All geek questions in one place

Can someone help me analyze these valgrind results?

I wrote a program on linux to handle a lot of data, it works in most cases. But when processing a specific data set, he always told me a "segmentation fault" error, I tried to use gdb without luck (see My other question How to deal with a segmentation error with GDB under a specific circumstance? ), So I tried to use valgrind. He did not tell me the "segmentation fault" error when starting with valgrind. So how to find the error according to this valgrind output?

==2441== Invalid write of size 4 ==2441== at 0x404893: nodes_term32_flush (tyn_indexer.c:227) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid write of size 4 ==2441== at 0x4048D8: nodes_term32_flush (tyn_indexer.c:254) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x40450D: nodes_term32_flush (tyn_indexer.c:260) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x404878: nodes_term32_flush (tyn_indexer.c:224) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid write of size 4 ==2441== at 0x40487F: nodes_term32_flush (tyn_indexer.c:224) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x4048BD: nodes_term32_flush (tyn_indexer.c:251) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c094 is not stack'd, malloc'd or (recently) free'd ==2441== ==2441== Invalid write of size 4 ==2441== at 0x4048C4: nodes_term32_flush (tyn_indexer.c:251) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c094 is not stack'd, malloc'd or (recently) free'd ==2441== ==2441== Invalid read of size 4 ==2441== at 0x4093A0: tyn_p4d_encode32 (tyn_coder.c:645) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x409490: tyn_p4d_encode32 (tyn_coder.c:669) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x4094A7: tyn_p4d_encode32 (tyn_coder.c:667) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c088 is 8 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x409574: tyn_p4d_encode32 (tyn_coder.c:694) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x4095A6: tyn_p4d_encode32 (tyn_coder.c:708) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c088 is 8 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x409524: tyn_p4d_encode32 (tyn_coder.c:697) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c08c is 12 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x40953A: tyn_p4d_encode32 (tyn_coder.c:700) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1233c08c is 12 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x409552: tyn_p4d_encode32 (tyn_coder.c:702) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1243c2fc is 12 bytes after a block of size 16 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x40785B: tyn_exsorter_sort (tyn_exsorter.c:106) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x407CB7: tyn_iS16_encode32 (tyn_coder.c:96) ==2441== by 0x409621: tyn_p4d_encode32 (tyn_coder.c:725) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1243d880 is 0 bytes after a block of size 16 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x40785B: tyn_exsorter_sort (tyn_exsorter.c:106) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x407D20: tyn_iS16_encode32 (tyn_coder.c:109) ==2441== by 0x409621: tyn_p4d_encode32 (tyn_coder.c:725) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1243d880 is 0 bytes after a block of size 16 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x40785B: tyn_exsorter_sort (tyn_exsorter.c:106) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Invalid read of size 4 ==2441== at 0x407D37: tyn_iS16_encode32 (tyn_coder.c:108) ==2441== by 0x409621: tyn_p4d_encode32 (tyn_coder.c:725) ==2441== by 0x4045F0: nodes_term32_flush (tyn_indexer.c:132) ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== Address 0x1243d8a8 is not stack'd, malloc'd or (recently) free'd ==2441== ==2441== Use of uninitialised value of size 8 ==2441== at 0x3AE9C4726B: _itoa_word (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) ==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Conditional jump or move depends on uninitialised value(s) ==2441== at 0x3AE9C47275: _itoa_word (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) ==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== document id: 0 ==2441== Conditional jump or move depends on uninitialised value(s) ==2441== at 0x3AE9C4774E: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) ==2441== by 0x4073AD: tyn_build_index (tyn_indexer.c:900) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Use of uninitialised value of size 8 ==2441== at 0x3AE9C4726B: _itoa_word (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) ==2441== by 0x4073AD: tyn_build_index (tyn_indexer.c:900) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== ==2441== Conditional jump or move depends on uninitialised value(s) ==2441== at 0x3AE9C47275: _itoa_word (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) ==2441== by 0x4073AD: tyn_build_index (tyn_indexer.c:900) ==2441== by 0x40384F: main (tyn_indexer.c:943) ==2441== int32_t category: 0 bytes_collected: 972467429 196220 bytes/s tyn_config->indexer->dl_directory: /dragon/tyan tyn_config->indexer->memory_limit: 10240000 ==2441== ==2441== HEAP SUMMARY: ==2441== in use at exit: 214,695,668 bytes in 399,272 blocks ==2441== total heap usage: 401,095 allocs, 1,823 frees, 219,225,806 bytes allocated ==2441== ==2441== LEAK SUMMARY: ==2441== definitely lost: 9,442,580 bytes in 27 blocks ==2441== indirectly lost: 34,682,771 bytes in 81 blocks ==2441== possibly lost: 170,557,809 bytes in 399,140 blocks ==2441== still reachable: 12,508 bytes in 24 blocks ==2441== suppressed: 0 bytes in 0 blocks ==2441== Rerun with --leak-check=full to see details of leaked memory ==2441== ==2441== For counts of detected and suppressed errors, rerun with: -v ==2441== Use --track-origins=yes to see where uninitialised values come from ==2441== ERROR SUMMARY: 32680 errors from 23 contexts (suppressed: 2 from 2)
+4
source share
2 answers

This is a lot of the conclusion you have. You should have concentrated it more on areas of interest to you. However, I will try to give some general pointers.

