利用压力测试来保证软件的质量(九) 访问违例问题
2010-09-10 21:03 王克伟 阅读(706) 评论(0) 编辑 收藏 举报这差不多是我们遇到的最最常见的问题了,访问违例(Access Violation)问题只是最直接的现象而已,并不是造成这些问题的Root Cause,为什么这么说呢,现在案发现场是程序使用一个对象的方法,但是这个对象所在的内存已经是0xCCCCCCCC了(比如你delete一个对象后,Heap Manager在free掉这块内存后填充上0xCCCCCCCC作为标记,下次它会Check这块标记为freed的内存是不是0xCCCCCCCC了,如果不是说明你干了坏事),访问它当然会AV了。
那么谁去释放掉这快内存的,为什么释放掉之后还在使用?这么找下去才能找到Root Cause,而单单的AV只是现象而已。
介于这类的问题种类非常的多,问题非常常见,我只举几个我解决掉的案例。
2010.7.5
尝试解决\DumpFile\Access Violation\20100703_AVpimg.exe_samplecam.dll:
查看Callstack:
SAMPLECAM!MarshalledBuffer_t::Unmarshal() marshal.hpp line 196 SAMPLECAM!CPinDevice::ResetBufferList() pindevice.cpp line 1386 SAMPLECAM!CPinDevice::~CPinDevice() pindevice.cpp line 59 SAMPLECAM!PIN_Close(unsigned long 0xd74060a0) pindriver.cpp line 292 //进一步查看0xd74060a0指向的对象,见下面。 DEVMGR!DM_DevPreCloseFileHandle(fsopendev_t * 0xd7406040) devfile.c line 256 + 6 bytes KERNEL!DoPHDClose(_HDATA * 0xd0040044, unsigned long 0xcccccccc) fscall.c line 360 + 15 bytes KERNEL!DoUnlockHDATA(_HDATA * 0x861e7edc, unsigned long 0xffff0000) handle.c line 325 + 6 bytes KERNEL!HNDLCloseHandle(_PROCESS * 0x8a894000, void * 0x00ba66ff) handle.c line 675 KERNEL!PROCCloseHandle(_PROCESS * 0x8a894000, void * 0x00ba66ff) process.c line 250 COREDLL!CloseHandle(void * 0x00ba66ff) tkfuncs.cpp line 330 + 10 bytes QUARTZ!CCaptureAdapter::DestroyStream(long 0x00000001) adapter.cpp line 302 QUARTZ!CVideoCaptureOutputPin::~CVideoCaptureOutputPin() vcappin.cpp line 163 QUARTZ!CVideoCapture::~CVideoCapture() vcap.cpp line 84 QUARTZ!CVideoCapture::`scalar deleting destructor'() + 11 bytes QUARTZ!CUnknown::NonDelegatingRelease() combase.cpp line 198 QUARTZ!CBufferAllocator::Release() alloc.h line 39 + 15 bytes QUARTZ!CFilterGraph::FilGen::~FilGen() filgraph.cpp line 5183 + 6 bytes QUARTZ!CFilterGraph::RemoveFilterInternal(IBaseFilter * 0x0046c22c) filgraph.cpp line 1256 QUARTZ!CFilterGraph::RemoveAllFilters() filgraph.cpp line 829 QUARTZ!CUnknown::NonDelegatingRelease() combase.cpp line 198 QUARTZ!CBasicAudio::Release() ctlutil.h line 413 + 15 bytes PIMGDLL!CDShow::Cleanup() dshowwrapper.cpp line 1973 + 20 bytes PIMGDLL!CDShow::DeleteInstance() dshowwrapper.cpp line 190 PIMGDLL!CStateChangeCmd::Execute() command.cpp line 1189 + 15 bytes PIMGDLL!WndProc(HWND__ *, unsigned int, unsigned int, long) frame.cpp line 76
从Watch中看:
- (PPINDEVICE)0xd74060a0 0xd74060a0
m_ulPinId 0x00000000
m_ulFrameSize 0x00000000
m_ulFramesDropped 0x00000000
m_ulPictureNumber 0x00000000
m_lStillCount 0x00000000
m_dwMemoryModel 0x00000004
m_dwBufferCount 0x00000000
m_ulMaxNumOfBuffers 0x0000000a //▲应该为1,谁改的?
