[maemo-developers] Help debugging segfaults

From: Greg Morgan drkludge at cox.net
Date: Tue Feb 27 10:02:29 EET 2007 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Simon Pickering wrote:
> Hello everyone,
> 
> I don't have much experience debugging segfaults and would appreciate
> any pointers.

pun intended?  ;-)  C pointers and string operations are the first place
to start looking for segmentation faults.

 I've compiled giac/xcas for the N800, but get a segfault
> when I try to run it (icas is the command line version).
> 
> The gdb output is as follows:
> 
> -------------------------------------------------------------------------------
> 
> Nokia-N800-51:/home/user# gdb ./icas
> GNU gdb 6.4
> Copyright 2005 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License, and you
> are
> welcome to change it and/or distribute copies of it under certain
> conditions.
> Type "show copying" to see the conditions.
> There is absolutely no warranty for GDB.  Type "show warranty" for details.
> This GDB was configured as "arm-linux-gnueabi"...Using host libthread_db
> library "/lib/libthread_db.so.1".
> 
> (gdb) r
> Starting program: /home/user/icas
> 
> Program received signal SIGSEGV, Segmentation fault.
> 0x41851380 in std::string::compare () from /usr/lib/libstdc++.so.6
> (gdb) bt
> #0  0x41851380 in std::string::compare () from /usr/lib/libstdc++.so.6
> #1  0x0005fa28 in std::operator< <char, std::char_traits<char>,

Hint "std::string::compare ()"
Hint "std::operator< <char, std::char_traits<char>"

I'd start here.  It has been a long time since I looked at gdb output of
someone else's code.  The thing that I see as a hint is string::compare
from the std library.  I am thinking <<stdio.h>> operations, etc but
this looks to be c++ code.  So go back and check how you handle your
string compare operations.  What are the inputs to the string
comparisons, etc.  Are your string lengths long enough?  Do you have
null terminated strings.  Have you properly initialized the variables
that are being used.  These are things that I would look for in a
segmentation fault.  These ideas may help with a porting issue too.

I inherited a bunch of Oracle Pro*C code once upon a time.   I had to
clean and clean and clean that program.  Much of it had to do with
making sure that the string lengths were of the right length.  The other
issue was improperly initialized variables.  That crap still runs in the
middle of the night.  However, I have been successfully sleeping through
the night for many years now.  Moreover, If gdb is taxing your mind,
there's nothing that says you can put some printf statements to locate
where the program segfaults.

I hope this helps.

Regards,
Greg

> std::allocator<char> > (__lhs=@0x10, __rhs=@0xbe9d5538) at
> basic_string.h:2149
> #2  0x401e1260 in std::less<std::string>::operator() () from
> /usr/lib/libgiac.so.0
> #3  0x401e17fc in std::_Rb_tree<std::string, std::pair<std::string
> const, giac::gen>, std::_Select1st<std::pair<std::string const,
> giac::gen> >, std::less<std::string>,
> std::allocator<std::pair<std::string const, giac::gen> >
>>::insert_unique () from /usr/lib/libgiac.so.0
> #4  0x401e1378 in std::map<std::string, giac::gen,
> std::less<std::string>, std::allocator<std::pair<std::string const,
> giac::gen> > >::insert ()
>    from /usr/lib/libgiac.so.0
> #5  0x401e0cc4 in std::map<std::string, giac::gen,
> std::less<std::string>, std::allocator<std::pair<std::string const,
> giac::gen> > >::operator[] ()
>    from /usr/lib/libgiac.so.0
> #6  0x4053a6f4 in giac::lexer_functions_register () from
> /usr/lib/libgiac.so.0
> #7  0x404b1354 in giac::unary_function_ptr::unary_function_ptr () from
> /usr/lib/libgiac.so.0
> #8  0x40135a7c in giac::_resultant () from /usr/lib/libgiac.so.0
> #9  0x40136e88 in giac::_resultant () from /usr/lib/libgiac.so.0
> #10 0x4100b28c in _dl_rtld_di_serinfo () from /lib/ld-linux.so.3
> #11 0x00026980 in ?? ()
> #12 0x00026980 in ?? ()
> Previous frame identical to this frame (corrupt stack?)
> (gdb) q
> The program is running.  Exit anyway? (y or n) y
> -------------------------------------------------------------------------------
> 
> 
> The tail end of the strace output is as follows:
> 
> -------------------------------------------------------------------------------
> 
> open("/usr/lib/libXdmcp.so.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\344\216"...,
> 512) = 512
> fstat64(3, {st_mode=S_IFREG|0644, st_size=17592186044416, ...}) = 0
> mmap2(0x413e8000, 47256, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE,
> 3, 0) = 0x413e8000
> mprotect(0x413eb000, 34968, PROT_NONE)  = 0
> mmap2(0x413f2000, 8192, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) = 0x413f2000
> close(3)                                = 0
> mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x4071b000
> mprotect(0x4112b000, 8192, PROT_READ)   = 0
> mprotect(0x4132c000, 4096, PROT_READ)   = 0
> mprotect(0x411f9000, 4096, PROT_READ)   = 0
> mprotect(0x41215000, 4096, PROT_READ)   = 0
> mprotect(0x40008000, 6991872, PROT_READ|PROT_WRITE) = 0
> mprotect(0x40008000, 6991872, PROT_READ|PROT_EXEC) = 0
> mprotect(0x4101e000, 4096, PROT_READ)   = 0
> munmap(0x40000000, 24576)               = 0
> getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
> setrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
> getpid()                                = 3049
> rt_sigaction(SIGRTMIN, {0x41207d08, [RT_6 RT_9 RT_10 RT_11 RT_12 RT_13
> RT_16 RT_17 RT_21 RT_22 RT_23 RT_31], 0x4000000 /* SA_??? */}, NULL, 8) = 0
> rt_sigaction(SIGRT_1, {0x41207dd4, [RTMIN RT_6 RT_9 RT_10 RT_11 RT_12
> RT_13 RT_16 RT_17 RT_21 RT_22 RT_23 RT_31], 0x4000000 /* SA_??? */},
> NULL, 8) = 0
> rt_sigaction(SIGRT_2, {0x41207dd4, [RTMIN RT_6 RT_9 RT_10 RT_11 RT_12
> RT_13 RT_16 RT_17 RT_21 RT_22 RT_23 RT_31], 0x4000000 /* SA_??? */},
> NULL, 8) = 0
> rt_sigprocmask(SIG_BLOCK, [RTMIN], NULL, 8) = 0
> rt_sigprocmask(SIG_UNBLOCK, [], NULL, 8) = 0
> _sysctl({(nil), -1098230264, 0x41216240, 0xbe8a560c, 0x4121623c,
> 1092706304}0xbe8a5388, 512, (nil), 0}) = 0
> brk(0)                                  = 0x18a000
> brk(0x1ab000)                           = 0x1ab000
> --- SIGSEGV (Segmentation fault) @ 0 (0) ---
> +++ killed by SIGSEGV +++
> Process 3049 detached
> -------------------------------------------------------------------------------
> 
> 
> If anyone has any bright ideas (As to what's wrong, or how to find out)
> I'd be glad to hear them.
> 
> Many thanks,
> 
> 
> Simon

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFF4+WVxyxe5L6mr7IRArffAJ4qZdcHBtJDa5zfEcliWp9iygCAawCfXXiK
YSU0/JDes5KVrPrtsO049hg=
=amXu
-----END PGP SIGNATURE-----
More information about the maemo-developers mailing list