[英]C/C++ android 11 code crash at strstr api call
我遇到以下 strstr api 调用崩溃:
pid: 6640, tid: 6640, name: demoapp >>> /vendor/bin/demoapp <<<
uid: 0
signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x7b8a91c000
x0 b400007b8a91bf70 x1 0000000000000000 x2 000000000000002f x3 b400007b8a91c000
x4 0000000000000020 x5 0000000040100401 x6 0000000000000000 x7 454349564544200a
x8 0000000000000074 x9 0000000000000010 x10 000000000000001f x11 000000000000003a
x12 000000000000008d x13 000000000000006a x14 00000000000000b5 x15 000000000000000a
x16 0000007e7abd20e8 x17 0000007e7ab5e100 x18 0000007e7b35a000 x19 b400007b8a91befc
x20 0000007fc35ae0b8 x21 0000007fc35add00 x22 00000000000000bf x23 b400007b8a91bf70
x24 0000007e7ae41000 x25 00000000000000b5 x26 00000000000000b4 x27 00000000000000b5
x28 0000007fc35ae146 x29 0000007fc35add30
lr 0000007e7aba9cc0 sp 0000007fc35ad4d0 pc 0000007e7ab5e160 pst 0000000020000000
backtrace:
#00 pc 000000000004a160 /apex/com.android.runtime/lib64/bionic/libc.so (memchr_default+96) (BuildId: 229c19d159f619ab0dd102acf1afb05f)
#01 pc 0000000000095cbc /apex/com.android.runtime/lib64/bionic/libc.so (strstr+804) (BuildId: 229c19d159f619ab0dd102acf1afb05f)
#02 pc 0000000000002714 /vendor/bin/demoapp (main+1740) (BuildId: 5f1858d36b95111200fa67ca2c2aefee)
#03 pc 0000000000049080 /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: 229c19d159f619ab0dd102acf1afb05f)
代码崩溃解析如下:
bionic/libc/arch-arm64/default/bionic/memchr.S::114
109 b.ls .Lmasklast
110 /* