挡泥板错误，而使用插座（）

Question

当编译这样我得到以下挡泥板侵犯，我不知道这意味着什么：

（我用Debian的挤压，GCC 4.4.5和eglibc 2.11.2）

挡泥板：

 
myuser@linux:~/Desktop$ export MUDFLAP_OPTIONS="-mode-check -viol-abort -internal-checking -print-leaks -check-initialization -verbose-violations -crumple-zone=32" 
myuser@linux:~/Desktop$ gcc -std=c99 -D_POSIX_C_SOURCE=200112L -ggdb3 -O0 -fmudflap -funwind-tables -lmudflap -rdynamic myprogram.c 
myuser@linux:~/Desktop$ ./a.out 
******* 
mudflap violation 1 (check/read): time=1303221485.951128 ptr=0x70cf10 size=16 
pc=0x7fc51c9b1cc1 location=`myprogram.c:22:18 (main)' 
     /usr/lib/libmudflap.so.0(__mf_check+0x41) [0x7fc51c9b1cc1] 
     ./a.out(main+0x113) [0x400b97] 
     /lib/libc.so.6(__libc_start_main+0xfd) [0x7fc51c665c4d] 
Nearby object 1: checked region begins 0B into and ends 15B into 
mudflap object 0x70cf90: name=`malloc region' 
bounds=[0x70cf10,0x70cf5b] size=76 area=heap check=1r/0w liveness=1 
alloc time=1303221485.949881 pc=0x7fc51c9b1431 
     /usr/lib/libmudflap.so.0(__mf_register+0x41) [0x7fc51c9b1431] 
     /usr/lib/libmudflap.so.0(__wrap_malloc+0xd2) [0x7fc51c9b2a12] 
     /lib/libc.so.6(+0xaada5) [0x7fc51c6f1da5] 
     /lib/libc.so.6(getaddrinfo+0x162) [0x7fc51c6f4782] 
Nearby object 2: checked region begins 640B before and ends 625B before 
mudflap dead object 0x70d3f0: name=`malloc region' 
bounds=[0x70d190,0x70d3c7] size=568 area=heap check=0r/0w liveness=0 
alloc time=1303221485.950059 pc=0x7fc51c9b1431 
     /usr/lib/libmudflap.so.0(__mf_register+0x41) [0x7fc51c9b1431] 
     /usr/lib/libmudflap.so.0(__wrap_malloc+0xd2) [0x7fc51c9b2a12] 
     /lib/libc.so.6(+0x6335b) [0x7fc51c6aa35b] 
     /lib/libc.so.6(+0xac964) [0x7fc51c6f3964] 
dealloc time=1303221485.950696 pc=0x7fc51c9b0fe6 
     /usr/lib/libmudflap.so.0(__mf_unregister+0x36) [0x7fc51c9b0fe6] 
     /usr/lib/libmudflap.so.0(__real_free+0xa0) [0x7fc51c9b2f40] 
     /lib/libc.so.6(fclose+0x14d) [0x7fc51c6a9a1d] 
     /lib/libc.so.6(+0xacc1a) [0x7fc51c6f3c1a] 
number of nearby objects: 2 
Aborted (core dumped) 
myuser@linux:~/Desktop$ 

