3

我需要一些建议如何识别段错误的来源。

用 ASAN 编译:

==21093==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7f09d744d882 bp 0x000000001000 sp 0x62100001c538 T0)
ASAN:DEADLYSIGNAL
AddressSanitizer: nested bug in the same thread, aborting.

从 gdb 开始:

Program received signal SIGSEGV, Segmentation fault.    
0x00007ffff5eeb882 in __memset_avx2_erms () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007ffff5eeb882 in __memset_avx2_erms () from /usr/lib/libc.so.6
#1  0xbebebebebebebebe in ?? ()
#2  0xbebebebebebebebe in ?? ()
...

1. 编辑:

上面的输出是针对 64 位 (x86_64) 编译的,在 32 位上会生成以下输出:

==8361==ERROR: AddressSanitizer failed to allocate 0x200000 (2097152) bytes of SizeClassAllocator32 (error code: 12)
==8361==Process memory map follows:
    0x00200000-0x00300000
    0x00400000-0x00500000
...
    0xf7791000-0xf7792000   /lib32/ld-2.24.so
    0xf7800000-0xffd00000
    0xffe34000-0xffe55000   [stack]
==8361==End of process memory map.
==8361==AddressSanitizer CHECK failed: ../../../../../src/libsanitizer/sanitizer_common/sanitizer_common.cc:180 "((0 && "unable to mmap")) != (0)" (0x0, 0x0)
ERROR: Failed to mmap

2.编辑:

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5eeb882 in __memset_avx2_erms () from /usr/lib/libc.so.6
(gdb) bt
#0  0x00007ffff5eeb882 in __memset_avx2_erms () from /usr/lib/libc.so.6
#1  0xbebebebebebebebe in ?? ()
#2  0xbebebebebebebebe in ?? ()
#3  0xbebebebebebebebe in ?? ()
#4  0xbebebebebebebebe in ?? ()
...
(gdb) record instruction-history
17798      0x00007ffff5eeb8b6 <__memset_avx2_unaligned_erms+22>:    cmp    $0x40,%rdx
17799      0x00007ffff5eeb8ba <__memset_avx2_unaligned_erms+26>:    ja     0x7ffff5eeb8ca <__memset_avx2_unaligned_erms+42>
17800      0x00007ffff5eeb8ca <__memset_avx2_unaligned_erms+42>:    cmp    $0x800,%rdx
17801      0x00007ffff5eeb8d1 <__memset_avx2_unaligned_erms+49>:    ja     0x7ffff5eeb870 <__memset_avx2_erms>
17802      0x00007ffff5eeb870 <__memset_avx2_erms+0>:   vzeroupper 
17803      0x00007ffff5eeb873 <__memset_avx2_erms+3>:   mov    %rdx,%rcx
17804      0x00007ffff5eeb876 <__memset_avx2_erms+6>:   movzbl %sil,%eax
17805      0x00007ffff5eeb87a <__memset_avx2_erms+10>:  mov    %rdi,%rdx
17806      0x00007ffff5eeb87d <__memset_avx2_erms+13>:  rep stos %al,%es:(%rdi)
17807      0x00007ffff5eeb87f <__memset_avx2_erms+15>:  mov    %rdx,%rax

不确定这意味着什么/为什么会导致段错误?

4

2 回答 2

4

我需要一些建议如何识别段错误的来源。

GDB 堆栈跟踪是典型的堆栈溢出,类似于:

int main()
{
  char buf[1];
  memset(buf, 0xbe, 1<<20);
}

令人惊讶的是,AddressSanitizer 没有捕捉到溢出。

我会尝试使用 GDB 分支跟踪支持对其进行调试,如此处所述

PS 如果你能构建一个最小的例子,A​​ddress Sanitizer 开发人员会对它感兴趣。

于 2017-05-14T16:23:39.563 回答
0

Is it being built and run on different machines/environments?

I observe such segfaults for the executable compiled with asan when it is built and run on different environments/machines (don't observe if the lib versions are same). i.e. without asan the app runs fine on different machine.

In my case, when I run an app with address sanitizer on different machine:

./dummy_logger
ASAN:SIGSEGV
=================================================================
==18213==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000 (pc 0xf7f45e60 bp 0x1ffff000 sp 0xffab0a4c T16777215)
    #0 0xf7f45e5f in _dl_get_tls_static_info (/lib/ld-linux.so.2+0x11e5f)
    #1 0xf7a59d1c  (/usr/lib/i386-linux-gnu/libasan.so.2+0xacd1c)
    #2 0xf7a4ddbd  (/usr/lib/i386-linux-gnu/libasan.so.2+0xa0dbd)
    #3 0xf7f438ea  (/lib/ld-linux.so.2+0xf8ea)
    #4 0xf7f34cb9  (/lib/ld-linux.so.2+0xcb9)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ??:0 _dl_get_tls_static_info
==18213==ABORTING

And works fine on the machine where it was compiled.

于 2021-02-26T07:41:27.537 回答