问题描述
考虑下面的代码,我在aarch64上编译运行:
struct test_msg {
uint64_t seq;
char data[4096];
};
static inline void serialize(void *dest,const struct test_msg *src)
{
memcpy(dest,&src->seq,sizeof(src->seq));
strcpy((char*)dest + sizeof(src->seq),src->data);
}
它将在 strcpy((char*)dest + sizeof(src->seq),src->data);
中断
我使用 strcpy() 如下link
但是如果我把它改成
static inline void serialize(void *dest,sizeof(src->seq));
// strcpy((char*)dest + sizeof(src->seq),src->data);
memcpy((char*)dest + sizeof(src->seq),src->data,sizeof(src->data));
}
代码将正常运行。
我尝试将 strcpy() 实现为:
void heo_strcpy(char *s,char *t)
{
while(*s++ = *t++)
;
}
它也会起作用。 我认为我的 src->data 不会有问题,因为它在 strcpy() 之前是这样的,零终止:
data = "shm_sys_tc_012 shm_sys_tc_012 shm_sys_tc_012 shm_sys_tc_012 shm_sys_tc_",'\000' <repeats 4024 times>}
问题是 strcpy() 发生了什么?是否存在对内存的未对齐访问?
在跳转到总线错误之前的最后一行中,MCU 试图将 q1 寄存器存储到 [x0]。这部分我不明白为什么q1寄存器(128位宽)出现在这里,以及我错了哪一部分C代码导致了这个问题。
(gdb) display/i $pc
1: x/i $pc
=> 0x7ff7eaab40 <strcpy>: bti c
(gdb) si
0x0000007ff7eaab44 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab44 <strcpy+4>: and x2,x1,#0xfffffffffffffff0
(gdb)
0x0000007ff7eaab48 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab48 <strcpy+8>: mov w5,#0xf00f // #61455
(gdb)
0x0000007ff7eaab4c in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab4c <strcpy+12>: ld1 {v0.16b},[x2]
(gdb)
0x0000007ff7eaab50 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab50 <strcpy+16>: dup v2.8h,w5
(gdb)
0x0000007ff7eaab54 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab54 <strcpy+20>: cmeq v1.16b,v0.16b,#0
(gdb)
0x0000007ff7eaab58 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab58 <strcpy+24>: lsl x5,#2
(gdb)
0x0000007ff7eaab5c in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab5c <strcpy+28>: and v1.16b,v1.16b,v2.16b
(gdb)
0x0000007ff7eaab60 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab60 <strcpy+32>: addp v3.16b,v1.16b
(gdb)
0x0000007ff7eaab64 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab64 <strcpy+36>: fmov x4,d3
(gdb)
0x0000007ff7eaab68 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab68 <strcpy+40>: lsr x4,x4,x5
(gdb)
0x0000007ff7eaab6c in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab6c <strcpy+44>: cbnz x4,0x7ff7eaabb4 <strcpy+116>
(gdb)
0x0000007ff7eaab70 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab70 <strcpy+48>: ldr q0,[x2,#16]!
(gdb)
0x0000007ff7eaab74 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab74 <strcpy+52>: cmeq v1.16b,#0
(gdb)
0x0000007ff7eaab78 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab78 <strcpy+56>: and v1.16b,v2.16b
(gdb)
0x0000007ff7eaab7c in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab7c <strcpy+60>: addp v3.16b,v1.16b
(gdb)
0x0000007ff7eaab80 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab80 <strcpy+64>: fmov x4,d3
(gdb)
0x0000007ff7eaab84 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaab84 <strcpy+68>: cbz x4,0x7ff7eaac10 <strcpy+208>
(gdb)
0x0000007ff7eaac10 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaac10 <strcpy+208>: sub x4,x2,x1
(gdb)
0x0000007ff7eaac14 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaac14 <strcpy+212>: ldr q1,[x1]
(gdb)
0x0000007ff7eaac18 in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaac18 <strcpy+216>: add x3,x0,x4
(gdb)
0x0000007ff7eaac1c in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaac1c <strcpy+220>: str q1,[x0]
(gdb)
Thread 1 "shm_sys_ts_004." received signal SIGBUS,Bus error.
