When I compile and run the below piece of code the exe crashes yet doesn't provide information of any sort regarding why it crashed. (Seg faults etc. not reported). Here is the sample code that I tried:
#include <iostream>
#include <vector>
using namespace std;
int main() {
vector <int> values;
int temp = values.back();
cout << temp << endl;
return 0;
}
The same piece of code when compiled and run-on Linux produce a seg fault. Is there something to be configured specifically in windows to let console applications generate information regarding runtime errors?
Calling std::vector::back on an empty vector is undefined behavior. The compiler or runtime aren't required to emit a diagnostic. There might be a tool or sanitizer that could help depending on the compiler you're using.
Is there something to be configured specifically in windows to let console applications generate information regarding runtime errors?
The problem is that value.back() causes undefined behavior (because your vector is empty). The effect of undefined behavior is undefined. It might result in a seg fault, but also could just exit the application. You can't enforce a segfault for that, and not really enforce a crash.
Using static analyzers and increasing the warning level can help in certain cases. But there is no way to detect all possible errors.
I'm using clang-tidy 10 on a project and it's behaving weirdly on Windows with the MSVC STL. A minimal example is the following:
#include <iostream>
#include <stdexcept>
int main()
{
try {
throw std::runtime_error {"Boom!"};
} catch (...) {
std::cerr << "Unexpected non-exception error!\n";
}
}
If I tell it to include the check bugprone-exception-escape, it tells me an exception may be thrown in function 'main'. However, if I change the line streaming to std::cerr with the following then the check does not cause a complaint:
std::cerr << "Unexpected non-exception error!\n" << std::flush;
I assume the two consecutive stream operations in one statement is the cause of the different behaviour, because the following does raise the problem.
std::cerr << "Unexpected non-exception error!\n";
std::cerr << std::flush;
I noticed clang-tidy does not complain on any of these examples on Linux, at least if I pass -stdlib=libc++. Is there some weird subtlety I'm missing, or is this a bug in clang-tidy and/or MSVC's STL implementation?
I can't say for certain, but this seems very likely to be a bug. There have already been two similar bug reports/issues raised: https://github.com/llvm/llvm-project/issues/54668 and https://github.com/llvm/llvm-project/issues/56411. The first one already has a patch created to fix it (at the time of writing it's still under review though).
My guess is that a piping a single string literal to cerr somehow result in a string move, triggering the bug reported in the first issue I linked. There may be some kind of optimization where it's trying to move the string directly into the buffer, and using the returned ostream to perform another operation somehow prevents that optimization.
Alternatively, it's another case of the underlying issue causing the problem with the string move. i.e. There's a throw in a function several calls deep, but one of those calls is declared noexcept, and so the diagnostic shouldn't propagate further up.
In the following code snippet there is an error that is not trivial but I would have expected tools like AddressSanitizer to catch it.
#include <vector>
#include <iostream>
int main ()
{
std::vector<int> toto;
toto.push_back(2);
int const& titi = toto[0];
toto.pop_back();
std::cout << titi << std::endl;
return 1;
}
When scopping the vector and printing outside of the scope the catch reference an error is thrown use-heap-after-free.
But when there is no scope, the std::vector implementation will probably not release the memory after the pop_back thus the reference is still pointing towards valid memory.
I have search around and I found that you can manually poison memory and I was wondering if this has been implemented in STL (https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning)
This has been implemented in Clang (libc++) and relatively recent GNU (libstdc++) STLs (see Asan wiki for details).
One problem with this feature is that it breaks separate sanitization i.e. ability to sanitize only parts of your app (e.g. only executable and not the libs). The issue is that if vector is pushed in unsanitized and popped in sanitized code, the pusher will not be aware that it needs to unpoison the buffer. For this reason it's disabled by default in GCC (define _GLIBCXX_SANITIZE_VECTOR to enable it), Clang still has it one by default for unclear reasons.
I have a C++ client to a C++/CLI DLL, which initializes a series of C# dlls.
This used to work. The code that is failing has not changed. The code that has changed is not called before the exception is thrown. My compile environment has changed, but recompiling on a machine with an environment similar to my old one still failed. (EDIT: as we see in the answer this is not entirely true, I was only recompiling the library in the old environment, not the library and client together. The client projects had been upgraded and couldn't easily go back.)
Someone besides me recompiled the library, and we started getting memory management issues. The pointer passed in as a String must not be in the bottom 64K of the process's address space. I recompiled it, and all worked well with no code changes. (Alarm #1) Recently it was recompiled, and memory management issues with strings re-appeared, and this time they're not going away. The new error is Unhandled Exception: System.AccessViolationException: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
I'm pretty sure the problem is not located where I see the exception, the code didn't change between the successful and failing builds, but we should review that to be complete. Ignore the names of things, I don't have much control over the design of what it's doing with these strings. And sorry for the confusion, but note that _bridge and bridge are different things. Lots of lines of code missing because this question is already too long.
