• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer navigation

The Geek Diary

  • OS
    • Linux
    • CentOS/RHEL
    • Solaris
    • Oracle Linux
    • VCS
  • Interview Questions
  • Database
    • oracle
    • oracle 12c
    • ASM
    • mysql
    • MariaDB
  • DevOps
    • Docker
    • Shell Scripting
  • Big Data
    • Hadoop
    • Cloudera
    • Hortonworks HDP

What are “segfault” messages in /var/log/messages file

by admin

This post explains how to analyse the segfault message in message file and to identify the problem in application or operating system side.

What is “segfault”?

A segmentation fault (often shortened to segfault) or access violation is a fault raised by hardware with memory protection, to notify operating system (OS) about a memory access violation. The Linux kernel will response it by performing some corrective action, generally passing the fault to the offending process by sending the process a signal like #11. Processes can in some cases install a custom signal handler, allowing them to recover on their own, but otherwise the Linux default signal handler is used. The segfault generally will cause process to be terminated, and generates a core dump with proper ulimit setup.

How to check?

1. Signify segfault

A segfault typically just signifies an error in one particular process or program. It does not signify an error of the Linux Kernel. The kernel just detects the error of the process or program and (on some architectures) prints the information to the log like below:

kernel: login[118125]: segfault at 0 ip 00007f4e4d5334a8 sp 00007fffe9177d60 error 15 in pam_unity_uac.so[7f4e4d530000+b000]
kernel: crond[16398]: segfault at 14 ip 00007fd612c128f2 sp 00007fff6a689010 error 4 in pam_seos.so[7fd612baf000+f5000]
kernel: crond[17719]: segfault at 14 ip 00007fd612c128f2 sp 00007fff6a689010 error 4 in pam_seos.so[7fd612baf000+f5000

2. What does mean details this message?

The RIP value is the instruction pointer register value, the RSP is the stack pointer register value. The error value is a bit mask of page fault error code bits (from arch/x86/mm/fault.c):

* bit 0 == 0: no page found 1: protection fault
* bit 1 == 0: read access 1: write access
* bit 2 == 0: kernel-mode access 1: user-mode access
* bit 3 == 1: use of reserved bit detected
* bit 4 == 1: fault was an instruction fetch

Here’s error bit definition:

enum x86_pf_error_code {
PF_PROT = 1 << 0,
PF_WRITE = 1 << 1,
PF_USER = 1 << 2,
PF_RSVD = 1 << 3,
PF_INSTR = 1 << 4,
};

The error code 15 is 1111 bit. Finally, we can know the meaning of 1111 as follows:

01111
^^^^^
||||+---> bit 0
|||+----> bit 1
||+-----> bit 2
|+------> bit 3
+-------> bit 4

This message indicates that the application triggers protection fault because that process tried to write access to a reserved section of memory in user-mode.

Filed Under: CentOS/RHEL 5, CentOS/RHEL 6, CentOS/RHEL 7, Linux

Some more articles you might also be interested in …

  1. Monitor HDD and SSD with smartd and smartctl
  2. How to Make User Account Read-Only in CentOS/RHEL 7
  3. How to troubleshoot iSCSI issues in CentOS / RHEL 6,7
  4. How to Check whether SELinux is Enabled or Disabled
  5. How to configure interface in “Promiscuous Mode” in CentOS/RHEL
  6. CentOS / RHEL : How to disable ssh for non-root users (allowing ssh only for root user)
  7. Failed to Download Metadata for Repo ‘repo_name’
  8. CentOS / RHEL 7 : Unable To Start The Samba Service
  9. Understanding SELinux File Labelling and SELinux Context
  10. “You must wait longer to change your password” – error while changing password in CentOS/RHEL

You May Also Like

Primary Sidebar

Recent Posts

  • vgextend Command Examples in Linux
  • setpci command – configure PCI device
  • db_load command – generate db database
  • bsdtar command – Read and write tape archive files

© 2022 · The Geek Diary

  • Archives
  • Contact Us
  • Copyright