我一直试图理解为什么valgrind抱怨"使用未初始化的大小为8"对于这个使用ucontexts的小型测试程序。 它基本上是一个创建" n_ucs" ucontexts并切换它们为" max_switch"次。
我理解"警告:客户端切换堆栈?" (这基本上就是程序的全部内容),但我对所有"使用未初始化的大小为8&#34的内容都没有意义;
我想得到一些帮助,了解Valgrind错误是否为误报,或者该程序是否存在根本错误。 (我在一个使用相同机制的更大的程序中看到了很多它们,但我已经将它提炼到最低限度以便在这里发布)。
感谢任何帮助。
谢谢,
杰克
#include <stdio.h>
#include <stdlib.h>
#include <sys/time.h>
#include <ucontext.h>
#define STACK_SIZE (8*1024)
int n_ucs = 1;
int max_switchs = 10;
int n_switchs = 0;
int tid = 0;
ucontext_t *ucs;
static ucontext_t engine_uc;
static void func(int arg)
{
while (n_switchs < max_switchs) {
int c_tid = tid;
int n_tid = (tid + 1) % n_ucs;
n_switchs++;
tid = n_tid;
swapcontext(&ucs[c_tid], &ucs[n_tid]);
}
}
int main(int argc, char **argv)
{
if (argc > 1)
n_ucs = atoi(argv[1]);
if (argc > 2)
max_switchs = atoi(argv[2]);
ucs = malloc(sizeof(ucontext_t) * n_ucs);
int i;
for (i = 0; i < n_ucs; i++) {
/* Create initial ucontext_t, including stack */
getcontext(&ucs[i]);
ucs[i].uc_stack.ss_sp = malloc(STACK_SIZE);
ucs[i].uc_stack.ss_size = STACK_SIZE;
ucs[i].uc_stack.ss_flags = 0;
ucs[i].uc_link = &engine_uc;
makecontext(&ucs[i], (void (*)())func, 1, i);
}
/* jump to the first uc */
swapcontext(&engine_uc, &ucs[tid]);
/* destroy stacks */
for (i = 0; i < n_ucs; i++)
free(ucs[i].uc_stack.ss_sp);
free(ucs);
return 0;
}
使用 gcc main.c 进行编译并使用 ./ a.out 2 2
运行gcc -v
使用内置规格。 COLLECT_GCC = GCC COLLECT_LTO_WRAPPER = / usr / lib中/ GCC / x86_64的-Linux的GNU / 4.8 / LTO-包装 目标:x86_64-linux-gnu配置为:../ src / configure -v --with-pkgversion =&#39; Ubuntu 4.8.2-19ubuntu1&#39; --with-bugurl = file:///usr/share/doc/gcc-4.8/README.Bugs --enable-languages = c,c ++,java,go,d,fortran,objc,obj-c ++ --prefix = / usr --program-suffix = -4.8 --enable-shared --enable-linker-build-id --libexecdir = / usr / lib --without-included-gettext --enable-threads = posix --with -gxx-include-dir = / usr / include / c ++ / 4.8 --libdir = / usr / lib --enable-nls --with-sysroot = / --enable-clocale = gnu --enable-libstdcxx-debug - -enable-libstdcxx-time = yes --enable-gnu-unique-object --disable-libmudflap --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt = gtk --enable-gtk-cairo --with-java-home = / usr / lib / jvm / java-1.5.0-gcj-4.8-amd64 / jre --enable-java-home --with-jvm-root- dir = / usr / lib / jvm / java-1.5.0-gcj-4.8-amd64 --with-jvm-jar-dir = / usr / lib / jvm-exports / java-1.5.0-gcj-4.8-amd64 --with-arch-directory = amd64 --with-ecj-jar = / usr / share / java / eclipse-ecj.jar --enable-objc-gc --enable-multiarch --disable-werror --with- arch-32 = i686 --with-abi = m64 --with-multilib-list = m32,m64,mx32 --with-tune = generic --enab le-checking = release --build = x86_64-linux-gnu --host = x86_64-linux-gnu --target = x86_64-linux-gnu线程模型:posix gcc版本4.8.2(Ubuntu 4.8.2-19ubuntu1)< / p>
