- 论坛徽章:
- 0
|
==22007== Use of uninitialised value of size 4
==22007== at 0xBBC0C5: mempcpy (in /lib/tls/libc-2.3.4.so)
==22007== by 0xB8F1FE: vfprintf (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBAC6C5: vsnprintf (in /lib/tls/libc-2.3.4.so)
==22007== by 0xB94491: snprintf (in /lib/tls/libc-2.3.4.so)
==22007==
==22007== Thread 5:
==22007== Mismatched free() / delete / delete []
==22007== at 0x4005389: operator delete(void*) (vg_replace_malloc.c:244)
==22007== by 0x80735FE: msn_command::reset() (msn_command.cpp:61)
==22007== by 0x80A8EE0: do_msnread(void*, int, void*) (msn_proc.cpp:54)
==22007== by 0x804C576: high_poll::wait_event(int& (high_poll.cpp:351)
==22007== Address 0x8A520D0 is 0 bytes inside a block of size 6,602 alloc'd
==22007== at 0x4004D49: operator new[](unsigned) (vg_replace_malloc.c:195)
==22007== by 0x8078531: msn_command::set_followlen(unsigned) (msn_command.cpp:370)
==22007== by 0x807B34F: msn_connect::do_flowfilelen() (msn_connect.h:96)
==22007== by 0x807A7EF: msn_connect::do_complier() (msn_connect.cpp:174)
==22007==
==22007== Thread 6:
==22007== Conditional jump or move depends on uninitialised value(s)
==22007== at 0xBCC6B5: __offtime (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCE8F1: __tz_convert (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCCA1F: localtime (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCC8E0: ctime (in /lib/tls/libc-2.3.4.so)
==22007==
==22007== Thread 4:
==22007== Use of uninitialised value of size 4
==22007== at 0x8527A3: BN_num_bits_word (in /lib/libcrypto.so.0.9.7a)
==22007== by 0x85C3F0: (within /lib/libcrypto.so.0.9.7a)
==22007== by 0x85E5AD: RSA_public_encrypt (in /lib/libcrypto.so.0.9.7a)
==22007== by 0x9309D5: (within /lib/libssl.so.0.9.7a)
==22007==
==22007== Use of uninitialised value of size 4
==22007== at 0x8527A3: BN_num_bits_word (in /lib/libcrypto.so.0.9.7a)
==22007== by 0x853096: BN_bn2bin (in /lib/libcrypto.so.0.9.7a)
==22007== by 0x85C415: (within /lib/libcrypto.so.0.9.7a)
==22007== by 0x85E5AD: RSA_public_encrypt (in /lib/libcrypto.so.0.9.7a)
==22007==
==22007== Thread 6:
==22007== Conditional jump or move depends on uninitialised value(s)
==22007== at 0xBCC494: __offtime (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCE8F1: __tz_convert (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCCA1F: localtime (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCC8E0: ctime (in /lib/tls/libc-2.3.4.so)
==22007==
==22007== Conditional jump or move depends on uninitialised value(s)
==22007== at 0xBCC698: __offtime (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCE8F1: __tz_convert (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCCA1F: localtime (in /lib/tls/libc-2.3.4.so)
==22007== by 0xBCC8E0: ctime (in /lib/tls/libc-2.3.4.so)
==22007==
==22007== Thread 5:
==22007== Invalid write of size 1
==22007== at 0x40065C2: memcpy (mc_replace_strmem.c:406)
==22007== by 0x8073DFB: msn_command::to_bin(char*, unsigned& (msn_command.cpp:196)
==22007== by 0x80833E9: msn_user::ActiveSendCommand(msn_command_links*, msn_connect*) (msn_user.cpp:262)
==22007== by 0x80A8ED2: do_msnread(void*, int, void*) (msn_proc.cpp:51)
==22007== Address 0x8B48491 is 0 bytes after a block of size 8,193 alloc'd
==22007== at 0x4004D49: operator new[](unsigned) (vg_replace_malloc.c:195)
==22007== by 0x804BE49: highpoll_block::set_buff(int) (high_poll.cpp:57)
==22007== by 0x8060BE8: connection::connection(high_poll*, unsigned, unsigned) (connection.cpp:31)
==22007== by 0x8079593: msn_connect::msn_connect(conncet_type, msn_user*, high_poll*) (msn_connect.cpp:10)
