Description of problem: Version-Release number of selected component (if applicable): How reproducible: install freesurfer 5.2 beta from ftp://surfer.nmr.mgh.harvard.edu/pub/dist/freesurfer/5.2.0-BETA/ Steps to Reproduce: 1. Set up 2. mri_convert /usr/local/freesurfer/subjects/sample-001.mgz ernie/mri/001.mgz 3. Actual results: mri_convert[7494]: segfault at 0 ip 00000037e092fbda sp 00007fff0eefaaa8 error 4 in libc-2.16.so[37e0800000+1ad000] Expected results: should run and convert sammple-001.mgz to 001.mgz Additional info:
This doesn't show a conslusive problem in glibc. Passing invalid arguments to many glibc functions can result in a segfault, and they would be the fault of the application. Could you please run valgrind on this program and see what it says?
==28741== Memcheck, a memory error detector ==28741== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==28741== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==28741== Command: /usr/local/freesurfer_centos6/bin/mri_convert ==28741== ==28741== Warning: set address range perms: large range [0x400000, 0x26dc7000) (noaccess) ==28741== Warning: set address range perms: large range [0x10c8000, 0x26dc7000) (defined) ==28741== Invalid read of size 4 ==28741== at 0x7D0C68: ??? ==28741== Address 0x74 is not stack'd, malloc'd or (recently) free'd ==28741== ==28741== ==28741== Process terminating with default action of signal 11 (SIGSEGV) ==28741== Access not within mapped region at address 0x74 ==28741== at 0x7D0C68: ??? ==28741== If you believe this happened as a result of a stack ==28741== overflow in your program's main thread (unlikely but ==28741== possible), you can try to increase the size of the ==28741== main thread stack using the --main-stacksize= flag. ==28741== The main thread stack size used in this run was 8388608. ==28741== ==28741== HEAP SUMMARY: ==28741== in use at exit: 0 bytes in 0 blocks ==28741== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==28741== ==28741== All heap blocks were freed -- no leaks are possible ==28741== ==28741== For counts of detected and suppressed errors, rerun with: -v ==28741== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2) Segmentation fault
GNU gdb (GDB) Fedora (7.5.1-32.fc18) Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/local/freesurfer/bin/mri_convert... warning: no loadable sections found in added symbol-file /usr/local/freesurfer/bin/mri_convert (no debugging symbols found)...done. (gdb) run /usr/local/freesurfer/subjects/sample-001.mgz /home/knutjbj/freesurfer/ernie/mri/001.mgz Starting program: /usr/local/freesurfer/bin/mri_convert /usr/local/freesurfer/subjects/sample-001.mgz /home/knutjbj/freesurfer/ernie/mri/001.mgz /usr/local/freesurfer/bin/mri_convert /usr/local/freesurfer/subjects/sample-001.mgz /home/knutjbj/freesurfer/ernie/mri/001.mgz $Id: mri_convert.c,v 1.179.2.7 2012/09/05 21:55:16 mreuter Exp $ reading from /usr/local/freesurfer/subjects/sample-001.mgz... Program received signal SIGSEGV, Segmentation fault. 0x00000037e092fbda in ?? () (gdb) [knutjbj@super-knut ~]$ valgrind --leak-check=full -v --read-var-info=yes mri_convert ==29197== Memcheck, a memory error detector ==29197== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==29197== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==29197== Command: mri_convert ==29197== --29197-- Valgrind options: --29197-- --leak-check=full --29197-- -v --29197-- --read-var-info=yes --29197-- Contents of /proc/version: --29197-- Linux version 3.7.4-204.fc18.x86_64 (mockbuild.fedoraproject.org) (gcc version 4.7.2 20121109 (Red Hat 4.7.2-8) (GCC) ) #1 SMP Wed Jan 23 16:44:29 UTC 2013 --29197-- Arch and hwcaps: AMD64, amd64-sse3-cx16 --29197-- Page sizes: currently 4096, max supported 4096 --29197-- Valgrind library directory: /usr/lib64/valgrind --29197-- Reading syms from /usr/lib64/valgrind/memcheck-amd64-linux --29197-- object doesn't have a dynamic symbol table --29197-- warning: addVar: unknown size (ips) --29197-- warning: addVar: unknown size (buf) --29197-- warning: addVar: unknown size (buf) --29197-- warning: addVar: unknown size (buf) --29197-- warning: addVar: unknown size (comps) --29197-- warning: addVar: unknown size (comps) --29197-- warning: addVar: unknown size (comps) --29197-- warning: addVar: unknown size (comps) --29197-- warning: addVar: unknown size (comps) --29197-- warning: addVar: unknown size (comps) --29197-- Scheduler: using generic scheduler lock implementation. --29197-- Reading suppressions file: /usr/lib64/valgrind/default.supp ==29197== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-29197-by-knutjbj-on-super-knut ==29197== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-29197-by-knutjbj-on-super-knut ==29197== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-29197-by-knutjbj-on-super-knut ==29197== ==29197== TO CONTROL THIS PROCESS USING vgdb (which you probably ==29197== don't want to do, unless you know exactly what you're doing, ==29197== or are doing some strange experiment): ==29197== /usr/lib64/valgrind/../../bin/vgdb --pid=29197 ...command... ==29197== ==29197== TO DEBUG THIS PROCESS USING GDB: start GDB like this ==29197== /path/to/gdb mri_convert ==29197== and then give GDB the following command ==29197== target remote | /usr/lib64/valgrind/../../bin/vgdb --pid=29197 ==29197== --pid is optional if only one valgrind process is running ==29197== ==29197== Warning: set address range perms: large range [0x400000, 0x26dc7000) (noaccess) ==29197== Warning: set address range perms: large range [0x10c8000, 0x26dc7000) (defined) --29197-- Reading syms from /usr/lib64/ld-2.16.so --29197-- Considering /usr/lib/debug/.build-id/c6/a5584d4a0fe34d3a93fee4a25715e77740d7ac.debug .. --29197-- .. build-id is valid --29197-- REDIR: 0x37e0017f90 (strlen) redirected to 0x3806db01 (vgPlain_amd64_linux_REDIR_FOR_strlen) --29197-- Reading syms from /usr/lib64/valgrind/vgpreload_core-amd64-linux.so --29197-- Reading syms from /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so --29197-- REDIR: 0x37e0017e00 (index) redirected to 0x26fcfe40 (index) --29197-- REDIR: 0x37e0017e80 (strcmp) redirected to 0x26fd0e50 (strcmp) --29197-- Reading syms from /usr/lib64/libz.so.1.2.7 --29197-- object doesn't have a symbol table --29197-- Reading syms from /usr/lib64/libcrypt-2.16.so --29197-- Considering /usr/lib/debug/.build-id/40/1d6ba71d8ec74de001c1c8db627c3b65429a8a.debug .. --29197-- .. build-id is valid --29197-- Reading syms from /usr/lib64/libdl-2.16.so --29197-- Considering /usr/lib/debug/.build-id/01/51493ff63734f4ebc1b955044172f1c7cd93b6.debug .. --29197-- .. build-id is valid --29197-- Reading syms from /usr/lib64/libpthread-2.16.so --29197-- Considering /usr/lib/debug/.build-id/60/3674cde330c29071d75821f9b0cde68823d548.debug .. --29197-- .. build-id is valid --29197-- Reading syms from /usr/lib64/libstdc++.so.6.0.17 --29197-- object doesn't have a symbol table --29197-- Reading syms from /usr/lib64/libm-2.16.so --29197-- Considering /usr/lib/debug/.build-id/a7/c9196f90ed36e17340a835554a98125787bbbe.debug .. --29197-- .. build-id is valid --29197-- Reading syms from /usr/lib64/libgomp.so.1.0.0 --29197-- object doesn't have a symbol table --29197-- Reading syms from /usr/lib64/libgcc_s-4.7.2-20121109.so.1 --29197-- object doesn't have a symbol table --29197-- Reading syms from /usr/lib64/libc-2.16.so --29197-- Considering /usr/lib/debug/.build-id/b7/b62d4d01e98c8b31d95895cbede393b8b0c6e8.debug .. --29197-- .. build-id is valid --29197-- Reading syms from /usr/lib64/libfreebl3.so --29197-- Considering /usr/lib/debug/.build-id/91/c9c77b5f38e04496150ca131cbfd421f07f065.debug .. --29197-- .. build-id is valid --29197-- Considering /usr/lib/debug/.build-id/d6/3850fc0440bdc35bf7b45efe4833cad97a813e.debug .. --29197-- .. build-id is valid --29197-- Reading syms from /usr/lib64/librt-2.16.so --29197-- Considering /usr/lib/debug/.build-id/df/a359d66944cb5dd2d09f3d2a4bab034df328ca.debug .. --29197-- .. build-id is valid --29197-- REDIR: 0x37e0889e60 (strcasecmp) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --29197-- REDIR: 0x37e08861c0 (strnlen) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --29197-- REDIR: 0x37e088c130 (strncasecmp) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --29197-- REDIR: 0x37e0887bb0 (__GI_strrchr) redirected to 0x26fcfc60 (__GI_strrchr) --29197-- REDIR: 0x37e08860e0 (__GI_strlen) redirected to 0x26fd01c0 (__GI_strlen) --29197-- REDIR: 0x37e0888c40 (memset) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --29197-- REDIR: 0x37e0888c80 (__GI_memset) redirected to 0x26fd2280 (memset) ==29197== Invalid read of size 4 ==29197== at 0x7D0C68: ??? ==29197== Address 0x74 is not stack'd, malloc'd or (recently) free'd ==29197== ==29197== ==29197== Process terminating with default action of signal 11 (SIGSEGV) ==29197== Access not within mapped region at address 0x74 ==29197== at 0x7D0C68: ??? ==29197== If you believe this happened as a result of a stack ==29197== overflow in your program's main thread (unlikely but ==29197== possible), you