我struct bbb在kill程序中释放最后一个变量时遇到程序崩溃.但为什么呢?假设某处出现问题free.
struct bbb
{
struct bbb * h;
char a [256];
int i;
};
void kill(struct bbb * value)
{
if (value!=NULL)
{
kill(value->h);
printf("killing %s\n", value->a);
free(value);
printf("killed\n");
value=NULL;
}
}
void ins(struct bbb * b, struct bbb * a )
{
b->h= malloc(sizeof(struct bbb ) );
b->h[0]=*a;
}
int main(void) {
struct bbb a;
struct bbb b;
struct bbb c;
//ss=s;
sprintf(a.a,"aaa" );
sprintf(b.a,"bbb" );
sprintf(c.a,"ccc" );
ins(&b,&c);
ins(&a,&b);
kill(&a);
//printf("a.a=%s\n",a.a);
return EXIT_SUCCESS;
}
输出:
killing ccc
killed
killing bbb
killed
killing aaa
*** glibc detected *** /home/aaa/workspace_train/SmallTest/Debug/SmallTest: double free or corruption (out): 0x00007ffff0fe3d20 ***
======= Backtrace: =========
/lib/x86_64-linux-gnu/libc.so.6(+0x7eb96)[0x7fa77ec56b96]
/home/gedas/workspace_train/SmallTest/Debug/SmallTest(kill+0x48)[0x400e15]
/home/gedas/workspace_train/SmallTest/Debug/SmallTest[0x400ef9]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xed)[0x7fa77ebf976d]