【转帖】What are segfault rip/rsp numbers and how to use them

what,are,segfault,rip,rsp,numbers,and,how,to,use,them · 浏览次数 : 0

小编点评

**Segfault at 0000000000000180 Rip 00000000004450c0 RSP 00007fff4d508178 error 4** This error indicates a segmentation fault, which is caused when a program tries to access memory outside of its allocated heap space. The rip and rsp addresses in the error message point to the instruction that caused the crash and the current stack pointer, respectively. **How to use them to pinpoint the problem:** 1. **Examine the map file:** The map file contains a list of functions and their starting addresses. You can find this file in the program's build directory. 2. **Search for the function address in the map file:** Use the rip address to find the function that caused the crash. 3. **Inspect the function's code:** The function's code will tell you what it does and where it is called from. 4. **Identify the issue:** By analyzing the function's code and the call stack, you should be able to identify the issue that caused the segmentation fault. **Usefulness of the rip and rsp addresses:** The rip and rsp addresses can be useful in debugging because they provide information about the memory location of the instruction that caused the crash. This information can help you to understand the program's memory layout and to identify the source of the error. **Additional notes:** - If you get a crash with stripped symbols, the rip and rsp addresses may not be meaningful. - The address in the "rsp" field may be different from the address in the "rip" field, as they represent different memory ranges. - The error message may provide additional information, such as the program's version and build settings.

正文

https://stackoverflow.com/questions/1456899/what-are-segfault-rip-rsp-numbers-and-how-to-use-them

 

 
11

When my linux application crashes, it produces a line in the logs something like:

segfault at 0000000 rip 00003f32a823 rsp 000123ade323 error 4

What are those rip and rsp addresses? How do I use them to pinpoint the problem? Do they correspond to something in the objdump or readelf outputs? Are they useful if my program gets its symbols stripped out (to a separate file, which can be used using gdb)?

2 Answers

7

Well the rip pointer tells you the instruction that caused the crash. You need to look it up in a map file.

In the map file you will have a list of functions and their starting address. When you load the application it is loaded to a base address. The rip pointer - the base address gives you the map file address. If you then search through the map file for a function that starts at an address slightly lower than your rip pointer and is followed, in the list, by a function with a higher address you have located the function that crashed.

From there you need to try and identify what went wrong in your code. Its not much fun but it, at least, gives you a starting point.

Edit: The "segfault at" bit is telling you, i'd wager, that you have dereferenced a NULL pointer. The rsp is the current stack pointer. Alas its probably not all that useful. With a memory dump you "may" be able to figure out more accurately where you'd got to in the function but it can be really hard to work out, exactly, where you are in an optimised build

 
3

I got the error, too. When I saw:

probe.out[28503]: segfault at 0000000000000180 rip 00000000004450c0 rsp 00007fff4d508178 error 4

probe.out is an app which using libavformat (ffmpeg). I disassembled it.

objdump -d probe.out

The rip is where the instruction will run:

00000000004450c0 <ff_rtp_queued_packet_time>:
  4450c0:       48 8b 97 80 01 00 00    mov    0x180(%rdi),%rdx
  44d25d:       e8 5e 7e ff ff          callq  4450c0 <ff_rtp_queued_packet_time>

finally, I found the app crashed in the function ff_rtp_queued_packet_time.

PS. sometimes the address doesn't exactly match, but it is almost there.

与【转帖】What are segfault rip/rsp numbers and how to use them相似的内容:

【转帖】What are segfault rip/rsp numbers and how to use them

https://stackoverflow.com/questions/1456899/what-are-segfault-rip-rsp-numbers-and-how-to-use-them 11 When my linux application crashes, it produces a

[转帖]Diagnosing latency issues

Finding the causes of slow responses This document will help you understand what the problem could be if you are experiencing latency problems with Re

[转帖]WHAT IS MTR?

https://github.com/traviscross/mtr mtr combines the functionality of the 'traceroute' and 'ping' programs in a single network diagnostic tool. As mtr

[转帖]What is Pstate

https://www.jianshu.com/p/342480d917e3 When someone refers to a P-state, generally only the frequency is talked about. For example, on my Intel® Core™

[转帖]什么是 istio

https://cizixs.com/2018/08/26/what-is-istio/ 如果你比较关注新兴技术的话,那么很可能在不同的地方听说过 istio,并且知道它和 service mesh 有着牵扯。这篇文章是我之前在公司内部做过的分享,可以作为了解 istio 的入门介绍,了解什么是 i

[转帖]每个程序员都应该了解的内存知识【第一部分】

https://www.oschina.net/translate/what-every-programmer-should-know-about-memory-part1?print [编辑的话: Ulrich Drepper最近问我们,是不是有兴趣发表一篇他写的内存方面的长文。我们不用看太多就已

[转帖]什么是 LLVM?Swift, Rust, Clang 等语言背后的支持

https://www.oschina.net/translate/what-is-llvm-the-power-behind-swift-rust-clang-and-more?print 要了解用于以编程方式生成机器原生代码的编译器框架是如何让新语言的推出以及对现有的语言进行增强比以往更加容易了

[转帖]JMeter InfluxDB v2.0 listener plugin

https://github.com/mderevyankoaqa/jmeter-influxdb2-listener-plugin Support my Ukrainian Family ❤️ Like what you see? 😍 Description The goal of the pr

[转帖]可观测|流量|日志|监控|链路|用户体验

https://cloud.tencent.com/developer/article/2019401?areaSource=105001.8&traceId=ySuPzDMCMO5dVSJSYsUT9 What is observability? In IT and cloud computing

[转帖]Latent Sector Errors, Disk Failure, and RAID Failure (part 1)

本文来自三篇关于磁盘错误的论文: Understanding Latent Sector Errors and How to Protect Against Them, FAST 2010 Disk failures in the real world: What does an MTTF of 1