==22007==
==22007== Invalid write of size 1
==22007== at 0x40065C8: memcpy (mc_replace_strmem.c:406)
==22007== by 0x8073DFB: msn_command::to_bin(char*, unsigned& (msn_command.cpp:196)
==22007== by 0x80833E9: msn_user::ActiveSendCommand(msn_command_links*, msn_connect*) (msn_user.cpp:262)
==22007== by 0x80A8ED2: do_msnread(void*, int, void*) (msn_proc.cpp:51)
==22007== Address 0x8B48492 is 1 bytes after a block of size 8,193 alloc'd
==22007== at 0x4004D49: operator new[](unsigned) (vg_replace_malloc.c:195)
==22007== by 0x804BE49: highpoll_block::set_buff(int) (high_poll.cpp:57)
==22007== by 0x8060BE8: connection::connection(high_poll*, unsigned, unsigned) (connection.cpp:31)
==22007== by 0x8079593: msn_connect::msn_connect(conncet_type, msn_user*, high_poll*) (msn_connect.cpp:10)
==22007==
==22007== Invalid write of size 1
==22007== at 0x40065CE: memcpy (mc_replace_strmem.c:406)
==22007== by 0x8073DFB: msn_command::to_bin(char*, unsigned& (msn_command.cpp:196)
==22007== by 0x80833E9: msn_user::ActiveSendCommand(msn_command_links*, msn_connect*) (msn_user.cpp:262)
==22007== by 0x80A8ED2: do_msnread(void*, int, void*) (msn_proc.cpp:51)
==22007== Address 0x8B48493 is 2 bytes after a block of size 8,193 alloc'd
==22007== at 0x4004D49: operator new[](unsigned) (vg_replace_malloc.c:195)
==22007== by 0x804BE49: highpoll_block::set_buff(int) (high_poll.cpp:57)
==22007== by 0x8060BE8: connection::connection(high_poll*, unsigned, unsigned) (connection.cpp:31)
==22007== by 0x8079593: msn_connect::msn_connect(conncet_type, msn_user*, high_poll*) (msn_connect.cpp:10)
==22007==
==22007== Invalid write of size 1
==22007== at 0x40065D4: memcpy (mc_replace_strmem.c:406)
==22007== by 0x8073DFB: msn_command::to_bin(char*, unsigned& (msn_command.cpp:196)
==22007== by 0x80833E9: msn_user::ActiveSendCommand(msn_command_links*, msn_connect*) (msn_user.cpp:262)
==22007== by 0x80A8ED2: do_msnread(void*, int, void*) (msn_proc.cpp:51)
==22007== Address 0x8B48494 is 3 bytes after a block of size 8,193 alloc'd
==22007== at 0x4004D49: operator new[](unsigned) (vg_replace_malloc.c:195)
==22007== by 0x804BE49: highpoll_block::set_buff(int) (high_poll.cpp:57)
==22007== by 0x8060BE8: connection::connection(high_poll*, unsigned, unsigned) (connection.cpp:31)
==22007== by 0x8079593: msn_connect::msn_connect(conncet_type, msn_user*, high_poll*) (msn_connect.cpp:10)
--22007-- VALGRIND INTERNAL ERROR: Valgrind received a signal 11 (SIGSEGV) - exiting
--22007-- si_code=1; Faulting address: 0x6E24D2A8; sp: 0x6416FE4C
valgrind: the 'impossible' happened:
Killed by fatal signal
==22007== at 0x38019D01: swizzle (m_mallocfree.c:177)
==22007== by 0x3801AD17: unlinkBlock (m_mallocfree.c:976)
==22007== by 0x3801B186: vgPlain_arena_malloc (m_mallocfree.c:1055)
==22007== by 0x3802E85D: vgPlain_cli_malloc (replacemalloc_core.c:101)
==22007== by 0x38001572: vgMemCheck___builtin_new (mc_malloc_wrappers.c:182)
==22007== by 0x3803041B: do_client_request (scheduler.c:115![](static/image/smiley/default/icon_cool.gif)
==22007== by 0x3802FDE9: vgPlain_scheduler (scheduler.c:869)
==22007== by 0x3803FD4E: thread_wrapper (syswrap-linux.c:87)
==22007== by 0x3803FE14: run_a_thread_NORETURN (syswrap-linux.c:120)
==22007== by 0x3803FF15: vgModuleLocal_start_thread_NORETURN (syswrap-linux.c:207)
==22007== by 0x38048BB1: (within /usr/local/lib/valgrind/x86-linux/memcheck)
==22007== by 0x38020739: vgPlain_do_syscall (m_syscall.c:25![](static/image/smiley/default/icon_cool.gif)
==22007== by 0x6416F92B: ???