 ==2441== Invalid write of size 4

opens a "block" that tells you detailed information about the allocated memory and the back trace of the stack of its placement and the error site. ==2441== is the PID of the process, which is useful in cases where several processes are running in parallel.

Website errors (comments added with # ). The stack path is always in the reverse order, which means crash (or something that could become a crash in normal mode). The site is at the top of the list, and the calls it invokes are listed in reverse order below:

 # This points to a function nodes_term32_flush() in file tyn_indexer.c on line 227 ==2441== at 0x404893: nodes_term32_flush (tyn_indexer.c:227) # the format is the same, at this line tyn_exsorter_sort() calls nodes_term32_flush() ==2441== by 0x407B77: tyn_exsorter_sort (tyn_exsorter.c:131) # ... and so on ==2441== by 0x406DDE: tyn_build_index (tyn_indexer.c:731) # ... leading up to the process "entry point" ==2441== by 0x40384F: main (tyn_indexer.c:943)

The memory block is damaged. The first line tells us that a block from one MiB was allocated and that (together with the output above) you read the first 4 bytes (probably a 32-bit value) after the last allocated byte of this block. The rest of the format matches what you know from the stack above.

 ==2441== Address 0x1233c080 is 0 bytes after a block of size 1,048,576 alloc'd ==2441== at 0x4A074CD: malloc (vg_replace_malloc.c:236) ==2441== by 0x406BEB: tyn_build_index (tyn_indexer.c:663) ==2441== by 0x40384F: main (tyn_indexer.c:943)

All repetitions after this - from experience - are most often the result of the first mistake. Thus, it always starts to fix the first indicated problem in the sequence of problem reports.

Now for the other error class that appears in your release:

 ==2441== Use of uninitialised value of size 8 # All library functions here ... ==2441== at 0x3AE9C4726B: _itoa_word (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) # ... but this one should be yours. Check out this file/line to see what can be the problem with the printf() call ==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888) ==2441== by 0x40384F: main (tyn_indexer.c:943)

The following, most likely, is again a consequence of the above conclusion:

 ==2441== Conditional jump or move depends on uninitialised value(s) ==2441== at 0x3AE9C47275: _itoa_word (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C49852: vfprintf (in /lib64/libc-2.14.90.so) ==2441== by 0x3AE9C51FE8: printf (in /lib64/libc-2.14.90.so) ==2441== by 0x4071EF: tyn_build_index (tyn_indexer.c:888) ==2441== by 0x40384F: main (tyn_indexer.c:943)

I highly recommend two things: read the Valgrind manual (I know it sounds to patronize, but it's worth it) and use its many options. I created several functions that I use on my development machines:

 # vim: set autoindent smartindent tabstop=2 shiftwidth=2 expandtab filetype=sh: function vgrun { local COMMAND="$1" local NAME="$2" [[ -n "$COMMAND" ]] || { echo "Syntax: vgrun <command> <name>"; return; } [[ -n "$NAME" ]] || { echo "Syntax vgrun <command> <name>"; return; } valgrind \ --leak-check=full --error-limit=no --track-origins=yes \ --undef-value-errors=yes --log-file=valgrind-${NAME}.log \ --read-var-info=yes \ $COMMAND | tee valgrind-${NAME}-output.log 2>&1 } function vgtrace { local COMMAND="$1" local NAME="$2" [[ -n "$COMMAND" ]] || { echo "Syntax: vgtrace <command> <name>"; return; } [[ -n "$NAME" ]] || { echo "Syntax vgtrace <command> <name>"; return; } valgrind \ --leak-check=full --error-limit=no --track-origins=yes \ --undef-value-errors=yes --log-file=valgrind-${NAME}.log \ --read-var-info=yes --trace-children=yes \ $COMMAND | tee valgrind-${NAME}-output.log 2>&1 } function vgdbg { [[ -n "$*" ]] || { echo "Syntax: vgrun <command>"; return; } valgrind \ --leak-check=full --error-limit=no --track-origins=yes \ --undef-value-errors=yes --read-var-info=yes --db-attach=yes \ " $@ " }

vgrun just runs the command with Valgrind. Note that the command must be in quotation marks with all its parameters for this. vgtrace is simply a variation of vgrun , adding --trace-children=yes to the Valgrind command line. The most useful, by far, is vgdbg , which will ask you to connect GDB to the running program and, thus, will allow you to interactively debug the problem, including correctly checking the stack frames, values, etc. - if you say GDB, that is.

+11
source

I will first look at errors talking about uninitialized values. I would also look at invalid entries. Segfaults can often be the result of using an uninitialized value. They can also be triggered by invalid messages that cause heap corruption. The output displays line numbers. Start searching in these areas. The output also shows several memory leaks. Follow the recommendations of the output and run it again with --leak-check = full to get a more detailed analysis of memory leaks so you can track them and take care of them.

+2
source

Source: https://habr.com/ru/post/1403012/

More articles:


All Articles