使用socket()时出现mudflap错误

时间:2011-04-19 14:02:43

标签: c gcc posix

当像这样编译时,我得到以下mudflap违规,我不知道它意味着什么:

(我正在使用Debian squeeze,gcc 4.4.5和eglibc 2.11.2)

挡泥板: 

myuser@linux:~/Desktop$ export MUDFLAP_OPTIONS="-mode-check -viol-abort -internal-checking -print-leaks -check-initialization -verbose-violations -crumple-zone=32"
myuser@linux:~/Desktop$ gcc -std=c99 -D_POSIX_C_SOURCE=200112L -ggdb3 -O0 -fmudflap -funwind-tables -lmudflap -rdynamic myprogram.c
myuser@linux:~/Desktop$ ./a.out
*******
mudflap violation 1 (check/read): time=1303221485.951128 ptr=0x70cf10 size=16
pc=0x7fc51c9b1cc1 location=`myprogram.c:22:18 (main)'
      /usr/lib/libmudflap.so.0(__mf_check+0x41) [0x7fc51c9b1cc1]
      ./a.out(main+0x113) [0x400b97]
      /lib/libc.so.6(__libc_start_main+0xfd) [0x7fc51c665c4d]
Nearby object 1: checked region begins 0B into and ends 15B into
mudflap object 0x70cf90: name=`malloc region'
bounds=[0x70cf10,0x70cf5b] size=76 area=heap check=1r/0w liveness=1
alloc time=1303221485.949881 pc=0x7fc51c9b1431
      /usr/lib/libmudflap.so.0(__mf_register+0x41) [0x7fc51c9b1431]
      /usr/lib/libmudflap.so.0(__wrap_malloc+0xd2) [0x7fc51c9b2a12]
      /lib/libc.so.6(+0xaada5) [0x7fc51c6f1da5]
      /lib/libc.so.6(getaddrinfo+0x162) [0x7fc51c6f4782]
Nearby object 2: checked region begins 640B before and ends 625B before
mudflap dead object 0x70d3f0: name=`malloc region'
bounds=[0x70d190,0x70d3c7] size=568 area=heap check=0r/0w liveness=0
alloc time=1303221485.950059 pc=0x7fc51c9b1431
      /usr/lib/libmudflap.so.0(__mf_register+0x41) [0x7fc51c9b1431]
      /usr/lib/libmudflap.so.0(__wrap_malloc+0xd2) [0x7fc51c9b2a12]
      /lib/libc.so.6(+0x6335b) [0x7fc51c6aa35b]
      /lib/libc.so.6(+0xac964) [0x7fc51c6f3964]
dealloc time=1303221485.950696 pc=0x7fc51c9b0fe6
      /usr/lib/libmudflap.so.0(__mf_unregister+0x36) [0x7fc51c9b0fe6]
      /usr/lib/libmudflap.so.0(__real_free+0xa0) [0x7fc51c9b2f40]
      /lib/libc.so.6(fclose+0x14d) [0x7fc51c6a9a1d]
      /lib/libc.so.6(+0xacc1a) [0x7fc51c6f3c1a]
number of nearby objects: 2
Aborted (core dumped)
myuser@linux:~/Desktop$

GDB: 