m_msStart 0x01f70fc7
m_msLastPT 0x0000044d
m_RtAveTimePerFrame 0x0000000000051615
m_hMsgQ 0x09390303
+ m_csStreamBuffer {...}
+ m_csStreamIO {...}
+ m_pCamAdapter 0xd36fb700
+ m_pStreamDescriptorList 0xd7408200
+ m_CsDataRangeVideo {...}
m_CsState CSSTATE_STOP
m_fClientInitialized true
m_fDiscontinuity false
展开m_pStreamDescriptorList 0xd7408200:
- m_pStreamDescriptorList 0xd7408200
+ pCsStreamDescriptorExternal 0x00000000
+ csStreamDescriptorShadow {...}
m_fBusy 0x00000000
+ m_pMarshalledDataBuffer 0x00000000
+ m_pMarshalledStreamDesc 0x00000000
+ m_pUnMarshalledStreamDesc 0x004e6120
从Memory中看:
D7408218 CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC 00000000 D7408234 CCCCCCCC 0A0822CE CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC D7408250 CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC D740826C CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC CCCCCCCC 00000000 00000000 D7408288 00000000 004E6120
使用CeDebugX从内存快照中看:
Windows CE>!dumpitem 0xd7408200 pimg.exe Creating heap lists for all processes... ========================================================================== NK.EXE (0x00400002) Heap: 0xd0040020 -------------------------------------------------------------------------- Heap Item Item Data Total Size Data Size First DWORD Address Address (bytes) (bytes) in payload ========================================================================== 0xd74081e0 0xd7408200 192 160 0x00000000 addr value ========================== header ========================== 0xd74081e0 : 0xa9e4b608 Signature (expect 0xa9e4b620) 0xd74081e4 : 0x00000090 Data size (bytes) 0xd74081e8 : 0xc0e6390b samplecam.dll ! CPinDevice::PauseStream + 0x23 0xd74081ec : 0xc0e64180 samplecam.dll ! CPinDevice::PinHandleConnectionRequests + 0x1af 0xd74081f0 : 0xc0e61c2f samplecam.dll ! PIN_IOControl + 0x1a4 0xd74081f4 : 0xc0213df4 devmgr.dll ! DM_DevDeviceIoControl + 0xbd 0xd74081f8 : 0x81212b5d kernel.dll ! APICallReturn 0xd74081fc : 0x00000000 0x00000000 ========================== data ========================== 0xd7408200 : 0x00000000 0xd7408204 : 0x00000000 0xd7408208 : 0xcccccccc 0xd740820c : 0xcccccccc 0xd7408210 : 0xcccccccc 0xd7408214 : 0xcccccccc 0xd7408218 : 0xcccccccc 0xd740821c : 0xcccccccc 0xd7408220 : 0xcccccccc 0xd7408224 : 0xcccccccc 0xd7408228 : 0xcccccccc 0xd740822c : 0xcccccccc 0xd7408230 : 0x00000000 0xd7408234 : 0xcccccccc 0xd7408238 : 0x0a0822ce 0xd740823c : 0xcccccccc 0xd7408240 : 0xcccccccc 0xd7408244 : 0xcccccccc 0xd7408248 : 0xcccccccc 0xd740824c : 0xcccccccc 0xd7408250 : 0xcccccccc 0xd7408254 : 0xcccccccc 0xd7408258 : 0xcccccccc 0xd740825c : 0xcccccccc 0xd7408260 : 0xcccccccc 0xd7408264 : 0xcccccccc 0xd7408268 : 0xcccccccc 0xd740826c : 0xcccccccc 0xd7408270 : 0xcccccccc 0xd7408274 : 0xcccccccc 0xd7408278 : 0xcccccccc 0xd740827c : 0xcccccccc 0xd7408280 : 0x00000000 0xd7408284 : 0x00000000 //m_pStreamDescriptorList[ 0 ].m_pMarshalledDataBuffer 0xd7408288 : 0x00000000 0xd740828c : 0x004e6120 0xd7408290 : 0xa8a7a6a5 <====== End of data 0xd7408290 0xd7408294 : 0xacabaaa9 0xd7408298 : 0xb0afaead 0xd740829c : 0xb4b3b2b1
