.left == b){这显然是不可能的。 I've had a watchpoint report the wrong line like this before when I was using movq instead of movb in assembly, but I'm pretty sure I have the sizes right this time because I didn't at first and it didn't make it through any swaps but I fixed it and now it makes it through around a dozen. 在组装中使用movq而不是movb之前,我曾有一个观察点报告这样的错误行,但是我很确定这次我的大小是正确的,因为我一开始没有这样做,而且没有它可以通过任何交换来实现,但我已将其修复,现在它可以通过一打来解决。 I sanity check the tree after every operation so the error is here. 我会在每次操作后检查树,因此错误在这里。 Here is the simplest demonstration I could manage: 这是我可以管理的最简单的演示:
#include <stdlib.h>
#include <string.h>
#include <assert.h>
typedef struct avl_node avl_node;
struct avl_node{
avl_node *left, *right, *parent;
signed char balance;
char data[];
};
avl_node *avl_root(avl_node *n){
while(n && n->parent){
n = n->parent;
}
return n;
}
inline static int avl_check_links(avl_node *n){
if(!n)return 1;
if(n->left){
if(n->left->parent != n){
return 0;
}
if(!avl_check_links(n->left)){
return 0;
}
}
if(n->right){
if(n->right->parent != n){
return 0;
}
if(!avl_check_links(n->right)){
return 0;
}
}
return 1;
}
void avl_swap_nodes(avl_node *a, avl_node *b, size_t size){
avl_node a_l = *a, b_l = *b;
char tmp[sizeof(avl_node) + size];
memcpy(tmp, a, sizeof(avl_node) + size);
memcpy(a, b, sizeof(avl_node) + size);
memcpy(b, tmp, sizeof(avl_node) + size);
if(a_l.left){
a_l.left->parent = b;
}
if(a_l.right){
a_l.right->parent = b;
}
if(b_l.left){
b_l.left->parent = a;
}
if(b_l.right){
b_l.right->parent = a;
}
if(a_l.parent){
if(a_l.parent->left == a){
a_l.parent->left = b;
}else{
a_l.parent->right = b;
}
}
if(b_l.parent){
if(b_l.parent->left == b){
b_l.parent->left = a;
}else{
b_l.parent->right = a;
}
}
if(a_l.parent == b){
if(b_l.left == a){
b->left = a_l.left;
a->left = b;
}else{
b->right = a_l.right;
a->right = b;
}
a->parent = b_l.parent;
b->parent = a;
}else if(b_l.parent == a){//GDB stops here on a watch -l a->right
if(a_l.left == b){
a->left = b_l.left;
b->left = a;
}else{
a->right = b_l.right;
b->right = a;
}
b->parent = a_l.parent;
a->parent = b;
}
assert(avl_check_links(avl_root(a)));
assert(avl_check_links(avl_root(b)));
}
int main(void){
avl_node a, b, c, d;
a = (avl_node){.right=&b};
b = (avl_node){.left=&c, .right=&d, .parent=&a};
c = (avl_node){.parent=&b};
d = (avl_node){.parent=&b};
assert(avl_check_links(avl_root(&a)));
avl_swap_nodes(&b, &c, 0);
}
Why does GDB stop on the wrong line? 为什么GDB停在错误的行上? I think it may have to do with the fact that I am using vgdb: it also skips some lines when I single step. 我认为这可能与我使用vgdb有关:当我单步执行时,它还会跳过一些行。 Also why is a->right changed a second time at all? 还有为什么第二次更改a->right ? Thank you. 谢谢。
You can get this file to run with reasonably recent versions of gcc, gdb, and valgrind by doing gcc -g -o main main.c , valgrind --vgdb=yes --vgdb-error=0 ./main& , gdb main , tar rem | vgdb 您可以通过执行gcc -g -o main main.c , valgrind --vgdb=yes --vgdb-error=0 ./main& gdb main来使此文件与gcc,gdb和valgrind的合理最新版本一起运行。 tar rem | vgdb tar rem | vgdb , b avl_swap_nodes , c , watch -l a->right , and then get rid of the vgdb process neatly by doing c repeatedly and then Ctrl-d or kill and then Ctrl-d . tar rem | vgdb , b avl_swap_nodes , c , watch -l a->right ,然后通过反复执行c ,然后依次Ctrl-d或kill ,然后Ctrl-d整洁地摆脱vgdb进程。
