|
楼主 |
发表于 2009-12-1 16:24:15
|
显示全部楼层
谢谢版主这么快回答。
是的,就是这么简单的用法。根据core_dump看,就是由于size发生了变化(变成了很大的数),导致new失败(abort)
ACE_Message_Block (size=80) :
11 0x006de21b in ACE_Message_Block (this=0x9fd86030, size=80, msg_type=1, msg_cont=0x0, msg_data=0x0, allocator_strategy=0x0, locking_strategy=0x0,
priority=0, [email=execution_time=@0x80fd590]execution_time=@0x80fd590[/email], [email=deadline_time=@0x80fd5e0]deadline_time=@0x80fd5e0[/email], data_block_allocator=0x0, message_block_allocator=0x0)
at ../../ace/Message_Block.cpp:453
ACE_Message_Block::init_i (size=80)
#10 0x006dd738 in ACE_Message_Block::init_i (this=0x9fd86030, size=80, msg_type=1, msg_cont=0x0, msg_data=0x0, allocator_strategy=0x0,
locking_strategy=0x0, flags=0, priority=0, [email=execution_time=@0x80fd590]execution_time=@0x80fd590[/email], [email=deadline_time=@0x80fd5e0]deadline_time=@0x80fd5e0[/email], db=0x9f93c970, data_block_allocator=0x79a3a0,
message_block_allocator=0x0) at /usr/lib/gcc/i386-redhat-linux/3.4.6/../../../../include/c++/3.4.6/new:92
在init_i 里创建ACE_Data_Block时就变了
int
ACE_Message_Block::init_i (size_t size,
ACE_Message_Type msg_type,
ACE_Message_Block *msg_cont,
const char *msg_data,
ACE_Allocator *allocator_strategy,
ACE_Lock *locking_strategy,
Message_Flags flags,
unsigned long priority,
const ACE_Time_Value &execution_time,
const ACE_Time_Value &deadline_time,
ACE_Data_Block *db,
ACE_Allocator *data_block_allocator,
ACE_Allocator *message_block_allocator)
{
ACE_TRACE ("ACE_Message_Block::init_i");
ACE_FUNCTION_TIMEPROBE (ACE_MESSAGE_BLOCK_INIT_I_ENTER);
this->rd_ptr_ = 0;
this->wr_ptr_ = 0;
this->priority_ = priority;
#if defined (ACE_HAS_TIMED_MESSAGE_BLOCKS)
this->execution_time_ = execution_time;
this->deadline_time_ = deadline_time;
#else
ACE_UNUSED_ARG (execution_time);
ACE_UNUSED_ARG (deadline_time);
#endif /* ACE_HAS_TIMED_MESSAGE_BLOCKS */
this->cont_ = msg_cont;
this->next_ = 0;
this->prev_ = 0;
this->message_block_allocator_ = message_block_allocator;
if (this->data_block_ != 0)
{
this->data_block_->release ();
this->data_block_ = 0;
}
if (db == 0)
{
if (data_block_allocator == 0)
ACE_ALLOCATOR_RETURN (data_block_allocator,
ACE_Allocator::instance (),
-1);
ACE_TIMEPROBE (ACE_MESSAGE_BLOCK_INIT_I_DB_ALLOC);
// Allocate the <ACE_Data_Block> portion, which is reference
// counted.
ACE_NEW_MALLOC_RETURN (db, // 这里生成ACE_Data_Block
static_cast<ACE_Data_Block *> (
data_block_allocator->malloc (sizeof (ACE_Data_Block))),
ACE_Data_Block (size,
msg_type,
msg_data,
allocator_strategy,
locking_strategy,
flags,
data_block_allocator),
-1);
ACE_TIMEPROBE (ACE_MESSAGE_BLOCK_INIT_I_DB_CTOR);
// Message block initialization may fail, while the construction
// succeds. Since ACE may throw no exceptions, we have to do a
// separate check and clean up, like this:
if (db != 0 && db->size () < size)
{
db->ACE_Data_Block::~ACE_Data_Block(); // placement destructor ...
data_block_allocator->free (db); // free ...
errno = ENOMEM;
return -1;
}
}
// Reset the data_block_ pointer.
this->data_block (db);
return 0;
}
ACE_Data_Block::ACE_Data_Block (size_t size,
ACE_Message_Block::ACE_Message_Type msg_type,
const char *msg_data,
ACE_Allocator *allocator_strategy,
ACE_Lock *locking_strategy,
ACE_Message_Block::Message_Flags flags,
ACE_Allocator *data_block_allocator)
: type_ (msg_type),
cur_size_ (0), // Reset later if memory alloc'd ok
max_size_ (0),
flags_ (flags),
base_ (const_cast <char *> (msg_data)),
allocator_strategy_ (allocator_strategy),
locking_strategy_ (locking_strategy),
reference_count_ (1),
data_block_allocator_ (data_block_allocator)
{
ACE_TRACE ("ACE_Data_Block::ACE_Data_Block");
ACE_FUNCTION_TIMEPROBE (ACE_DATA_BLOCK_CTOR2_ENTER);
// If the user didn't pass one in, let's use the
// <ACE_Allocator::instance>.
if (this->allocator_strategy_ == 0)
ACE_ALLOCATOR (this->allocator_strategy_,
ACE_Allocator::instance ());
if (this->data_block_allocator_ == 0)
ACE_ALLOCATOR (this->data_block_allocator_,
ACE_Allocator::instance ());
if (msg_data == 0)
{
ACE_ALLOCATOR (this->base_,
(char *) this->allocator_strategy_->malloc (size)); // 根据core_dump看,这里size就不对了
#if defined (ACE_INITIALIZE_MEMORY_BEFORE_USE)
(void) ACE_OS::memset (this->base_,
'\0',
size);
#endif /* ACE_INITIALIZE_MEMORY_BEFORE_USE */
}
// ACE_ALLOCATOR returns on alloc failure but we cant throw, so setting
// the size to 0 (i.e. "bad bit") ...
if (this->base_ == 0)
{
size = 0;
}
// The memory is legit, whether passed in or allocated, so set
// the size.
this->cur_size_ = this->max_size_ = size;
}
errno = ENOMEM;
return -1;
}
}
// Reset the data_block_ pointer.
this->data_block (db);
return 0;
}
#9 0x006dcdcc in ACE_Data_Block (this=0x9f93c970, size=4294967272, msg_type=1, msg_data=0x0, allocator_strategy=0x0, locking_strategy=0x0, flags=0,
data_block_allocator=0x79a3a0) at ../../ace/Message_Block.cpp:368
很奇怪。
另外,程序运行所在的服务器是每10分钟和一台时间服务器进行同步的,不知道这个有没有影响。
ACE_Message_Block是在一个函数内创建的,不是类成员,是一个独立的公共函数,有多个线程会调用,没有全局变量,静态变量。会可能导致这个问题吗?
而且不是可重现的,假如其他地方有溢出,有可能导致出现这个问题吗?
[ 本帖最后由 denis_lan 于 2009-12-1 16:41 编辑 ] |
|