无效异常展开导致的崩溃? [英] Crash caused by invalid exception unwinding?
本文介绍了无效异常展开导致的崩溃?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在调试在我们的一项测试中发生的崩溃.我们有一个用 C++ 编写的 ODBC 驱动程序,正在使用我们的测试工具(称为Touchstone")通过 iODBC 进行测试,该工具也是用 C++ 编写的.
I'm debugging a crash which occurs in one of our tests. We have an ODBC driver .so written in C++, which is being tested via iODBC using our test tool (called 'Touchstone'), which is also written in C++.
我已经使用 Oracle Solaris Studio 12.4(不是 GCC)在 Solaris 10 (x86) 上以 64 位模式编译了所有三个.
I've compiled all three on Solaris 10 (x86) in 64-bit mode using the Oracle Solaris Studio 12.4 (NOT GCC).
只有在 Touchstone 以发布模式构建时才会发生崩溃,所以我花了相当多的时间在 dbx 中逐步完成汇编,似乎发生了以下情况:
The crash only occurs when Touchstone is built in release mode, so I've spent a fair bit of time stepping through assembly in dbx, and what seems to happen is the following:
- 'statement' 对象的'this' 指针存储到 r14 中
- 我们在驱动程序管理器 (DM) 中调用 SQLColAttributes,后者调用驱动程序中的 SQLColAttributeW.
- 在返回到 DM 之前,它会将 r14 溢出到 SQLColAttributeW 的调用者之一的堆栈中.
- 在堆栈的更深处,抛出异常(最终在离开驱动程序并返回 DM 之前被捕获),这在堆栈展开期间似乎混乱",因此一旦我最终返回试金石,r14是垃圾.Touchstone 尝试从语句对象中检索成员并很快因 SEGV 崩溃.
当我到达 #3 时,我做的第一件事就是在寄存器溢出的堆栈上放置一个硬件写监视,但直到返回到试金石之后,寄存器之后它才会被击中已经损坏.
One of the first things I did when I got to #3 was to put a hardware write watch on the stack where the register was getting spilled to, but it doesn't get hit until after returning into touchstone, after the register has already been corrupted.
然后我注意到似乎导致损坏的代码抛出异常,并记住了这个,我之前遇到过,使用solaris studio构建的Touchstone时使用gcc构建的驱动,所以我用solaris studio重新编译iODBC,运行ldd 不再显示对它的依赖,但它仍然以同样的方式崩溃.
Then I noticed that the code which seem to cause the corruption was throwing an exception, and remembered this, which I have encountered before, when using Touchstone built with solaris studio use a driver built with gcc, so I recompiled iODBC with solaris studio, and running ldd shows no dependency on it anymore, but it's still crashing in the same way.
我也尝试过那篇文章中建议的解决方法(LD_PRELOAD=/usr/sfw/lib/amd64/libgcc_s.so),但这也没有改变任何东西.
I've also tried the workaround suggested in that article (LD_PRELOAD=/usr/sfw/lib/amd64/libgcc_s.so), but that didn't change anything either.
我也能够编译 valgrind,它似乎支持我的假设:
I was also able to compile valgrind, and it seems to support my hypothesis:
-bash-4.1$ $VG --tool=memcheck $TC -te ApiTestEnv_utf32.xml -ts ApiTestSuite.xml -o crash -rts COLATTRIBUTETESTS
==900== Memcheck, a memory error detector
==900== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==900== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==900== Command: /export/home/bamboo/Touchstone -te ApiTestEnv_utf32.xml -ts ApiTestSuite.xml -o crash -rts COLATTRIBUTETESTS
==900==
Simba Test Verbose Log Started on Thu Jul 14 11:35:25 2016
Touchstone test utility for ODBC and OLE DB for OLAP
Version: 4.5.0.5 (64-bit)
Copyright (c) 2012 Simba Technologies Incorporated
Starting test run
---------------------------
API Tests: COLATTRIBUTETESTS: SQLCOLATTRIBUTES_ERROR (1)==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7F94FF6D2: __1cFSimbaHSupportbAIniFileConfigurationReaderLOpenIniFile6Mrkn0BNsimba_wstring_5_pn0BITextFile__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F94FEBC3: __1cFSimbaHSupportbAIniFileConfigurationReaderRLoadConfiguration6MrnDstdDmap4n0BNsimba_wstring_n0DDmap4n0E_n0BHVariant_n0EZCaseInsensitiveComparator_n0DJallocator4n0DEpair4Ck4n0F_______n0G_n0DJallocator4n0DEpai
r4C5n0J_______r58p5_b_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F94FEA51: __1cFSimbaHSupportbAIniFileConfigurationReaderRLoadConfiguration6MrnDstdDmap4n0BNsimba_wstring_n0BHVariant_n0EZCaseInsensitiveComparator_n0DJallocator4n0DEpair4Ck4n0F_______r58p5b_b_ (in /export/home/bamboo/sol
-crash/libInternalTest_debug.so)
