[英]valgrind detects memory leak but application works
由於此功能,我編寫了一個能夠讀取sqlite數據庫的應用程序:
struct query_res excucute_sql_statement(char *database, char *zSQL){
sqlite3 *conn;
sqlite3_stmt *res;
const char *tail, *buf, *zErrMsg;
struct query_res q_res;
char table[MAXSTMTNUM][MAXCOLNUM][MAXSTRINGLEN];
q_res.table = table;
q_res.num = 0;
int maxtry = 5, try = 0;
while (sqlite3_open(database, &conn)) {
if (try > maxtry)
break;
printf("Can not open database \'%s\'. %s\n", database, sqlite3_errmsg(conn));
usleep(50000);
try ++;
}
if (sqlite3_exec(conn, zSQL, callback, &q_res, &zErrMsg)){
printf("Excecuting %s\n", zSQL);
printf("We did not get any data! error %s\n",zErrMsg);
if(sqlite3_finalize(conn))
printf("Can not finalize database. %s\n", sqlite3_errmsg(conn));
if(sqlite3_close(conn))
printf("Can not close database. %s\n", sqlite3_errmsg(conn));
return q_res;
}
sqlite3_free(zSQL);
if(sqlite3_close(conn))
printf("Can not close database. %s\n", sqlite3_errmsg(conn));
return q_res;
}
對於返回的每一行,函數回調稱為:
static int callback(void *buf, int argc, char **argv, char **azColName){
int i;
struct query_res *q_res;
q_res = (struct query_res *)buf;
if (q_res->num >= MAXSTMTNUM)
return 0;
q_res->table[q_res->num] = calloc(argc, sizeof(char *));
for(i=0; i<argc; i++){
if (i >= MAXCOLNUM)
break;
q_res->table[q_res->num][i] = calloc(((strlen(argv[i]) < MAXSTRINGLEN) ? strlen(argv[i]) : MAXSTRINGLEN), sizeof(char));
strncpy(q_res->table[q_res->num][i], argv[i], ((strlen(argv[i]) < MAXSTRINGLEN) ? strlen(argv[i]) : MAXSTRINGLEN));
}
q_res->num ++;
return 0;
}
這是調用excucute_sql_statement
的代碼的摘錄:
struct query_res res;
res = excucute_sql_statement(database, zSQL);
directions = malloc(sizeof (struct direction_list));
directions->directions = calloc(5, sizeof (struct direction));
double cur_dist, min_dist = 30;
float s_lat, s_lon, e_lat, e_lon;
directions->direction_num = 0;
//printf("Res table num %d\n", res.num);
//printf("First elem %s\n", res.table[0][0]);
for (i = 0 ; i < res.num ; i++){
//printf("%d. %s|%s|%s|%s|%s|%s\n", i, res.table[i][0], res.table[i][1], res.table[i][2], res.table[i][3], res.table[i][4], res.table[i][5]);
sscanf(res.table[i][1], "%g", &s_lat);
sscanf(res.table[i][2], "%g", &s_lon);
sscanf(res.table[i][3], "%g", &e_lat);
sscanf(res.table[i][4], "%g", &e_lon);
sscanf(res.table[i][0], "%d", &rs);
sscanf(res.table[i][5], "%d", &rp);
//printf("New seg start: %g,%g end %g,%g rs %d rp %d\n", s_lat, s_lon, e_lat, e_lon, rs, rp);
cur_dist = (gps_distance(location.lat, location.lon, s_lat, s_lon)
+ gps_distance(location.lat, location.lon, e_lat, e_lon)) / 2;
//printf("Current direction num %d \n", directions->direction_num);
//printf("cur_dist %f\n", cur_dist);
if (cur_dist < min_dist){
directions->directions[0] = fill_direction(rs, rp, database);
directions->direction_num = 1;
min_dist = cur_dist;
}
else if (cur_dist == min_dist){
directions->directions[directions->direction_num] = fill_direction(rs, rp, database);
directions->direction_num ++;
}
}
這些函數可以正常工作並給出預期的結果,但是在運行valgrind時,我有以下輸出:
==22808== Thread 2:
==22808== Invalid read of size 4
==22808== at 0x804946B: get_all_possible_directions (util.c:240)
==22808== by 0x8049D73: start_direction_detection (direction_detection.c:293)
==22808== by 0x40C41C88: ???
==22808== Address 0x4f03690 is not stack'd, malloc'd or (recently) free'd
==22808==
==22808== Invalid read of size 1
==22808== at 0x402F5C3: __GI___rawmemchr (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==22808== by 0x40C246E: _IO_str_init_static_internal (strops.c:44)
==22808== by 0x8049D73: start_direction_detection (direction_detection.c:293)
==22808== by 0x40C41C88: ???
==22808== Address 0x45aa01b is 0 bytes after a block of size 11 alloc'd
==22808== at 0x402B965: calloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==22808== by 0x8048F59: callback (util.c:57)
==22808==
==22808== Invalid read of size 4
==22808== at 0x8049487: get_all_possible_directions (util.c:241)
==22808== by 0x8049D73: start_direction_detection (direction_detection.c:293)
==22808== by 0x40C41C88: ???
==22808== Address 0x4f03690 is not stack'd, malloc'd or (recently) free'd
等等 ...
請注意,第240行對應於第一個scanf語句。
我認為表初始化有問題。 也許在這里:
q_res->table[q_res->num] = calloc(argc, sizeof(char *));
您知道為什么valgrind會觸發此錯誤嗎?
謝謝
[評論更新:]
struct query_res
由char ***table
和int num
。
在excucute_sql_statement()
,這里
q_res.table = table;
您正在將對堆棧本地存儲( table
)的引用復制到該函數返回的結構中。
函數返回后,堆棧本地存儲將變為無效,因此在函數返回后,結構的成員table
引用無效(未分配)的內存。
要修復此修改的excucute_sql_statement()
struct query_res excucute_sql_statement(char *database, char *zSQL)
{
[...]
/* char table[MAXSTMTNUM][MAXCOLNUM][MAXSTRINGLEN]; */ /* Delete this line. */
q_res.table = NULL;
q_res.num = 0;
和callback()
static int callback(void *buf, int argc, char **argv, char **azColName)
{
size_t i;
struct query_res * q_res = (struct query_res *) buf;
/* Resize statement table, adding one new entry. */
q_res->table = realloc(q_res->table, (q_res->num + 1) * sizeof(*q_res->table));
/* Allocate new argument table. */
/* (Allocate +1 for a stopper element which stays NULL to be able to detect the end of the table.) */
q_res->table[q_res->num] = calloc(argc + 1, sizeof(*q_res->table[q_res->num]));
for(i=0; i<argc; ++i)
{
/* Allocate entry for argument, that is characters for argument. */
q_res->table[q_res->num][i] = malloc(strlen(argv[i]) + 1);
/* Copy argument. */
strcpy(q_res->table[q_res->num][i], argv[i]);
}
q_res->num++;
return 0;
}
(另)
還請注意,整個代碼(您和我的代碼)都缺少正確的錯誤檢查。 在這里,尤其是對malooc/calloc/realloc
的分配調用的重新調整后的值應針對NULL
進行測試!
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.