(OK) 调试cBPM—CentOS7—gdb—gdbserver—问题的解决—1—手机死机

//break main.cpp:63

//break main.cpp:155

//break WAPI.cpp:72

//break bOSXMLHelper.cpp:40

//break PlatformUtils.hpp:813

//break MemoryManagerImpl.cpp:37

//break WorkflowListener.cpp:67

//break XMLString.hpp:1451

//break Hashers.hpp:47

//break RangeToken.cpp:335

//break XMLRangeFactory.cpp:113

//break XMLInitializer.cpp:51

//break XMLInitializer.cpp:62 // 调试到此处，停止

//break XMLInitializer.cpp:61 // 所以，进入到initializeDatatypeValidatorFactory()单步跟踪，使用s，不要用n

break IconvTransService.cpp:432 //找到了故障点（在这一行的）。

break IconvTransService.cpp:460 //估计是内存分配问题，比如 溢出

===================================================================

http://c-dev.xerces.apache.narkive.com/DWSpAHdF/xerces-trunk-on-openbsd-5-1

===================================================================

Post by Alberto Massari

Hi Simon,

it looks that libc in OpenBSD 5.1 is not obeying to the documentation for

wcsrtombs/mbsrtowcs.

If *d**s**t* is not a null pointer, the pointer object pointed to

by *s**r**c* is assigned either a null pointer (if conversion

stopped due to reaching a terminating null wide-character)

or the address just past the last wide-character converted

(if any).

Instead of hacking the code to try to detect whether the conversion

actually wrote a NULL character in the converted string, I chose to modify

the 'configure' script to detect this behaviour and disable the usage of

the re-entrant functions if it doesn't match how the Xerces code uses them.

Thank you for reporting this issue,

Alberto

---------------------------------------

Hi,

I wanted to try using xerces on openbsd 5.1.

unknow reason.

After reading the code, it turns out that the end of conversion by

wcsrtombs and mbsrtowcs is based on a test on source pointer (source

pointer should point on null character).

The problem is that this behaviour is not implemented. Source pointer

points on the character following the last converted character leading

xerces binary to a risky memory access.

Below, there is a patch based on values returned by the functions (-1 in

case of error, >= 0 in case of complete/incomplete conversion) that fixes

the problem.

Regards,

Simon Elbaz

$ svn diff xercesc/util/Transcoders/Iconv/IconvTransService.cpp

Index: xercesc/util/Transcoders/Iconv/IconvTransService.cpp

===================================================================

--- xercesc/util/Transcoders/Iconv/IconvTransService.cpp (revision

1387785)

+++ xercesc/util/Transcoders/Iconv/IconvTransService.cpp (working

copy)

@@ -429,7 +429,7 @@

srcBuffer[gTempBuffArraySize - 1] = 0;

const wchar_t *src = 0;

- while (toTranscode[srcCursor] || src)

+ while (toTranscode[srcCursor])

{

if (src == 0) // copy a piece of the source string into a local

// buffer, converted to wchar_t and NULL-terminated.

@@ -454,7 +454,7 @@

break;

}

dstCursor += len;

- if (src != 0) // conversion not finished. This *always* means there

+ if (len == (resultSize - dstCursor)) // conversion not finished.

This *always* means there

// was not enough room in the destination buffer.

{

reallocString<char>(resultString, resultSize, manager,

resultString != localBuffer);

@@ -512,9 +512,9 @@

break;

}

dstCursor += len;

- if (src == 0) // conversion finished

+ if ((len >= 0) && (len < (resultSize - dstCursor))) // conversion

finished

break;

- if (dstCursor >= resultSize - 1)

+ if (len == (resultSize - dstCursor))

reallocString<wchar_t>(tmpString, resultSize, manager,

tmpString != localBuffer);

}

===================================================================