cppcheck on Centos 7 - segmentation fault

[Maiken Pedersen]

I am struggling getting cppcheck working on centos 7.

Is there a know issue and workaround?

16:40:55 Checking src/hed/acc/JobDescriptionParser/XRSLParser.cpp ...
16:40:55 /tmp/jenkins3716035076578746101.sh: line 4: 27094 Segmentation fault      cppcheck --enable=all --inconclusive --xml --xml-version=2 graph ./src 2> cppcheck.xml

strace gives:

open("src/hed/acc/JobDescriptionParser/list", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/map", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/sys/types.h", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/unistd.h", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/arc/StringConv.h", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/arc/URL.h", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/arc/compute/JobDescription.h", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/list", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/map", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/string", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/iostream", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/algorithm", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/arc/compute/JobDescriptionParserPlugin.h", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/list", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/string", O_RDONLY) = -1 ENOENT (No such file or directory)
open("src/hed/acc/JobDescriptionParser/arc/compute/JobDescriptionParserPlugin.h", O_RDONLY) = -1 ENOENT (No such file or directory)
brk(NULL)                               = 0x2b62000
brk(0x2b83000)                          = 0x2b83000
brk(NULL)                               = 0x2b83000
brk(0x2ba4000)                          = 0x2ba4000
brk(NULL)                               = 0x2ba4000
brk(0x2bc5000)                          = 0x2bc5000
brk(NULL)                               = 0x2bc5000
brk(0x2be6000)                          = 0x2be6000
brk(NULL)                               = 0x2be6000
brk(0x2c07000)                          = 0x2c07000
brk(NULL)                               = 0x2c07000
brk(0x2c28000)                          = 0x2c28000
brk(NULL)                               = 0x2c28000
brk(0x2c49000)                          = 0x2c49000
brk(NULL)                               = 0x2c49000
brk(0x2c6a000)                          = 0x2c6a000
brk(NULL)                               = 0x2c6a000
brk(0x2c8b000)                          = 0x2c8b000
brk(NULL)                               = 0x2c8b000
brk(0x2cac000)                          = 0x2cac000
brk(NULL)                               = 0x2cac000
brk(0x2ccd000)                          = 0x2ccd000
brk(NULL)                               = 0x2ccd000
brk(0x2cee000)                          = 0x2cee000
brk(NULL)                               = 0x2cee000
brk(0x2d0f000)                          = 0x2d0f000
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x80} ---
+++ killed by SIGSEGV +++

[Maiken Pedersen]

For info: the same command works perfectly fine on centos 6.

[versat]

Could you check which versions of Cppcheck are used?
cppcheck --version should print it out.
I guess CentOS 6 uses an older version of Cppcheck than CentOS 7?
AFAIK this is not known to the Cppcheck team yet.

Does this happen only for one project? Maybe there is some strange encoding or so in a file.

It looks like Cppcheck crashes while it is loading the header files.
According to strace the file src/hed/acc/JobDescriptionParser/arc/compute/JobDescriptionParserPlugin.h does not exist. Is that true?
But that should not crash Cppcheck or stop it from analysing the rest.

[Maiken Pedersen]

I actually posted the same question some time back on the irc-channel, but I can not find back to it. There it seemed that the problem was known.

[centos@jenkins-ci ~]$ uname -a
Linux jenkins-ci.novalocal 3.10.0-957.5.1.el7.x86_64 #1 SMP Fri Feb 1 14:54:57 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

[centos@jenkins-ci ~]$ cppcheck --version
Cppcheck 1.87

It is true that the files do not exist, probably because this is an un-compiled version of the code. However, running with centos6 this does not happen.

I just however found out that it is when I add the --enable=all flag that I get the seg-fault.

Extract from gdb with bactrace:

gdb cppcheck --enable=all  ./arc
........

Checking arc/src/hed/acc/JobDescriptionParser/XMLNodeRecover.cpp: HAVE_CONFIG_H...
80/624 files checked 14% done
Checking arc/src/hed/acc/JobDescriptionParser/XRSLParser.cpp ...

Program received signal SIGSEGV, Segmentation fault.
0x00000000005a0695 in isOppositeCond(bool, bool, Token const*, Token const*, Library const&, bool, bool, std::list<std::pair<Token const*, std::string>, std::allocator<std::pair<Token const*, std::string> > >*) ()
(gdb) thread apply all bt

Thread 1 (Thread 0x7ffff7fe8740 (LWP 18273)):
#0  0x00000000005a0695 in isOppositeCond(bool, bool, Token const*, Token const*, Library const&, bool, bool, std::list<std::pair<Token const*, std::string>, std::allocator<std::pair<Token const*, std::string> > >*) ()
#1  0x00000000004d3f10 in CheckCondition::multiCondition2() ()
#2  0x00000000004d51c4 in CheckCondition::runChecks(Tokenizer const*, Settings const*, ErrorLogger*) ()
#3  0x00000000006405db in CppCheck::checkNormalTokens(Tokenizer const&) ()
#4  0x0000000000644217 in CppCheck::checkFile(std::string const&, std::string const&, std::istream&) ()
#5  0x0000000000645864 in CppCheck::check(std::string const&) ()
#6  0x000000000045f49d in CppCheckExecutor::check_internal(CppCheck&, int, char const* const*) ()
#7  0x00000000004609de in CppCheckExecutor::check(int, char const* const*) ()
#8  0x0000000000444616 in main ()
(gdb) 

[Maiken Pedersen]

And now with debug-info installed

gdb cppcheck --enable=all  ./arc
........
Checking arc/src/hed/acc/JobDescriptionParser/XRSLParser.cpp ...

Program received signal SIGSEGV, Segmentation fault.
isOppositeCond (isNot=isNot@entry=false, cpp=<optimized out>, cond1=cond1@entry=0xd2fce0, cond2=cond2@entry=0xd303e0, library=..., pure=pure@entry=true, followVar=followVar@entry=true, errors=errors@entry=0x7fffffffc2d0)
    at /usr/src/debug/cppcheck-1.87/lib/astutils.cpp:608
608         } else if (cond2->astOperand1()->hasKnownIntValue()) {
(gdb) thread apply all bt

Thread 1 (Thread 0x7ffff7fe8740 (LWP 18504)):
#0  isOppositeCond (isNot=isNot@entry=false, cpp=<optimized out>, cond1=cond1@entry=0xd2fce0, cond2=cond2@entry=0xd303e0, library=..., pure=pure@entry=true, followVar=followVar@entry=true, errors=errors@entry=0x7fffffffc2d0)
    at /usr/src/debug/cppcheck-1.87/lib/astutils.cpp:608
#1  0x00000000004d3f10 in CheckCondition::multiCondition2 (this=this@entry=0x7fffffffc470) at /usr/src/debug/cppcheck-1.87/lib/checkcondition.cpp:656
#2  0x00000000004d51c4 in CheckCondition::runChecks (this=<optimized out>, tokenizer=0x7fffffffcb70, settings=0x7fffffffd818, errorLogger=0x7fffffffd600) at /usr/src/debug/cppcheck-1.87/lib/checkcondition.h:58
#3  0x00000000006405db in CppCheck::checkNormalTokens (this=this@entry=0x7fffffffd600, tokenizer=...) at /usr/src/debug/cppcheck-1.87/lib/cppcheck.cpp:583
#4  0x0000000000644217 in CppCheck::checkFile (this=this@entry=0x7fffffffd600, filename="arc/src/hed/acc/JobDescriptionParser/XRSLParser.cpp", cfgname="", fileStream=...) at /usr/src/debug/cppcheck-1.87/lib/cppcheck.cpp:431
#5  0x0000000000645864 in CppCheck::check (this=this@entry=0x7fffffffd600, path="./arc/src/hed/acc/JobDescriptionParser/XRSLParser.cpp") at /usr/src/debug/cppcheck-1.87/lib/cppcheck.cpp:97
#6  0x000000000045f49d in CppCheckExecutor::check_internal (this=this@entry=0x7fffffffe0c0, cppcheck=..., argv=argv@entry=0x7fffffffe448) at /usr/src/debug/cppcheck-1.87/cli/cppcheckexecutor.cpp:872
#7  0x00000000004609de in CppCheckExecutor::check (this=this@entry=0x7fffffffe0c0, argc=argc@entry=3, argv=argv@entry=0x7fffffffe448) at /usr/src/debug/cppcheck-1.87/cli/cppcheckexecutor.cpp:198
#8  0x0000000000444616 in main (argc=3, argv=0x7fffffffe448) at /usr/src/debug/cppcheck-1.87/cli/main.cpp:95
(gdb) 

[versat]

Can you try checking only XRSLParser.cpp?
If the crash still happens can you provide the file or try to reduce the code and provide an example that crashes Cppcheck?

[Maiken Pedersen]

Hi, thanks for your reply.

Yes, when running just on this file it crashes.
Attaching. Thank you.

[Alexander Mai]

Thanks.
I could reproduce and created a ticket: https://trac.cppcheck.net/ticket/9027

[Maiken Pedersen]

Oh excellent, thank you.