1 简介
1.1 段错误的定义
A segmentation fault (often shortened to segfault) is a particular error condition that can occur during the operation of computer software. In short, a segmentation fault occurs when a program attempts to access a memory location that it is not allowed to access, or attempts to access a memory location in a way that is not allowed (e.g., attempts to write to a read-only location, or to overwrite part of the operating system). Systems based on processors like the Motorola 68000 tend to refer to these events as Address or Bus errors.
Segmentation is one approach to memory management and protection in the operating system. It has been superseded by paging for most purposes, but much of the terminology of segmentation is still used, “segmentation fault” being an example. Some operating systems still have segmentation at some logical level although paging is used as the main memory management policy.
On Unix-like operating systems, a process that accesses invalid memory receives the SIGSEGV signal. On Microsoft Windows, a process that accesses invalid memory receives the STATUS_ACCESS_VIOLATION exception.
总之,段错误就是访问了不可访问的内存,这个内存区要么是不存在的,要么是受到系统保护的。
1.2 痛点
进行C/C++相关开发时候,经常会遇到段错误,且Linux Shell终端下几乎不会输出太多有用的信息。仅有的基本如下:Segmentation fault (core dumped)
2 知识点
2.1 报错内容
segfault at 4 ip 00007faec801f631 sp 00007fae90b9d940 error 4 in libQt5Core.so.5.12.6[7faec7ef4000+589000]
segfault at 引起故障的地址
ip 指令的内存地址
sp 堆栈指针地址, 及栈顶指针
2.2 error number
内核是通过show_signal_msg输出段错误信息的。
错误码是通过一个error_code的参数表示的,对应fault.c,发现如下内容:
/*
* Page fault error code bits:
*
* bit 0 == 0: no page found 1: protection fault
* bit 1 == 0: read access 1: write access
* bit 2 == 0: kernel-mode access 1: user-mode access
* bit 3 == 1: use of reserved bit detected
* bit 4 == 1: fault was an instruction fetch
*/
enum x86_pf_error_code {
PF_PROT = 1 << 0,
PF_WRITE = 1 << 1,
PF_USER = 1 << 2,
PF_RSVD = 1 << 3,
PF_INSTR = 1 << 4,
};
bit2: 值为1表示是用户态程序内存访问越界,值为0表示是内核态程序内存访问越界
bit1: 值为1表示是写操作导致内存访问越界,值为0表示是读操作导致内存访问越界
bit0: 值为1表示没有足够的权限访问非法地址的内容,值为0表示访问的非法地址根本没有对应的页面,也就是无效地址
14,也就是 Page Fault。
3 排除步骤(借助汇编)
3.1 日志确定错误类型
通过系统日志/var/log/syslog.1,查看到
kernel: [18683.743108] UmArm[2055]: segfault at 0 ip 0000000000000000 sp 00007ffe62b05df8 error 14 in UmArm[400000+71e000]
kernel: [18798.627149] UmArm[3540]: segfault at 0 ip 0000000000000000 sp 00007fff9920fb88 error 14 in UmArm[400000+71e000]
kernel: [21734.959099] UmArm[3589]: segfault at 4 ip 00007fa5700fa631 sp 00007fa539fa0bc0 error 4 in libQt5Core.so.5.12.6[7fa56ffcf000+589000]
kernel: [36734.159035] UmArm[3805]: segfault at 0 ip 0000000000000000 sp 00007ffec22fe678 error 14 in UmArm[400000+71e000]
kernel: [37237.873256] traps: UmArm[19832] general protection ip:4392fc sp:7ffd2fdf4de0 error:0 in UmArm[400000+71e000]
kernel: [38918.332957] UmArm[20093]: segfault at 18 ip 0000000000000018 sp 00007ffcbc485388 error 14 in UmArm[400000+71e000]
3.2 计算相对地址
- 从libQt5Core.so.5.12.6[7fa56ffcf000+589000]可以看出错误发生在libQt5Core.so.5.12.6上,libQt5Core.so.5.12.6在此程序中映射的内存基址为7fa56ffcf000,这个so上的东西很多。
- ip 00007fa5700fa631 sp 00007fa539fa0bc0,ip是指令地址,sp是堆栈指针地址。
因为工程,是自己独立写的,代码规模到了4万行,开发中一直没有测试进来(我一直认为测试比研发都重要,奈何我的建议仅是建议),所以这种情况下遇到自己写的段错误,很难收缩范围。 - 指令地址为:00007fa5700fa631 ,libQt5Core指令的基地址为:7fa56ffcf000,可以根据这两个值计算一下该指令的相对地址为12b631,下面我们需要找到相对代码段地址为12b631的地方对应的函数。
3.3 反汇编该库文件
cd /opt/Qt5.12.6/5.12.6/gcc_64/lib
sudo objdump -ld libQt5Core.so.5.12.6 > ~/Desktop/dumpcode
3.4 查找地址对应的汇编语句
000000000012b610 <_ZltRK7QStringS1_>:
_ZltRK7QStringS1_():
12b610: 48 83 ec 08 sub $0x8,%rsp
12b614: 48 8b 16 mov (%rsi),%rdx
12b617: 48 8b 05 b2 93 66 00 mov 0x6693b2(%rip),%rax # 7949d0 <_DYNAMIC+0x668>
12b61e: 48 39 c2 cmp %rax,%rdx
12b621: 48 63 4a 04 movslq 0x4(%rdx),%rcx
12b625: 74 29 je 12b650 <_ZltRK7QStringS1_+0x40>
12b627: 48 8b 3f mov (%rdi),%rdi
12b62a: 48 03 52 10 add 0x10(%rdx),%rdx
12b62e: 48 39 c7 cmp %rax,%rdi
12b631: 48 63 77 04 movslq 0x4(%rdi),%rsi
12b635: 74 27 je 12b65e <_ZltRK7QStringS1_+0x4e>
12b637: 48 03 7f 10 add 0x10(%rdi),%rdi
12b63b: e8 10 9f ff ff callq 125550 <_ZL8ucstrcmpPK5QCharmS1_m>
12b640: 48 83 c4 08 add $0x8,%rsp
12b644: c1 e8 1f shr $0x1f,%eax
12b647: c3 retq
12b648: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1)
12b64f: 00
12b650: 48 8b 3f mov (%rdi),%rdi
12b653: 31 d2 xor %edx,%edx
12b655: 48 39 c7 cmp %rax,%rdi
12b658: 48 63 77 04 movslq 0x4(%rdi),%rsi
12b65c: 75 d9 jne 12b637 <_ZltRK7QStringS1_+0x27>
12b65e: 31 ff xor %edi,%edi
12b660: e8 eb 9e ff ff callq 125550 <_ZL8ucstrcmpPK5QCharmS1_m>
12b665: 48 83 c4 08 add $0x8,%rsp
12b669: c1 e8 1f shr $0x1f,%eax
12b66c: c3 retq
12b66d: 90 nop
12b66e: 66 90 xchg %ax,%ax
3.5 在中间件中查找信息
cd xxx/output 该路径是中间件.o文件
objdump -ld *.o | grep QStringS1 > ~/Desktop/msg
Disassembly of section .text._ZplRK7QStringS1_:
0000000000000000 <_ZplRK7QStringS1_>:
32: e8 00 00 00 00 callq 37 <_ZplRK7QStringS1_+0x37>
45: e8 00 00 00 00 callq 4a <_ZplRK7QStringS1_+0x4a>
4a: eb 1a jmp 66 <_ZplRK7QStringS1_+0x66>
56: e8 00 00 00 00 callq 5b <_ZplRK7QStringS1_+0x5b>
61: e8 00 00 00 00 callq 66 <_ZplRK7QStringS1_+0x66>
77: 74 05 je 7e <_ZplRK7QStringS1_+0x7e>
79: e8 00 00 00 00 callq 7e <_ZplRK7QStringS1_+0x7e>
0000000000000fca <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_>:
_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_():