==900== by 0x7F950CD97: __1cFSimbaHSupportSSimbaSettingReaderUInternal_ReadSetting6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____4_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F950C2C6: __1cFSimbaHSupportSSimbaSettingReaderLReadSetting6FrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____4_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F950A2DC: __1cFSimbaHSupportSSimbaSettingReaderSGetAppCharEncoding6F_n0BMEncodingType__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F8D8E29C: __1cFSimbaDDSIJDSIDriverYSetDefaultPropertyValues6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F8D8D787: __1cFSimbaDDSIJDSIDriver2t6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F7B57748: __1cFSimbaMInternalTestIITDriver2t6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F86D7330: __1cFSimbaDDSIQDSIDriverFactory6FrL_pn0BHIDriver__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F8E17FEB: __1cFSimbaDDSIWSharedSingletonManagerKInitialize6Fb_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== Address 0x37fe5ba8 is on thread 1's stack
==900== 664 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7F94FEBC3: __1cFSimbaHSupportbAIniFileConfigurationReaderRLoadConfiguration6MrnDstdDmap4n0BNsimba_wstring_n0DDmap4n0E_n0BHVariant_n0EZCaseInsensitiveComparator_n0DJallocator4n0DEpair4Ck4n0F_______n0G_n0DJallocator4n0DEpai
r4C5n0J_______r58p5_b_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F94FEA51: __1cFSimbaHSupportbAIniFileConfigurationReaderRLoadConfiguration6MrnDstdDmap4n0BNsimba_wstring_n0BHVariant_n0EZCaseInsensitiveComparator_n0DJallocator4n0DEpair4Ck4n0F_______r58p5b_b_ (in /export/home/bamboo/sol
-crash/libInternalTest_debug.so)
==900== by 0x7F950CD97: __1cFSimbaHSupportSSimbaSettingReaderUInternal_ReadSetting6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____4_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F950C2C6: __1cFSimbaHSupportSSimbaSettingReaderLReadSetting6FrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____4_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F950A2DC: __1cFSimbaHSupportSSimbaSettingReaderSGetAppCharEncoding6F_n0BMEncodingType__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F8D8E29C: __1cFSimbaDDSIJDSIDriverYSetDefaultPropertyValues6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F8D8D787: __1cFSimbaDDSIJDSIDriver2t6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F7B57748: __1cFSimbaMInternalTestIITDriver2t6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F86D7330: __1cFSimbaDDSIQDSIDriverFactory6FrL_pn0BHIDriver__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F8E17FEB: __1cFSimbaDDSIWSharedSingletonManagerKInitialize6Fb_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA0644BD: __1cFSimbaEODBCGDriverUInitializeSingletons6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== Address 0x37fe5bd8 is on thread 1's stack
==900== 856 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7F7B58945: __1cFSimbaMInternalTestIITDriverbAInitializeUnicodeStringMap6M_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F7B57C96: __1cFSimbaMInternalTestIITDriverRCreateEnvironment6M_pn0ADDSIMIEnvironment__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA06087D: __1cFSimbaEODBCGDriverRCreateEnvironment6Mppv_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EB138F: SQLAllocHandle (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE21BE90: _iodbcdm_driverload (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE21FDB0: SQLDriverConnect_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE220DE3: SQLDriverConnectW (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69132: __1cFSimbaIODBCTestDCliRSqlDriverConnectW6Mpv3pwh4hphH_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAD9CDB: __1cFSimbaIODBCTestKConnectionRSqlDriverConnectW6MpvpkwhpwhphHrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xABC586: __1cFSimbaIODBCTestRConnectionFactorySMakeConnectionInC46Fpn0BLEnvironment_rkn0BHODBCStr__pn0BKConnection__ (in /export/home/bamboo/Touchstone)
==900== by 0xAD2F39: __1cFSimbaIODBCTestSOdbcTestCaseBaseS1MexecuteSetup6M_b_ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fe6798 is on thread 1's stack
==900== 664 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7F7B57C96: __1cFSimbaMInternalTestIITDriverRCreateEnvironment6M_pn0ADDSIMIEnvironment__ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA06087D: __1cFSimbaEODBCGDriverRCreateEnvironment6Mppv_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EB138F: SQLAllocHandle (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE21BE90: _iodbcdm_driverload (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE21FDB0: SQLDriverConnect_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE220DE3: SQLDriverConnectW (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69132: __1cFSimbaIODBCTestDCliRSqlDriverConnectW6Mpv3pwh4hphH_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAD9CDB: __1cFSimbaIODBCTestKConnectionRSqlDriverConnectW6MpvpkwhpwhphHrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xABC586: __1cFSimbaIODBCTestRConnectionFactorySMakeConnectionInC46Fpn0BLEnvironment_rkn0BHODBCStr__pn0BKConnection__ (in /export/home/bamboo/Touchstone)