1 个解决方案
解决方案1
0 已采纳 2016-04-20 00:12:47
I figured this out and it isn't fun so I'm going to answer my own question. 我发现了这一点,但这很不好玩,所以我要回答自己的问题。 The node swapping code is wrong. 节点交换代码错误。 Here is a version that works 这是一个有效的版本
#include <stddef.h>
void avl_swap_nodes(avl_node *a, avl_node *b, size_t size){
avl_node a_l = *a, b_l = *b;
char tmp[offsetof(avl_node, data) + size];
memcpy(tmp, a, offsetof(avl_node, data) + size);
memcpy(a, b, offsetof(avl_node, data) + size);
memcpy(b, tmp, offsetof(avl_node, data) + size);
if(a_l.parent == b){
if(b_l.left == a){
a->left = b;
}else{
a->right = b;
}
b->parent = a;
if(a->parent){
if(a->parent->left == b){
a->parent->left = a;
}else{
a->parent->right = a;
}
}
}else if(b_l.parent == a){
if(a_l.left == b){
b->left = a;
}else{
b->right = a;
}
a->parent = b;
if(b->parent){
if(b->parent->left == a){
b->parent->left = b;
}else{
b->parent->right = b;
}
}
}else{
if(a->parent){
if(b->parent == a->parent){
if(a->parent->left == b){
a->parent->left = a;
b->parent->right = b;
}else{
a->parent->right = a;
b->parent->left = b;
}
}else{
if(a->parent->left == b){
a->parent->left = a;
}else{
a->parent->right = a;
}
}
}
if(b->parent && b->parent != a->parent){
if(b->parent->left == a){
b->parent->left = b;
}else{
b->parent->right = b;
}
}
}
if(a->left){
a->left->parent = a;
}
if(a->right){
a->right->parent = a;
}
if(b->left){
b->left->parent = b;
}
if(b->right){
b->right->parent = b;
}
ASSERT_ALL(avl_root(a));
ASSERT_ALL(avl_root(b));
}
The reason why GDB is reporting the watchpoint on the wrong line is because a previous memory write overflows. GDB之所以在错误的行上报告监视点,是因为先前的内存写入溢出。 This can happen for example when you use movq instead of movb in assembly, or when you do char a; ((int*)&a) = (int)0; 例如,在汇编中使用movq而不是movb时,或者执行char a; ((int*)&a) = (int)0;时,可能会发生这种情况char a; ((int*)&a) = (int)0; char a; ((int*)&a) = (int)0; in C, or when you memcpy more than you meant to. 在C,或当您memcpy超过你的意思。 This last one is what is causing problems in my code. 这最后一个是导致我的代码出现问题的原因。 Consider the struct struct A{int a; char b[];); 考虑结构struct A{int a; char b[];); struct A{int a; char b[];); . 。 sizeof(struct A) is probably 8 because of structure padding, but offsetof(struct A, b) is probably 4. Therefore if we calculate the size of the struct A together with the data in the flexible array at the end by adding the data size to sizeof(struct A) , we will calculate a value 4 bytes greater than it should be. 由于结构的填充, sizeof(struct A)可能为8,而offsetof(struct A, b)可能为4。因此,如果我们通过添加数据来计算struct A的大小以及最后在灵活数组中的数据, size到sizeof(struct A) ,我们将计算一个比其应该大4个字节的值。 The solution is to use offsetof(struct A, b); 解决方案是使用offsetof(struct A, b); instead. 代替。
The reason why GDB is skipping lines is because I was using valgrind --vgdb=yes instead of valgrind --vgdb=full . GDB跳过行的原因是因为我使用的是valgrind --vgdb=yes而不是valgrind --vgdb=full 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.