查看代码:
bool
CPinDevice::ResetBufferList()
{
EnterCriticalSection( &m_csStreamBuffer );
if( m_pStreamDescriptorList )
{
for( DWORD i = 0; i < m_ulMaxNumOfBuffers; i++ )
{
if(m_pStreamDescriptorList[ i ].m_pMarshalledDataBuffer != NULL)
{
delete m_pStreamDescriptorList[ i ].m_pMarshalledDataBuffer; //调用MarshalledBuffer_t析构函数,此时的i是1,m_pStreamDescriptorList[ 1 ].m_pMarshalledDataBuffer的值
//是0xD7408314(已经跑到别人的Heap Block了。),见下面,指向的值是0xcccccccc。
m_pStreamDescriptorList[ i ].m_pMarshalledDataBuffer = NULL;
}
if(m_pStreamDescriptorList[ i ].m_pMarshalledStreamDesc != NULL)
{
delete m_pStreamDescriptorList[ i ].m_pMarshalledStreamDesc;
m_pStreamDescriptorList[ i ].m_pMarshalledStreamDesc = NULL;
}
m_pStreamDescriptorList[ i ].pCsStreamDescriptorExternal = NULL;
m_pStreamDescriptorList[ i ].m_fBusy = FALSE;
}
}
LeaveCriticalSection( &m_csStreamBuffer );
return true;
}
Windows CE>!dumpitem 0xd74082a0 pimg.exe Creating heap lists for all processes... ========================================================================== NK.EXE (0x00400002) Heap: 0xd0040020 -------------------------------------------------------------------------- Heap Item Item Data Total Size Data Size First DWORD Address Address (bytes) (bytes) in payload ========================================================================== 0xd74082a0 0xd74082c0 FREE 224 192 0xcccccccc addr value ========================== header ========================== 0xd74082a0 : 0xa9e4b608 Signature (expect 0xa9e4b620) 0xd74082a4 : 0x0000000c Data size (bytes) 0xd74082a8 : 0xc090a911 Alloc PC - gwes.dll ! ce::list<RGNDAT *,ce::allocator>::_Buynode + 0xd 0xd74082ac : 0xc090af36 Free PC - gwes.dll ! ce::list<RGNDAT *,ce::allocator>::erase + 0x26 0xd74082b0 : 0xc090afca gwes.dll ! ce::list<RGNDAT *,ce::allocator>::push_back<RGNDAT *> + 0x13 0xd74082b4 : 0xc090b100 gwes.dll ! DC::UpdateClipping + 0x128 0xd74082b8 : 0xc090b2c9 gwes.dll ! DC::SelectBitmap + 0x17 0xd74082bc : 0xc0945703 gwes.dll ! BitmapBase_t::SelectObject + 0xc ========================== data ========================== 0xd74082c0 : 0xcccccccc 0xd74082c4 : 0xcccccccc 0xd74082c8 : 0xcccccccc 0xd74082cc : 0xcccccccc 0xd74082d0 : 0xcccccccc 0xd74082d4 : 0xcccccccc 0xd74082d8 : 0xcccccccc 0xd74082dc : 0xcccccccc 0xd74082e0 : 0xa9e4b608 0xd74082e4 : 0x00000068 0xd74082e8 : 0xc0945c41 0xd74082ec : 0xc0945c7f 0xd74082f0 : 0xc091ff32 0xd74082f4 : 0x81212b5d 0xd74082f8 : 0x00000000 0xd74082fc : 0x00000000 0xd7408300 : 0xcccccccc 0xd7408304 : 0xcccccccc 0xd7408308 : 0xcccccccc 0xd740830c : 0xcccccccc 0xd7408310 : 0xcccccccc 0xd7408314 : 0xcccccccc //m_pStreamDescriptorList[ 1 ].m_pMarshalledDataBuffer 0xd7408318 : 0xcccccccc 0xd740831c : 0xcccccccc 0xd7408320 : 0xcccccccc 0xd7408324 : 0xcccccccc
我们从内存中看m_pStreamDescriptorList[ 0 ]是没有问题的,m_pStreamDescriptorList[ 1 ]以及后面的出现了问题,那么为什么出问题了?
for( DWORD i = 0; i < m_ulMaxNumOfBuffers; i++ )
m_ulMaxNumOfBuffers有问题?