==900== by 0xAD2F39: __1cFSimbaIODBCTestSOdbcTestCaseBaseS1MexecuteSetup6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0xD228AB: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBaseMexecuteSetup6M_b_ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fe67c8 is on thread 1's stack
==900== 856 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7FA039B3D: __1cFSimbaEODBCKDescriptorOGetHeaderField6kMhpvpi_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA11C104: __1cFSimbaEODBCOStatementStateQSQdDLNumResultCols6Mph_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA10903D: __1cFSimbaEODBCJStatementQSQdDLNumResultCols6Mph_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9F52DE0: __1cGDoTask4nFSimbaEODBCUSQdDLNumResultColsTask__6Fpkcpvrn7TAOTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9ED63DB: SQLNumResultCols (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE23C4E1: _iodbcdm_NumResultCols (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE223169: _iodbcdm_do_cursoropen (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE224295: SQLExecDirect_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE224537: SQLExecDirect (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69B5D: __1cFSimbaIODBCTestDCliNSqlExecDirect6MpvpCi_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE39BA: __1cFSimbaIODBCTestJStatementNSqlExecDirect6MpkCirkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fee258 is on thread 1's stack
==900== 664 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7FA10903D: __1cFSimbaEODBCJStatementQSQdDLNumResultCols6Mph_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9F52DE0: __1cGDoTask4nFSimbaEODBCUSQdDLNumResultColsTask__6Fpkcpvrn7TAOTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9ED63DB: SQLNumResultCols (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE23C4E1: _iodbcdm_NumResultCols (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE223169: _iodbcdm_do_cursoropen (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE224295: SQLExecDirect_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE224537: SQLExecDirect (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69B5D: __1cFSimbaIODBCTestDCliNSqlExecDirect6MpvpCi_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE39BA: __1cFSimbaIODBCTestJStatementNSqlExecDirect6MpkCirkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD205EA: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fee288 is on thread 1's stack
==900== 1128 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7FA039B3D: __1cFSimbaEODBCKDescriptorOGetHeaderField6kMhpvpi_v_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA11F45D: __1cFSimbaEODBCOStatementStateXDoColAttributeOnlyCount6MHphpl_nDstdEpair4Cp2Ch___ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA12962D: __1cFSimbaEODBCWStatementStateExecutedQSQdDLColAttributeW6MHHpvhphpl_nDstdEpair4Cpn0BOStatementState_Ch___ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA0F6AAE: __1cFSimbaEODBCJStatementQSQdDLColAttributeW6MHHpvhphpl_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EA3CC2: __1cFSimbaEODBCTSQdDLColAttributeTask4B_PDoSynchronously6Frn0BJStatement_rkn0COTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9F10151: __1cGDoTask4nFSimbaEODBCTSQdDLColAttributeTask4B___6Fpkcpvrn7TAOTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EB815B: SQLColAttributeW (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE23DC5E: SQLColAttributes_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE23E495: SQLColAttributes (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69EE8: __1cFSimbaIODBCTestDCliQSqlColAttributes6MpvHH3hphpl_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4CE7: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fedf48 is on thread 1's stack
