我在linux上编写了一个C程序来处理大量数据,它大部分时间都运行正常。但是当处理一组特定数据时,它总是告诉我“分段错误”错误,我试图使用gdb而没有运气(请参阅我的另一个问题How to deal segmentation fault with GDB under particular circumstance?),所以我尝试使用valgrind。当用valgrind运行时,它没有告诉我“分段错误”错误。那么如何根据这些valgrind输出找到bug?
==2441== Invalid write of size 4
==2441== at 0x404893: nodes_term32_flush (tyn_indexer.c:227)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid write of size 4
==2441== at 0x4048D8: nodes_term32_flush (tyn_indexer.c:254)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x40450D: nodes_term32_flush (tyn_indexer.c:260)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x404878: nodes_term32_flush (tyn_indexer.c:224)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid write of size 4
==2441== at 0x40487F: nodes_term32_flush (tyn_indexer.c:224)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x4048BD: nodes_term32_flush (tyn_indexer.c:251)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c094 is not stack'd, malloc'd or (recently) free'd
==2441==
==2441== Invalid write of size 4
==2441== at 0x4048C4: nodes_term32_flush (tyn_indexer.c:251)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c094 is not stack'd, malloc'd or (recently) free'd
==2441==
==2441== Invalid read of size 4
==2441== at 0x4093A0: tyn_p4d_encode32 (tyn_coder.c:645)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x409490: tyn_p4d_encode32 (tyn_coder.c:669)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x4094A7: tyn_p4d_encode32 (tyn_coder.c:667)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c088 is 8 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x409574: tyn_p4d_encode32 (tyn_coder.c:694)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x4095A6: tyn_p4d_encode32 (tyn_coder.c:708)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c088 is 8 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x409524: tyn_p4d_encode32 (tyn_coder.c:697)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c08c is 12 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x40953A: tyn_p4d_encode32 (tyn_coder.c:700)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1233c08c is 12 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x409552: tyn_p4d_encode32 (tyn_coder.c:702)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1243c2fc is 12 bytes after a block of size 16 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x40785B: tyn_exsorter_sort (tyn_exsorter.c:106)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x407CB7: tyn_iS16_encode32 (tyn_coder.c:96)
==2441== by 0x409621: tyn_p4d_encode32 (tyn_coder.c:725)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1243d880 is 0 bytes after a block of size 16 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x40785B: tyn_exsorter_sort (tyn_exsorter.c:106)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x407D20: tyn_iS16_encode32 (tyn_coder.c:109)
==2441== by 0x409621: tyn_p4d_encode32 (tyn_coder.c:725)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1243d880 is 0 bytes after a block of size 16 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x40785B: tyn_exsorter_sort (tyn_exsorter.c:106)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Invalid read of size 4
==2441== at 0x407D37: tyn_iS16_encode32 (tyn_coder.c:108)
==2441== by 0x409621: tyn_p4d_encode32 (tyn_coder.c:725)
==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132)
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441== Address 0x1243d8a8 is not stack'd, malloc'd or (recently) free'd
==2441==
==2441== Use of uninitialised value of size 8
==2441== at 0x3AE9C4726B: _itoa_word (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Conditional jump or move depends on uninitialised value(s)
==2441== at 0x3AE9C47275: _itoa_word (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
document id: 0
==2441== Conditional jump or move depends on uninitialised value(s)
==2441== at 0x3AE9C4774E: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
==2441== by 0x4073AD: tyn_build_index (tyn_indexer.c:900)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Use of uninitialised value of size 8
==2441== at 0x3AE9C4726B: _itoa_word (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
==2441== by 0x4073AD: tyn_build_index (tyn_indexer.c:900)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
==2441== Conditional jump or move depends on uninitialised value(s)