0x0000007ff7eaac1c in strcpy () from /lib/libc.so.6
1: x/i $pc
=> 0x7ff7eaac1c <strcpy+220>: str q1,[x0]
(gdb) info all-registers
x0 0x7ff7d2c018 549618630680
x1 0x555557c958 366504036696
x2 0x555557c960 366504036704
x3 0x7ff7d2c020 549618630688
x4 0x8 8
x5 0x155555f2560 1466016146784
x6 0xff1f31302f5e6273 -63277786736991629
x7 0x7f7f7f7f7f7f7f7f 9187201950435737471
x8 0x101010101010101 72340172838076673
x9 0x5555567be8 366503951336
x10 0x20 32
x11 0x0 0
x12 0x74696e69206d6873 8388357178748921971
x13 0xa64657a696c6169 748835014479470953
x14 0x7ff7f4cef0 549620862704
x15 0x0 0
x16 0x5555579ee0 366504025824
x17 0x7ff7eaab40 549620198208
x18 0x0 0
x19 0x55555665e0 366503945696
x20 0x0 0
x21 0x5555558b40 366503889728
x22 0x0 0
x23 0x0 0
x24 0x0 0
x25 0x0 0
x26 0x0 0
x27 0x0 0
x28 0x0 0
x29 0x7ffffffaa0 549755812512
x30 0x5555559074 366503891060
sp 0x7ffffffaa0 0x7ffffffaa0
pc 0x7ff7eaac1c 0x7ff7eaac1c <strcpy+220>
cpsr 0x60200000 [ EL=0 SS C Z ]
v0 {d = {f = {0x7fffffffffffffff,0x7fffffffffffffff},u = {0x73203231305f6374,0x745f7379735f6d68},s = {0x73203231305f6374,0x745f7379735f6d68}},s = {f = {0x0,0xffffffff,0xffffffff},u = {0x305f6374,0x73203231,0x735f6d68,0x745f7379},s = {0x305f6374,0x745f7379}},h = {f = {0x3ba,0x0,0x3900,0x15a0,0x3af8,0x3bc8,0x45f0},u = {0x6374,0x305f,0x3231,0x7320,0x6d68,0x735f,0x7379,0x745f},s = {0x6374,0x745f}},b = {u = {0x74,0x63,0x5f,0x30,0x31,0x32,0x20,0x73,0x68,0x6d,0x79,0x74},s = {0x74,0x74}},q = {u = {0x745f7379735f6d6873203231305f6374},s = {0x745f7379735f6d6873203231305f6374}}}
v1 {d = {f = {0x7fffffffffffffff,u = {0x5f7379735f6d6873,0x73203231305f6374},s = {0x5f7379735f6d6873,0x73203231305f6374}},s = {f = {0xffffffff,u = {0x5f6d6873,0x5f737973,0x305f6374,0x73203231},s = {0x5f6d6873,0x73203231}},h = {f = {0x8e6,0x1db,0xae60,0x1dc,0x3ba,0x3900},u = {0x6873,0x5f6d,0x7973,0x5f73,0x6374,0x7320},s = {0x6873,0x7320}},b = {u = {0x73,0x74,0x73},s = {0x73,0x73}},q = {u = {0x73203231305f63745f7379735f6d6873},s = {0x73203231305f63745f7379735f6d6873}}}
v2 {d = {f = {0x8000000000000000,0x8000000000000000},u = {0xf00ff00ff00ff00f,0xf00ff00ff00ff00f},s = {0xf00ff00ff00ff00f,0xf00ff00ff00ff00f}},0x0},u = {0xf00ff00f,0xf00ff00f,0xf00ff00f},s = {0xf00ff00f,0xf00ff00f}},h = {f = {0xdf88,0xdf88,0xdf88},u = {0xf00f,0xf00f,0xf00f},s = {0xf00f,0xf00f}},b = {u = {0xf,0xf0,0xf,0xf0},s = {0xf,0xf0}},q = {u = {0xf00ff00ff00ff00ff00ff00ff00ff00f},s = {0xf00ff00ff00ff00ff00ff00ff00ff00f}}}
v3 {d = {f = {0x0,u = {0x0,s = {0x0,0x0}},h = {f = {0x0,b = {u = {0x0 <repeats 16 times>},s = {0x0 <repeats 16 times>}},q = {u = {0x0},s = {0x0}}}
v4 {d = {f = {0x8000000000000000,s = {0xf00ff00ff00ff00ff00ff00ff00ff00f}}}
v5 {d = {f = {0x0,u = {0xffffff00,0xffffff00},s = {0xffffff00,0xffffff00}},0xffffff00,h = {f = {0xffff,0xffff,u = {0xff00,0xff00,s = {0xff00,--Type <RET> for more,q to quit,c to continue without paging--c
0xffff,b = {u = {0x0,0xff,q = {u = {0xffffff0000000000ffffff00},s = {0xffffff0000000000ffffff00}}}
v6 {d = {f = {0x0,u = {0xc0000000000,0xc0000000000},s = {0xc0000000000,0xc0000000000}},0xc00,0xc00},0xc00}},0xc,q = {u = {0xc000000000000000c0000000000},s = {0xc000000000000000c0000000000}}}
v7 {d = {f = {0x0,s = {0x0}}}
v8 {d = {f = {0x0,s = {0x0}}}
v9 {d = {f = {0x0,s = {0x0}}}
v10 {d = {f = {0x0,s = {0x0}}}
v11 {d = {f = {0x0,s = {0x0}}}
v12 {d = {f = {0x0,s = {0x0}}}
v13 {d = {f = {0x0,s = {0x0}}}
v14 {d = {f = {0x0,s = {0x0}}}
v15 {d = {f = {0x0,s = {0x0}}}
v16 {d = {f = {0x0,s = {0x0}}}
v17 {d = {f = {0x0,s = {0x0}}}
v18 {d = {f = {0x0,s = {0x0}}}
v19 {d = {f = {0x0,s = {0x0}}}
v20 {d = {f = {0x0,s = {0x0}}}
v21 {d = {f = {0x0,s = {0x0}}}
v22 {d = {f = {0x0,s = {0x0}}}
v23 {d = {f = {0x0,s = {0x0}}}
v24 {d = {f = {0x0,s = {0x0}}}
v25 {d = {f = {0x0,s = {0x0}}}
v26 {d = {f = {0x0,s = {0x0}}}
v27 {d = {f = {0x0,s = {0x0}}}
v28 {d = {f = {0x0,s = {0x0}}}
v29 {d = {f = {0x0,s = {0x0}}}
v30 {d = {f = {0x0,s = {0x0}}}
v31 {d = {f = {0x0,s = {0x0}}}
fpsr 0x0 0
fpcr 0x0 0
q0 {u = 0x745f7379735f6d6873203231305f6374,s = 0x745f7379735f6d6873203231305f6374} {u = 154686057812029274796657393729043129204,s = 154686057812029274796657393729043129204}
q1 {u = 0x73203231305f63745f7379735f6d6873,s = 0x73203231305f63745f7379735f6d6873} {u = 153028391032369183735794571568917342323,s = 153028391032369183735794571568917342323}
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)