You are viewing a plain text version of this content. The canonical link for it is here.
Posted to c-dev@xerces.apache.org by bu...@apache.org on 2004/01/29 20:20:52 UTC
DO NOT REPLY [Bug 26530] New: -
FMR: Free memory read bool xercesc_2_4::XMLString::equals(const unsigned short*const,const unsigned short*const) [libxerces-c.so.24]
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26530>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=26530
FMR: Free memory read bool xercesc_2_4::XMLString::equals(const unsigned short*const,const unsigned short*const) [libxerces-c.so.24]
Summary: FMR: Free memory read bool
xercesc_2_4::XMLString::equals(const unsigned
short*const,const unsigned short*const) [libxerces-
c.so.24]
Product: Xerces-C++
Version: 2.4.0
Platform: Sun
OS/Version: Solaris
Status: NEW
Severity: Major
Priority: Other
Component: Miscellaneous
AssignedTo: xerces-c-dev@xml.apache.org
ReportedBy: greg@sce.carleton.ca
I ran purify on xerces compiled with debugging enabled. I am getting a "free
memory read". The stack traces of the read, new, and delete is shown below.
Build is on Solaris 2.9. Sunpro SC5.0.
FMR: Free memory read
This is occurring while in:
bool xercesc_2_4::XMLString::equals(const unsigned short*const,const
unsigned short*const) [libxerces-c.so.24]
bool xercesc_2_4::HashXMLCh::equals(const void*const,const
void*const) [HashXMLCh.cpp:77]
bool HashXMLCh::equals(const void *const key1, const void *const
key2)
{
=> return (XMLString::equals((XMLCh*)key1, (XMLCh*)key2)) ?
true : false;
}
XERCES_CPP_NAMESPACE_END
xercesc_2_4::RefHashTableBucketElem<unsigned>*xercesc_2_4::RefHashTableOf<unsigned>::findBucketElem(const
void*const,unsigned&) [RefHashTableOf.c:529]
unsigned*xercesc_2_4::RefHashTableOf<unsigned>::get(const
void*const) [RefHashTableOf.c:399]
unsigned xercesc_2_4::IGXMLScanner::buildAttList(const
xercesc_2_4::RefVectorOf<xercesc_2_4::KVStringPair>&,const
unsigned,xercesc_2_4::XMLElementDecl*,xercesc_2_4::RefVectorOf<xercesc_2_4::XMLAttr>&)
[IGXMLScanner2.cpp:344]
bool xercesc_2_4::IGXMLScanner::scanStartTagNS(bool&)
[IGXMLScanner.cpp:2738]
bool xercesc_2_4::IGXMLScanner::scanContent(const bool)
[IGXMLScanner.cpp:931]
void xercesc_2_4::IGXMLScanner::scanDocument(const
xercesc_2_4::InputSource&) [IGXMLScanner.cpp:247]
void xercesc_2_4::AbstractDOMParser::parse(const
xercesc_2_4::InputSource&) [AbstractDOMParser.cpp:460]
void xercesc_2_4::IGXMLScanner::resolveSchemaGrammar(const unsigned
short*const,const unsigned short*const) [IGXMLScanner2.cpp:1752]
void xercesc_2_4::IGXMLScanner::scanRawAttrListforNameSpaces(const
xercesc_2_4::RefVectorOf<xercesc_2_4::KVStringPair>*,int) [IGXMLScanner2.cpp:1621]
bool xercesc_2_4::IGXMLScanner::scanStartTagNS(bool&)
[IGXMLScanner.cpp:2205]
bool xercesc_2_4::IGXMLScanner::scanContent(const bool)
[IGXMLScanner.cpp:931]
void xercesc_2_4::IGXMLScanner::scanDocument(const
xercesc_2_4::InputSource&) [IGXMLScanner.cpp:247]
void xercesc_2_4::XMLScanner::scanDocument(const unsigned
short*const) [XMLScanner.cpp:453]
void xercesc_2_4::XMLScanner::scanDocument(const char*const)
[XMLScanner.cpp:461]
void xercesc_2_4::AbstractDOMParser::parse(const char*const)
[AbstractDOMParser.cpp:506]
void readXML(const char*) [xmlread.cc:254]
readInModel [xmlread.cc:188]
bool Model::load(__FILE*,const char*,const char*,__FILE*,const
char*,__FILE*) [model.cc:620]
void process(const char*,const char*) [srvn2eepic.o]
main [srvn2eepic.cc:992]
_start [crt1.o]
Reading 2 bytes from 0x33edb8 in the heap.