我们看到m_ulMaxNumOfBuffers的值为:0x0000000a
sizeof _tagStreamDescriptorShadow刚好为0x00000090,与0xd74081e4 : 0x00000090 Data size (bytes)一样大小,难道是只分配了一个Buffer,而使用了10个Buffer?
正常情况是什么?
从代码看是根据m_ulMaxNumOfBuffers分配内存块的,而m_ulMaxNumOfBuffers其实是10,但为什么只分配了1块?
DWORD CPinDevice ::PauseStream( )
{
if( m_CsState == CSSTATE_STOP )
{
// Let's allocate our resources
if( m_pStreamDescriptorList == NULL )
{
m_pStreamDescriptorList = (PCS_STREAM_DESCRIPTOR_SHADOW) LocalAlloc( LMEM_ZEROINIT, sizeof( CS_STREAM_DESCRIPTOR_SHADOW ) * m_ulMaxNumOfBuffers );
if( NULL == m_pStreamDescriptorList )
return ERROR_OUTOFMEMORY;
}
m_dwBufferCount = 0;
}
if ( false == m_fClientInitialized )
{
// By this time the buffers must be allocated
m_fClientInitialized = CreateTimer() ;
}
if( m_fClientInitialized )
{
m_CsState = CSSTATE_PAUSE ;
}
if( m_fClientInitialized == false )
{
return ERROR_INTERNAL_ERROR;
}
return ERROR_SUCCESS ;
}
正常情况下(刚启动Camera时)CPinDevice对象的值:
- this 0xd41f7b40
m_ulPinId 0x00000000 //▲什么东东?
m_ulFrameSize 0x00000000
m_ulFramesDropped 0x00000000
m_ulPictureNumber 0x00000000
m_lStillCount 0x00000000
m_dwMemoryModel 0x00000004 //▲什么东东?
m_dwBufferCount 0x00000000 //▲什么东东?
m_ulMaxNumOfBuffers 0x00000001 //▲为1,而不是10
m_msStart 0xffffffff
m_msLastPT 0x00000000
m_RtAveTimePerFrame 0x00000000000a2c2a
m_hMsgQ 0x0bae00d7
+ m_csStreamBuffer {...}
+ m_csStreamIO {...}
+ m_pCamAdapter 0xd367b5c0
+ m_pStreamDescriptorList 0xd41f9100 //▲见下面,对应的Heap Block为0x00000090字节,只是一个Buffer
+ m_CsDataRangeVideo {...}
m_CsState CSSTATE_STOP
m_fClientInitialized false //▲什么东东?
m_fDiscontinuity true //▲什么东东?
在
m_pStreamDescriptorList = (PCS_STREAM_DESCRIPTOR_SHADOW) LocalAlloc( LMEM_ZEROINIT, sizeof( CS_STREAM_DESCRIPTOR_SHADOW ) * m_ulMaxNumOfBuffers );
后Break All,所以看到的内存都被置0了,干干净净的:
Windows CE>!dumpitem 0xd41f9100 pimg.exe Creating heap lists for all processes... ========================================================================== NK.EXE (0x00400002) Heap: 0xd0040020 -------------------------------------------------------------------------- Heap Item Item Data Total Size Data Size First DWORD Address Address (bytes) (bytes) in payload ========================================================================== 0xd41f90e0 0xd41f9100 192 160 0x00000000 addr value ========================== header ========================== 0xd41f90e0 : 0xa9e4b608 Signature (expect 0xa9e4b620) 0xd41f90e4 : 0x00000090 Data size (bytes) 0xd41f90e8 : 0xc0ea390b samplecam.dll ! CPinDevice::PauseStream + 0x23 0xd41f90ec : 0xc0ea4180 samplecam.dll ! CPinDevice::PinHandleConnectionRequests + 0x1af 0xd41f90f0 : 0xc0ea1c2f samplecam.dll ! PIN_IOControl + 0x1a4 0xd41f90f4 : 0xc0213df4 devmgr.dll ! DM_DevDeviceIoControl + 0xbd 0xd41f90f8 : 0x81212b3d kernel.dll ! APICallReturn 0xd41f90fc : 0x00000000 0x00000000 ========================== data ========================== 0xd41f9100 : 0x00000000 0xd41f9104 : 0x00000000 0xd41f9108 : 0x00000000 