can try to increase the size of the ==29197== main thread stack using the --main-stacksize= flag. ==29197== The main thread stack size used in this run was 8388608. --29197-- REDIR: 0x37e087f8d0 (free) redirected to 0x26fce71f (free) ==29197== ==29197== HEAP SUMMARY: ==29197== in use at exit: 0 bytes in 0 blocks ==29197== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==29197== ==29197== All heap blocks were freed -- no leaks are possible ==29197== ==29197== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2) ==29197== ==29197== 1 errors in context 1 of 1: ==29197== Invalid read of size 4 ==29197== at 0x7D0C68: ??? ==29197== Address 0x74 is not stack'd, malloc'd or (recently) free'd ==29197== --29197-- --29197-- used_suppression: 2 glibc-2.5.x-on-SUSE-10.2-(PPC)-2a ==29197== ==29197== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2) Segmentation fault [knutjbj@super-knut ~]$ valgrind --leak-check=full -v --read-var-info=yes mri_convert /usr/local/freesurfer/subjects/sample-001.mgz freesurfer/ernie/mri/001.mgz ==31214== Memcheck, a memory error detector ==31214== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==31214== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==31214== Command: mri_convert /usr/local/freesurfer/subjects/sample-001.mgz freesurfer/ernie/mri/001.mgz ==31214== --31214-- Valgrind options: --31214-- --leak-check=full --31214-- -v --31214-- --read-var-info=yes --31214-- Contents of /proc/version: --31214-- Linux version 3.7.4-204.fc18.x86_64 (mockbuild.fedoraproject.org) (gcc version 4.7.2 20121109 (Red Hat 4.7.2-8) (GCC) ) #1 SMP Wed Jan 23 16:44:29 UTC 2013 --31214-- Arch and hwcaps: AMD64, amd64-sse3-cx16 --31214-- Page sizes: currently 4096, max supported 4096 --31214-- Valgrind library directory: /usr/lib64/valgrind --31214-- Reading syms from /usr/lib64/valgrind/memcheck-amd64-linux --31214-- object doesn't have a dynamic symbol table --31214-- warning: addVar: unknown size (ips) --31214-- warning: addVar: unknown size (buf) --31214-- warning: addVar: unknown size (buf) --31214-- warning: addVar: unknown size (buf) --31214-- warning: addVar: unknown size (comps) --31214-- warning: addVar: unknown size (comps) --31214-- warning: addVar: unknown size (comps) --31214-- warning: addVar: unknown size (comps) --31214-- warning: addVar: unknown size (comps) --31214-- warning: addVar: unknown size (comps) --31214-- Scheduler: using generic scheduler lock implementation. --31214-- Reading suppressions file: /usr/lib64/valgrind/default.supp ==31214== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-31214-by-knutjbj-on-super-knut ==31214== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-31214-by-knutjbj-on-super-knut ==31214== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-31214-by-knutjbj-on-super-knut ==31214== ==31214== TO CONTROL THIS PROCESS USING vgdb (which you probably ==31214== don't want to do, unless you know exactly what you're doing, ==31214== or are doing some strange experiment): ==31214== /usr/lib64/valgrind/../../bin/vgdb --pid=31214 ...command... ==31214== ==31214== TO DEBUG THIS PROCESS USING GDB: start GDB like this ==31214== /path/to/gdb mri_convert ==31214== and then give GDB the following command ==31214== target remote | /usr/lib64/valgrind/../../bin/vgdb --pid=31214 ==31214== --pid is optional if only one valgrind process is running ==31214== ==31214== Warning: set address range perms: large range [0x400000, 0x26dc7000) (noaccess) ==31214== Warning: set address range perms: large range [0x10c8000, 0x26dc7000) (defined) --31214-- Reading syms from /usr/lib64/ld-2.16.so --31214-- Considering /usr/lib/debug/.build-id/c6/a5584d4a0fe34d3a93fee4a25715e77740d7ac.debug .. --31214-- .. build-id is valid --31214-- REDIR: 0x37e0017f90 (strlen) redirected to 0x3806db01 (vgPlain_amd64_linux_REDIR_FOR_strlen) --31214-- Reading syms from /usr/lib64/valgrind/vgpreload_core-amd64-linux.so --31214-- Reading syms from /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so --31214-- REDIR: 0x37e0017e00 (index) redirected to 0x26fcfe40 (index) --31214-- REDIR: 0x37e0017e80 (strcmp) redirected to 0x26fd0e50 (strcmp) --31214-- Reading syms from /usr/lib64/libz.so.1.2.7 --31214-- object doesn't have a symbol table --31214-- Reading syms from /usr/lib64/libcrypt-2.16.so --31214-- Considering /usr/lib/debug/.build-id/40/1d6ba71d8ec74de001c1c8db627c3b65429a8a.debug .. --31214-- .. build-id is valid --31214-- Reading syms from /usr/lib64/libdl-2.16.so --31214-- Considering /usr/lib/debug/.build-id/01/51493ff63734f4ebc1b955044172f1c7cd93b6.debug .. --31214-- .. build-id is valid --31214-- Reading syms from /usr/lib64/libpthread-2.16.so --31214-- Considering /usr/lib/debug/.build-id/60/3674cde330c29071d75821f9b0cde68823d548.debug .. --31214-- .. build-id is valid --31214-- Reading syms from /usr/lib64/libstdc++.so.6.0.17 --31214-- object doesn't have a symbol table --31214-- Reading syms from /usr/lib64/libm-2.16.so --31214-- Considering /usr/lib/debug/.build-id/a7/c9196f90ed36e17340a835554a98125787bbbe.debug .. --31214-- .. build-id is valid --31214-- Reading syms from /usr/lib64/libgomp.so.1.0.0 --31214-- object doesn't have a symbol table --31214-- Reading syms from /usr/lib64/libgcc_s-4.7.2-20121109.so.1 --31214-- object doesn't have a symbol table --31214-- Reading syms from /usr/lib64/libc-2.16.so --31214-- Considering /usr/lib/debug/.build-id/b7/b62d4d01e98c8b31d95895cbede393b8b0c6e8.debug .. --31214-- .. build-id is valid --31214-- Reading syms from /usr/lib64/libfreebl3.so --31214-- Considering /usr/lib/debug/.build-id/91/c9c77b5f38e04496150ca131cbfd421f07f065.debug .. --31214-- .. build-id is valid --31214-- Considering /usr/lib/debug/.build-id/d6/3850fc0440bdc35bf7b45efe4833cad97a813e.debug .. --31214-- .. build-id is valid --31214-- Reading syms from /usr/lib64/librt-2.16.so --31214-- Considering /usr/lib/debug/.build-id/df/a359d66944cb5dd2d09f3d2a4bab034df328ca.debug .. --31214-- .. build-id is valid --31214-- REDIR: 0x37e0889e60 (strcasecmp) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --31214-- REDIR: 0x37e08861c0 (strnlen) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --31214-- REDIR: 0x37e088c130 (strncasecmp) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --31214-- REDIR: 0x37e0887bb0 (__GI_strrchr) redirected to 0x26fcfc60 (__GI_strrchr) --31214-- REDIR: 0x37e08860e0 (__GI_strlen) redirected to 0x26fd01c0 (__GI_strlen) --31214-- REDIR: 0x37e0888c40 (memset) redirected to 0x26dc870e (_vgnU_ifunc_wrapper) --31214-- REDIR: 0x37e0888c80 (__GI_memset) redirected to 0x26fd2280 (memset) ==31214== Invalid read of size 4 ==31214== at 0x7D0C68: ??? ==31214== by 0x2: ??? ==31214== by 0x7FEFFF91A: ??? ==31214== by 0x7FEFFF926: ??? ==31214== by 0x7FEFFF954: ??? ==31214== Address 0x74 is not stack'd, malloc'd or (recently) free'd ==31214== ==31214== ==31214== Process terminating with default action of signal 11 (SIGSEGV) ==31214== Access not within mapped region at address 0x74 ==31214== at 0x7D0C68: ??? ==31214== by 0x2: ??? ==31214== by 0x7FEFFF91A: ??? ==31214== by 0x7FEFFF926: ??? ==31214== by 0x7FEFFF954: ??? ==31214== If you believe this happened as a result of a stack ==31214== overflow in your program's main thread (unlikely but ==31214== possible), you can try to increase the size of the ==31214== main thread stack using the --main-stacksize= flag. ==31214== The main thread stack size used in this run was 8388608. --31214-- REDIR: 0x37e087f8d0 (free) redirected to 0x26fce71f (free) ==31214== ==31214== HEAP SUMMARY: ==31214== in use at exit: 0 bytes in 0 blocks ==31214== total heap usage: 0 allocs, 0 frees, 0 bytes allocated ==31214== ==31214== All heap blocks were freed -- no leaks are possible ==31214== ==31214== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2) ==31214== ==31214== 1 errors in context 1 of 1: ==31214== Invalid read of size 4 ==31214== at 0x7D0C68: ??? ==31214== by 0x2: ??? ==31214== by 0x7FEFFF91A: ??? ==31214== by 0x7FEFFF926: ??? ==31214== by 0x7FEFFF954: ??? ==31214== Address 0x74 is not stack'd, malloc'd or (recently) free'd ==31214== --31214-- --31214-- used_suppression: 2 glibc-2.5.x-on-SUSE-10.2-(PPC)-2a ==31214== ==31214== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2) Segmentation fault
I see that FreeSurfer is a 4.0GB download. Is this a binary package? Which binary package are you using? (1) Can you get a build of mri_convert with debug symbols and try valgrind/gdb again? My guess is that "Invalid read of size 4" which is "at 0x7D0C68: ???" is within the text segment of the program and is therefore an invalid read by the program. (2) Can you get a memory map of the program just before the crash?
I used the binary package since I have been unable to compile the program myself. I have used the this package ftp://surfer.nmr.mgh.harvard.edu/pub/dist/freesurfer/5.2.0-BETA/freesurfer-Linux-centos6_x86_64-stable-pub-v5.2.0.tar.gz . You can get the source http://surfer.nmr.mgh.harvard.edu/fswiki/ReadOnlyCVS. Could you please write which option I should use with valgrind.
MRI_convert with debug information. It seem to run better. [knutjbj@super-knut freesurfer]$ valgrind -v --leak-check=full ./mri_convert /usr/local/freesurfer/subjects/sample-001.mgz ernie/mri/001.mgz >error.log ==30054== Memcheck, a memory error detector ==30054== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al. ==30054== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info ==30054== Command: ./mri_convert /usr/local/freesurfer/subjects/sample-001.mgz ernie/mri/001.mgz ==30054== --30054-- Valgrind options: --30054-- -v --30054-- --leak-check=full --30054-- Contents of /proc/version: --30054-- Linux version 3.7.4-204.fc18.x86_64 (mockbuild.fedoraproject.org) (gcc version 4.7.2 20121109 (Red Hat 4.7.2-8) (GCC) ) #1 SMP Wed Jan 23 16:44:29 UTC 2013 --30054-- Arch and hwcaps: AMD64, amd64-sse3-cx16 --30054-- Page sizes: currently 4096, max supported 4096 --30054-- Valgrind library directory: /usr/lib64/valgrind --30054-- Reading syms from /home/knutjbj/freesurfer/mri_convert --30054-- Reading syms from /usr/lib64/valgrind/memcheck-amd64-linux --30054-- object doesn't have a dynamic symbol table --30054-- Reading syms from /usr/lib64/ld-2.16.so --30054-- Considering /usr/lib/debug/.build-id/c6/a5584d4a0fe34d3a93fee4a25715e77740d7ac.debug .. --30054-- .. build-id is valid --30054-- Scheduler: using generic scheduler lock implementation. ==30054== Warning: set address range perms: large range [0x10ed000, 0x26deb000) (defined) --30054-- Reading suppressions file: /usr/lib64/valgrind/default.supp ==30054== embedded gdbserver: reading from /tmp/vgdb-pipe-from-vgdb-to-30054-by-knutjbj-on-super-knut ==30054== embedded gdbserver: writing to /tmp/vgdb-pipe-to-vgdb-from-30054-by-knutjbj-on-super-knut ==30054== embedded gdbserver: shared mem /tmp/vgdb-pipe-shared-mem-vgdb-30054-by-knutjbj-on-super-knut ==30054== ==30054== TO CONTROL THIS PROCESS USING vgdb (which you probably ==30054== don't want to do, unless you know exactly what you're doing, ==30054== or are doing some strange experiment): ==30054== /usr/lib64/valgrind/../../bin/vgdb --pid=30054 ...command... ==30054== ==30054== TO DEBUG THIS PROCESS USING GDB: start GDB like this ==30054== /path/to/gdb ./mri_convert ==30054== and then give GDB the following command ==30054== target remote | /usr/lib64/valgrind/../../bin/vgdb --pid=30054 ==30054== --pid is optional if only one valgrind process is running ==30054== --30054-- REDIR: 0x37e0017f90 (strlen) redirected to 0x3806db01 (vgPlain_amd64_linux_REDIR_FOR_strlen) --30054-- Reading syms from /usr/lib64/valgrind/vgpreload_core-amd64-linux.so --30054-- Reading syms from /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so --30054-- REDIR: 0x37e0017e00 (index) redirected to 0x277f3e40 (index) --30054-- REDIR: 0x37e0017e80 (strcmp) redirected to 0x277f4e50 (strcmp) --30054-- Reading syms from /usr/lib64/libz.so.1.2.7 --30054-- object doesn't have a symbol table --30054-- Reading syms from /usr/lib64/libcrypt-2.16.so --30054-- Considering /usr/lib/debug/.build-id/40/1d6ba71d8ec74de001c1c8db627c3b65429a8a.debug .. --30054-- .. build-id is valid --30054-- Reading syms from /usr/lib64/libdl-2.16.so --30054-- Considering /usr/lib/debug/.build-id/01/51493ff63734f4ebc1b955044172f1c7cd93b6.debug .. --30054-- .. build-id is valid --30054-- Reading syms from /usr/lib64/libpthread-2.16.so --30054-- Considering /usr/lib/debug/.build-id/60/3674cde330c29071d75821f9b0cde68823d548.debug .. --30054-- .. build-id is valid --30054-- Reading syms from /usr/lib64/libstdc++.so.6.0.17 --30054-- object doesn't have a symbol table --30054-- Reading syms from /usr/lib64/libm-2.16.so --30054-- Considering /usr/lib/debug/.build-id/a7/c9196f90ed36e17340a835554a98125787bbbe.debug .. --30054-- .. build-id is valid --30054-- Reading syms from /usr/lib64/libgomp.so.1.0.0 --30054-- object doesn't have a symbol table --30054-- Reading syms from /usr/lib64/libgcc_s-4.7.2-20121109.so.1 --30054-- object doesn't have a symbol table --30054-- Reading syms from /usr/lib64/libc-2.16.so --30054-- Considering /usr/lib/debug/.build-id/b7/b62d4d01e98c8b31d95895cbede393b8b0c6e8.debug .. --30054-- .. build-id is valid --30054-- Reading syms from /usr/lib64/libfreebl3.so --30054-- Considering /usr/lib/debug/.build-id/91/c9c77b5f38e04496150ca131cbfd421f07f065.debug .. --30054-- .. build-id is valid --30054-- Considering /usr/lib/debug/.build-id/d6/3850fc0440bdc35bf7b45efe4833cad97a813e.debug .. --30054-- .. build-id is valid --30054-- Reading syms from /usr/lib64/librt-2.16.so --30054-- Considering /usr/lib/debug/.build-id/df/a359d66944cb5dd2d09f3d2a4bab034df328ca.debug .. --30054-- .. build-id is valid --30054-- REDIR: 0x37e0889e60 (strcasecmp) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e08861c0 (strnlen) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e088c130 (strncasecmp) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0887bb0 (__GI_strrchr) redirected to 0x277f3c60 (__GI_strrchr) --30054-- REDIR: 0x37e08860e0 (__GI_strlen) redirected to 0x277f41c0 (__GI_strlen) --30054-- REDIR: 0x37e0888c40 (memset) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0888c80 (__GI_memset) redirected to 0x277f6280 (memset) --30054-- REDIR: 0x37e08845a0 (strcmp) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e092fbc0 (__strcmp_sse42) redirected to 0x277f4db0 (strcmp) --30054-- REDIR: 0x37e087ffa0 (calloc) redirected to 0x277f1a99 (calloc) --30054-- REDIR: 0x37e0886090 (strlen) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0960680 (__strlen_sse2_pminub) redirected to 0x277f41a0 (strlen) --30054-- REDIR: 0x37e245f580 (operator new(unsigned long)) redirected to 0x277f329f (operator new(unsigned long)) --30054-- REDIR: 0x37e088e810 (memcpy@@GLIBC_2.14) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0945a40 (__memcpy_ssse3_back) redirected to 0x277f5180 (memcpy@@GLIBC_2.14) --30054-- REDIR: 0x37e08862e0 (__GI_strncmp) redirected to 0x277f4690 (__GI_strncmp) --30054-- REDIR: 0x37e245d890 (operator delete(void*)) redirected to 0x277f2305 (operator delete(void*)) --30054-- REDIR: 0x37e087f3e0 (malloc) redirected to 0x277f37ba (malloc) --30054-- REDIR: 0x37e087f8d0 (free) redirected to 0x277f271f (free) --30054-- REDIR: 0x37e088ff00 (strchrnul) redirected to 0x277f67d0 (strchrnul) --30054-- REDIR: 0x37e0888600 (bcmp) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e095afb0 (__memcmp_sse4_1) redirected to 0x277f5ea0 (bcmp) --30054-- REDIR: 0xffffffffff600400 (???) redirected to 0x3806daed (vgPlain_amd64_linux_REDIR_FOR_vtime) --30054-- REDIR: 0x37e08845e0 (__GI_strcmp) redirected to 0x277f4e00 (__GI_strcmp) --30054-- REDIR: 0x37e0884520 (__GI_strchr) redirected to 0x277f3d40 (__GI_strchr) --30054-- REDIR: 0x37e0889d00 (__GI_stpcpy) redirected to 0x277f6010 (__GI_stpcpy) --30054-- REDIR: 0x37e0885a30 (strcpy) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0893f40 (__strcpy_sse2_unaligned) redirected to 0x277f41e0 (strcpy) --30054-- REDIR: 0x37e0887b30 (strncpy) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0894570 (__strncpy_sse2_unaligned) redirected to 0x277f4380 (strncpy) --30054-- REDIR: 0x37e08842e0 (strcat) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0896d60 (__strcat_sse2_unaligned) redirected to 0x277f3e80 (strcat) --30054-- REDIR: 0x37e0885a70 (__GI_strcpy) redirected to 0x277f42b0 (__GI_strcpy) --30054-- REDIR: 0x37e08882b0 (memchr) redirected to 0x277f4ef0 (memchr) --30054-- REDIR: 0x37e0933d00 (__strncasecmp_sse42) redirected to 0x277f47e0 (strncasecmp) --30054-- Reading syms from /usr/lib64/libnss_files-2.16.so --30054-- Considering /usr/lib/debug/.build-id/52/50faf4f4c8d50c6a3b488c1b34b6a0e332d0bd.debug .. --30054-- .. build-id is valid --30054-- REDIR: 0x37e0887b70 (rindex) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0931950 (__strrchr_sse42) redirected to 0x277f3c30 (rindex) --30054-- REDIR: 0x37e089d830 (strstr) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e0931af0 (__strstr_sse42) redirected to 0x277f6bd0 (strstr) --30054-- REDIR: 0x37e08844e0 (index) redirected to 0x275ec70e (_vgnU_ifunc_wrapper) --30054-- REDIR: 0x37e092fb10 (__strchr_sse42) redirected to 0x277f3d00 (index) --30054-- REDIR: 0x37e0881950 (posix_memalign) redirected to 0x277f191d (posix_memalign) --30054-- REDIR: 0x37e245f690 (operator new[](unsigned long)) redirected to 0x277f2c22 (operator new[](unsigned long)) --30054-- REDIR: 0x37e245d8c0 (operator delete[](void*)) redirected to 0x277f1e55 (operator delete[](void*)) --30054-- Discarding syms at 0x2e2411e0-0x2e24867c in /usr/lib64/libnss_files-2.16.so due to munmap() ==30054== ==30054== HEAP SUMMARY: ==30054== in use at exit: 17,071,868 bytes in 269 blocks ==30054== total heap usage: 14,173 allocs, 13,904 frees, 18,216,677 bytes allocated ==30054== ==30054== Searching for pointers to 269 not-freed blocks ==30054== Checked 652,640,232 bytes ==30054== ==30054== 72 bytes in 1 blocks are possibly lost in loss record 4 of 15 ==30054== at 0x277F1B2F: calloc (vg_replace_malloc.c:593) ==30054== by 0x49E60C: MatrixAlloc (matrix.c:270) ==30054== by 0x4A6027: MatrixInverse (matrix.c:131) ==30054== by 0x4B9F28: extract_r_to_i (mri.c:291) ==30054== by 0x51BEFF: mri_read (mriio.c:873) ==30054== by 0x522F3D: MRIread (mriio.c:1078) ==30054== by 0x418129: main (mri_convert.c:1805) ==30054== ==30054== 4,512 bytes in 1 blocks are possibly lost in loss record 10 of 15 ==30054== at 0x277F1B2F: calloc (vg_replace_malloc.c:593) ==30054== by 0x4B5110: MRIallocIndices (mri.c:6042) ==30054== by 0x4BF86A: MRIallocSequence (mri.c:6192) ==30054== by 0x5195D1: mghRead.clone.0 (mriio.c:12614) ==30054== by 0x51C9DF: mri_read (mriio.c:781) ==30054== by 0x522F3D: MRIread (mriio.c:1078) ==30054== by 0x418129: main (mri_convert.c:1805) ==30054== ==30054== 5,024 bytes in 1 blocks are possibly lost in loss record 11 of 15 ==30054== at 0x277F1B2F: calloc (vg_replace_malloc.c:593) ==30054== by 0x4B50C8: MRIallocIndices (mri.c:6032) ==30054== by 0x4BF86A: MRIallocSequence (mri.c:6192) ==30054== by 0x5195D1: mghRead.clone.0 (mriio.c:12614) ==30054== by 0x51C9DF: mri_read (mriio.c:781) ==30054== by 0x522F3D: MRIread (mriio.c:1078) ==30054== by 0x418129: main (mri_convert.c:1805) ==30054== ==30054== 5,024 bytes in 1 blocks are possibly lost in loss record 12 of 15 ==30054== at 0x277F1B2F: calloc (vg_replace_malloc.c:593) ==30054== by 0x4B50EC: MRIallocIndices (mri.c:6037) ==30054== by 0x4BF86A: MRIallocSequence (mri.c:6192) ==30054== by 0x5195D1: mghRead.clone.0 (mriio.c:12614) ==30054== by 0x51C9DF: mri_read (mriio.c:781) ==30054== by 0x522F3D: MRIread (mriio.c:1078) ==30054== by 0x418129: main (mri_convert.c:1805) ==30054== ==30054== LEAK SUMMARY: ==30054== definitely lost: 0 bytes in 0 blocks ==30054== indirectly lost: 0 bytes in 0 blocks ==30054== possibly lost: 14,632 bytes in 4 blocks ==30054== still reachable: 17,057,236 bytes in 265 blocks ==30054== suppressed: 0 bytes in 0 blocks ==30054== Reachable blocks (those to which a pointer was found) are not shown. ==30054== To see them, rerun with: --leak-check=full --show-reachable=yes ==30054== ==30054== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 2 from 2) --30054-- --30054-- used_suppression: 2 glibc-2.5.x-on-SUSE-10.2-(PPC)-2a ==30054== ==30054== ERROR SUMMARY: 4 errors from 4 contexts (suppressed: 2 from 2)
Knut, Can you confirm that your rebuilt MRI_convert on your FC18 system with debug information now runs correctly (aside from the leaks detected by valgrind)? What does `ldd MRI_convert` print? I'd like to get a feel for how many dependencies that executable has on system libraries. Thanks.
