Hello everyone,
I am wondering if I met with segmentation fault in memcpy (Red Hat Linux). How to debug it? And what is the possible reason of segmentation fault -- source address error, destination address error or size error?
Sorry that my application is too large and I can not post all the codes.
thanks in advance,
George
Well one of the two pointers is either garbage or NULL, or the amount you're trying to copy is too much.
Use a debugger, break on that call, then examine the parameters.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
also they can't overlap.
http://www.cplusplus.com/reference/c...ng/memcpy.html
However, an overlap will not cause a failure as segmentation fault in the memcpy itself.Originally Posted by robwhit
I agree with Salem, it's a case of either bad pointers (NULL or uninitialized values) or "too much copy", i.e. copying past the end of the block of memory. Potentially "backwards" copy of string-literal would also cause this behaviour, e.g.Since s points to a string literal, which is read-only, it will segfault.Code:char *s = "Hello"; char t[10]; ... memcpy(s, t, 6); ...
Getting the size calculation wrong is a classic one, as negative size will be HUGE amount of data, since size_t is a unsigned value, and "negative" unsigned values make huge positive numbers.
--
Mats
Hi Salem,
Thanks for your advice. The memory address is not NULL and they seem to be valid address. The amount is correct, 4096 bytes.
I am wondering more detailed information about how to debug the source and destination buffer? How to debug? Any tricks or best practices?
regards,
George
Thanks robwhit,
I have checked that they are not overlap. Any ideas to debug?
regards,
George
Thanks Mats,
I have checked that the size is correct, 4096 bytes. The source buffer address and the destination buffer address are not zero -- seems valid address. I agree with you that they seem valid address, but may point to some invalid address.
Do you have any more detailed ideas to check or debug? How to detect they are not valid address? The source buffer and the destination buffer are all buffers on heap (not stack).
regards,
George
Post a stack trace then.
Run the program in gdb, then use the 'bt' command to print out the history of where it came from.
How do you know what a valid address looks like, when the evidence is that it segfaults? Two valid addresses with 4096 valid addresses after them would NOT segfault.
How do you know it is memcpy which is segfaulting anyway?
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
Try writing code to copy only the first and last bytes of the block across. One or the other should fail.
My homepage
Advice: Take only as directed - If symptoms persist, please see your debugger
Linus Torvalds: "But it clearly is the only right way. The fact that everybody else does it some other way only means that they are wrong"
Thanks Salem,
When there is a segmentation fault, there will be a core file generated. I used gdb <application name> <core file name> to debug, then using where command, I find the segmentation fault is from memcpy (reported by gdb).
The memory seems *valid*, because they are not zero. But I am interested to learn from you how to check in more details? Maybe the heap corruption? (source buffer and destination buffer are both heap buffers.)
regards,
George
Thanks iMalc,
I agree with you. I have debugged that even if I access the source buffer one by one (byte), there will be segmentation fault. So I think there should be something wrong with the source buffer.
The debug code I developed is something like,
Any ideas or comments?Code:char tmp; for (int i = 0; i < 4096; i++) { tmp = source_buffer [i]; }
regards,
George
I dunno, can you post an actual stack trace showing all the parameters being passed to memcpy ?
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
Actually there is an easy way to make it never crash because of a bad pointer. (Attention! Windows specific) IsBadWritePtr().
"The Internet treats censorship as damage and routes around it." - John Gilmore
That tells you that the source buffer isn't 4096 bytes long - how long is it (e.g. at what value of i does it crash)?
--
Mats
I can't believe it's so difficult to get a stack trace out of someone.
Y'know, something with concrete information rather than just waffle "it doesn't work".
Mmmm.
If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
If at first you don't succeed, try writing your phone number on the exam paper.