1025: 48 8b 35 00 00 00 00 mov 0x0(%rip),%rsi # 102c <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x62>
102f: e8 00 00 00 00 callq 1034 <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x6a>
1042: 74 05 je 1049 <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x7f>
1044: e8 00 00 00 00 callq 1049 <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x7f>
0000000000001826 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_>:
_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_():
1860: e8 00 00 00 00 callq 1865 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3f>
1867: 75 13 jne 187c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x56>
1873: e8 00 00 00 00 callq 1878 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x52>
187a: 74 07 je 1883 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5d>
1881: eb 05 jmp 1888 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x62>
188a: 74 20 je 18ac <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x86>
188c: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1893 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x6d>
189d: e8 00 00 00 00 callq 18a2 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x7c>
18a7: e9 70 04 00 00 jmpq 1d1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4f6>
18ba: 74 54 je 1910 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xea>
18ca: e8 00 00 00 00 callq 18cf <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xa9>
18d1: 74 3d je 1910 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xea>
18e1: e8 00 00 00 00 callq 18e6 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xc0>
18e9: 75 2c jne 1917 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xf1>
18fe: e8 00 00 00 00 callq 1903 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xdd>
1906: e8 00 00 00 00 callq 190b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xe5>
190e: 75 07 jne 1917 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xf1>
1915: eb 05 jmp 191c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xf6>
191e: 74 20 je 1940 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x11a>
1920: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1927 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x101>
1931: e8 00 00 00 00 callq 1936 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x110>
193b: e9 dc 03 00 00 jmpq 1d1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4f6>
1950: e8 00 00 00 00 callq 1955 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x12f>
1963: e8 00 00 00 00 callq 1968 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x142>
1978: e8 00 00 00 00 callq 197d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x157>
1984: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 198b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x165>
198e: e8 00 00 00 00 callq 1993 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x16d>
19a7: e8 00 00 00 00 callq 19ac <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x186>
19b6: e8 00 00 00 00 callq 19bb <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x195>
19c7: e8 00 00 00 00 callq 19cc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1a6>
19d9: e8 00 00 00 00 callq 19de <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1b8>
19e5: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 19ec <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1c6>
19ef: e8 00 00 00 00 callq 19f4 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1ce>
19fb: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1a02 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1dc>
1a05: e8 00 00 00 00 callq 1a0a <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1e4>
1a2e: e8 00 00 00 00 callq 1a33 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x20d>
1a47: e8 00 00 00 00 callq 1a4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x226>
1a56: e8 00 00 00 00 callq 1a5b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x235>
1a65: e8 00 00 00 00 callq 1a6a <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x244>
1a74: e8 00 00 00 00 callq 1a79 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x253>
1a85: e8 00 00 00 00 callq 1a8a <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x264>
1a97: e8 00 00 00 00 callq 1a9c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x276>
1aa3: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1aaa <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x284>
1aad: e8 00 00 00 00 callq 1ab2 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x28c>
1ab9: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1ac0 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x29a>
1ac3: e8 00 00 00 00 callq 1ac8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2a2>
1ae9: e8 00 00 00 00 callq 1aee <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2c8>
1aff: e8 00 00 00 00 callq 1b04 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2de>
1b0b: e8 00 00 00 00 callq 1b10 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2ea>
1b1a: e8 00 00 00 00 callq 1b1f <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2f9>
1b29: e8 00 00 00 00 callq 1b2e <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x308>
1b44: 7d 61 jge 1ba7 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x381>