I did not rebuild it but got a debug version from freesurfer homepage. http://www.mail-archive.com/freesurfer@nmr.mgh.harvard.edu/msg26374.html The normal freesurfer build are statical linked. ldd ./mri_convert linux-vdso.so.1 => (0x00007fff9cbff000) libz.so.1 => /lib64/libz.so.1 (0x00000037e1800000) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x00000037f7200000) libdl.so.2 => /lib64/libdl.so.2 (0x00000037e1000000) libpthread.so.0 => /lib64/libpthread.so.0 (0x00000037e1400000) libstdc++.so.6 => /lib64/libstdc++.so.6 (0x00000037e2400000) libm.so.6 => /lib64/libm.so.6 (0x00000037e0c00000) libgomp.so.1 => /lib64/libgomp.so.1 (0x0000003809400000) libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00000037e2000000) libc.so.6 => /lib64/libc.so.6 (0x00000037e0800000) libfreebl3.so => /lib64/libfreebl3.so (0x00000037f7a00000) /lib64/ld-linux-x86-64.so.2 (0x00000037e0000000) librt.so.1 => /lib64/librt.so.1 (0x00000037e1c00000)
It worked as dynamic linked program but not as statical linked program. The program were compiled on Centos 6.0 pc.
Jeff Law assigned it to me as owner of the Free42 component, but this has nothing whatsoever to do with Free42, so I'd recommend figuring out the correct component/person to whom to assign it. If it remains assigned to Free42, I'll just close it as NOTABUG/WONTFIX.
Eric, sorry about that, it was totally unintentional... The component should have stayed as glibc.
I can confirm this bug on Fedora 3.7.6-201.fc18.x86_64 (glibc 2.16-28.fc18). I see segmentation faults for the majority of the simple (testing) examples as well: http://surfer.nmr.mgh.harvard.edu/fswiki/TestingFreeSurfer I get a segmentation fault on tkmedit bert orig.mgz with a .xdebug_tkmedit that shows tkmedit started: Thu Feb 21 10:15:09 2013 /home/herzfeldd/Downloads/freesurfer/tktools/tkmedit.bin bert orig.mgz $Id: tkmedit.c,v 1.343 2011/03/01 01:41:22 nicks Exp $ $Name: stable5 $ Set user home dir to /home/herzfeldd/Downloads/freesurfer Set subject home dir to /home/herzfeldd/Downloads/freesurfer/subjects/bert Segfault Importing volume with MRIread xDebug stack (length: 5) 04: Volm_ImportData( this=0x2804c590, isSource=/home/herzfeldd/Downloa ds/freesurfer/subjects/bert/mri/orig.mgz ) 04: Importing volume with MRIread 03: LoadVolume( iType=0, isName=orig.mgz, ibConform = 0 ) 03: Reading data into volume 02: ParseCmdLineArgs( argc=3, argv=/home/herzfeldd/Downloads/freesurfer/tk tools/tkmedit.bin ) 02: Loading volume orig.mgz 01: main() 01: Parsing command line arguments 00: 00: tkmedit is statically linked, just as the standard distribution of mri_convert was above. recon-all -s bert -all also ends with a segmentation fault when reading reading the source image (as does mri_convert as the OP shows). I can provide additional information if desired.
It is still present with latest beta.
The current crash is caused by passing an invalid NULL pointer to the C library string functions. The invalid NULL pointer is the result of a call to the crypt function which has been passed an invalid salt value. The caller should have checked the return for NULL and noticed the error instead of crashing. The C library previously allowed out-of-spec salt values to be used, but with recent changes the interface has become stricter about checking that salt values are valid. There are two workarounds: Use Fedora 17 with this application to avoid the strict salt checking. Preload a shared library that provides custom crypt and crypt_r routines that support out-of-spec salt values. We are tracking down the caller of crypt to determine if it is an error in our core libraries or a problem with the application. If it's an error in our distribution provided libraries we will be working to fix the issue. We will provide another update once we have tracked this further.
The most immediate solution is for the application to be changed to use a compliant crypt salt value. After further investigation, we found that the application is passing unsupported, nonstandard salt to crypt(). This will result in crypt() returning NULL and setting errno to EINVAL. It does not appear that the application is checking for a NULL return value from crypt. It also appears that the application is using this NULL return value in a subsequent function call resulting in a segmentation fault. Previously glibc would accept unsupported salt values, but newer versions of the library have become stricter. We are currently reviewing the implementation to see if the accepted salt values can be expanded while still meeting our standards compliance requirements.
Hi, Do you think that this problem is fixed? Thanks in advance for your response.
Freesurfers developers did not released a fix. At least, I see no comment about it at newsletter and the current stable release available for download is the same (5.2). I tried to build a virtual machine using CentOS6 under Fedora 18 and all main functions worked, except recon-all. I am not aware if Fedora developers decided to change glibc to accept the nonstandard salt to crypt (see comment 27). Perhaps Freesurfer works well under Fedora 17. I decided to download a complete virtual machine (Centos4 + Freesurfer 5.1) from their website to improve my chances to run this application. There is no such vdi file for Linux x64 and Freesurfer 5.2.
We have not completed the review of the current implementation to see if the accepted salt values can be expanded while still meeting our standards compliance requirements. We will post an update when this review is completed. However, you can use Fedora 17 with this application to avoid strict salt checking.
Just to correct myself (comment 29). The virtual machine I got is not with CentOS but Xubuntu O.o
I installed Freesurfer under Fedora 17 and it works great and out of the box. So I can confirm Fedora 17 is the best option for Freesurfer users at the moment.
Fix in Freesurfer 5.3. Pleas close.