C代碼中的分段錯誤

Question

以下代碼使用在代碼末尾看到的for循環和字符數組來打印需要打印的消息，但是循環完成后會發生分段錯誤，並且我無法找出原因。

#include "bmp.h"

void extractMessage(BMPfile bmpfile) 
{
void extractMessage(BMPfile bmpfile) 
{
    short index = 0;
char word[16];
unsigned char letter = 0;
unsigned char count = 0;
unsigned char temp;
int width = getWidth(bmpfile);
int height = getHeight(bmpfile);
printf("The image has %d x %d pixels\n", width, height);
for (int y = 0 ; y < height ; y++) 
{
    for (int x = 0 ; x < width ; x++) 
    {
        pixel p = getPixel(bmpfile, x, y);  /* read pixel */        
        temp = p.green & 0x01;
        letter = letter << 1;
        letter = letter + temp;         
        count += 1;  
        if(count == 8){
            word[index] = letter;
            index += 1;
            count = 0;} 
        if  (letter == '0')
        {
            break;
        }   
    }
}
    for (int x=0; x < 16; x++)
    {
    printf("%c",word[x]);
    }
}

此外，Valgrind還提供了以下信息，我不知道該如何解釋。

Memcheck, a memory error detector
==13094== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==13094== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==13094== Command: ./p1 picture.bmp
==13094== 
The image has 450 x 683 pixels
==13094== Invalid write of size 1
==13094==    at 0x400845: extractMessage (in /home/hauger3/hauger3/cs398/Lab2/p1)
==13094==    by 0x400C72: main (in /home/hauger3/hauger3/cs398/Lab2/p1)
==13094==  Address 0x7ff001000 is not stack'd, malloc'd or (recently) free'd
==13094== 
==13094== 
==13094== Process terminating with default action of signal 11 (SIGSEGV)
==13094==  Access not within mapped region at address 0x7FF001000
==13094==    at 0x400845: extractMessage (in /home/hauger3/hauger3/cs398/Lab2/p1)
==13094==    by 0x400C72: main (in /home/hauger3/hauger3/cs398/Lab2/p1)
==13094==  If you believe this happened as a result of a stack
==13094==  overflow in your program's main thread (unlikely but
==13094==  possible), you can try to increase the size of the
==13094==  main thread stack using the --main-stacksize= flag.
==13094==  The main thread stack size used in this run was 10485760.
==13094== 
==13094== HEAP SUMMARY:
==13094==     in use at exit: 568 bytes in 1 blocks
==13094==   total heap usage: 1 allocs, 0 frees, 568 bytes allocated
==13094== 
==13094== LEAK SUMMARY:
==13094==    definitely lost: 0 bytes in 0 blocks
==13094==    indirectly lost: 0 bytes in 0 blocks
==13094==      possibly lost: 0 bytes in 0 blocks
==13094==    still reachable: 568 bytes in 1 blocks
==13094==         suppressed: 0 bytes in 0 blocks
==13094== Rerun with --leak-check=full to see details of leaked memory
==13094== 
==13094== For counts of detected and suppressed errors, rerun with: -v
==13094== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 6 from 6)
Segmentation fault
[hauger3@linux6 Lab2]$ valgrind --leak-check=full ./p1 picture.bmp 
==19793== Memcheck, a memory error detector
==19793== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==19793== Using Valgrind-3.6.0 and LibVEX; rerun with -h for copyright info
==19793== Command: ./p1 picture.bmp
==19793== 
The image has 450 x 683 pixels
==19793== Invalid write of size 1
==19793==    at 0x400845: extractMessage (in /home/hauger3/hauger3/cs398/Lab2/p1)
==19793==    by 0x400C72: main (in /home/hauger3/hauger3/cs398/Lab2/p1)
==19793==  Address 0x7ff001000 is not stack'd, malloc'd or (recently) free'd
==19793== 
==19793== 
==19793== Process terminating with default action of signal 11 (SIGSEGV)
==19793==  Access not within mapped region at address 0x7FF001000
==19793==    at 0x400845: extractMessage (in /home/hauger3/hauger3/cs398/Lab2/p1)
==19793==    by 0x400C72: main (in /home/hauger3/hauger3/cs398/Lab2/p1)
==19793==  If you believe this happened as a result of a stack
==19793==  overflow in your program's main thread (unlikely but
==19793==  possible), you can try to increase the size of the
==19793==  main thread stack using the --main-stacksize= flag.
==19793==  The main thread stack size used in this run was 10485760.
==19793== 
==19793== HEAP SUMMARY:
==19793==     in use at exit: 568 bytes in 1 blocks
==19793==   total heap usage: 1 allocs, 0 frees, 568 bytes allocated
==19793== 
==19793== LEAK SUMMARY:
==19793==    definitely lost: 0 bytes in 0 blocks
==19793==    indirectly lost: 0 bytes in 0 blocks
==19793==      possibly lost: 0 bytes in 0 blocks
==19793==    still reachable: 568 bytes in 1 blocks
==19793==         suppressed: 0 bytes in 0 blocks
==19793== Reachable blocks (those to which a pointer was found) are not shown.
==19793== To see them, rerun with: --leak-check=full --show-reachable=yes
==19793== 
==19793== For counts of detected and suppressed errors, rerun with: -v
==19793== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 6 from 6)
Segmentation fault

Answer 1

當您嘗試訪問不屬於您的程序的內存時，將發生分段錯誤。 這通常通過以下方式發生：

1. 通過取消引用指向不屬於您的程序的內存位置的指針。 這可以是NULL指針，關聯的內存已被釋放的指針或未初始化的指針。
2. 通過訪問超出數組邊界的數組元素。

因為您不使用任何指針，所以建議您專注於第二項。 檢查索引是否總是>= 0和< 16 。 每次訪問數組之前的assert()都會對您有所幫助。

Answer 2

這可能是因為您的：

if(count == 8){
            word[index] = letter;
            index += 1;
            count = 0;
}

您的索引可能超出給定范圍（> = 0 && <16）