Address 0x33edb8 is at the beginning of a freed block of 10 bytes.
This block was allocated from:
malloc [rtlib.o]
c2n6Fi_Pv___1 [libCrun.so.1]
void*operator new(unsigned) [rtlib.o]
void*xercesc_2_4::MemoryManagerImpl::allocate(unsigned)
[MemoryManagerImpl.cpp:83]
void xercesc_2_4::KVStringPair::setKey(const unsigned short*const)
[KVStringPair.cpp:186]
{
fMemoryManager->deallocate(fKey); //delete [] fKey;
fKeyAllocSize = len + 1;
=> fKey = (XMLCh*) fMemoryManager->allocate(fKeyAllocSize *
sizeof(XMLCh)); //new XMLCh[fKeyAllocSize];
}
XMLString::copyString(fKey, newKey);
void xercesc_2_4::KVStringPair::set(const unsigned short*const,const
unsigned short*const) [KVStringPair.cpp:209]
xercesc_2_4::KVStringPair::KVStringPair(const unsigned
short*const,const unsigned short*const,xercesc_2_4::MemoryManager*const)
[KVStringPair.cpp:154]
unsigned xercesc_2_4::IGXMLScanner::rawAttrScan(const unsigned
short*const,xercesc_2_4::RefVectorOf<xercesc_2_4::KVStringPair>&,bool&)
[IGXMLScanner.cpp:783]
bool xercesc_2_4::IGXMLScanner::scanStartTagNS(bool&)
[IGXMLScanner.cpp:2137]
bool xercesc_2_4::IGXMLScanner::scanContent(const bool)
[IGXMLScanner.cpp:931]
void xercesc_2_4::IGXMLScanner::scanDocument(const
xercesc_2_4::InputSource&) [IGXMLScanner.cpp:247]
void xercesc_2_4::AbstractDOMParser::parse(const
xercesc_2_4::InputSource&) [AbstractDOMParser.cpp:460]
void xercesc_2_4::IGXMLScanner::resolveSchemaGrammar(const unsigned
short*const,const unsigned short*const) [IGXMLScanner2.cpp:1752]
void xercesc_2_4::IGXMLScanner::scanRawAttrListforNameSpaces(const
xercesc_2_4::RefVectorOf<xercesc_2_4::KVStringPair>*,int) [IGXMLScanner2.cpp:1621]
bool xercesc_2_4::IGXMLScanner::scanStartTagNS(bool&)
[IGXMLScanner.cpp:2205]
bool xercesc_2_4::IGXMLScanner::scanContent(const bool)
[IGXMLScanner.cpp:931]
void xercesc_2_4::IGXMLScanner::scanDocument(const
xercesc_2_4::InputSource&) [IGXMLScanner.cpp:247]
void xercesc_2_4::XMLScanner::scanDocument(const unsigned
short*const) [XMLScanner.cpp:453]
void xercesc_2_4::XMLScanner::scanDocument(const char*const)
[XMLScanner.cpp:461]
void xercesc_2_4::AbstractDOMParser::parse(const char*const)
[AbstractDOMParser.cpp:506]
void readXML(const char*) [xmlread.cc:254]
readInModel [xmlread.cc:188]
bool Model::load(__FILE*,const char*,const char*,__FILE*,const
char*,__FILE*) [model.cc:620]
void process(const char*,const char*) [srvn2eepic.o]
main [srvn2eepic.cc:992]
_start [crt1.o]
There have been 21 frees since this block was freed from:
free [rtlib.o]
c2k6FPv_v___1 [libCrun.so.1]
void operator delete(void*) [rtlib.o]
void xercesc_2_4::MemoryManagerImpl::deallocate(void*)
[MemoryManagerImpl.cpp:96]
void MemoryManagerImpl::deallocate(void* p)
{
=> ::operator delete(p);
}