Defined in library:
struct Config
{
std::string aye;
std::string bee;
std::string sea;
};
extern "C" __declspec(dllexport) BridgeBase_I* __stdcall Bridge_GetConfiguredDefaultsImplementationPointer(
const std::vector<Config> & newConfigs, /**< new configurations to apply **/
std::string configFolderPath, /**< folder to write config files in **/
std::string defaultConfigFolderPath, /**< folder to find default config files in **/
std::string & status /**< output status of config parse **/
);
In client function:
GatewayWrapper::Config bridge;
std::string configPath("./config");
std::string defaultPath("./config/default");
GatewayWrapper::Config gwtransport;
bridge.aye = "bridged.dll";
bridge.bee = "1.0";
bridge.sea = "";
configs.push_back(bridge);
_bridge = GatewayWrapper::Bridge_GetConfiguredDefaultsImplementationPointer(configs, configPath, defaultPath, status);
Note that call to library that is crashing is in the same scope as the vector declaration, struct declaration, string assignment and vector push-back
There are no threading calls in this section of code, but there are other threads running doing other things. There is no pointer math here, there are no heap allocations in the area except perhaps inside the standard library.
I can run the code up to the Bridge_GetConfiguredDefaultsImplementationPointer call in the debugger, and the contents of the configs vector look correct in the debugger.
Back in the library, in the first sub function, where the debugger don't shine, I've broken down the failing statement into several console prints.
System::String^ temp
List<CConfig^>^ configs = gcnew List<CConfig ^>((INT32)newConfigs.size());
for( int i = 0; i< newConfigs.size(); i++)
{
std::cout << newConfigs[i].aye<< std::flush; // prints
std::cout << newConfigs[i].aye.c_str() << std::flush; // prints
temp = gcnew System::String(newConfigs[i].aye.c_str());
System::Console::WriteLine(temp); // prints
std::cout << "Testing string creation" << std::endl; // prints
std::cout << newConfigs[i].bee << std::flush; // crashes here
}
I get the same exception on access of bee if I move the newConfigs[i].bee out above the assignment of temp or comment out the list declaration/assignment.
Just for reference that the std::string in a struct in a vector should have arrived at it's destination ok
Is std::vector copying the objects with a push_back?
std::string in struct - Copy/assignment issues?
http://www.cplusplus.com/reference/vector/vector/operator=/
Assign one struct to another in C
Why this exception is not caught by my try/catch
https://stackoverflow.com/a/918891/2091951
Generic AccessViolationException related questions
How to handle AccessViolationException
Programs randomly getting System.AccessViolationException
https://connect.microsoft.com/VisualStudio/feedback/details/819552/visual-studio-debugger-throws-accessviolationexception
finding the cause of System.AccessViolationException
https://msdn.microsoft.com/en-us/library/ms164911.aspx
Catching access violation exceptions?
AccessViolationException when using C++ DLL from C#
Suggestions in above questions
Change to .net 3.5, change target platform - these solutions could have serious issues with a large mult-project solution.
HandleProcessCorruptedStateExceptions - does not work in C++, this decoration is for C#, catching this error could be a very bad idea anyway
Change legacyCorruptedStateExceptionsPolicy - this is about catching the error, not preventing it
Install .NET 4.5.2 - can't, already have 4.6.1. Installing 4.6.2 did not help. Recompiling on a different machine that didn't have 4.5 or 4.6 installed did not help. (Despite this used to compile and run on my machine before installing Visual Studio 2013, which strongly suggests the .NET library is an issue?)
VSDebug_DisableManagedReturnValue - I only see this mentioned in relation to a specific crash in the debugger, and the help from Microsoft says that other AccessViolationException issues are likely unrelated. (http://connect.microsoft.com/VisualStudio/feedbackdetail/view/819552/visual-studio-debugger-throws-accessviolationexception)
Change Comodo Firewall settings - I don't use this software
Change all the code to managed memory - Not an option. The overall design of calling C# from C++ through C++/CLI is resistant to change. I was specifically asked to design it this way to leverage existing C# code from existing C++ code.
Make sure memory is allocated - memory should be allocated on the stack in the C++ client. I've attempted to make the vector be not a reference parameter, to force a vector copy into explicitly library controlled memory space, did not help.
"Access violations in unmanaged code that bubble up to managed code are always wrapped in an AccessViolationException." - Fact, not a solution.
but it was the mismatch, not the specific version that was the problem
Yes, that's black letter law in VS. You unfortunately just missed the counter-measures that were built into VS2012 to turn this mistake into a diagnosable linker error. Previously (and in VS2010), the CRT would allocate its own heap with HeapAlloc(). Now (in VS2013), it uses the default process heap, the one returned by the GetProcessHeap().
