1 简介

1.1 段错误的定义

A segmentation fault (often shortened to segfault) is a particular error condition that can occur during the operation of computer software. In short, a segmentation fault occurs when a program attempts to access a memory location that it is not allowed to access, or attempts to access a memory location in a way that is not allowed (e.g., attempts to write to a read-only location, or to overwrite part of the operating system). Systems based on processors like the Motorola 68000 tend to refer to these events as Address or Bus errors.

Segmentation is one approach to memory management and protection in the operating system. It has been superseded by paging for most purposes, but much of the terminology of segmentation is still used, “segmentation fault” being an example. Some operating systems still have segmentation at some logical level although paging is used as the main memory management policy.

On Unix-like operating systems, a process that accesses invalid memory receives the SIGSEGV signal. On Microsoft Windows, a process that accesses invalid memory receives the STATUS_ACCESS_VIOLATION exception.

总之,段错误就是访问了不可访问的内存,这个内存区要么是不存在的,要么是受到系统保护的。

1.2 痛点

进行C/C++相关开发时候,经常会遇到段错误,且Linux Shell终端下几乎不会输出太多有用的信息。仅有的基本如下:Segmentation fault (core dumped)

2 知识点

2.1 报错内容

segfault at 4 ip 00007faec801f631 sp 00007fae90b9d940 error 4 in libQt5Core.so.5.12.6[7faec7ef4000+589000]

segfault at 引起故障的地址
ip 指令的内存地址
sp 堆栈指针地址, 及栈顶指针

2.2 error number

内核是通过show_signal_msg输出段错误信息的。
错误码是通过一个error_code的参数表示的,对应fault.c,发现如下内容:

/*
* Page fault error code bits:
*
* bit 0 == 0: no page found 1: protection fault
* bit 1 == 0: read access 1: write access
* bit 2 == 0: kernel-mode access 1: user-mode access
* bit 3 == 1: use of reserved bit detected
* bit 4 == 1: fault was an instruction fetch
*/
enum x86_pf_error_code {
PF_PROT		=		1 << 0,
PF_WRITE = 1 << 1,
PF_USER = 1 << 2,
PF_RSVD = 1 << 3,
PF_INSTR = 1 << 4,

};

bit2: 值为1表示是用户态程序内存访问越界,值为0表示是内核态程序内存访问越界
bit1: 值为1表示是写操作导致内存访问越界,值为0表示是读操作导致内存访问越界
bit0: 值为1表示没有足够的权限访问非法地址的内容,值为0表示访问的非法地址根本没有对应的页面,也就是无效地址

14,也就是 Page Fault。

3 排除步骤(借助汇编)

3.1 日志确定错误类型

通过系统日志/var/log/syslog.1,查看到

kernel: [18683.743108] UmArm[2055]: segfault at 0 ip 0000000000000000 sp 00007ffe62b05df8 error 14 in UmArm[400000+71e000]
kernel: [18798.627149] UmArm[3540]: segfault at 0 ip 0000000000000000 sp 00007fff9920fb88 error 14 in UmArm[400000+71e000]
kernel: [21734.959099] UmArm[3589]: segfault at 4 ip 00007fa5700fa631 sp 00007fa539fa0bc0 error 4 in libQt5Core.so.5.12.6[7fa56ffcf000+589000]
kernel: [36734.159035] UmArm[3805]: segfault at 0 ip 0000000000000000 sp 00007ffec22fe678 error 14 in UmArm[400000+71e000]
kernel: [37237.873256] traps: UmArm[19832] general protection ip:4392fc sp:7ffd2fdf4de0 error:0 in UmArm[400000+71e000]
kernel: [38918.332957] UmArm[20093]: segfault at 18 ip 0000000000000018 sp 00007ffcbc485388 error 14 in UmArm[400000+71e000]

3.2 计算相对地址

  • 从libQt5Core.so.5.12.6[7fa56ffcf000+589000]可以看出错误发生在libQt5Core.so.5.12.6上,libQt5Core.so.5.12.6在此程序中映射的内存基址为7fa56ffcf000,这个so上的东西很多。
  • ip 00007fa5700fa631 sp 00007fa539fa0bc0,ip是指令地址,sp是堆栈指针地址。
    因为工程,是自己独立写的,代码规模到了4万行,开发中一直没有测试进来(我一直认为测试比研发都重要,奈何我的建议仅是建议),所以这种情况下遇到自己写的段错误,很难收缩范围。
  • 指令地址为:00007fa5700fa631 ,libQt5Core指令的基地址为:7fa56ffcf000,可以根据这两个值计算一下该指令的相对地址为12b631,下面我们需要找到相对代码段地址为12b631的地方对应的函数。

