What does <exp+6> mean in gdb? - c++

I was debugging a C++ code using gdb. The program stopped due to a segmentation fault.
Program received signal SIGSEGV, Segmentation fault.
So I was trying to print out the value of variables to identify where the error is coming from. I have an array called 'ring' of type 'Link **', where Link is a class I defined. Each element in the array points to a 'Link *' variable. Here is the output when I print the first three elements of the 'ring' array.
(gdb) print ring[0]
$13 = (Link *) 0x8125290
(gdb) print ring[1]
$14 = (Link *) 0xb7e80b86 <exp+6>
(gdb) print ring[2]
$15 = (Link *) 0x8132e20
Why am I getting '' after the memory address when printing 'ring[1]'? What does it mean?
EDIT: Im using gdb 7.8 on Arch Linux (3.16.4-1-ARCH)

It means the pointer value is equal to the address of the exp symbol plus 6. It's just the debugger trying to be helpful—whenever it decodes any pointer value, it tries to see if the pointer happens to lie near any known symbols in the object code, and it prints out that information if so.
You might expect to see such notation when examining the disassembly of a function's code, e.g. in branch targets, but as a data pointer, that's very unusual (function pointers would tend to point directly at function symbols, not offset into them).
You almost certainly have some kind of memory corruption bug that just happens to produce that value as a side effect.

Related

Find out the source file (line number) where a global variable was initialized?

I have pretty large C++ code base of a shared library which is messed up with complicated conditional macro spaghetti so IDE has troubles with that. I examined it with GDB to find the initial value of a global variable as follows:
$ gdb libcomplex.so
(gdb) p some_global_var
$1 = 1024
So I figured out the value the variable was initialized with.
QUESTION: Is it possible to find out which source file (and maybe line number) it was initialized at with GDB?
I tried list some_global_var, but it simply prints nothing:
(gdb) list some_global_var
(gdb)
So on x86 you can put a limited number of hardware watchpoints on that variable being changed:
If you are lucky, on a global you can get away with
watch some_global_var
But the debugger may still decide that is not a fixed address, and do a software watchpoint.
So you need to get the address, and watch exactly that:
p &some_global_var
(int*)0x000123456789ABC
watch (int*)0x000123456789ABC
Now, when you restart, the debugger should pop out when the value is first initialised, perhaps to zero, and/or when it is initialised to the unexpected value. If you are lucky, listing the associated source code will tell you how it came to be initialised. As others have stated you may then need to deduce why that line of code generated that value, which can be a pain with complex macros.
If that doesn't help you, or it stops many times unexpectedly during startup, then you should initially disable the watchpoint, then starti to restart you program and stop as soon as possible. Then p your global, and if it does not yet have the magic value, enable the watchpoint and continue. Hopefully this will skip the irrelevant startup and zoom in on the problem value.
You could use rr (https://rr-project.org/) to record a trace of the program, then you could reverse-execute to find the location. E.g.:
rr replay
(gdb) continue
...
(gdb) watch -l some_global_var
(gdb) reverse-continue

How to tell the gdb the value of the 'optimized out value' or make it infer the value?

There is a C++ this pointer that is an <optimized out> value, but up the call stack its value can be found.
How to tell gdb that this has that specific value? Can gdb look at the stack and infer it?
There is no way to do this in gdb, at least not in the form of having print this know which frame to inspect to find the value.
One simple work around is to use a convenience variable. For example something like:
(gdb) up 5
(gdb) set $mythis = this
(gdb) down 5
(gdb) print *$mythis
Another approach would be to write a "convenience function" (that's the term used in the gdb manual) to automate this. Convenience functions are written in Python and can do many things, such as look for symbols in other stack frames. So, for example, you could write a $_this function and use it like:
(gdb) print *$_this()
... not quite the same but maybe it would fit your needs.

GDB - Reading 1 words from the stack

I want to print 1 words from the top of stack in the form of hexadecimal. To do so, I typed the following:
(gdb) x/1xw $esp
but GDB keeps popping up:
0xffffffffffffe030: Cannot access memory at address 0xffffffffffffe030
The program I'm trying to debug has already pushed a value onto stack so just in case if you're wondering that I might be trying to access kernel variables at the very beginning of program, it's not so.
Any idea?
0xffffffffffffe030 is a 64-bit constant, so you are running in x64-bit mode. But $esp is a 32-bit register (which GDB sign-extends to 64 bits in this context). The 64-bit stack pointer is called $rsp. Try this instead:
(gdb) x/1xw $rsp

Hex code of an error

Runing Backtrace, It shows an error. What does the hexadecimal number represent at the end of a this line:
======= Backtrace: =========
/lib64/libc.so.6(__cxa_finalize+0x8e)[0x323aa337de]
The address at the end (0x323aa337de) is value of the program counter (the RIP register on x86-64). According to your debug symbols, this address is equal to __cxa_finalize+0x8e, i.e. 0x8e bytes past the start of the __cxa_finalize function within the C runtime shared library (/lib64/libc.so.6).
In Library, lib64/libc.so.6, function __cxa_finalize is currently being executed.
You are at 142 bytes (0x8E) in from the start of the function.
This is at memory address 0x323aa337de.
This is either where the program crashed, or the instruction you are currently looking at in the debugger (depending on context).

SIGSEV error (gdb)

I currently am running a c++ file which compiles but crashes when it runs.
I open the debugger and get the following line when I run the program:
Program received signal SIGSEGV, Segmentation fault.
0xff0ab210 in strcat () from /lib/libc.so.1
I have no idea what that line means.
Can you explain?
Edit:
I have gotten responses telling me about how I used strcat in the program.
All I have used it for is to be used in par with the atoi method in order to convert a string to hex number.
Edit2:
I have seen something on the code that uses the strcat library, it's the .append function. Would that be the cause of the problem?
That's a segmentation fault. Usually it means you're trying to access memory that hasn't been allocated. Since you're using strcat I'm guessing that the destination string hasn't been allocated or not enough memory has been allocated.
If the seg fault comes from strcat, then it is likely one of the following happened:
Your source is a non-null terminated C string (malformed string).
The amount of memory allocated in the destination string is not enough to store both the source and the destination + 1 (the null at the end).
Check to see if both cases are covered and hopefully you won't see the SIGSEGV again.