Which is in itself enough to trigger an AVE when you run your app on Vista or higher, allocating memory from one heap and releasing it from another triggers an AVE at runtime, a debugger break when you debug with the Debug Heap enabled.
This is not where it ends, another significant issue is that the std::string object layout is not the same between the versions. Something you can discover with a little test program:
#include <string>
#include <iostream>
int main()
{
std::cout << sizeof(std::string) << std::endl;
return 0;
}
VS2010 Debug : 32
VS2010 Release : 28
VS2013 Debug : 28
VS2013 Release : 24
I have a vague memory of Stephen Lavavej mentioning the std::string object size reduction, very much presented as a feature, but I can't find it back. The extra 4 bytes in the Debug build is caused by the iterator debugging feature, it can be disabled with _HAS_ITERATOR_DEBUGGING=0 in the Preprocessor Definitions. Not a feature you'd quickly want to throw away but it makes mixing Debug and Release builds of the EXE and its DLLs quite lethal.
Needless to say, the different object sizes seriously bytes when the Config object is created in a DLL built with one version of the standard C++ library and used in another. Many mishaps, the most basic one is that the code will simply read the Config::bee member from the wrong offset. An AVE is (almost) guaranteed. Lots more misery when code allocates the small flavor of the Config object but writes the large flavor of std::string, that randomly corrupts the heap or the stack frame.
Don't mix.
I believe 2013 introduced a lot of changes in the internal data formats of STL containers, as part of a push to reduce memory usage and improve perf. I know vector became smaller, and string is basically a glorified vector<char>.
Microsoft acknowledges the incompatibility:
"To enable new optimizations and debugging checks, the Visual Studio
implementation of the C++ Standard Library intentionally breaks binary
compatibility from one version to the next. Therefore, when the C++
Standard Library is used, object files and static libraries that are
compiled by using different versions can't be mixed in one binary (EXE
or DLL), and C++ Standard Library objects can't be passed between
binaries that are compiled by using different versions."
If you're going to pass std::* objects between executables and/or DLLs, you absolutely must ensure that they are using the same version of the compiler. It would be well-advised to have your client and its DLLs negotiate in some way at startup, comparing any available versions (e.g. compiler version + flags, boost version, directx version, etc.) so that you catch errors like this quickly. Think of it as a cross-module assert.
If you want to confirm that this is the issue, you could pick a few of the data structures you're passing back and forth and check their sizes in the client vs. the DLLs. I suspect your Config class above would register differently in one of the fail cases.
I'd also like to mention that it is probably a bad idea in the first place to use smart containers in DLL calls. Unless you can guarantee that the app and DLL won't try to free or reallocate the internal buffers of the other's containers, you could easily run into heap corruption issues, since the app and DLL each have their own internal C++ heap. I think that behavior is considered undefined at best. Even passing const& arguments could still result in reallocation in rare cases, since const doesn't prevent a compiler from diddling with mutable internals.
You seem to have memory corruption. Microsoft Application Verifier is invaluable in finding corruption. Use it to find your bug:
Install it to your dev machine.
Add your exe to it.
Only select Basics\Heaps.
Press Save. It doesn't matter if you keep application verifier open.
Run your program a few times.
If it crashes, debug it and this time, the crash will point to your problem, not just some random location in your program.
PS: It's a great idea to have Application Verifier enabled at all times for your development project.
I have the following line in my program that causes a run-time warning:
if (!is_directory("C:\\NGFMS_Debug\\Files") && !create_directories("C:\\NGFMS_Debug\\Files"))
The text of the warning is as so: "A buffer overrun has occurred in XXX.exe which has corrupted the program's internal state."
The warning comes in the call to "is_directory(...)". I'm guessing the space for the string isn't getting allocated, but I thought syntax like this was legal.
The is_directory function is a part of boost/filesystem.hpp and I am using the following namespaces:
using namespace boost;
using namespace boost::filesystem;
using namespace std;
This is getting compiled under VS2005 C++. Any ideas?
Update
I tried a couple different things and stepped through the code and here is what I found.
If I do this
char* path_chars_c;
path_chars_c = "C:\\Debug\\Files";
string path_str_c(path_chars_c);
The variable path_chars_c contains the appropriate string, but the variable path_str_c contains garbage after initialization. So it appears that the string initialization is broken here. Has anyone ever seen this?
This is a surprising error -- that seems like a pretty standard use of boost::filesystem::is_directory(). Have you tried stepping into it w/ a debugger to see where the issue happens?
One (remote) possibility comes to mind -- if you are linking libraries that have NDEBUG enabled with libraries that have NDEBUG disabled, you can run into trouble. In particular, a few boost datatypes will allocate some extra debugging fields when debugging is turned on. So if an object gets created by one piece of code that thinks debugging is off, but then used by another piece of code that thinks debugging is on, then you can get random memory errors (such as buffer overflows).