3.3 反汇编该库文件

cd /opt/Qt5.12.6/5.12.6/gcc_64/lib
sudo objdump -ld libQt5Core.so.5.12.6 > ~/Desktop/dumpcode

3.4 查找地址对应的汇编语句


000000000012b610 <_ZltRK7QStringS1_>:
_ZltRK7QStringS1_():
12b610: 48 83 ec 08 sub $0x8,%rsp
12b614: 48 8b 16 mov (%rsi),%rdx
12b617: 48 8b 05 b2 93 66 00 mov 0x6693b2(%rip),%rax # 7949d0 <_DYNAMIC+0x668>
12b61e: 48 39 c2 cmp %rax,%rdx
12b621: 48 63 4a 04 movslq 0x4(%rdx),%rcx
12b625: 74 29 je 12b650 <_ZltRK7QStringS1_+0x40>
12b627: 48 8b 3f mov (%rdi),%rdi
12b62a: 48 03 52 10 add 0x10(%rdx),%rdx
12b62e: 48 39 c7 cmp %rax,%rdi
12b631: 48 63 77 04 movslq 0x4(%rdi),%rsi
12b635: 74 27 je 12b65e <_ZltRK7QStringS1_+0x4e>
12b637: 48 03 7f 10 add 0x10(%rdi),%rdi
12b63b: e8 10 9f ff ff callq 125550 <_ZL8ucstrcmpPK5QCharmS1_m>
12b640: 48 83 c4 08 add $0x8,%rsp
12b644: c1 e8 1f shr $0x1f,%eax
12b647: c3 retq
12b648: 0f 1f 84 00 00 00 00 nopl 0x0(%rax,%rax,1)
12b64f: 00
12b650: 48 8b 3f mov (%rdi),%rdi
12b653: 31 d2 xor %edx,%edx
12b655: 48 39 c7 cmp %rax,%rdi
12b658: 48 63 77 04 movslq 0x4(%rdi),%rsi
12b65c: 75 d9 jne 12b637 <_ZltRK7QStringS1_+0x27>
12b65e: 31 ff xor %edi,%edi
12b660: e8 eb 9e ff ff callq 125550 <_ZL8ucstrcmpPK5QCharmS1_m>
12b665: 48 83 c4 08 add $0x8,%rsp
12b669: c1 e8 1f shr $0x1f,%eax
12b66c: c3 retq
12b66d: 90 nop
12b66e: 66 90 xchg %ax,%ax