==900== 664 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7FA12962D: __1cFSimbaEODBCWStatementStateExecutedQSQdDLColAttributeW6MHHpvhphpl_nDstdEpair4Cpn0BOStatementState_Ch___ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FA0F6AAE: __1cFSimbaEODBCJStatementQSQdDLColAttributeW6MHHpvhphpl_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EA3CC2: __1cFSimbaEODBCTSQdDLColAttributeTask4B_PDoSynchronously6Frn0BJStatement_rkn0COTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9F10151: __1cGDoTask4nFSimbaEODBCTSQdDLColAttributeTask4B___6Fpkcpvrn7TAOTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EB815B: SQLColAttributeW (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE23DC5E: SQLColAttributes_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE23E495: SQLColAttributes (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69EE8: __1cFSimbaIODBCTestDCliQSqlColAttributes6MpvHH3hphpl_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4CE7: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22371: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebEVerifyColAttributesNumberField6Mhl_v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD20720: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fedf78 is on thread 1's stack
==900== 1128 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7FA0F6AAE: __1cFSimbaEODBCJStatementQSQdDLColAttributeW6MHHpvhphpl_h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EA3CC2: __1cFSimbaEODBCTSQdDLColAttributeTask4B_PDoSynchronously6Frn0BJStatement_rkn0COTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9F10151: __1cGDoTask4nFSimbaEODBCTSQdDLColAttributeTask4B___6Fpkcpvrn7TAOTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EB815B: SQLColAttributeW (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE23DC5E: SQLColAttributes_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE23E495: SQLColAttributes (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69EE8: __1cFSimbaIODBCTestDCliQSqlColAttributes6MpvHH3hphpl_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4CE7: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fee258 is on thread 1's stack
==900== 664 bytes below stack pointer
==900==
==900== Invalid read of size 8
==900== at 0x7FE3BD7D2: _Unw_jmp (in /lib/amd64/libc.so.1)
==900== by 0x7F9EA3CC2: __1cFSimbaEODBCTSQdDLColAttributeTask4B_PDoSynchronously6Frn0BJStatement_rkn0COTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9F10151: __1cGDoTask4nFSimbaEODBCTSQdDLColAttributeTask4B___6Fpkcpvrn7TAOTaskParameters__h_ (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7F9EB815B: SQLColAttributeW (in /export/home/bamboo/sol-crash/libInternalTest_debug.so)
==900== by 0x7FE23DC5E: SQLColAttributes_Internal (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0x7FE23E495: SQLColAttributes (in /export/home/bamboo/libiodbc-3.52.8/usr/local/lib/libiodbc.so.2)
==900== by 0xA69EE8: __1cFSimbaIODBCTestDCliQSqlColAttributes6MpvHH3hphpl_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4CE7: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== by 0x1300335: __1cFSimbaETestGEngineHrunTest6Mpn0BECase__v_ (in /export/home/bamboo/Touchstone)
==900== Address 0x37fee288 is on thread 1's stack
==900== 776 bytes below stack pointer
==900==
==900== Use of uninitialised value of size 8
==900== at 0xAE161A: __1cFSimbaIODBCTestGHandleMCheckOutcome6kMrkn0BHOutcome_hpkci_v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4D01: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== by 0x1300335: __1cFSimbaETestGEngineHrunTest6Mpn0BECase__v_ (in /export/home/bamboo/Touchstone)
==900== by 0x12FFD8C: __1cFSimbaETestGEngineIRunTests6Mpn0BPTestEnvironment_i_b_ (in /export/home/bamboo/Touchstone)
==900== by 0xA66238: main (in /export/home/bamboo/Touchstone)
==900==
==900== Use of uninitialised value of size 8
==900== at 0xAE1634: __1cFSimbaIODBCTestGHandleMCheckOutcome6kMrkn0BHOutcome_hpkci_v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4D01: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== by 0x1300335: __1cFSimbaETestGEngineHrunTest6Mpn0BECase__v_ (in /export/home/bamboo/Touchstone)
==900== by 0x12FFD8C: __1cFSimbaETestGEngineIRunTests6Mpn0BPTestEnvironment_i_b_ (in /export/home/bamboo/Touchstone)