0xd41f910c : 0x00000000 0xd41f9110 : 0x00000000 0xd41f9114 : 0x00000000 0xd41f9118 : 0x00000000 0xd41f911c : 0x00000000 0xd41f9120 : 0x00000000 0xd41f9124 : 0x00000000 0xd41f9128 : 0x00000000 0xd41f912c : 0x00000000 0xd41f9130 : 0x00000000 0xd41f9134 : 0x00000000 0xd41f9138 : 0x00000000 0xd41f913c : 0x00000000 0xd41f9140 : 0x00000000 0xd41f9144 : 0x00000000 0xd41f9148 : 0x00000000 0xd41f914c : 0x00000000 0xd41f9150 : 0x00000000 0xd41f9154 : 0x00000000 0xd41f9158 : 0x00000000 0xd41f915c : 0x00000000 0xd41f9160 : 0x00000000 0xd41f9164 : 0x00000000 0xd41f9168 : 0x00000000 0xd41f916c : 0x00000000 0xd41f9170 : 0x00000000 0xd41f9174 : 0x00000000 0xd41f9178 : 0x00000000 0xd41f917c : 0x00000000 0xd41f9180 : 0x00000000 0xd41f9184 : 0x00000000 0xd41f9188 : 0x00000000 0xd41f918c : 0x00000000 0xd41f9190 : 0xa8a7a6a5 <====== End of data 0xd41f9190 0xd41f9194 : 0xacabaaa9 0xd41f9198 : 0xb0afaead 0xd41f919c : 0xb4b3b2b1
对照出现错误的现场和正确的现场找到问题的关键在:谁去修改了m_ulMaxNumOfBuffers造成了错误?
2010.7.6
结合\DumpFile\Access Violation\20100702_AVpimg.exe
分析一下:
直接在Watch或者Memory window里面看不到CPinDevice对象的值,所以通过其它技巧找到指向CPinDevice的指针,
然后使用CeDebugX查看对象的值,幸运的是通过Callstack看到
SAMPLECAM!PIN_Close(unsigned long 0xd9978180) line 292
函数的参数就是CPinDevice的首地址。
Windows CE>!dumpitem 0xd9978180 pimg.exe Creating heap lists for all processes... ========================================================================== NK.EXE (0x00400002) Heap: 0xd0040020 -------------------------------------------------------------------------- Heap Item Item Data Total Size Data Size First DWORD Address Address (bytes) (bytes) in payload ========================================================================== 0xd9978160 0xd9978180 1504 1472 0x00000000 addr value ========================== header ========================== 0xd9978160 : 0xa9e4b608 Signature (expect 0xa9e4b620) 0xd9978164 : 0x000005a8 Data size (bytes) //sizeof CPinDevice 0xd9978168 : 0xc0e61ca7 samplecam.dll ! PIN_Open + 0xe 0xd997816c : 0xc0213782 devmgr.dll ! I_CreateDeviceHandle + 0xb3 0xd9978170 : 0xc0216f1e devmgr.dll ! DEVFS_CreateFileW + 0x73 0xd9978174 : 0x81212c5a kernel.dll ! docall + 0x6 0xd9978178 : 0x81225060 kernel.dll ! NKHandleCall + 0x141 0xd997817c : 0xc00acc83 k.coredll.dll ! DirectHandleCall + 0x10 ========================== data ========================== 0xd9978180 : 0x00000000 0xd9978184 : 0x00000000 0xd9978188 : 0x00000000 0xd997818c : 0x00000000 0xd9978190 : 0x00000000 0xd9978194 : 0x00000004 //m_dwMemoryModel 0xd9978198 : 0x00000000 0xd997819c : 0x0000000a //▲m_ulMaxNumOfBuffers的值(3个问题样本中该值为10,而正常样本中该值为1) 0xd99781a0 : 0x044eb2d5 0xd99781a4 : 0x00000000 0xd99781a8 : 0x000a2c2a 0xd99781ac : 0x00000000 0xd99781b0 : 0x09660447 0xd99781b4 : 0x00000001 0xd99781b8 : 0x09612e82 0xd99781bc : 0x016449ab 0xd99781c0 : 0x00000000 0xd99781c4 : 0x00000000 0xd99781c8 : 0x00000001 0xd99781cc : 0x00000000 0xd99781d0 : 0x020714df 0xd99781d4 : 0x00000000 0xd99781d8 : 0x00000000 0xd99781dc : 0xd39107e0 0xd99781e0 : 0xd997b0a0 0xd99781e4 : 0xcccccccc 0xd99781e8 : 0x000004a8 0xd99781ec : 0x00000000 0xd99781f0 : 0x00025800 0xd99781f4 : 0x00000000 0xd99781f8 : 0x73646976 0xd99781fc : 0x00100000 [skipping 1248 bytes ...] 