3.5 在中间件中查找信息

cd xxx/output 该路径是中间件.o文件
objdump -ld *.o | grep QStringS1 > ~/Desktop/msg
Disassembly of section .text._ZplRK7QStringS1_:
0000000000000000 <_ZplRK7QStringS1_>:
32: e8 00 00 00 00 callq 37 <_ZplRK7QStringS1_+0x37>
45: e8 00 00 00 00 callq 4a <_ZplRK7QStringS1_+0x4a>
4a: eb 1a jmp 66 <_ZplRK7QStringS1_+0x66>
56: e8 00 00 00 00 callq 5b <_ZplRK7QStringS1_+0x5b>
61: e8 00 00 00 00 callq 66 <_ZplRK7QStringS1_+0x66>
77: 74 05 je 7e <_ZplRK7QStringS1_+0x7e>
79: e8 00 00 00 00 callq 7e <_ZplRK7QStringS1_+0x7e>
0000000000000fca <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_>:
_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_():
1025: 48 8b 35 00 00 00 00 mov 0x0(%rip),%rsi # 102c <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x62>
102f: e8 00 00 00 00 callq 1034 <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x6a>
1042: 74 05 je 1049 <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x7f>
1044: e8 00 00 00 00 callq 1049 <_ZN4UMAC8UIManage14myPopFromTransE7QStringS1_+0x7f>
0000000000001826 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_>:
_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_():
1860: e8 00 00 00 00 callq 1865 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3f>
1867: 75 13 jne 187c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x56>
1873: e8 00 00 00 00 callq 1878 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x52>
187a: 74 07 je 1883 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5d>
1881: eb 05 jmp 1888 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x62>
188a: 74 20 je 18ac <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x86>
188c: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1893 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x6d>
189d: e8 00 00 00 00 callq 18a2 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x7c>
18a7: e9 70 04 00 00 jmpq 1d1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4f6>
18ba: 74 54 je 1910 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xea>
18ca: e8 00 00 00 00 callq 18cf <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xa9>
18d1: 74 3d je 1910 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xea>
18e1: e8 00 00 00 00 callq 18e6 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xc0>
18e9: 75 2c jne 1917 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xf1>
18fe: e8 00 00 00 00 callq 1903 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xdd>
1906: e8 00 00 00 00 callq 190b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xe5>
190e: 75 07 jne 1917 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xf1>
1915: eb 05 jmp 191c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0xf6>
191e: 74 20 je 1940 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x11a>
1920: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1927 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x101>
1931: e8 00 00 00 00 callq 1936 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x110>
193b: e9 dc 03 00 00 jmpq 1d1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4f6>
1950: e8 00 00 00 00 callq 1955 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x12f>
1963: e8 00 00 00 00 callq 1968 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x142>
1978: e8 00 00 00 00 callq 197d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x157>
1984: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 198b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x165>
198e: e8 00 00 00 00 callq 1993 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x16d>
19a7: e8 00 00 00 00 callq 19ac <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x186>
19b6: e8 00 00 00 00 callq 19bb <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x195>
19c7: e8 00 00 00 00 callq 19cc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1a6>
19d9: e8 00 00 00 00 callq 19de <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1b8>
19e5: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 19ec <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1c6>
19ef: e8 00 00 00 00 callq 19f4 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1ce>
19fb: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1a02 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1dc>
1a05: e8 00 00 00 00 callq 1a0a <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x1e4>
1a2e: e8 00 00 00 00 callq 1a33 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x20d>
1a47: e8 00 00 00 00 callq 1a4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x226>
1a56: e8 00 00 00 00 callq 1a5b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x235>
1a65: e8 00 00 00 00 callq 1a6a <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x244>
1a74: e8 00 00 00 00 callq 1a79 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x253>
1a85: e8 00 00 00 00 callq 1a8a <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x264>
1a97: e8 00 00 00 00 callq 1a9c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x276>
1aa3: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1aaa <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x284>
1aad: e8 00 00 00 00 callq 1ab2 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x28c>
1ab9: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1ac0 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x29a>
1ac3: e8 00 00 00 00 callq 1ac8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2a2>
1ae9: e8 00 00 00 00 callq 1aee <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2c8>
1aff: e8 00 00 00 00 callq 1b04 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2de>
1b0b: e8 00 00 00 00 callq 1b10 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2ea>
1b1a: e8 00 00 00 00 callq 1b1f <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x2f9>
1b29: e8 00 00 00 00 callq 1b2e <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x308>
1b44: 7d 61 jge 1ba7 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x381>
1b5c: e8 00 00 00 00 callq 1b61 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x33b>
1b77: e8 00 00 00 00 callq 1b7c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x356>
1b8d: e8 00 00 00 00 callq 1b92 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x36c>
1b99: e8 00 00 00 00 callq 1b9e <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x378>
1ba5: eb 91 jmp 1b38 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x312>
1bab: 48 8d 35 00 00 00 00 lea 0x0(%rip),%rsi # 1bb2 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x38c>
1bb5: e8 00 00 00 00 callq 1bba <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x394>
1bcb: e8 00 00 00 00 callq 1bd0 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3aa>
1bd7: e8 00 00 00 00 callq 1bdc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3b6>
1be3: e8 00 00 00 00 callq 1be8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3c2>
1bf2: e8 00 00 00 00 callq 1bf7 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3d1>
1bfe: e8 00 00 00 00 callq 1c03 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3dd>
1c14: e8 00 00 00 00 callq 1c19 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x3f3>
1c23: e8 00 00 00 00 callq 1c28 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x402>
1c37: e8 00 00 00 00 callq 1c3c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x416>
1c47: e8 00 00 00 00 callq 1c4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x426>
1c5a: e8 00 00 00 00 callq 1c5f <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x439>
1c73: e8 00 00 00 00 callq 1c78 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x452>
1c83: 74 47 je 1ccc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4a6>
1c97: e8 00 00 00 00 callq 1c9c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x476>
1ca9: e8 00 00 00 00 callq 1cae <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x488>
1cb1: 48 8b 05 00 00 00 00 mov 0x0(%rip),%rax # 1cb8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x492>
1cbe: e8 00 00 00 00 callq 1cc3 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x49d>
1cca: eb 9d jmp 1c69 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x443>