==900== by 0xA66238: main (in /export/home/bamboo/Touchstone)
==900==
==900== Use of uninitialised value of size 8
==900== at 0xAE1224: __1cFSimbaIODBCTestGHandleDlog6kM_pn0AETestNVerboseLogger__ (in /export/home/bamboo/Touchstone)
==900== by 0xAE1827: __1cFSimbaIODBCTestGHandleMCheckOutcome6kMrkn0BHOutcome_hpkci_v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4D01: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== by 0x1300335: __1cFSimbaETestGEngineHrunTest6Mpn0BECase__v_ (in /export/home/bamboo/Touchstone)
==900== by 0x12FFD8C: __1cFSimbaETestGEngineIRunTests6Mpn0BPTestEnvironment_i_b_ (in /export/home/bamboo/Touchstone)
==900== by 0xA66238: main (in /export/home/bamboo/Touchstone)
==900==
==900== Invalid read of size 1
==900== at 0x7FE3AD4FD: mutex_lock_impl (in /lib/amd64/libc.so.1)
==900== by 0x7FE3AD793: mutex_lock (in /lib/amd64/libc.so.1)
==900== by 0x1317140: __1cFSimbaETestNVerboseLoggerDLog6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE184A: __1cFSimbaIODBCTestGHandleMCheckOutcome6kMrkn0BHOutcome_hpkci_v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4D01: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== by 0x1300335: __1cFSimbaETestGEngineHrunTest6Mpn0BECase__v_ (in /export/home/bamboo/Touchstone)
==900== by 0x12FFD8C: __1cFSimbaETestGEngineIRunTests6Mpn0BPTestEnvironment_i_b_ (in /export/home/bamboo/Touchstone)
==900== by 0xA66238: main (in /export/home/bamboo/Touchstone)
==900== Address 0x650000017b is not stack'd, malloc'd or (recently) free'd
==900==
==900==
==900== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==900== Access not within mapped region at address 0x650000017B
==900== at 0x7FE3AD4FD: mutex_lock_impl (in /lib/amd64/libc.so.1)
==900== by 0x7FE3AD793: mutex_lock (in /lib/amd64/libc.so.1)
==900== by 0x1317140: __1cFSimbaETestNVerboseLoggerDLog6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE184A: __1cFSimbaIODBCTestGHandleMCheckOutcome6kMrkn0BHOutcome_hpkci_v_ (in /export/home/bamboo/Touchstone)
==900== by 0xAE4D01: __1cFSimbaIODBCTestJStatementQSqlColAttributes6MHHpvhphplrkn0BHOutcome_pkci_h_ (in /export/home/bamboo/Touchstone)
==900== by 0xD22776: __1c9uX__unnamed_Aj63VIoYhXFiiQColAttributeBasebCVerifyColAttributesWithError6MhrknFSimbaIODBCTestMThrowOutcome__v_ (in /export/home/bamboo/Touchstone)
==900== by 0xD208FC: __1c9uX__unnamed_Aj63VIoYhXFiiWSQdDLCOLATTRIBUTES_ERRORLexecuteTest6M_b_ (in /export/home/bamboo/Touchstone)
==900== by 0x12F954D: __1cFSimbaETestECaseHrunTest6MrknDstdMbasic_string4Ccn0DLchar_traits4Cc__n0DJallocator4Cc_____n0CLTEST_STATUS__ (in /export/home/bamboo/Touchstone)
==900== by 0x1300335: __1cFSimbaETestGEngineHrunTest6Mpn0BECase__v_ (in /export/home/bamboo/Touchstone)
==900== by 0x12FFD8C: __1cFSimbaETestGEngineIRunTests6Mpn0BPTestEnvironment_i_b_ (in /export/home/bamboo/Touchstone)
==900== by 0xA66238: main (in /export/home/bamboo/Touchstone)
==900== If you believe this happened as a result of a stack
==900== overflow in your program's main thread (unlikely but
==900== possible), you can try to increase the size of the
==900== main thread stack using the --main-stacksize= flag.
==900== The main thread stack size used in this run was 8388608.
==900==
==900== HEAP SUMMARY:
==900== in use at exit: 19,994,466 bytes in 157,661 blocks
==900== total heap usage: 416,854 allocs, 259,193 frees, 56,010,824 bytes allocated
==900==
==900== LEAK SUMMARY:
==900== definitely lost: 0 bytes in 0 blocks
==900== indirectly lost: 0 bytes in 0 blocks
==900== possibly lost: 10,903,944 bytes in 79,967 blocks
==900== still reachable: 9,090,522 bytes in 77,694 blocks
==900== suppressed: 0 bytes in 0 blocks
==900== Rerun with --leak-check=full to see details of leaked memory
==900==
==900== For counts of detected and suppressed errors, rerun with: -v
==900== Use --track-origins=yes to see where uninitialised values come from
==900== ERROR SUMMARY: 14 errors from 14 contexts (suppressed: 0 from 0)
Segmentation Fault
搜索_Uwn_jmp 给了我这个不幸的是(看看名字),这意味着我看到了同样的事情,因为我认为 gcc/cc 不兼容.
searching for _Uwn_jmp gives me this unfortunately (look at the name), which means that I was seeing the same thing for what I dismissed as gcc/cc incompatibility.