ldd --version
ldd(Ubuntu EGLIBC 2.19-0ubuntu6.3)2.19版权所有(C) 2014 Free Software Foundation,Inc。这是免费软件;看到了 复制条件的来源。没有保修;甚至没有 适销性或适用于特定用途的适用性。罗兰写的 McGrath和Ulrich Drepper。
valgrind --track-origins=yes ./a.out 2 2
==21949== Memcheck, a memory error detector
==21949== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==21949== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info
==21949== Command: ./a.out 2 2
==21949==
==21949== Warning: client switching stacks? SP change: 0xffefffdd8 --> 0x51ff7b8
==21949== to suppress, use: --max-stackframe=68616717856 or greater
==21949== Use of uninitialised value of size 8
==21949== at 0x400738: func (main.c:25)
==21949== by 0x4E58EC4: (below main) (libc-start.c:287)
==21949== Uninitialised value was created by a stack allocation
==21949== at 0x4E7E445: swapcontext (swapcontext.S:92)
==21949==
==21949== Conditional jump or move depends on uninitialised value(s)
==21949== at 0x4E807A7: __start_context (__start_context.S:37)
==21949== by 0x4E58EC4: (below main) (libc-start.c:287)
==21949== Uninitialised value was created by a stack allocation
==21949== at 0x4E7E445: swapcontext (swapcontext.S:92)
==21949==
==21949== Syscall param rt_sigprocmask(set) contains uninitialised byte(s)
==21949== at 0x4E7E0EC: setcontext (setcontext.S:47)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== Uninitialised value was created by a stack allocation
==21949== at 0x4E7E445: swapcontext (swapcontext.S:92)
==21949==
==21949== Use of uninitialised value of size 8
==21949== at 0x4E7E0F5: setcontext (setcontext.S:54)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== Uninitialised value was created by a stack allocation
==21949== at 0x4E7E445: swapcontext (swapcontext.S:92)
==21949==
==21949== Use of uninitialised value of size 8
==21949== at 0x4E7E0FE: setcontext (setcontext.S:56)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== by 0x4E807AD: __start_context (__start_context.S:39)
==21949== Uninitialised value was created by a stack allocation
==21949== at 0x4E7E445: swapcontext (swapcontext.S:92)
==21949==
==21949== Warning: client switching stacks? SP change: 0x51ff7c0 --> 0xffefffde0
==21949== to suppress, use: --max-stackframe=68616717856 or greater
==21949==
==21949== HEAP SUMMARY:
==21949== in use at exit: 0 bytes in 0 blocks
==21949== total heap usage: 3 allocs, 3 frees, 18,256 bytes allocated
==21949==
==21949== All heap blocks were freed -- no leaks are possible
==21949==
==21949== For counts of detected and suppressed errors, rerun with: -v
==21949== ERROR SUMMARY: 5 errors from 5 contexts (suppressed: 0 from 0)
答案 0 :(得分:1)
我仍然不完全理解为什么valgrind正在显示这些未初始化的错误完全但是我会尽力解释我到目前为止所理解的内容;