1b5c: e8 00 00 00 00 callq 1b61 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x33b>
1b77: e8 00 00 00 00 callq 1b7c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x356>
1b8d: e8 00 00 00 00 callq 1b92 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x36c>
1b99: e8 00 00 00 00 callq 1b9e <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x378>
1ba5: eb 91 jmp 1b38 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x312>
1bab: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1bb2 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x38c>
1bb5: e8 00 00 00 00 callq 1bba <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x394>
1bcb: e8 00 00 00 00 callq 1bd0 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3aa>
1bd7: e8 00 00 00 00 callq 1bdc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3b6>
1be3: e8 00 00 00 00 callq 1be8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3c2>
1bf2: e8 00 00 00 00 callq 1bf7 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3d1>
1bfe: e8 00 00 00 00 callq 1c03 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3dd>
1c14: e8 00 00 00 00 callq 1c19 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3f3>
1c23: e8 00 00 00 00 callq 1c28 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x402>
1c37: e8 00 00 00 00 callq 1c3c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x416>
1c47: e8 00 00 00 00 callq 1c4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x426>
1c5a: e8 00 00 00 00 callq 1c5f <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x439>
1c73: e8 00 00 00 00 callq 1c78 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x452>
1c83: 74 47 je 1ccc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4a6>
1c97: e8 00 00 00 00 callq 1c9c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x476>
1ca9: e8 00 00 00 00 callq 1cae <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x488>
1cb1: 48 8b 05 00 00 00 00 mov 0x0(%rip),%rax # 1cb8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x492>
1cbe: e8 00 00 00 00 callq 1cc3 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x49d>
1cca: eb 9d jmp 1c69 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x443>
1cd3: e8 00 00 00 00 callq 1cd8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4b2>
1cdf: e8 00 00 00 00 callq 1ce4 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4be>
1cf0: e8 00 00 00 00 callq 1cf5 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4cf>
1cfc: e8 00 00 00 00 callq 1d01 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4db>
1d08: e8 00 00 00 00 callq 1d0d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4e7>
1d17: e8 00 00 00 00 callq 1d1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4f6>
1d2b: 0f 84 1b 01 00 00 je 1e4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x626>
1d31: e9 11 01 00 00 jmpq 1e47 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x621>
1d43: e8 00 00 00 00 callq 1d48 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x522>
1d48: e9 e0 00 00 00 jmpq 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1d5a: e8 00 00 00 00 callq 1d5f <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x539>
1d5f: eb 03 jmp 1d64 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x53e>
1d6e: e8 00 00 00 00 callq 1d73 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x54d>
1d73: eb 03 jmp 1d78 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x552>
1d82: e8 00 00 00 00 callq 1d87 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x561>
1d8a: eb 00 jmp 1d8c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x566>
1d8f: e9 99 00 00 00 jmpq 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1d9e: e8 00 00 00 00 callq 1da3 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x57d>
1da3: eb 03 jmp 1da8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x582>
1db2: e8 00 00 00 00 callq 1db7 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x591>
1db7: eb 03 jmp 1dbc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x596>
1dc6: e8 00 00 00 00 callq 1dcb <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5a5>
1dce: eb 00 jmp 1dd0 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5aa>
1dd3: eb 58 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1ddf: e8 00 00 00 00 callq 1de4 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5be>
1de4: eb 47 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1df0: e8 00 00 00 00 callq 1df5 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5cf>
1df5: eb 36 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1e01: e8 00 00 00 00 callq 1e06 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5e0>
1e06: eb 03 jmp 1e0b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5e5>
1e12: e8 00 00 00 00 callq 1e17 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5f1>
1e17: eb 03 jmp 1e1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5f6>
1e23: e8 00 00 00 00 callq 1e28 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x602>
1e28: eb 03 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1e37: e8 00 00 00 00 callq 1e3c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x616>
1e42: e8 00 00 00 00 callq 1e47 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x621>
1e47: e8 00 00 00 00 callq 1e4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x626>
