malloc问题，C中的内存泄漏

Question

我很难弄清楚我的程序出了什么问题。我正在尝试通过在createNode函数中创建节点，然后使用addNode将它们添加到列表头部来创建链接列表。当我尝试创建节点并且出现分段错误时，程序失败。

#include<stdlib.h> 
#include<stdio.h> 
#include<string.h> 
#include "list.h" 

struct listnode { 
    int line; 
    char *word; 
    struct lnode *next; 
}; 


struct listnode* createNode (char* word, int line) { 
    int strlen1 = strlen(word)+1; 
    struct lnode *node = malloc(sizeof(struct lnode)); 
    node->word = malloc(sizeof(char)*strlen1); 
    strcpy(node->word,word); 
    node->word[strlen1] = '\0'; 
    node->next = NULL; 
    node->line = line; 
    return node; 
} 


void addNode (struct listnode** head, struct listnode* node) { 
    if ((*head)==NULL){ 
    head = &node; 
    } 
    else if((*head)->next!=NULL){ 
     struct lnode *temp = *head; 
     node->next = *head; 
    }else if(*head!=NULL&&(*head)->next==NULL){ 
     (*head->next) = node; 
    } 
    } 

通过运行Valgrind的程序产生以下错误：

==14661== Command: ./testlist 
==14661== 
==14661== Invalid write of size 1 
==14661== at 0x4006E3: createNode (in /u/data/u95/testprogs/testlist) 
==14661== by 0x40091C: main (in /u/data/u95/testprogs/testlist) 
==14661== Address 0x51dc0a6 is 0 bytes after a block of size 6 alloc'd 
==14661== at 0x4C2AF5D: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64 linux.so) 
==14661== by 0x4006AF: createNode (in /u/data/u95/testprogs/testlist) 
==14661== by 0x40091C: main (in /u/data/u95/testprogs/testlist) 
==14661== 
==14661== Use of uninitialised value of size 8 
==14661== at 0x40071C: addNode (in /u/data/u95/testprogs/testlist) 
==14661== by 0x400933: main (in /u/data/u95/testprogs/testlist) 
==14661== Uninitialised value was created by a stack allocation 
==14661== at 0x4008E8: main (in /u/data/u95/testprogs/testlist) 
==14661== 
==14661== Invalid read of size 8 
==14661== at 0x40071C: addNode (in /u/data/u95/testprogs/testlist) 
==14661== by 0x400933: main (in /u/data/u95/testprogs/testlist) 
==14661== Address 0x0 is not stack'd, malloc'd or (recently) free'd 
==14661== 
==14661== 
==14661== Process terminating with default action of signal 11 (SIGSEGV) 
==14661== Access not within mapped region at address 0x0 
==14661== at 0x40071C: addNode (in /u/data/u95/testprogs/testlist) 
==14661== by 0x400933: main (in /u/data/u95/testprogs/testlist) 
==14661== If you believe this happened as a result of a stack 
==14661== overflow in your program's main thread (unlikely but 
==14661== possible), you can try to increase the size of the 
==14661== main thread stack using the --main-stacksize= flag. 
==14661== The main thread stack size used in this run was 8388608. 

我是新的C和我不知道为什么被抛出这些错误。有人可以帮忙吗？

Answer 1

我找不到lnode的定义。是否与listnode相同？

addNode错误地设置头元素并且没有正确地找到长列表的尾部。它应该像

void addNode(struct listnode** head, struct listnode* node) { 
    if ((*head)==NULL){ 
     *head = node; 
    } 
    else { 
     struct listnode* tail = *head; 
     while (tail->next != NULL) { 
      tail = tail->next; 
     } 
     tail->next = node; 
    } 
} 

你失踪的*head赋值为一个空列表。设置head的值改变了本地指针，但不改变调用者的指针。对于更长的列表，您需要遍历所有成员以查找尾部。

这可能会修复您的Use of uninitialised value of size 8错误。如果没有，你需要告诉我们代码addNode。

createNode可以简化word分配/初始化到

node->word = malloc(strlen(word)+1); 
strcpy(node->word,word); 

你并不需要设置一个空终止 - strcpy会复制这个给你。而且，正如William Pursell所指出的那样，这实际上是一个重要的改变，因为它避免了你在字符串末尾写作。这将修复您的Invalid write of size 1错误。

Answer 2

以下是保证是错误的：

node->word = malloc(sizeof(char)*strlen1); 
... 
node->word[strlen1] = '\0'; 

你的字分配strlen1字节，所以你可能是指：

node->word[strlen1 - 1] = '\0'; 

注意，你甚至都不需要编写一个空字节，因为strcpy是为你做的。目前还不清楚代码中有哪些其他错误，在修复此错误之前并不值得寻找。