Segmentation Fault on ShutdownProtobufLibrary
588 views
Skip to first unread message
LMazuel
Sep 15, 2011, 10:07:12 AM9/15/11
to Protocol Buffers
Hi all,
I'm very disappointed by a Segmentation Fault in my program using the
protobuf library (2.4.1, C++). This comes from
ShutdownProtobufLibrary, is systematic (differents machines,
compilation optimisation enabled or not which excludes some random
memory error) and has the following stack:
#0 0x00007f924f7c4165 in *__GI_raise (sig=<value optimized out>)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007f924f7c6f70 in *__GI_abort () at abort.c:92
#2 0x00007f924f7fa27b in __libc_message (do_abort=<value optimized
out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/
libc_fatal.c:189
#3 0x00007f924f803ad6 in malloc_printerr (action=3,
str=0x7f924f8b7ad6 "corrupted double-linked list", ptr=<value
optimized out>) at malloc.c:6267
#4 0x00007f924f803f0d in malloc_consolidate (av=<value optimized
out>) at malloc.c:5145
#5 0x00007f924f805418 in _int_free (av=0x7f924faeee40, p=0x25da640)
at malloc.c:5018
#6 0x00007f924f80884c in *__GI___libc_free (mem=<value optimized
out>) at malloc.c:3739
#7 0x00007f9253715699 in
__gnu_cxx::new_allocator<std::string*>::deallocate (this=0x953c20,
__in_chrg=<value optimized out>) at /usr/include/c++/4.4/ext/
new_allocator.h:95
#8 std::_Vector_base<std::string*, std::allocator<std::string*>
>::_M_deallocate (this=0x953c20, __in_chrg=<value optimized out>) at /
usr/include/c++/4.4/bits/stl_vector.h:146
#9 ~_Vector_base (this=0x953c20, __in_chrg=<value optimized out>) at /
usr/include/c++/4.4/bits/stl_vector.h:132
#10 ~vector (this=0x953c20, __in_chrg=<value optimized out>) at /usr/
include/c++/4.4/bits/stl_vector.h:313
#11 ~Tables (this=0x953c20, __in_chrg=<value optimized out>) at google/
protobuf/descriptor.cc:497
#12 0x00007f92537158fa in ~scoped_ptr (this=0x953b90, __in_chrg=<value
optimized out>) at ./google/protobuf/stubs/common.h:456
#13 ~DescriptorPool (this=0x953b90, __in_chrg=<value optimized out>)
at google/protobuf/descriptor.cc:784
#14 0x00007f9253715972 in DeleteGeneratedPool () at google/protobuf/
descriptor.cc:810
#15 0x00007f92536f84a3 in google::protobuf::ShutdownProtobufLibrary ()
at google/protobuf/stubs/common.cc:360
After investigating with gdb, it comes from the destructor
"DescriptorPool::Tables::~Tables()", precisely while calling the
destructor of the field "strings_" in the "Tables" class.
This seems that the internal structure of the vector has already been
destructed. It is simple to reproduce *exactly* this stack trace by
doing code like:
{
vector<string*> v(4);
delete &v[0];
} // Segmentation fault
Then, it is possible that some structure has access to the internal
contiguous buffer of the "strings_" vector (as we can do sometime to
talk with pure C code)?
To give some details about my implementation, I use dynamic linking of
the protobuf library. There is at least one call do "dlopen/
dlclose" (plugin architecture) at a time in the process. All works
fine, the error coming from the final C++ cleaning:
#17 0x00007f924f7c85e2 in __run_exit_handlers (status=0,
listp=0x7f924faed4a8, run_list_atexit=true) at exit.c:78
#18 0x00007f924f7c8635 in *__GI_exit (status=10700) at exit.c:100
#19 0x00007f924f7b0c54 in __libc_start_main (main=<value optimized
out>, argc=<value optimized out>, ubp_av=<value optimized out>,
init=<value optimized out>, fini=<value optimized out>,
rtld_fini=<value optimized out>,
stack_end=0x7fffe9974ee8) at libc-start.c:260
#20 0x0000000000510679 in _start ()
If someone has an idea....
Thank you by advance!