GDB：

 
(gdb) bt 
#0 0x00007fd30f18136e in __libc_waitpid (pid=, stat_loc=0x7fff3689d75c, options=) at ../sysdeps/unix/sysv/linux/waitpid.c:32 
#1 0x00007fd30f11f299 in do_system (line=) at ../sysdeps/posix/system.c:149 
#2 0x00007fd30f44a9c3 in __mf_violation (ptr=, sz=, pc=0, location=0x7fff3689d880 "\360\323p", type=) 
    at ../../../src/libmudflap/mf-runtime.c:2174 
#3 0x00007fd30f44ba5d in __mfu_check (ptr=0x70cf10, sz=, type=, location=) 
    at ../../../src/libmudflap/mf-runtime.c:1037 
#4 0x00007fd30f44bcc1 in __mf_check (ptr=0x70cf10, sz=16, type=0, location=0x400e5a "myprogram.c:22:18 (main)") at ../../../src/libmudflap/mf-runtime.c:816 
#5 0x0000000000400b97 in main() at myprogram.c:5 
(gdb) bt full 
#0 0x00007fd30f18136e in __libc_waitpid (pid=, stat_loc=0x7fff3689d75c, options=) at ../sysdeps/unix/sysv/linux/waitpid.c:32 
     oldtype = 
     result = 
#1 0x00007fd30f11f299 in do_system (line=) at ../sysdeps/posix/system.c:149 
     __result = -512 
     _buffer = {__routine = 0x7fd30f11f5f0 , __arg = 0x7fff3689d758, __canceltype = 915003406, __prev = 0x7fd30f459348} 
     _avail = 0 
     status = 
     save = 
     pid = 5385 
     sa = {__sigaction_handler = {sa_handler = 0x1, sa_sigaction = 0x1}, sa_mask = {__val = {65536, 0 }}, sa_flags = 0, sa_restorer = 0x7fd30f0ec578} 
     omask = {__val = {0, 4294967295, 206158430240, 1, 2212816, 0, 140734108391560, 3, 140544470949888, 140544474854386, 140544214827009, 0, 7394247, 140544467453304, 
      140544471045644, 140734108391424}} 
#2 0x00007fd30f44a9c3 in __mf_violation (ptr=, sz=, pc=0, location=0x7fff3689d880 "\360\323p", type=) 
    at ../../../src/libmudflap/mf-runtime.c:2174 
     buf = "gdb --pid=5384\000\000\037\317p\000\000\000\000\000\377\377\377\377\000\000\000\000(\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000`\306!", '\000' , "\037\317p\000\000\000\000\000\020\317p\000\000\000\000\000\000 D\017\323\177\000\000\362\263\177\017\323\177\000\000\001\000\000\000\377\177\000\000\000\000\000\000\000\000\000\000\340Pp\000\000\000\000\000hHD\017\323\177\000" 
     violation_number = 1 
#3 0x00007fd30f44ba5d in __mfu_check (ptr=0x70cf10, sz=, type=, location=) 
    at ../../../src/libmudflap/mf-runtime.c:1037 
     entry_idx = 1 
     entry = 0x604ec0 
     judgement = -512 
     ptr_high = 140734108391840 
     __PRETTY_FUNCTION__ = "__mfu_check" 
#4 0x00007fd30f44bcc1 in __mf_check (ptr=0x70cf10, sz=16, type=0, location=0x400e5a "myprogram.c:22:18 (main)") at ../../../src/libmudflap/mf-runtime.c:816 
     __PRETTY_FUNCTION__ = "__mf_check" 
#5 0x0000000000400b97 in main() at myprogram.c:5 
     hints = {ai_flags = 0, ai_family = 0, ai_socktype = 1, ai_protocol = 6, ai_addrlen = 0, ai_addr = 0x0, ai_canonname = 0x0, ai_next = 0x0} 
     result = 0x70cf10 
     newsocket = 0 
(gdb) quit 

源代码：

#include "stdio.h" // quotes inserted instead of usual chars for correct website view 
#include "sys/socket.h" 
#include "netdb.h" 

int main(void) 
{ 
    struct addrinfo hints, *result; 
    hints.ai_flags  = 0; 
    hints.ai_family  = AF_UNSPEC; 
    hints.ai_socktype = SOCK_STREAM; 
    hints.ai_protocol = IPPROTO_TCP; 
    hints.ai_addrlen = 0; 
    hints.ai_canonname = NULL; 
    hints.ai_addr  = NULL; 
    hints.ai_next  = NULL; 

    if(getaddrinfo("localhost", "25", &hints, &result) != 0) 
    { 
     return -1; 
    } 

    int newsocket = socket(result->ai_family, result->ai_socktype, result->ai_protocol); // line 22 
    if(newsocket == -1) 
    { 
     freeaddrinfo(result); 
     return -2; 
    } 

    return 0; 
} 

Answer 1

这似乎是抱怨ununitialized数据的读（ “挡泥板违反1（检查/读）”）。它看起来好像在坏地址附近有几个已知区域。有一点更进一步（“检查区域从640B前开始并在625B之前结束”）已经被释放（“mudflap dead object”）。另一个实际上开始在坏阅读相同的地方（“检查区域开始0B到结束15B到mudflap对象0x70cf90：name =`malloc区域'”）。

为什么不设置-viol-gdb在MUDFLAP_OPTIONS并使用GDB来检查错误的代码？

ETA：的冲突发生，因为该区域的访问历史 “查看= 1R /0瓦特”。这表明正在读取它，但是，据libmudflap所知，该区域从未被写入过。因此读取表示“初始化之前使用”错误。这正是您提供给libmudflap的-check-initialization标志的意图。

当然，问题只是你的libc不被libmudflap仪器，因此，尽管libmudflap可以拦截malloc调用，它无法拦截被用来初始化内存指针访问。当你的程序试图使用指针时，它看起来好像它的所有内存已被分配但从未写入（确实，从来没有被访问过）。

您可以忽略这个错误，下降-check-initialization所以它停止被标记为错误，或建立一个libc仪表化libmudflap和反对该版本的libc链接你的可执行文件。