1cd3: e8 00 00 00 00 callq 1cd8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4b2>
1cdf: e8 00 00 00 00 callq 1ce4 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4be>
1cf0: e8 00 00 00 00 callq 1cf5 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4cf>
1cfc: e8 00 00 00 00 callq 1d01 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4db>
1d08: e8 00 00 00 00 callq 1d0d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4e7>
1d17: e8 00 00 00 00 callq 1d1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x4f6>
1d2b: 0f 84 1b 01 00 00 je 1e4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x626>
1d31: e9 11 01 00 00 jmpq 1e47 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x621>
1d43: e8 00 00 00 00 callq 1d48 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x522>
1d48: e9 e0 00 00 00 jmpq 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1d5a: e8 00 00 00 00 callq 1d5f <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x539>
1d5f: eb 03 jmp 1d64 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x53e>
1d6e: e8 00 00 00 00 callq 1d73 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x54d>
1d73: eb 03 jmp 1d78 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x552>
1d82: e8 00 00 00 00 callq 1d87 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x561>
1d8a: eb 00 jmp 1d8c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x566>
1d8f: e9 99 00 00 00 jmpq 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1d9e: e8 00 00 00 00 callq 1da3 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x57d>
1da3: eb 03 jmp 1da8 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x582>
1db2: e8 00 00 00 00 callq 1db7 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x591>
1db7: eb 03 jmp 1dbc <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x596>
1dc6: e8 00 00 00 00 callq 1dcb <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5a5>
1dce: eb 00 jmp 1dd0 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5aa>
1dd3: eb 58 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1ddf: e8 00 00 00 00 callq 1de4 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5be>
1de4: eb 47 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1df0: e8 00 00 00 00 callq 1df5 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5cf>
1df5: eb 36 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1e01: e8 00 00 00 00 callq 1e06 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5e0>
1e06: eb 03 jmp 1e0b <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5e5>
1e12: e8 00 00 00 00 callq 1e17 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5f1>
1e17: eb 03 jmp 1e1c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x5f6>
1e23: e8 00 00 00 00 callq 1e28 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x602>
1e28: eb 03 jmp 1e2d <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x607>
1e37: e8 00 00 00 00 callq 1e3c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x616>
1e42: e8 00 00 00 00 callq 1e47 <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x621>
1e47: e8 00 00 00 00 callq 1e4c <_ZN4UMAC12ProgramModel12outputScriptE7QStringS1_+0x626>
000000000000942e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_>:
_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_():
949e: e8 00 00 00 00 callq 94a3 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x75>
94a6: e8 00 00 00 00 callq 94ab <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x7d>
94b3: 74 0a je 94bf <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x91>
94ba: e9 8f 03 00 00 jmpq 984e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x420>
94ce: e8 00 00 00 00 callq 94d3 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xa5>
94ec: e8 00 00 00 00 callq 94f1 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xc3>
950a: e8 00 00 00 00 callq 950f <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xe1>
9528: e8 00 00 00 00 callq 952d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0xff>
9546: e8 00 00 00 00 callq 954b <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x11d>
9564: e8 00 00 00 00 callq 9569 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x13b>
95af: e8 00 00 00 00 callq 95b4 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x186>
95c4: e8 00 00 00 00 callq 95c9 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x19b>
95e2: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 95ea <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x1bc>
95f1: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 95f9 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x1cb>
95fd: 0f 86 21 02 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
961b: e8 00 00 00 00 callq 9620 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x1f2>
9630: e8 00 00 00 00 callq 9635 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x207>
964f: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 9657 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x229>
965e: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 9666 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x238>
966a: 0f 86 b4 01 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
9688: e8 00 00 00 00 callq 968d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x25f>
969d: e8 00 00 00 00 callq 96a2 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x274>
96bc: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 96c4 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x296>
96cb: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 96d3 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x2a5>
96d7: 0f 86 47 01 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
96f5: e8 00 00 00 00 callq 96fa <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x2cc>
970a: e8 00 00 00 00 callq 970f <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x2e1>
9729: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 9731 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x303>
9738: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 9740 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x312>
9744: 0f 86 da 00 00 00 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
9762: e8 00 00 00 00 callq 9767 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x339>
9777: e8 00 00 00 00 callq 977c <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x34e>
9796: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 979e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x370>
97a5: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 97ad <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x37f>
97b1: 76 71 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
97cb: e8 00 00 00 00 callq 97d0 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3a2>
97e0: e8 00 00 00 00 callq 97e5 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3b7>
9800: f3 0f 10 0d 00 00 00 movss 0x0(%rip),%xmm1 # 9808 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3da>
980f: f2 0f 10 0d 00 00 00 movsd 0x0(%rip),%xmm1 # 9817 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3e9>
981b: 76 07 jbe 9824 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3f6>
9822: eb 05 jmp 9829 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x3fb>
9840: 74 07 je 9849 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x41b>
9847: eb 05 jmp 984e <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x420>
985b: 74 25 je 9882 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x454>
985d: eb 1e jmp 987d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x44f>
9878: e8 00 00 00 00 callq 987d <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x44f>
987d: e8 00 00 00 00 callq 9882 <_ZN4UMAC12ProgramModel18isCurrentPoseValueE7QStringS1_S1_S1_S1_S1_+0x454>
Disassembly of section .text._ZplRK7QStringS1_:
0000000000000000 <_ZplRK7QStringS1_>:
32: e8 00 00 00 00 callq 37 <_ZplRK7QStringS1_+0x37>
45: e8 00 00 00 00 callq 4a <_ZplRK7QStringS1_+0x4a>
4a: eb 1a jmp 66 <_ZplRK7QStringS1_+0x66>
56: e8 00 00 00 00 callq 5b <_ZplRK7QStringS1_+0x5b>
61: e8 00 00 00 00 callq 66 <_ZplRK7QStringS1_+0x66>
77: 74 05 je 7e <_ZplRK7QStringS1_+0x7e>
79: e8 00 00 00 00 callq 7e <_ZplRK7QStringS1_+0x7e>

