https://stackoverflow.com/questions/1456899/what-are-segfault-rip-rsp-numbers-and-how-to-use-them
 
11

When my linux application crashes, it produces a line in the logs something like:

segfault at 0000000 rip 00003f32a823 rsp 000123ade323 error 4

What are those rip and rsp addresses? How do I use them to pinpoint the problem? Do they correspond to something in the objdump or readelf outputs? Are they useful if my program gets its symbols stripped out (to a separate file, which can be used using gdb)?

pevik

4,39333 gold badges3131 silver badges4343 bronze badges
asked Sep 21, 2009 at 21:11
 
johnnys

 

2 Answers

Sorted by:
                     
                         Highest score (default)                     
                     
                         Trending (recent votes count more)                     
                     
                         Date modified (newest first)                     
                     
                         Date created (oldest first)                     
         
7

Well the rip pointer tells you the instruction that caused the crash. You need to look it up in a map file.

In the map file you will have a list of functions and their starting address. When you load the application it is loaded to a base address. The rip pointer - the base address gives you the map file address. If you then search through the map file for a function that starts at an address slightly lower than your rip pointer and is followed, in the list, by a function with a higher address you have located the function that crashed.

From there you need to try and identify what went wrong in your code. Its not much fun but it, at least, gives you a starting point.

Edit: The "segfault at" bit is telling you, i'd wager, that you have dereferenced a NULL pointer. The rsp is the current stack pointer. Alas its probably not all that useful. With a memory dump you "may" be able to figure out more accurately where you'd got to in the function but it can be really hard to work out, exactly, where you are in an optimised build

answered Sep 21, 2009 at 21:20
Goz

61.1k2424 gold badges122122 silver badges203203 bronze badges
 
3

I got the error, too. When I saw:

probe.out[28503]: segfault at 0000000000000180 rip 00000000004450c0 rsp 00007fff4d508178 error 4

probe.out is an app which using libavformat (ffmpeg). I disassembled it.

objdump -d probe.out

The rip is where the instruction will run:

00000000004450c0 <ff_rtp_queued_packet_time>:

  4450c0:       48 8b 97 80 01 00 00    mov    0x180(%rdi),%rdx

  44d25d:       e8 5e 7e ff ff          callq  4450c0 <ff_rtp_queued_packet_time>

finally, I found the app crashed in the function ff_rtp_queued_packet_time.

PS. sometimes the address doesn't exactly match, but it is almost there.

【转帖】What are segfault rip/rsp numbers and how to use them的更多相关文章

  1. 每天学点GDB14

    在上一篇文章中讲到了ptrace,那么我们完全可以用ptrace来写一个非常简单的trace工具,用以trace程序的具体运行过程. 用它可以很清楚的回答,使用glibc编译后的hello world ...

  2. IA-32e模式下的异常处理

    系统异常处理 CPU如果调用系统异常处理程序 需要的数据结构 IDT_Table: 中断向量表, 在中断向量表中的每一项都是一个中断描述符(中断门或者陷阱门), 一个中断描述符中的几位是段选择符 GD ...

  3. [Advance] How to debug a program (上)

    Tool GDB Examining Memory (data or in machine instructions) You can use the command x (for “examine” ...

  4. Virtualization and Performance: Understanding VM Exits

    翻译自:Virtualization and Performance: Understanding VM Exits 出于对特定指令 或 特定事件(eg.  page fault)的响应而导致的VM ...

  5. xenomai内核解析之双核系统调用(一)

    版权声明:本文为本文为博主原创文章,转载请注明出处.如有错误,欢迎指正.博客地址:https://www.cnblogs.com/wsg1100/ 目录 xenomai 内核系统调用 一.32位Lin ...

  6. C温故补缺(四):GDB

    gdb gdb是由GNU软件社区提供的C Debug工具 Pre 在调试前,需要先编译.c程序,且要加上-g使输出文件变得可调式 gcc test.c -g -o test 用gdb test来调试程 ...