==2441== at 0x3AE9C47275: _itoa_word (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
==2441== by 0x4073AD: tyn_build_index (tyn_indexer.c:900)
==2441== by 0x40384F: main (tyn_indexer.c:943)
==2441==
int32_t category: 0
bytes_collected: 972467429
196220 bytes/s
tyn_config->indexer->dl_directory: /dragon/tyan
tyn_config->indexer->memory_limit: 10240000
==2441==
==2441== HEAP SUMMARY:
==2441== in use at exit: 214,695,668 bytes in 399,272 blocks
==2441== total heap usage: 401,095 allocs, 1,823 frees, 219,225,806 bytes allocated
==2441==
==2441== LEAK SUMMARY:
==2441== definitely lost: 9,442,580 bytes in 27 blocks
==2441== indirectly lost: 34,682,771 bytes in 81 blocks
==2441== possibly lost: 170,557,809 bytes in 399,140 blocks
==2441== still reachable: 12,508 bytes in 24 blocks
==2441== suppressed: 0 bytes in 0 blocks
==2441== Rerun with --leak-check=full to see details of leaked memory
==2441==
==2441== For counts of detected and suppressed errors, rerun with: -v
==2441== Use --track-origins=yes to see where uninitialised values come from
==2441== ERROR SUMMARY: 32680 errors from 23 contexts (suppressed: 2 from 2)
答案 0 :(得分:11)
这里有很多输出。您应该将它更多地浓缩到您感兴趣的区域。不过,我会尝试给出一些一般性的指示。
==2441== Invalid write of size 4
打开一个“块”,告诉您有关分配的内存以及其分配和错误站点的堆栈回溯的详细信息。 ==2441==是进程的PID,在多个进程并行运行的情况下非常有用。
错误网站(评论添加了#)。堆栈回溯始终是相反的顺序,这意味着崩溃(或者通常会成为崩溃的站点)站点位于列表的顶部,并且那里的调用以下面的相反顺序列出:
# This points to a function nodes_term32_flush() in file tyn_indexer.c on line 227
==2441== at 0x404893: nodes_term32_flush (tyn_indexer.c:227)
# the format is the same, at this line tyn_exsorter_sort() calls nodes_term32_flush()
==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131)
# ... and so on
==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731)
# ... leading up to the process "entry point"
==2441== by 0x40384F: main (tyn_indexer.c:943)
受影响的内存块。第一行告诉我们正好分配了一个MiB的块,并且(与上面的输出一起)你正在读取该块的最后一个分配字节之后的前4个字节(可能是32位值)。其余格式遵循您从上面的堆栈回溯中了解到的内容。
==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd
==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663)
==2441== by 0x40384F: main (tyn_indexer.c:943)
之后的所有重复都是 - 从经验中 - 通常是第一次错误的结果。因此始终会在报告的问题序列中开始修复第一个列出的问题。
现在输出中出现的其他错误类:
==2441== Use of uninitialised value of size 8
# All library functions here ...
==2441== at 0x3AE9C4726B: _itoa_word (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
# ... but this one should be yours. Check out this file/line to see what can be the problem with the printf() call
==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888)
==2441== by 0x40384F: main (tyn_indexer.c:943)
以下可能仅仅是上述输出的结果:
==2441== Conditional jump or move depends on uninitialised value(s)
==2441== at 0x3AE9C47275: _itoa_word (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so)
==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so)
==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888)
==2441== by 0x40384F: main (tyn_indexer.c:943)
我强烈建议两件事:阅读Valgrind manual(我知道这听起来很光顾,但值得),并利用其众多选项。我创建了一些我在开发机器上使用的函数:
# vim: set autoindent smartindent tabstop=2 shiftwidth=2 expandtab filetype=sh:
function vgrun
{
local COMMAND="$1"
local NAME="$2"
[[ -n "$COMMAND" ]] || { echo "Syntax: vgrun <command> <name>"; return; }
[[ -n "$NAME" ]] || { echo "Syntax vgrun <command> <name>"; return; }
valgrind \
--leak-check=full --error-limit=no --track-origins=yes \
--undef-value-errors=yes --log-file=valgrind-${NAME}.log \
--read-var-info=yes \
$COMMAND | tee valgrind-${NAME}-output.log 2>&1
}
function vgtrace
{
local COMMAND="$1"
local NAME="$2"
[[ -n "$COMMAND" ]] || { echo "Syntax: vgtrace <command> <name>"; return; }
[[ -n "$NAME" ]] || { echo "Syntax vgtrace <command> <name>"; return; }
valgrind \
--leak-check=full --error-limit=no --track-origins=yes \
--undef-value-errors=yes --log-file=valgrind-${NAME}.log \
--read-var-info=yes --trace-children=yes \
$COMMAND | tee valgrind-${NAME}-output.log 2>&1
}
function vgdbg
{
[[ -n "$*" ]] || { echo "Syntax: vgrun <command>"; return; }
valgrind \
--leak-check=full --error-limit=no --track-origins=yes \
--undef-value-errors=yes --read-var-info=yes --db-attach=yes \
"$@"
}
vgrun只是用Valgrind运行一个命令。请注意,该命令必须在引号中,并且其所有参数都可以使用。 vgtrace只是vgrun的变体,将--trace-children=yes添加到Valgrind命令行。到目前为止,最有用的是vgdbg,它会要求您将GDB附加到正在运行的程序,从而让您以交互方式调试手头的问题,包括正确检查堆栈帧,值等 - if < / em>你说GDB,就是这样。
答案 1 :(得分:2)
我会首先看看有关未初始化值的错误。我也会看一下无效的写法。段错误通常是使用未初始化值的结果。它们也可能由导致堆损坏的无效写入引起。那里的输出给你行号。开始寻找这些领域。那里的输出也显示了几个内存泄漏。按照输出建议并使用--leak-check = full再次运行它以获得更详细的内存泄漏分析,以便您可以跟踪它们并处理它们。