I'm very disappointed by a Segmentation Fault in my program using the
protobuf library (2.4.1, C++). This comes from
ShutdownProtobufLibrary, is systematic (differents machines,
compilation optimisation enabled or not which excludes some random
memory error) and has the following stack:
#0 0x00007f924f7c4165 in *__GI_raise (sig=<value optimized out>)
at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007f924f7c6f70 in *__GI_abort () at abort.c:92
#2 0x00007f924f7fa27b in __libc_message (do_abort=<value optimized
out>, fmt=<value optimized out>) at ../sysdeps/unix/sysv/linux/
libc_fatal.c:189
#3 0x00007f924f803ad6 in malloc_printerr (action=3,
str=0x7f924f8b7ad6 "corrupted double-linked list", ptr=<value
optimized out>) at malloc.c:6267
#4 0x00007f924f803f0d in malloc_consolidate (av=<value optimized
out>) at malloc.c:5145
#5 0x00007f924f805418 in _int_free (av=0x7f924faeee40, p=0x25da640)
at malloc.c:5018
#6 0x00007f924f80884c in *__GI___libc_free (mem=<value optimized
out>) at malloc.c:3739
#7 0x00007f9253715699 in
__gnu_cxx::new_allocator<std::string*>::deallocate (this=0x953c20,
__in_chrg=<value optimized out>) at /usr/include/c++/4.4/ext/
new_allocator.h:95
#8 std::_Vector_base<std::string*, std::allocator<std::string*>
>::_M_deallocate (this=0x953c20, __in_chrg=<value optimized out>) at /
usr/include/c++/4.4/bits/stl_vector.h:146
#9 ~_Vector_base (this=0x953c20, __in_chrg=<value optimized out>) at /
usr/include/c++/4.4/bits/stl_vector.h:132
#10 ~vector (this=0x953c20, __in_chrg=<value optimized out>) at /usr/
include/c++/4.4/bits/stl_vector.h:313
#11 ~Tables (this=0x953c20, __in_chrg=<value optimized out>) at google/
protobuf/descriptor.cc:497
#12 0x00007f92537158fa in ~scoped_ptr (this=0x953b90, __in_chrg=<value
optimized out>) at ./google/protobuf/stubs/common.h:456
#13 ~DescriptorPool (this=0x953b90, __in_chrg=<value optimized out>)
at google/protobuf/descriptor.cc:784
#14 0x00007f9253715972 in DeleteGeneratedPool () at google/protobuf/
descriptor.cc:810
#15 0x00007f92536f84a3 in google::protobuf::ShutdownProtobufLibrary ()
at google/protobuf/stubs/common.cc:360
After investigating with gdb, it comes from the destructor
"DescriptorPool::Tables::~Tables()", precisely while calling the
destructor of the field "strings_" in the "Tables" class.
This seems that the internal structure of the vector has already been
destructed. It is simple to reproduce *exactly* this stack trace by
doing code like:
{
vector<string*> v(4);
delete &v[0];
} // Segmentation fault
Then, it is possible that some structure has access to the internal
contiguous buffer of the "strings_" vector (as we can do sometime to
talk with pure C code)?
To give some details about my implementation, I use dynamic linking of
the protobuf library. There is at least one call do "dlopen/
dlclose" (plugin architecture) at a time in the process. All works
fine, the error coming from the final C++ cleaning:
#17 0x00007f924f7c85e2 in __run_exit_handlers (status=0,
listp=0x7f924faed4a8, run_list_atexit=true) at exit.c:78
#18 0x00007f924f7c8635 in *__GI_exit (status=10700) at exit.c:100
#19 0x00007f924f7b0c54 in __libc_start_main (main=<value optimized
out>, argc=<value optimized out>, ubp_av=<value optimized out>,
init=<value optimized out>, fini=<value optimized out>,
rtld_fini=<value optimized out>,
stack_end=0x7fffe9974ee8) at libc-start.c:260
#20 0x0000000000510679 in _start ()
If someone has an idea....
Thank you by advance!
LMazuel
Sep 19, 2011, 3:05:24 AM9/19/11
to Protocol Buffers
Hi again,
I have found that it is was a memory corruption earlier in the code
which destroys exactly this vector content....
Apologize for this post, protobuf are bugless :-)
Thanks,
I have found that it is was a memory corruption earlier in the code
which destroys exactly this vector content....
Apologize for this post, protobuf are bugless :-)
Thanks,
Reply all
Reply to author
Forward
0 new messages