segfault at 0 ip (null) sp bf9ed55c error 4 in appname[8048000+252000]
If I don’t have the IP address, how do I determine where the crash occurred? does it being (null) mean anything useful?
in the appname[8048000+262000] = 0x82Aa000 is that supposed to give a clue? is it the 0x82AA000 the value I should try to use, both nm output and map file don’t give much help on that.
Advertisement
Answer
Things that could set the instruction pointer to NULL:
- branch to NULL
- call NULL
- return to NULL
In the first two cases, the stack is still in the state of the frame where the branch or call came from. In the last case, probably something has clobbered the return address on the stack of the previous function, and it may not be clear what the stack should have been, but usually it’s still possible to find some earlier stack frame and try reconstructing what happened from there on.
Binaries may be loaded at different addresses. appname[8048000+252000]
describes a segment in file appname
which was mapped into memory at addresses 8048000
–82aa000
, it doesn’t pinpoint where there fault was.
You will have better luck debugging with a core dump, which would contain details about the state (such as the other registers) and what was mapped into memory where (including the contents of the stack). If you are using systemd
, coredumps are stored in the journal and can be retrieved with coredumpctl
(for example, start debugging the last crash with coredumpctl gdb
).