碰到一个dangling pointer导致进程core的问题,此类问题很常见,从上图m_vRelativePosition.y和z的异常值可以猜测,m_targetDomArea指向的内存被踩坏了,或是m_targetDomArea指向的对象已被销毁,其内存可能已被重新分配。
这里不去讨论m_targetDomArea野的原因(熟悉这块逻辑的同事已经在上图指出具体原因),只去研究导致core的直接原因是什么。
标签: gdb
近期用gdb调试coredump文件时发现会有warning:
warning: Unexpected size of section `.reg-xstate/13997' in core file.
起初以为是core文件有问题,后发现其实是低版本gdb(8.0版本)无法识别CPU的某些寄存器而做出的提示。
如果CPU支持Intel MPX技术,则会有几个额外的寄存器,而低版本的gdb无法识别这些寄存器,因此提示warning。
可以通过以下命令确定CPU是否支持MPX:
$ grep mpx /proc/cpuinfo flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ss ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl nonstop_tsc eagerfpu pni pclmulqdq ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm 3dnowprefetch invpcid_single fsgsbase bmi1 hle avx2 smep bmi2 erms invpcid rtm mpx avx512f avx512dq rdseed adx smap clflushopt clwb avx512cd avx512bw avx512vl xsaveopt xsavec xgetbv1 arat avx512_vnni
更换高版本(10.0版本)的gdb后,warning消失,且通过gdb命令info all-registers也确实可以查看到MPX相关的几个寄存器:
(gdb) info all-registers
bndcfgu {raw = 0x0, config = {base = 0x0, reserved = 0x0, preserved = 0x0, enabled = 0x0}} {raw = 0x0, config = {base = 0, reserved = 0, preserved = 0, enabl--Type <RET> for more, q to quit, c to continue without paging--
ed = 0}}
bndstatus {raw = 0x0, status = {bde = 0x0, error = 0x0}} {raw = 0x0, status = {bde = 0, error = 0}}
bnd0 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd2 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1
bnd3 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1 {lbound = 0x0, ubound = 0xffffffffffffffff} : size -1