(gdb) bt
#0  0x00007fd30f18136e in __libc_waitpid (pid=, stat_loc=0x7fff3689d75c, options=) at ../sysdeps/unix/sysv/linux/waitpid.c:32
#1  0x00007fd30f11f299 in do_system (line=) at ../sysdeps/posix/system.c:149
#2  0x00007fd30f44a9c3 in __mf_violation (ptr=, sz=, pc=0, location=0x7fff3689d880 "\360\323p", type=)
    at ../../../src/libmudflap/mf-runtime.c:2174
#3  0x00007fd30f44ba5d in __mfu_check (ptr=0x70cf10, sz=, type=, location=)
    at ../../../src/libmudflap/mf-runtime.c:1037
#4  0x00007fd30f44bcc1 in __mf_check (ptr=0x70cf10, sz=16, type=0, location=0x400e5a "myprogram.c:22:18 (main)") at ../../../src/libmudflap/mf-runtime.c:816
#5  0x0000000000400b97 in main () at myprogram.c:5
(gdb) bt full
#0  0x00007fd30f18136e in __libc_waitpid (pid=, stat_loc=0x7fff3689d75c, options=) at ../sysdeps/unix/sysv/linux/waitpid.c:32
        oldtype = 
        result = 
#1  0x00007fd30f11f299 in do_system (line=) at ../sysdeps/posix/system.c:149
        __result = -512
        _buffer = {__routine = 0x7fd30f11f5f0 , __arg = 0x7fff3689d758, __canceltype = 915003406, __prev = 0x7fd30f459348}
        _avail = 0
        status = 
        save = 
        pid = 5385
        sa = {__sigaction_handler = {sa_handler = 0x1, sa_sigaction = 0x1}, sa_mask = {__val = {65536, 0 }}, sa_flags = 0, sa_restorer = 0x7fd30f0ec578}
        omask = {__val = {0, 4294967295, 206158430240, 1, 2212816, 0, 140734108391560, 3, 140544470949888, 140544474854386, 140544214827009, 0, 7394247, 140544467453304, 
            140544471045644, 140734108391424}}
#2  0x00007fd30f44a9c3 in __mf_violation (ptr=, sz=, pc=0, location=0x7fff3689d880 "\360\323p", type=)
    at ../../../src/libmudflap/mf-runtime.c:2174
        buf = "gdb --pid=5384\000\000\037\317p\000\000\000\000\000\377\377\377\377\000\000\000\000(\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000`\306!", '\000' , "\037\317p\000\000\000\000\000\020\317p\000\000\000\000\000\000 D\017\323\177\000\000\362\263\177\017\323\177\000\000\001\000\000\000\377\177\000\000\000\000\000\000\000\000\000\000\340Pp\000\000\000\000\000hHD\017\323\177\000"
        violation_number = 1
#3  0x00007fd30f44ba5d in __mfu_check (ptr=0x70cf10, sz=, type=, location=)
    at ../../../src/libmudflap/mf-runtime.c:1037
        entry_idx = 1
        entry = 0x604ec0
        judgement = -512
        ptr_high = 140734108391840
        __PRETTY_FUNCTION__ = "__mfu_check"
#4  0x00007fd30f44bcc1 in __mf_check (ptr=0x70cf10, sz=16, type=0, location=0x400e5a "myprogram.c:22:18 (main)") at ../../../src/libmudflap/mf-runtime.c:816
        __PRETTY_FUNCTION__ = "__mf_check"
#5  0x0000000000400b97 in main () at myprogram.c:5
        hints = {ai_flags = 0, ai_family = 0, ai_socktype = 1, ai_protocol = 6, ai_addrlen = 0, ai_addr = 0x0, ai_canonname = 0x0, ai_next = 0x0}
        result = 0x70cf10
        newsocket = 0
(gdb) quit

源代码: 


#include "stdio.h" // quotes inserted instead of usual chars for correct website view
#include "sys/socket.h"
#include "netdb.h"

int main(void)
{
    struct addrinfo hints, *result;
    hints.ai_flags      = 0;
    hints.ai_family     = AF_UNSPEC;
    hints.ai_socktype   = SOCK_STREAM;
    hints.ai_protocol   = IPPROTO_TCP;
    hints.ai_addrlen    = 0;
    hints.ai_canonname  = NULL;
    hints.ai_addr       = NULL;
    hints.ai_next       = NULL;

    if(getaddrinfo("localhost", "25", &hints, &result) != 0)
    {
        return -1;
    }

    int newsocket = socket(result->ai_family, result->ai_socktype, result->ai_protocol); // line 22
    if(newsocket == -1)
    {
        freeaddrinfo(result);
        return -2;
    }

    return 0;
}

1 个答案:

答案 0 :(得分:1)

似乎在抱怨读取未经初始化的数据(“mudflap违规1(检查/读取)”)。看起来坏地址附近有几个已知区域。稍微进一步(“检查区域开始640B之前和结束625B之前”)已经被释放(“mudflap死对象”)。另一个实际上与坏读取在同一个地方开始(“检查区域开始0B进入并结束15B进入mudflap对象0x70cf90:name =`malloc region'”)。

为什么不在-viol-gdb中设置MUDFLAP_OPTIONS并使用GDB检查错误的代码?

ETA: 发生违规是因为此区域的访问历史记录为“check = 1r / 0w”。这表明正在读取它,但是,就libmudflap所知,该区域从未被写入。因此,读取表示“初始化前使用”错误。这正是您提供给-check-initialization的{​​{1}}标志要捕获的内容。

当然,问题只是你的libc没有被libmudflap检测,所以虽然libmudflap可以拦截libmudflap调用,但它不能拦截用于指针的访问初始化内存。当你的程序试图使用指针时,看起来它的所有内存都已分配但从未写入(事实上,根本没有被访问过)。

您可以忽略此错误,删除malloc以使其不再被标记为错误,或者为-check-initialization构建libc并将您的可执行文件与{{1}版本相关联}}

相关问题
最新问题