3 排除步骤(借助GDB)

3.1 配置

pro文件中添加

QMAKE_CXXFLAGS += -g

3.2 生成包含调试信息的执行文件

3.3 调试

gdb exe
run
然后等待Segmentation fault
backtrace
backtrace full




此处数据丢失,查找中访问越界,出现段错误。

3 排除步骤(借助backward-cpp)

Backward is a beautiful stack trace pretty printer for C++.

3.1 下载了backward-cpp到CMakeLists.txt的项目同级目录

git clone https://github.com/bombela/backward-cpp.git

3.2 CMake方式选择

官方文档给了CMake的两种整合方式,项目中使用的是第一种:As a subdirectory

在这种情况下,有一个子目录,其中包含Backward的整个存储库(例如:使用git-submodules),在这种情况下,您可以执行以下操作:

add_subdirectory(/path/to/backward-cpp)

This will add backward.cpp to your target

add_executable(mytarget mysource.cpp ${BACKWARD_ENABLE})

This will add libraries, definitions and include directories needed by backward

by setting each property on the target.

add_backward(mytarget)

3.3 CMakeLists.txt参考

来自一个漂亮的C ++堆栈跟踪漂亮打印器-backward-cpp

project(DB2HJ212_yc_towns)

cmake_minimum_required(VERSION 2.8)

set (VERSION 1.0.0)

add_definitions (-DCMAKE -DVERSION="${VERSION}")

add_definitions("-DUSE_MOSQUITTO")

add_definitions("-DPUGIXML_HEADER_ONLY")

add_subdirectory(./backward-cpp) INCLUDE_DIRECTORIES(../include)

INCLUDE_DIRECTORIES(/usr/local/include)