XERCES_CPP_NAMESPACE_END
void xercesc_2_4::KVStringPair::setKey(const unsigned short*const)
[KVStringPair.cpp:184]
if (len >= fKeyAllocSize)
{
=> fMemoryManager->deallocate(fKey); //delete [] fKey;
fKeyAllocSize = len + 1;
fKey = (XMLCh*) fMemoryManager->allocate(fKeyAllocSize *
sizeof(XMLCh)); //new XMLCh[fKeyAllocSize];
}
void xercesc_2_4::KVStringPair::set(const unsigned short*const,const
unsigned short*const) [KVStringPair.cpp:209]
unsigned xercesc_2_4::IGXMLScanner::rawAttrScan(const unsigned
short*const,xercesc_2_4::RefVectorOf<xercesc_2_4::KVStringPair>&,bool&)
[IGXMLScanner.cpp:794]
bool xercesc_2_4::IGXMLScanner::scanStartTagNS(bool&)
[IGXMLScanner.cpp:2137]
bool xercesc_2_4::IGXMLScanner::scanContent(const bool)
[IGXMLScanner.cpp:931]
void xercesc_2_4::IGXMLScanner::scanDocument(const
xercesc_2_4::InputSource&) [IGXMLScanner.cpp:247]
void xercesc_2_4::AbstractDOMParser::parse(const
xercesc_2_4::InputSource&) [AbstractDOMParser.cpp:460]
void xercesc_2_4::IGXMLScanner::resolveSchemaGrammar(const unsigned
short*const,const unsigned short*const) [IGXMLScanner2.cpp:1752]
void xercesc_2_4::IGXMLScanner::scanRawAttrListforNameSpaces(const
xercesc_2_4::RefVectorOf<xercesc_2_4::KVStringPair>*,int) [IGXMLScanner2.cpp:1621]
bool xercesc_2_4::IGXMLScanner::scanStartTagNS(bool&)
[IGXMLScanner.cpp:2205]
bool xercesc_2_4::IGXMLScanner::scanContent(const bool)
[IGXMLScanner.cpp:931]
void xercesc_2_4::IGXMLScanner::scanDocument(const
xercesc_2_4::InputSource&) [IGXMLScanner.cpp:247]
void xercesc_2_4::XMLScanner::scanDocument(const unsigned
short*const) [XMLScanner.cpp:453]
void xercesc_2_4::XMLScanner::scanDocument(const char*const)
[XMLScanner.cpp:461]
void xercesc_2_4::AbstractDOMParser::parse(const char*const)
[AbstractDOMParser.cpp:506]
void readXML(const char*) [xmlread.cc:254]
readInModel [xmlread.cc:188]
bool Model::load(__FILE*,const char*,const char*,__FILE*,const
char*,__FILE*) [model.cc:620]
void process(const char*,const char*) [srvn2eepic.o]
main [srvn2eepic.cc:992]
_start [crt1.o]
FMR Free memory read WARNING
An FMR message indicates that your program is about to read
from memory within the heap which is not in or near a
currently allocated block. This could be a dangling pointer
to a block of memory that has already been freed (caused by
retaining the pointer too long, or freeing the memory too
soon). Alternatively, it could be the result of indexing
very far off the end of a valid block, or using a completely
random pointer which happens to fall within the heap seg-
ment.
---------------------------------------------------------------------
To unsubscribe, e-mail: xerces-c-dev-unsubscribe@xml.apache.org
For additional commands, e-mail: xerces-c-dev-help@xml.apache.org