I'm getting weird seg fault that seems to be coming from somewhere not in my program...not explicitly anyway. I'm calling "strcmp" on two array's... Both arrays are stored in the same type of structs. I'm getting at one with dot notation and one through dereferencing with "->":
int name = strcmp(one.name, two->name);
It compiles fine but when I run it I get the seg fault. I've tried tracking it down with GDB but when I put breakpoints in just before where I think it should occur, it seg faults anyway. I'm getting:
Program received signal SIGSEGV, Segmentation fault.
__strcmp_ia32 () at ../sysdeps/i386/i686/multiarch/../strcmp.S:40
40 ../sysdeps/i386/i686/multiarch/../strcmp.S: No such file or directory.
in ../sysdeps/i386/i686/multiarch/../strcmp.S
FML. Suggestions? Thanks!
My suggestion: Compile it with -g and run it through valgrind.
Related
My C++ compiler(MSVC++ 14.2 in Windows 10) ends without printing any error message when there is a runtime error like a segmentation fault.
For example,
std::shared<Foo> foo;
auto b = foo->bar; // segmenation fault, but ends without the error message
...
The compiler does not print the error message like Segmentation fault (core dumped)
Is there a way to set the compiler to print a runtime error message?
I'm getting this in my program, C++
Program received signal SIGSEGV, Segmentation Fault.
0xb7d62153 in __strtol_l_internal () from /lib/libc.so.6
I got that by using GDB. CC compiled it fine along with G++
sockf = openSocket(domainname, portc);
if(sockf > 0){
log("ZONTRECK","COMPLETED SOCKET!");
int newsockfd;
newsockfd = openListen(sockf,portc);
log("ZONTRECK","Starting console!");
It's an internal function within libc, related to strtol() -- if I had to hazard a guess, I'd say you're trying to read in a number, and something is blowing up.
Use the backtrace command in gdb to see how the program got to that point from your code - that will help find what parameter is being passed that's causing the problem (probably a NULL or otherwise invalid pointer).
Maby you are trying here to read memory corrupted by some code ran before this. If this is the case than the best way is to debug it by Valgrind.
I had to edit a file i didn't post on this site. Its my file that contains openSocket,openListen.
The atoi function requires const char, not char.
I was passing a char to it instead of a const char.
I fixed this issue by changing the char in int main() to const char.
I am having a repeating seg fault while using SystemC. During initialization I set a value to 0. During operation of a testbench I am setting this value to 1 in a module (proc). This is a sc_signal variable that is attached to a port of another module imem. The input port is of type sc_in.
In theory, this assignment should cause the input port to also be assigned 1, and when I try to access it using the .read() function it should return a 1 and assign it to another internal sc_signal within imem.
However, I am instead getting a seg fault.
According to gdb, this is occurring during the sc_start(10,SC_NS) call I make, which makes sense since that is when values should be updated. It traces it specifically to trying to execute the return of the .read(). Here is a quick snippet of the stack return (-O0 and -g3 using g++ and gdb6.6, 64-bit system):
#0 0x00000000004c79a6 in sc_core::sc_in<bool>::read (this=0x881a38) at <redacted>/systemC/install_x64/include/sysc/communication/sc_signal_ports.h:515
#1 0x00000000004e4b60 in imem::reg_write (this=0x881910) at ../src/abstract_proc/mems/imem.cpp:33
#2 0x000000000050578e in sc_core::sc_simcontext::crunch(bool) ()
#3 0x00000000005042b4 in sc_core::sc_simcontext::simulate(sc_core::sc_time const&) ()
#4 0x00000000004c65b0 in sc_core::sc_start (duration=10, time_unit=sc_core::SC_NS)
The port declaration:
SC_MODULE (imem) {
...
sc_in<bool> en_wr;
The function declaration (occurs in SC_CTOR(imem)):
SC_METHOD(reg_write);
sensitive << clk.pos();
The function in where it dies:
void imem::reg_write() {
data_wr_d.write(data_wr.read());
wr_addr_d.write(addr_wr.read());
cout << "imem::reg_write()" << std::endl;
en_wr_d.write(en_wr.read());
cout << "imem::reg_write() done" << std::endl;
}
imem::reg_write() gets printed into the console just before the seg fault occurs.