000000000000942e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_>:
_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_():
949e: e8 00 00 00 00 callq 94a3 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x75>
94a6: e8 00 00 00 00 callq 94ab <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x7d>
94b3: 74 0a je 94bf <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x91>
94ba: e9 8f 03 00 00 jmpq 984e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x420>
94ce: e8 00 00 00 00 callq 94d3 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xa5>
94ec: e8 00 00 00 00 callq 94f1 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xc3>
950a: e8 00 00 00 00 callq 950f <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xe1>
9528: e8 00 00 00 00 callq 952d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xff>
9546: e8 00 00 00 00 callq 954b <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x11d>
9564: e8 00 00 00 00 callq 9569 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x13b>
95af: e8 00 00 00 00 callq 95b4 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x186>
95c4: e8 00 00 00 00 callq 95c9 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x19b>
95e2: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 95ea <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x1bc>
95f1: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 95f9 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x1cb>
95fd: 0f 86 21 02 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
961b: e8 00 00 00 00 callq 9620 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x1f2>
9630: e8 00 00 00 00 callq 9635 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x207>
964f: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 9657 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x229>
965e: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 9666 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x238>
966a: 0f 86 b4 01 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
9688: e8 00 00 00 00 callq 968d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x25f>
969d: e8 00 00 00 00 callq 96a2 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x274>
96bc: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 96c4 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x296>
96cb: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 96d3 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x2a5>
96d7: 0f 86 47 01 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
96f5: e8 00 00 00 00 callq 96fa <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x2cc>
970a: e8 00 00 00 00 callq 970f <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x2e1>
9729: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 9731 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x303>
9738: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 9740 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x312>
9744: 0f 86 da 00 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
9762: e8 00 00 00 00 callq 9767 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x339>
9777: e8 00 00 00 00 callq 977c <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x34e>
9796: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 979e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x370>
97a5: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 97ad <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x37f>
97b1: 76 71 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
97cb: e8 00 00 00 00 callq 97d0 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3a2>
97e0: e8 00 00 00 00 callq 97e5 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3b7>
9800: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 9808 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3da>
980f: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 9817 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3e9>
981b: 76 07 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
9822: eb 05 jmp 9829 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3fb>
9840: 74 07 je 9849 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x41b>
9847: eb 05 jmp 984e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x420>
985b: 74 25 je 9882 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x454>
985d: eb 1e jmp 987d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x44f>
9878: e8 00 00 00 00 callq 987d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x44f>
987d: e8 00 00 00 00 callq 9882 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x454>
Disassembly of section .text._ZplRK7QStringS1_:
0000000000000000 <_ZplRK7QStringS1_>:
32: e8 00 00 00 00 callq 37 <_ZplRK7QStringS1_+0x37>
45: e8 00 00 00 00 callq 4a <_ZplRK7QStringS1_+0x4a>
4a: eb 1a jmp 66 <_ZplRK7QStringS1_+0x66>
56: e8 00 00 00 00 callq 5b <_ZplRK7QStringS1_+0x5b>
61: e8 00 00 00 00 callq 66 <_ZplRK7QStringS1_+0x66>
77: 74 05 je 7e <_ZplRK7QStringS1_+0x7e>
79: e8 00 00 00 00 callq 7e <_ZplRK7QStringS1_+0x7e>
3 排除步骤(借助GDB)
3.1 配置
pro文件中添加
QMAKE_CXXFLAGS += -g
3.2 生成包含调试信息的执行文件
3.3 调试
gdb exe
run
然后等待Segmentation fault
backtrace
backtrace full
此处数据丢失,查找中访问越界,出现段错误。
3 排除步骤(借助backward-cpp)
Backward is a beautiful stack trace pretty printer for C++.