INCLUDE_DIRECTORIES(/usr/local/include/mariadb) set(GB212_SRC

./DataFile.cpp

./DataUpload.cpp

./HJ212Generator.cpp

./MYSQL2File.cpp

./RemoteServer.cpp

#../include/pugixml.cpp

./SetupConfig.cpp

./main.cpp) set(CMAKE_CXX_FLAGS "-g -Wall") if(CMAKE_COMPILER_IS_GNUCXX)

set(CMAKE_CXX_FLAGS "-std=c++11 ${CMAKE_CXX_FLAGS}")

endif(CMAKE_COMPILER_IS_GNUCXX) if(WIN32)

set(BOOST_ROOT_DIR D:\env\local\boost_1_69_0)

endif(WIN32) set(ENV_DYNAMIC_LIBS "/usr/local/lib") # 动态库路径(自定义的)

在搜索Boost的package之前,可以通过设置一些变量来帮助boost库的查找

set (BOOST_ROOT /usr/local/)

set (BOOST_INCLUDEDIR ${BOOST_ROOT}/include)

set (BOOST_LIBRARYDIR ${BOOST_ROOT}/lib)

find_library(Boost REQUIRED COMPONENTS thread)

INCLUDE_DIRECTORIES(${Boost_INCLUDE_DIRS})

========================================

Include projects

========================================

LINK_DIRECTORIES(/usr/local/lib64) set(GB212_LIBS

pthread

boost_thread

boost_locale

mariadb

mariadbclientpp

pugixml) add_executable(${PROJECT_NAME} ${GB212_SRC} \({BACKWARD_ENABLE})
add_backward(\){PROJECT_NAME})

target_link_libraries(${PROJECT_NAME} ${GB212_LIBS}) install(TARGETS \({PROJECT_NAME} RUNTIME DESTINATION "\){CMAKE_INSTALL_BINDIR}")

3.4 再运行执行程序,就可显示段错误的信息了

来自一个漂亮的C ++堆栈跟踪漂亮打印器-backward-cpp

参考

1、Linux段错误Segfault内核层面分析
2、Linux环境下段错误的产生原因及调试方法小结
3、Linux环境下段错误的产生原因及调试方法小结
4、一次segfault错误的排查过程
5、使用gdb调试段错误(segment fault)
6、Qt–qmake
7、好–用gdb调试程序笔记: 以段错误(Segmental fault)为例
8、线程堆栈过小引起内存溢出, 进而导致core dump
9、一个漂亮的C ++堆栈跟踪漂亮打印器-backward-cpp
10、Backward-cpp–github

文章知识点与官方知识档案匹配,可进一步学习相关知识
CS入门技能树Linux入门初识Linux30362 人正在系统学习中

[转帖]linux--Segfault详解的更多相关文章

  1. [转帖]Linux文件系统详解

    Linux文件系统详解 https://www.cnblogs.com/alantu2018/p/8461749.html 贼复杂.. 从操作系统的角度详解Linux文件系统层次.文件系统分类.文件系 ...

  2. Linux命令详解之—tail命令

    tail命令也是一个非常常用的文件查看类的命令,今天就为大家介绍下Linux tail命令的用法. 更多Linux命令详情请看:Linux命令速查手册 Linux tail命令主要用来从指定点开始将文 ...

  3. Linux命令详解之—less命令

    Linux下还有一个与more命令非常类似的命令--less命令,相比于more命令,less命令更加灵活强大一些,今天就给大家介绍下Linux下的less命令. 更多Linux命令详情请看:Linu ...

  4. Linux命令详解之—more命令

    Linux more命令同cat命令一样,多用来查看文件内容,本文就为大家介绍下Linux more命令的用法. 更多Linux命令详情请看:Linux命令速查手册 Linux的more命令类似 ca ...

  5. 【转】linux命令详解:md5sum命令

    [转]linux命令详解:md5sum命令 转自:http://blog.itpub.net/29320885/viewspace-1710218/ 前言 在网络传输.设备之间转存.复制大文件等时,可 ...

  6. Linux命令详解之—cat命令

    cat命令的功能是连接文件或标准输入并打印,今天就为大家介绍下Linux中的cat命令. 更多Linux命令详情请看:Linux命令速查手册 Linux 的cat命令通常用来显示文件内容,也可以用来将 ...