在通过valgrind运行和分析程序并基于来自swapcontext(3)和getcontext(3)的手册页的信息时,我认为它无法检测到某些上下文交换(无法看到swapcontext的堆栈指针更改) tid 0到tid 1,交换文本从tid 1回到tid 0)
请在下面阅读:谁的堆叠[通话次数]:功能调用
所以,我认为函数调用跟踪是这样的:
main:swapcontext(main,tid 0) - &gt;
main [tid 0&#39的第一个函数调用]:func() - &gt;
tid 0:swapcontext(tid 0,tid 1) - &gt; { Stack =&gt; tiod 0 }
tid 1:func() - &gt;
swapcontext(tid 1,tid 0) - &gt; { Stack =&gt; tiod 1 }
tid 0 [第二次通话]:func() - &gt;
自n_switchs = 2后立即返回 - &gt;
pop tid 0 [2nd call]:来自tid 1堆栈的func()堆栈帧 - &gt;的 {第一 根据valgrind}
进行未初始化的访问tid 0 [第二次通话]:func()结束 - &gt;检查uc_link;找到engine_uc (主要背景)设置在那里 - &gt;
从现在开始,事情对我来说不明确,但以下似乎是可能的痕迹:
重置sigprocmask - &gt; {2nd Uninitialized access} setcontext()s 回到主要背景 - &gt; {3rd Uinitialized access?} { Stack =&gt; 主}
返回时,[tid 0&#39; s 1st call]的堆叠帧从主要&#39; s弹出 重新建立了新&GT;
main [tid 0&#39;第一次调用]:func()也因为n_switchs =而结束 2 - &gt;检查uc_link;再次找到engine_uc - &gt;重置sigprocmask - &gt; {not notinitialized access?}
返回时,main:swapcontext()的堆栈框从主要框架中弹出 堆栈 - &gt;
setcontext()s回到主要上下文 - &gt; {4th未初始化访问权限 ?} { Stack =&gt;主}
我们回到main(),免费的东西并退出
一些参考文献:
https://www.gnu.org/software/libc/manual/html_node/System-V-contexts.html http://www.cs.uwm.edu/classes/cs315/Bacon/Lecture/HTML/ch10s07.html
注意:我知道这不是一个完整的答案,但我不想在评论部分发表如此长的解释;因此张贴在这里。
答案 1 :(得分:1)
您必须通知valgrind有关堆栈的更改。在此处阅读示例https://github.com/lu-zero/valgrind/blob/master/memcheck/tests/linux/stack_changes.c
这是正确的代码:
#include <stdio.h>
#include <stdlib.h>
#include <sys/time.h>
#include <ucontext.h>
#include <valgrind/valgrind.h>
#define STACK_SIZE (8*1024)
int n_ucs = 1;
int max_switchs = 10;
int n_switchs = 0;
int tid = 0;
ucontext_t *ucs;
static ucontext_t engine_uc;
void func(int arg)
{
while (n_switchs < max_switchs) {
int c_tid = tid;
int n_tid = (tid + 1) % n_ucs;
n_switchs++;
tid = n_tid;
swapcontext(&ucs[c_tid], &ucs[n_tid]);
}
}
int main(int argc, char **argv)
{
if (argc > 1)
n_ucs = atoi(argv[1]);
if (argc > 2)
max_switchs = atoi(argv[2]);
ucs = malloc(sizeof(ucontext_t) * n_ucs);
//store the VALGRIND_STACK_REGISTER return values
int* valgrind_ret = malloc(n_ucs*sizeof(int));
int i;
for (i = 0; i < n_ucs; i++) {
/* Create initial ucontext_t, including stack */
getcontext(&ucs[i]);
//pass stack to valgrind
void* mystack = malloc(STACK_SIZE);
VALGRIND_STACK_REGISTER(mystack, mystack + STACK_SIZE);
ucs[i].uc_stack.ss_sp = mystack;
ucs[i].uc_stack.ss_size = STACK_SIZE;
ucs[i].uc_stack.ss_flags = 0;
ucs[i].uc_link = &engine_uc;
makecontext(&ucs[i], (void (*)())func, 1, i);
}
/* jump to the first uc */
swapcontext(&engine_uc, &ucs[tid]);
/* destroy stacks */
for (i = 0; i < n_ucs; i++) {
//valgrind stack deregister
VALGRIND_STACK_DEREGISTER(valgrind_ret[i]);
free(ucs[i].uc_stack.ss_sp);
}
free(ucs);
return 0;
}