The declaration and binding of imem's port:
imem_i = new imem("imem");
imem_i->en_wr(imem_wr_en);
The declaration of the driving signal:
sc_signal<bool> imem_wr_en;
Any ideas? Thoughts? Things I should try?
EDIT: Something odd that occurs is sometimes adding or removing lines of code causes the seg fault to go away. One particular instance involved adding a debug cout statement fixed things, but after adding a << std::endl to the end of it the seg fault returned. This implied to some that I have a race condition, but in theory SystemC should be handling all the concurrent threads.
Sounds like memory problem. If you over run buffers somewhere, anything can happen - even stuff like you explained : program crashing at random location.
I really hope you got good unit tests. Try using valgrind to detect memory problems.
Could you please tell if you have got solution to your problem. Actually we are hitting similar issue, seg fault, while reading a boolean sc_signal. And problem goes away after adding prints in code.
How does one determine where the mistake is in the code that causes a segmentation fault?
Can my compiler (gcc) show the location of the fault in the program?
GCC can't do that but GDB (a debugger) sure can. Compile you program using the -g switch, like this:
gcc program.c -g
Then use gdb:
$ gdb ./a.out
(gdb) run
<segfault happens here>
(gdb) backtrace
<offending code is shown here>
Here is a nice tutorial to get you started with GDB.
Where the segfault occurs is generally only a clue as to where "the mistake which causes" it is in the code. The given location is not necessarily where the problem resides.
Also, you can give valgrind a try: if you install valgrind and run
valgrind --leak-check=full <program>
then it will run your program and display stack traces for any segfaults, as well as any invalid memory reads or writes and memory leaks. It's really quite useful.
You could also use a core dump and then examine it with gdb. To get useful information you also need to compile with the -g flag.
Whenever you get the message:
Segmentation fault (core dumped)
a core file is written into your current directory. And you can examine it with the command
gdb your_program core_file
The file contains the state of the memory when the program crashed. A core dump can be useful during the deployment of your software.
Make sure your system doesn't set the core dump file size to zero. You can set it to unlimited with:
ulimit -c unlimited
Careful though! that core dumps can become huge.
There are a number of tools available which help debugging segmentation faults and I would like to add my favorite tool to the list: Address Sanitizers (often abbreviated ASAN).
Modern¹ compilers come with the handy -fsanitize=address flag, adding some compile time and run time overhead which does more error checking.
According to the documentation these checks include catching segmentation faults by default. The advantage here is that you get a stack trace similar to gdb's output, but without running the program inside a debugger. An example:
int main() {
volatile int *ptr = (int*)0;
*ptr = 0;
}
$ gcc -g -fsanitize=address main.c
$ ./a.out
AddressSanitizer:DEADLYSIGNAL
=================================================================
==4848==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x5654348db1a0 bp 0x7ffc05e39240 sp 0x7ffc05e39230 T0)
==4848==The signal is caused by a WRITE memory access.
==4848==Hint: address points to the zero page.
#0 0x5654348db19f in main /tmp/tmp.s3gwjqb8zT/main.c:3
#1 0x7f0e5a052b6a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26b6a)
#2 0x5654348db099 in _start (/tmp/tmp.s3gwjqb8zT/a.out+0x1099)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV /tmp/tmp.s3gwjqb8zT/main.c:3 in main
==4848==ABORTING
The output is slightly more complicated than what gdb would output but there are upsides:
There is no need to reproduce the problem to receive a stack trace. Simply enabling the flag during development is enough.
ASANs catch a lot more than just segmentation faults. Many out of bounds accesses will be caught even if that memory area was accessible to the process.
¹ That is Clang 3.1+ and GCC 4.8+.
All of the above answers are correct and recommended; this answer is intended only as a last-resort if none of the aforementioned approaches can be used.
