我有以下文件test.c:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#define LEXER_INC(l) ( (l)->pos++ )
#define isCidstart(c) (isalpha(c) || (c)=='_')
#define isCident(c) (isalnum(c) || (c)=='_')
typedef struct LexerState
{
const char *fileName;
const char *sourceText;
int sourceLength;
const char *pos;
const char *end;
int line;
} LexerState;
typedef enum LexerToken
{
TokenHalt,
TokenPush,
TokenPop,
TokenEndOfLine,
TokenEOF,
TokenNone
} LexerToken;
typedef struct ReservedWord
{
const char *word;
LexerToken token;
} ReservedWord;
static ReservedWord reservedWords[] =
{
{"halt", TokenHalt},
{"push", TokenPush},
{"pop", TokenPop}
};
void lexerInit(LexerState *lexer)
{
lexer->fileName = "test.s";
lexer->sourceText = "pop\r\npush\r\nhalt\r\n"; // read from file
lexer->sourceLength = strlen(lexer->sourceText); // 17
lexer->pos = lexer->sourceText; // pointing to first char of lexer->sourceText
lexer->end = lexer->sourceText + lexer->sourceLength; // end of lexer->sourceText string, i.e. '\0'
lexer->line = 1;
}
LexerToken lexerCheckReservedWord(const char *word)
{
for (int count = 0; count < (sizeof(reservedWords) / sizeof(ReservedWord)); count++)
{
if (!strcmp(word, reservedWords[count].word))
return reservedWords[count].token;
}
return TokenNone;
}
LexerToken lexerGetWord(LexerState *lexer)
{
const char *startPos = lexer->pos;
LexerToken token = TokenNone;
char *word;
int len;
do
{
LEXER_INC(lexer);
}
while (lexer->pos != lexer->end && isCident(*lexer->pos));
len = lexer->pos - startPos;
word = malloc(len + 1); /* (len + 1) for '\0' ending */
strncpy(word, startPos, len);
word[len] = '\0';
token = lexerCheckReservedWord(word);
return token;
}
LexerToken lexerGetToken(LexerState *lexer)
{
char thisChar;
/* Skip white characters */
while (lexer->pos != lexer->end && isspace(*lexer->pos))
{
if (*lexer->pos == '\n')
{
/* New line found */
lexer->line++;
LEXER_INC(lexer);
return TokenEndOfLine;
}
LEXER_INC(lexer);
}
if (lexer->pos == lexer->end || *lexer->pos == '\0')
{
return TokenEOF;
}
thisChar = *lexer->pos;
if (isCidstart(thisChar))
{
return lexerGetWord(lexer);
}
return TokenEOF;
}
int main(int argc, const char *argv[])
{
LexerState *lexer;
LexerToken token;
lexer = malloc(sizeof(lexer));
lexerInit(lexer);
while ((token = lexerGetToken(lexer)) != TokenEOF)
{
printf("token %d\n", token);
}
return EXIT_SUCCESS;
}
使用gdb该函数进行调试时lexerGetWord,我意识到执行该行后word = malloc((len + 1) * sizeof(char));,lexer->pos指针地址会更改为某个数字(在我的情况下0x23):
82 len = lexer->pos - startPos;
(gdb) next
83 word = malloc(len + 1); // (len + 1) for '\0' ending
(gdb) print len
$1 = 3
(gdb) print lexer->pos
$2 = 0x60003b1b3 "\r\npush\r\nhalt\r\n"
从字串()lexer->pos取得字词后,这里指向这个地址"pop"lexer->sourceText"pop\r\npush\r\nhalt\r\n"
(gdb) next
84 strncpy(word, startPos, len);
(gdb) print lexer->pos
$3 = 0x23 <error: Cannot access memory at address 0x23>
但是在malloc执行之后,指针会更改其地址,从而在之后产生Segmentation fault。
$ gcc test.c -o test
$ ./test
token 2
Segmentation fault (core dumped)
我做错了什么?
编辑
这仅在Cygwin gcc中发生。我尝试了MinGW,并且一切正常。
$ uname -a
CYGWIN_NT-6.3 Stepan 2.9.0(0.318/5/3) 2017-09-12 10:18 x86_64 Cygwin
问题出在main:
lexer = malloc(sizeof(lexer));
您正在为指针分配足够的空间,而不是指针指向的空间。结果,您最终将写入超出分配的内存末尾的位置。这会调用未定义的行为。
您需要空间来lexer指向:
lexer = malloc(sizeof(*lexer));
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句