==22007== by 0x0: ???
==22007== by 0x3: ???
==22007== by 0x3F7: ???
==22007== by 0x6416F95F: ???
==22007== by 0x0: ???
sched status:
running_tid=6
Thread 1: status = VgTs_WaitSys
==22007== at 0xBDC5B6: (within /lib/tls/libc-2.3.4.so)
==22007== by 0x805631A: bt_sleep(unsigned, unsigned, unsigned, unsigned) (bt_tool.cpp:70)
==22007== by 0x80B844F: main (main.cpp:380)
Thread 2: status = VgTs_WaitSys
==22007== at 0xD9BCFC: pthread_cond_timedwait@@GLIBC_2.3.2 (in /lib/tls/libpthread-2.3.4.so)
Thread 3: status = VgTs_WaitSys
==22007== at 0xD9BCFC: pthread_cond_timedwait@@GLIBC_2.3.2 (in /lib/tls/libpthread-2.3.4.so)
Thread 4: status = VgTs_WaitSys
==22007== at 0xD9BCFC: pthread_cond_timedwait@@GLIBC_2.3.2 (in /lib/tls/libpthread-2.3.4.so)
Thread 5: status = VgTs_WaitSys
==22007== at 0xC19D7E: epoll_wait (in /lib/tls/libc-2.3.4.so)
==22007== by 0x80B86C4: do_eventwokerThread(void*) (main.cpp:396)
==22007== by 0xD99340: start_thread (in /lib/tls/libpthread-2.3.4.so)
==22007== by 0xC196FD: clone (in /lib/tls/libc-2.3.4.so)
Thread 6: status = VgTs_Runnable
==22007== at 0x40048DF: operator new(unsigned) (vg_replace_malloc.c:163)
==22007== by 0x2ED851: std::string::_Rep::_S_create(unsigned, unsigned, std::allocator<char> const& (in /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x2EF966: (within /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x2EFB6A: std::string::string(std::string const&, unsigned, unsigned) (in /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x2EFBD6: std::string::substr(unsigned, unsigned) const (in /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x80656F6: do_httppost(int&, _http_request*) (basic_string.h:426)
==22007== by 0x8063D4C: do_httpprocess(void*) (msnhttp.cpp:41)
==22007== by 0xD99340: start_thread (in /lib/tls/libpthread-2.3.4.so)
==22007== by 0xC196FD: clone (in /lib/tls/libc-2.3.4.so)
Thread 7: status = VgTs_WaitSys
==22007== at 0xBDC5B6: (within /lib/tls/libc-2.3.4.so)
==22007== by 0x805631A: bt_sleep(unsigned, unsigned, unsigned, unsigned) (bt_tool.cpp:70)
==22007== by 0x8063DA5: do_httpxmlcmd(void*) (msnhttp.cpp:63)
==22007== by 0xD99340: start_thread (in /lib/tls/libpthread-2.3.4.so)
==22007== by 0xC196FD: clone (in /lib/tls/libc-2.3.4.so)
知道是那个函数的问题吗? 很郁闷, 大概要3天才crash,
==22007== at 0x40048DF: operator new(unsigned) (vg_replace_malloc.c:163)
==22007== by 0x2ED851: std::string::_Rep::_S_create(unsigned, unsigned, std::allocator<char> const& (in /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x2EF966: (within /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x2EFB6A: std::string::string(std::string const&, unsigned, unsigned) (in /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x2EFBD6: std::string::substr(unsigned, unsigned) const (in /usr/lib/libstdc++.so.6.0.3)
==22007== by 0x80656F6: do_httppost(int&, _http_request*) (basic_string.h:426)
==22007== by 0x8063D4C: do_httpprocess(void*) (msnhttp.cpp:41)
我认为是这里了,但是 光一个函数名 解决不了问题啊 |
|