Need help resolving segfault in libc

Need help debugging shared library with gdb.

I am trying to debug a shared library and in my case it is:
libc-2.23.so

The reason is that I get theese lines in dmesg:

[10081.433266] compiz[11346]: segfault at 7f30a4100010 ip 00007f309c36f44b sp 00007ffdde303aa0 error 4 in libc-2.23.so[7f309c2f1000+1bf000]
[22005.764635] compiz[16149]: segfault at 7f30e3456db0 ip 00007f30db85044b sp 00007fffaab9c0a0 error 4 in libc-2.23.so[7f30db7d2000+1bf000]
[48777.031064] compiz[25203]: segfault at 7f0b8e23b050 ip 00007f0b87edf44b sp 00007ffd51d15740 error 4 in libc-2.23.so[7f0b87e61000+1bf000]
[78850.413793] compiz[4889]: segfault at 7f60ddbf2440 ip 00007f60d598944b sp 00007ffedc5e31b0 error 4 in libc-2.23.so[7f60d590b000+1bf000]
[84583.754783] compiz[8441]: segfault at 7f5f8c3930c0 ip 00007f5f871d544b sp 00007ffc436bb5a0 error 4 in libc-2.23.so[7f5f87157000+1bf000]
[100625.457854] compiz[15619]: segfault at 7ffffa967680 ip 00007ffff722844b sp 00007fffffffdad0 error 4 in libc-2.23.so[7ffff71aa000+1bf000]
[104234.596331] compiz[19076]: segfault at 7ffffa2dc540 ip 00007ffff722844b sp 00007fffffffd810 error 4 in libc-2.23.so[7ffff71aa000+1bf000]
[112314.238115] compiz[22152]: segfault at 7ffffe232760 ip 00007ffff722844b sp 00007fffffffd810 error 4 in libc-2.23.so[7ffff71aa000+1bf000]
[130828.195732] compiz[26013]: segfault at 7ffffa966180 ip 00007ffff722844b sp 00007fffffffdad0 error 4 in libc-2.23.so[7ffff71aa000+1bf000]
[225379.026592] compiz[19275]: segfault at 7ffff821b6d0 ip 00007ffff722844b sp 00007fffffffd7c0 error 4 in libc-2.23.so[7ffff71aa000+1bf000]

The address where libc-2.23.so is loaded does not change after time stamp 100625.457854 since I ran the command:

$ echo 0 | sudo tee /proc/sys/kernel/randomize_va_space

In order to be able to load it under gdb.

What I have done so far is that I have established that the segfault always occur on the same offset from the shared librarys loaded address.
I calculated the offset by taking instruction pointer minus load address in python:

ld = ["7f309c2f1000", "7f30db7d2000", "7f0b87e61000", "7f60d590b000", "7f5f87157000", "7ffff71aa000"]
ip = ["7f309c36f44b", "7f30db85044b", "7f0b87edf44b", "7f60d598944b", "7f5f871d544b", "7ffff722844b"]
ld_val = [int(x,16) for x in ld]
ip_val=[int(x,16) for x in ip]
ip_off=[i-s for (i,s) in zip(ip_val,ld_val)]
ip_off
[517195, 517195, 517195, 517195, 517195, 517195]

So using this information I got the offending line from executing:

$ addr2line -e /lib/x86_64-linux-gnu/libc-2.23.so -fCi 0x7e44b
malloc_consolidate
/build/glibc-9tT8Do/glibc-2.23/malloc/malloc.c:4167

Since I run Ubuntu 16.04 I installed the sources by issuing:

$ apt-get source glibc-source

Inspecting the offending line showed that it was just a comment.
malloc.c:4167

/* Slightly streamlined version of consolidation code in free() */  

inside function:

static void malloc_consolidate(mstate av)

So I am assuming I am doing something wrong here.
Any pointer on how to capture this "segfault"?


So I am assuming I am doing something wrong here.

You aren't.

The symptoms you are looking at are 99.999% result of heap corruption, and since this is happening in compiz , there is little you can do except file a bug report.

To make a useful bug report, it would help if you could run compiz under Valgrind. Running it under GDB will not help.

I had gdb loaded with the library and breakpoint on line 4167 but no break even if I got a new entry in dmesg.

That means you are debugging the wrong process. Perhaps compiz forks helper processes, and one of them dies?

链接地址: http://www.djcxy.com/p/43908.html

上一篇: 音频在使用gstreamer的avi文件中停止

下一篇: 需要帮助解决libc中的段错误