0xd99786e0 : 0x00000000 0xd99786e4 : 0x00000000 0xd99786e8 : 0x00000000 0xd99786ec : 0x00000000 0xd99786f0 : 0x00000000 0xd99786f4 : 0x00000000 0xd99786f8 : 0x00000000 0xd99786fc : 0x00000000 0xd9978700 : 0x00000000 0xd9978704 : 0x00000000 0xd9978708 : 0x00000000 0xd997870c : 0x00000000 0xd9978710 : 0x00000000 0xd9978714 : 0x00000000 0xd9978718 : 0x00000000 0xd997871c : 0x00000000 0xd9978720 : 0x00000000 0xd9978724 : 0xcccc0001 0xd9978728 : 0xa8a7a6a5 <====== End of data 0xd9978728 0xd997872c : 0xacabaaa9 0xd9978730 : 0xb0afaead 0xd9978734 : 0xb4b3b2b1 0xd9978738 : 0xb8b7b6b5 0xd997873c : 0xbcbbbab9
问题解决:
Cause:
When others use IOCTL_CS_PROPERTY to set the maximum number buffers of camera,
we should not only reset the value of m_ulMaxNumOfBuffers, but also reallocate the memory according to the new value of m_ulMaxNumOfBuffers.
Else we may come across the below situation, it's the root cause of this hopper bug
- (PPINDEVICE)0xd74060a0 0xd74060a0
m_ulPinId 0x00000000
m_ulFrameSize 0x00000000
m_ulFramesDropped 0x00000000
m_ulPictureNumber 0x00000000
m_lStillCount 0x00000000
m_dwMemoryModel 0x00000004
m_dwBufferCount 0x00000000
m_ulMaxNumOfBuffers 0x0000000a //Actually we just allocated 1 buffer, but we expect 10 buffers to use and to release.
m_msStart 0x01f70fc7
m_msLastPT 0x0000044d
m_RtAveTimePerFrame 0x0000000000051615
m_hMsgQ 0x09390303
+ m_csStreamBuffer {...}
+ m_csStreamIO {...}
+ m_pCamAdapter 0xd36fb700
+ m_pStreamDescriptorList 0xd7408200
+ m_CsDataRangeVideo {...}
m_CsState CSSTATE_STOP
m_fClientInitialized true
m_fDiscontinuity false
Solution:
Follow Chelan change.
How Built:
build public\COMMON\oak\drivers\Capture\camera\layered\MDD
sysgen -p common samplecam
==========================================================================
LONG GetWindowLong( HWND hWnd, int nIndex );
LONG SetWindowLong( HWND hWnd, int nIndex, LONG dwNewLong );
DWL_USER
Sets new extra information that is private to the application, such as handles or pointers.
那么谁在释放了ppd指向的对象后忘记SetWindowLong了?
LPPROPDATA ppd = (LPPROPDATA)GetWindowLong(hDlg, DWL_USER);
if (!ppd && (uMessage != WM_INITDIALOG))
{
return FALSE;
}
=========================================================================
进程退出/窗口销毁时最容易出问题,很多程序没有处理好这个问题,
比如对WM_DESTROY消息的处理,程序中的一些数据都销毁了,这时来一个窗口消息怎么办?你考虑了这个问题了吗?
还比如程序刚刚启动一些数据还没有初始化完成,这时程序突然要退出,窗口要销毁,你考虑这个问题了吗?你的程序此时会Crash吗?
==========================================================================
作者: 王克伟
出处: http://wangkewei.cnblogs.com/
版权声明: 本文的版权归作者与博客园共有。转载时须注明本文的详细链接,否则作者将保留追究其法律责任的权利。
您可以从这里更方便的找到我的文章。
出处: http://wangkewei.cnblogs.com/
版权声明: 本文的版权归作者与博客园共有。转载时须注明本文的详细链接,否则作者将保留追究其法律责任的权利。
您可以从这里更方便的找到我的文章。