  7. [转帖]The Lambda Calculus for Absolute Dummies (like myself)

    Monday, May 7, 2012 The Lambda Calculus for Absolute Dummies (like myself)   If there is one highly ...

  8. 【pyhon】理想论坛单帖爬虫取得信息存入MySql数据库

    代码: # 单帖爬虫,用于爬取理想论坛单个帖子得到发帖人,发帖时间和回帖时间并存入数据库,url例子见main函数 from bs4 import BeautifulSoup import reque ...

  9. 【Python】爬取理想论坛单帖爬虫

    代码: # 单帖爬虫,用于爬取理想论坛帖子得到发帖人,发帖时间和回帖时间,url例子见main函数 from bs4 import BeautifulSoup import requests impo ...

  10. [转帖]软件的变革与 AOT

    软件的变革与 AOT https://www.colabug.com/851475.html 文章写的很牛B .. 前言 AOT 即 Ahead of Time Compilation,即运行前编,与 ...

随机推荐

  1. Java 设置Excel页面背景

    本文介绍通过Java 程序在Excel表格中设置页面背景的方法,可设置颜色背景(即指定单一颜色作为背景色).图片背景(即加载图片设置成页面背景).程序中需要使用免费版Excel类库工具 Free Sp ...

  2. Java 插入Excel页眉、页脚

    前言 在Excel文档中,我们常用页眉页脚来显示文档的附加信息,例如日期.公司名称.Logo或作者信息等.本文将通过Java程序来介绍如何给Excel文档添加页眉页脚.代码示例主要从以下几方面来演示添 ...

  3. DTSE Tech Talk 第18期丨统计信息大揭秘,数仓SQL执行优化之密钥

    摘要:华为云EI DTSE技术布道师王跃,针对统计信息对于查询优化器的重要性,GaussDB(DWS)最新版本的analyze当前能力,与开发者和伙伴朋友们展开交流互动,帮助开发者快速上手使用统计信息 ...

  4. GaussDB拿下的安全认证CC EAL4+究竟有多难?

    摘要:近日,经过全球知名独立认证机构SGS Brightsight实验室的安全评估,华为云GaussDB企业级分布式数据库内核获得全球权威信息技术安全性评估标准CC EAL4+级别认证 本文分享自华为 ...

  5. 释放千行百业数据价值,华为云DAYU有一套

    摘要:结合数字化转型中行业面临的挑战及产品解决方案解读数据使能服务DAYU. 大禹(DAYU)治水是一个有美好寓意的故事,大禹汲取了父亲治水的经验教训,总结出一套行之有效的治水方法,对洪水进行治理疏导 ...

  6. 思考:Https情况下前端密码是否需要加密

    例子: 不加密例子: image-20210719153550042 加密例子: image-20210719153812653 结论:前端账号密码需要加密. 论点一:https是否真的"安 ...

  7. Mysql--binlog日志

    一.简介 binlog日志也称二进制日志,记录了所有的DDL和DML( 除了数据查询语句 )语句,以事件形式记录,还包含语句所执行的消耗的时间,MySQL的二进制日志是事务安全型的. 一般来说开启二进 ...

  8. Linux CentOS 7 离线安装.NET环境

    下载 下载.NET 例如: aspnetcore-runtime-6.0.15-linux-x64.tar.gz 复制 复制到如下目录: /usr/local/dotnet/aspnetcore-ru ...

  9. Java异步编程详解

    在现代应用程序开发中,异步编程变得越来越重要,特别是在处理I/O密集型任务时.Java提供了一套强大的异步编程工具,使得开发者能够更有效地处理并发任务.本篇博文将深入探讨Java中异步编程的方方面面, ...

  10. 【3rd Party】nlohmann json 基础用法

    参考链接:Here 什么是nlohman json ? nlohman json GitHub - nlohmann/json: JSON for Modern C++ 是一个为现代C++(C++11 ...