If all else fails, you can always recompile your program with various temporary debug-print statements (e.g. fprintf(stderr, "CHECKPOINT REACHED # %s:%i\n", __FILE__, __LINE__);) sprinkled throughout what you believe to be the relevant parts of your code. Then run the program, and observe what the was last debug-print printed just before the crash occurred -- you know your program got that far, so the crash must have happened after that point. Add or remove debug-prints, recompile, and run the test again, until you have narrowed it down to a single line of code. At that point you can fix the bug and remove all of the temporary debug-prints.
It's quite tedious, but it has the advantage of working just about anywhere -- the only times it might not is if you don't have access to stdout or stderr for some reason, or if the bug you are trying to fix is a race-condition whose behavior changes when the timing of the program changes (since the debug-prints will slow down the program and change its timing)
Lucas's answer about core dumps is good. In my .cshrc I have:
alias core 'ls -lt core; echo where | gdb -core=core -silent; echo "\n"'
to display the backtrace by entering 'core'. And the date stamp, to ensure I am looking at the right file :(.
Added: If there is a stack corruption bug, then the backtrace applied to the core dump is often garbage. In this case, running the program within gdb can give better results, as per the accepted answer (assuming the fault is easily reproducible). And also beware of multiple processes dumping core simultaneously; some OS's add the PID to the name of the core file.
This is a crude way to find the exact line after which there was the segmentation fault.
Define line logging function
#include \<iostream>
void log(int line) {
std::cout << line << std::endl;
}
find and replace all the semicolon after the log function with "; log(_LINE_);"
Make sure that the semicolons replaced with functions in the for (;;) loops are removed
If you have a reproducible exception like segmentation fault, you can use a tool like a debugger to reproduce the error.
I used to find source code location for even non-reproducible error. It's based on the Microsoft compiler tool chain. But it's based on a idea.
Save the MAP file for each binary (DLL,EXE) before you give it to the customer.
If an exception occurs, lookup the address in the MAP file and determine the function whose start address is just below the exception address. As a result you know the function, where the exception occurred.
Subtract the function start address from the exception address. The result is the offset in the function.
Recompile the source file containing the function with assembly listing enabled. Extract the function's assembly listing.
The assembly includes the offset of each instruction in the function. Lookup the source code line, that matches the offset in the function.
Evaluate the assembler code for the specific source code line. The offset points exactly the assembler instruction that caused the thrown exception. Evaluate the code of this single source code line. With a bit of experience with the compiler output you can say what caused the exception.
Be aware the reason for the exception might be at a totally different location. e.g. the code dereferenced a NULL pointer, but the actual reason, why the pointer is NULL can be somewhere else.
The steps 6. and 7. are beneficial since you asked only for the line of code. But I recommend that you should be aware of it.
I hope you get a similar environment with the GCC compiler for your platform. If you don't have a usable MAP file, use the tool chain tools to get the addresses of the the function. I am sure the ELF file format supports this.
In case any of you (like me!) were looking for this same question but with gfortran, not gcc, the compiler is much more powerful these days and before resorting to the use of the debugger, you can also try out these compile options. For me, this identified exactly the line of code where the error occurred and which variable I was accessing out of bounds to cause the segmentation fault error.
-O0 -g -Wall -fcheck=all -fbacktrace
I have been trying to debug a crash in my application that crashes (i.e. asserts a
* glibc detected * free(): invalid pointer: 0x000000000070f0c0 ***) while I'm trying to do a simple assign to a string. Note that I'm compiling on a linux system with gcc 4.2.4 with an optimization level set to -O2. With -O0 the application no longer crashes.