同样的测试适用于 32 位.
The same tests work fine for 32-bit.
有什么想法吗?
推荐答案
(不是完整的答案,但评论似乎太长了.
(not a full answer, but this seemed too long for comments).
TL:DR:检查 ABI 而不是猜测哪个部分有问题.
TL:DR: check the ABI instead of guessing about which part is wrong.
r14 是 SysV AMD64 ABI.想要使用它的函数会将它推送到他们的序言中,并在他们的尾声中弹出它.但他们并不关心他们的呼叫者使用它做什么.他们只需要确保它具有与进入时相同的回报价值.
r14 is a call-preserved register (and not used for arg-passing) in the SysV AMD64 ABI. Functions that want to use it will push it in their prologue and pop it in their epilogue. But they don't care what their caller was using it for. They just have to make sure it has the same value on return as it did on entry.
catch 子句入口处的寄存器状态似乎记录在 ABI 的第 6.2.6 节中:
The register state on entry to a catch clause seems to be documented in Section 6.2.6 of the ABI:
将控制权转移到着陆台
...
在着陆垫中执行代码之前,展开库恢复寄存器没有被个性惯例改变,使用上下文记录,到他们的状态抛出异常的调用之前的帧,如下所示.指定的所有寄存器作为被调用者保存的基础 ABI 被恢复,[和 %rsi, %rdi, %rdx, %rcx 用于传递有关异常的信息].
Prior to executing code in the landing pad, the unwind library restores registers
not altered by the personality routine, using the context record, to their state in that
frame before the call that threw the exception, as follows. All registers specified
as callee-saved by the base ABI are restored, [and %rsi, %rdi, %rdx, %rcx are used to pass info about the exception].
ABI 中最后一句的原始结尾措辞令人困惑.我在 [ ] 中的释义可能是错误的.(请参阅该小节的最后一段).
The original end of that last sentence in the ABI is confusingly worded. My paraphrase inside [ ] may be wrong. (See the last paragraph of that subsection).
基于本节和前面的部分(描述了即使没有catch,如何调用每个帧的清理代码),我几乎可以肯定调用保留的寄存器在一个 catch.这与在展开期间运行析构函数的机制相同,这是必要的.
Based on this and previous sections (describing how cleanup code for each frame is called even if it doesn't have a catch), I'm almost certain that call-preserved registers are restored in a catch. This is the same mechanism that runs destructors during unwinding, which is necessary.
所以听起来错误是 r14 没有被正确恢复.catch 捕获异常并尝试使用 r14 的函数没有做错任何事情.
So it sounds like the error is that r14 isn't being restored correctly. The function that catches the exception and tries to use r14 isn't doing anything wrong.
也许尝试在一些函数中包含打印一些日志信息的析构函数,这些函数将解除其堆栈帧?也许让他们检查一个全局来决定是否打印,这样你就可以设置一个全局然后进行调用,这将导致抛出异常,这样你就不会从不打印的调用中得到一个充满日志消息的屏幕扔.
Maybe try including destructors that print some logging info in some of the functions that will have their stack frame unwound? Maybe have them check a global to decide whether to print, so you can set a global and then make the call that will result in an exception being thrown, so you don't get a screen full of log messages from calls that don't throw.
如果您没有看到 r14 正在恢复,则可能在展开的第 2 阶段没有正确调用析构函数/清理.
Maybe destructors/cleanup aren't being called correctly during phase2 of unwinding, if you didn't see r14 being restored.
... put a hardware write watch on the stack where the register was getting spilled to, but it doesn't get hit until after returning into touchstone
... put a hardware write watch on the stack where the register was getting spilled to, but it doesn't get hit until after returning into touchstone
You should have been using a read watchpoint to look for it being read during the unwind cleanup code for the function that spilled it. It's not surprising that nothing overwrites the spill location until after entering the catch clause.
You should have been using a read watchpoint to look for it being read during the unwind cleanup code for the function that spilled it. It's not surprising that nothing overwrites the spill location until after entering the catch clause.
这篇关于无效异常展开导致的崩溃?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