  7. Linux命令详解之—pwd命令

    Linux的pwd命令也是一个非常常用的命令,本文为大家介绍下Linux中pwd命令的用法. 更多Linux命令详情请看:Linux命令速查手册 Linux pwd命令用于显示工作目录. 执行pwd指 ...

  8. Linux命令详解之–cd命令

    cd命令是linux实际使用当中另一个非常重要的命令,本文就为大家介绍下Linux中cd命令的用法. 更多Linux命令详情请看:Linux命令速查手册 Linux cd命令用于切换当前工作目录至 d ...

  9. Linux命令详解之–ls命令

    今天开始为大家介绍下Linux中常用的命令,首先给大家介绍下Linux中使用频率最高的命令--ls命令. 更多Linux命令详情请看:Linux命令速查手册 linux ls命令用于显示指定工作目录下 ...

  10. Linux 系统结构详解

    Linux 系统结构详解 Linux系统一般有4个主要部分: 内核.shell.文件系统和应用程序.内核.shell和文件系统一起形成了基本的操作系统结构,它们使得用户可以运行程序.管理文件并使用系统 ...

随机推荐

  1. 21、Scaffold属性 FloatingActionButton实现类似闲鱼App底 部导航凸起按钮

    FloatingActionButton详解 FloatingActionButton简称FAB ,可以实现浮动按钮,也可以实现类似闲鱼app的底部凸起导航   实现类似闲鱼App底部导航凸起按钮 c ...

  2. linux_文本处理工具详细介绍

    文本处理工具 1. grep工具 grep是行过滤工具:用于根据关键字进行行过滤 语法和选项 语法: # grep [选项] '关键字' 文件名 常见选项: OPTIONS: -i: 不区分大小写 - ...

  3. 云小课|MRS基础原理之Hue组件介绍

    阅识风云是华为云信息大咖,擅长将复杂信息多元化呈现,其出品的一张图(云图说).深入浅出的博文(云小课)或短视频(云视厅)总有一款能让您快速上手华为云.更多精彩内容请单击此处. 摘要:Hue是一组WEB ...

  4. 5分钟体验代码仓托管、CloudIDE云端代码编辑、调试、运行

    摘要:您将学会如何通过代码托管(CodeHub)创建代码仓,解决软件开发者在跨地域协同.多分支并发.代码版本管理.安全性等方面的问题. 本文分享自华为云社区<5分钟体验代码仓托管.CloudID ...

  5. 云图说|AppCube零代码,开启无码新生活

    阅识风云是华为云信息大咖,擅长将复杂信息多元化呈现,其出品的一张图(云图说).深入浅出的博文(云小课)或短视频(云视厅)总有一款能让您快速上手华为云.更多精彩内容请单击此处. 摘要: 应用魔方 App ...

  6. Python 的 sum():Pythonic 的求和方法

    摘要:Python 的内置函数sum()是一种对数值列表求和的有效且Pythonic 的方法.将多个数字相加是许多计算中常见的中间步骤,因此sum()对于 Python 程序员来说是一个非常方便的工具 ...

  7. 火山引擎 DataTester 揭秘:字节如何用 A/B 测试,解决增长问题的?

      更多技术交流.求职机会,欢迎关注字节跳动数据平台微信公众号,回复[1]进入官方交流群 上线六年,字节跳动的短视频产品--抖音已成为许多人记录美好生活的平台.除了抖音,字节跳动旗下还同时运营着数十款 ...

  8. PPT 配色方法

    https://www.bilibili.com/video/BV1ha411g7f5/?p=10 https://dribbble.com/ 问题1:配色太多,主题色混乱 一个主色,两辅色 问题2: ...

  9. 【Docker】容器操作 mysql部署 redis部署 nginx部署 迁移与备份 Dockerfile

    目录 上节回顾 今日内容 1 容器操作 2 应用部署 2.1 mysql 部署 2.2 redis 2.3 nginx 3 迁移与备份 4 Dockerfile 练习 上节回顾 # 1 docker ...

  10. k8s--容器挂载 error: /proc must be mounted

    问题描述: 登录容器,执行ps命令查看进程时,报错/proc挂载问题,如下图,按照图上所说在/etc/fstab 下添加,还是报错 思路: 可能是lxcfs挂了或者hang住了,具体要登录k8s节点实 ...