How can I go about debugging SIGSEV in gdb?

CptanPanic · July 23, 2010, 2:06pm

I am building previously working code, but I am getting a seg fault and I can’t figure out what went wrong. gdb catches the error, but it doesn’t point to an obvious cause. The source line it shows is a function name, so it doesn’t even get into the function. If I look at the dissasembly of the instruction it is still setting up the stack, so maybe the stack is messed up. So how should I go about debugging this? This is in QNX 6.2, console gdb only.

[code]0x0816b829 in __ml (this=0x79b963c, anMultiplier=0) at …/u_matrix.cpp:56
56 tcMatrix tcMatrix::operator*(float64 anMultiplier)

0x816b820 <__ml>: push %ebp
0x816b821 <__ml+1>: mov %esp,%ebp
0x816b823 <__ml+3>: sub $0x13ac,%esp
0x816b829 <__ml+9>: push %edi
0x816b82a <__ml+10>: push %esi
0x816b82b <__ml+11>: push %ebx[/code]

mario · July 23, 2010, 3:08pm

If a push is caushing the crash then its most probably a stack overflow. Make sure you program isnt using too much stack ( C++ can be nasty when it creates temporary object like on you ). If it is ok use the -N option to increase stack size (link time)

davidk2 · July 28, 2010, 11:42am

Check bounds on arrays. This is the most common cause of stack corruption.

You’ll probably find that you are writing to and index greater than the length of the array somewhere.

Also check any pointers that you have allocated enough memory for what you are copying into that part of memory.

David

CptanPanic · July 28, 2010, 2:33pm

Thanks I was able to fix it by creating the thread with a larger stack size.

mario · July 28, 2010, 3:49pm

davidk2: it`s not writing to an index greater then lenght of array because this is never acheive with a push intruction. Push only operation on the stack, (at least in C/C++ ;-)

davidk2 · July 29, 2010, 9:55am

What I meant was. If you write to a piece of memory that you have not allocated to then anything could be in that part of memory including the stack.

en.wikipedia.org/wiki/Stack_buffer_overflow

I think it could still be stack corruption rather than running out of memory (i’ve seen this before):

#define BUFF_SIZE 1000
…

BYTE txbuffer[BUFF_SIZE];
…
for(i=0;i<2048;i++)
{
txbuffer[i] =0;
}

mario · July 29, 2010, 3:08pm

The code you posted might create a sigsegv, you have to hit the guard page for that, so the stack pointer has to be 1K below the limit, for it to crash. Still your code would NOT crash on a push instruction, it would crash on a mov instruction. Increasing stack size may prevent the crash but the program would still be buggy.

A SIGSEGV on a push instruction means you are trying to grow the stack beyond it`s size. The code you post is not growing the stack beyound its size.

davidk2 · July 29, 2010, 3:46pm

I agree on this. I was confused with your original response. I have tried this out and you are quiet correct.

The code I posted must have been hitting the guard page.

David