3.1 下载了backward-cpp到CMakeLists.txt的项目同级目录
git clone https://github.com/bombela/backward-cpp.git
3.2 CMake方式选择
官方文档给了CMake的两种整合方式,项目中使用的是第一种:As a subdirectory
在这种情况下,有一个子目录,其中包含Backward的整个存储库(例如:使用git-submodules),在这种情况下,您可以执行以下操作:
add_subdirectory(/path/to/backward-cpp)
This will add backward.cpp to your target
add_executable(mytarget mysource.cpp ${BACKWARD_ENABLE})
This will add libraries, definitions and include directories needed by backward
by setting each property on the target.
add_backward(mytarget)
3.3 CMakeLists.txt参考
来自一个漂亮的C ++堆栈跟踪漂亮打印器-backward-cpp
project(DB2HJ212_yc_towns)
cmake_minimum_required(VERSION 2.8)
set (VERSION 1.0.0)
add_definitions (-DCMAKE -DVERSION="${VERSION}")
add_definitions("-DUSE_MOSQUITTO")
add_definitions("-DPUGIXML_HEADER_ONLY")
add_subdirectory(./backward-cpp)
INCLUDE_DIRECTORIES(../include)
INCLUDE_DIRECTORIES(/usr/local/include)
INCLUDE_DIRECTORIES(/usr/local/include/mariadb)
set(GB212_SRC
./DataFile.cpp
./DataUpload.cpp
./HJ212Generator.cpp
./MYSQL2File.cpp
./RemoteServer.cpp
#../include/pugixml.cpp
./SetupConfig.cpp
./main.cpp)
set(CMAKE_CXX_FLAGS "-g -Wall")
if(CMAKE_COMPILER_IS_GNUCXX)
set(CMAKE_CXX_FLAGS "-std=c++11 ${CMAKE_CXX_FLAGS}")
endif(CMAKE_COMPILER_IS_GNUCXX)
if(WIN32)
set(BOOST_ROOT_DIR D:\env\local\boost_1_69_0)
endif(WIN32)
set(ENV_DYNAMIC_LIBS "/usr/local/lib") # 动态库路径(自定义的)
在搜索Boost的package之前,可以通过设置一些变量来帮助boost库的查找
set (BOOST_ROOT /usr/local/)
set (BOOST_INCLUDEDIR ${BOOST_ROOT}/include)
set (BOOST_LIBRARYDIR ${BOOST_ROOT}/lib)
find_library(Boost REQUIRED COMPONENTS thread)
INCLUDE_DIRECTORIES(${Boost_INCLUDE_DIRS})
========================================
Include projects
========================================
LINK_DIRECTORIES(/usr/local/lib64)
set(GB212_LIBS
pthread
boost_thread
boost_locale
mariadb
mariadbclientpp
pugixml)
add_executable(${PROJECT_NAME} ${GB212_SRC} \({BACKWARD_ENABLE})
add_backward(\){PROJECT_NAME})
target_link_libraries(${PROJECT_NAME} ${GB212_LIBS})
install(TARGETS \({PROJECT_NAME} RUNTIME DESTINATION "\){CMAKE_INSTALL_BINDIR}")
3.4 再运行执行程序,就可显示段错误的信息了
来自一个漂亮的C ++堆栈跟踪漂亮打印器-backward-cpp
参考
1、Linux段错误Segfault内核层面分析
2、Linux环境下段错误的产生原因及调试方法小结
3、Linux环境下段错误的产生原因及调试方法小结
4、一次segfault错误的排查过程
5、使用gdb调试段错误(segment fault)
6、Qt–qmake
7、好–用gdb调试程序笔记: 以段错误(Segmental fault)为例
8、线程堆栈过小引起内存溢出, 进而导致core dump
9、一个漂亮的C ++堆栈跟踪漂亮打印器-backward-cpp
10、Backward-cpp–github