E.g.
std::string abc;
abc = "testString";
but if I changed the code as follows it no longer crashes
std::string abc("testString");
So again I scratched my head! But the interesting pattern was that the crash moved later on in the application, AGAIN at another string. I found it weird that the application was continuously crashing on a string assign. A typical crash backtrace would look as follows:
#0 0x00007f2c2663bfb5 in raise () from /lib64/libc.so.6
(gdb) bt
#0 0x00007f2c2663bfb5 in raise () from /lib64/libc.so.6
#1 0x00007f2c2663dbc3 in abort () from /lib64/libc.so.6
#2 0x00000000004d8cb7 in people_streamingserver_sighandler (signum=6) at src/peoplestreamingserver.cpp:487
#3 <signal handler called>
#4 0x00007f2c2663bfb5 in raise () from /lib64/libc.so.6
#5 0x00007f2c2663dbc3 in abort () from /lib64/libc.so.6
#6 0x00007f2c26680ce0 in ?? () from /lib64/libc.so.6
#7 0x00007f2c270ca7a0 in std::string::assign (this=0x7f2c21bc8d20, __str=<value optimized out>)
at /home/bbazso/ThirdParty/sources/gcc-4.2.4/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/basic_string.h:238
#8 0x00007f2c21bd874a in PEOPLESProtocol::GetStreamName (this=<value optimized out>,
pRawPath=0x2342fd8 "rtmp://127.0.0.1/mp4:pop.mp4", lStreamName=#0x7f2c21bc8d20)
at /opt/trx-HEAD/gcc/4.2.4/lib/gcc/x86_64-pc-linux-gnu/4.2.4/../../../../include/c++/4.2.4/bits/basic_string.h:491
#9 0x00007f2c21bd9daa in PEOPLESProtocol::SignalProtocolCreated (pProtocol=0x233a4e0, customParameters=#0x7f2c21bc8de0)
at peoplestreamer/src/peoplesprotocol.cpp:240
This was really weird behavior and so I started to poke around further in my application to see if there was some sort of memory corruption (either heap or stack) error that could be occurring that could be causing this weird behavior. I even checked for ptr corruptions and came up empty handed. In addition to visual inspection of the code I also tried the following tools:
Valgrind using both memcheck and exp-ptrcheck
electric fence
libsafe
I compiled with -fstack-protector-all in gcc
I tried MALLOC_CHECK_ set to 2
I ran my code through lint checks as well as cppcheck (to check for mistakes)
And I stepped through the code using gdb
So I tried a lot of stuff and still came up empty handed. So I was wondering if it could be something like a linker issue or a library issue of some sort that could be causing this problem. Are there any know issues with the std::string that make is susceptible to crashing in -O2 or maybe it has nothing to do with the optimization level? But the only pattern that I can see thus far in my problem is that it always seems to crash on a string and so I was wondering if anyone knew of any issues that my be causing this type of behavior.
Thanks a lot!
This is an initial guess using all information I can extract from your back trace.
You are most likely mixing and matching gcc version, linker and libstdc++ that results an unusual behaviour on the host machine:
libc is the system's: /lib64/libc.so.6
libstdc++ is in a "ThirdParty" directory - this is suspicions, as it tells me it might be compiled elsewhere with a different target - /home/bbazso/ThirdParty/sources/gcc-4.2.4/x86_64-pc-linux-gnu/libstdc++-v3/
Yet another libstdc++ in /opt: /opt/trx-HEAD/gcc/4.2.4/lib/gcc/x86_64-pc-linux-gnu/4.2.4/../../../../include/c++/4.2.4/bits/basic_string.h:491
In addition, GCC may mix the system's ld instead of itself which may cause further weird memory maps usage.
Can you repeat the crash with a basic two line program?
#include <string>
int main()
{
std::string abc;
abc = "testString";
}
If that crashes, please post your exact compile / link options?
If not, start paring down your code. Remove things lines a handful at a time until the bug goes away. Once you have some other change you can add to cause the crash and remove to make it go away, that should help you locate the problem.
Happened to me because of using malloc for a class which had std::strings as data members. Tricky.
As you said it's a weird behavior.
To be honnest with i think you are wasting time looking into a possible bug with std::strings. Strings are perfectly safe as long as you are using them well.
Anyway, with the informations you are giving :
First, are you using threads ? It's might be a thread problem.
Second, you check your program using valgrind. Have you no warnings at all ?
Note : The most critical valgrind's warnings are invalid read and invalid write.
PS : As said in commentary, you should probably use g++ to compile C++ code ;)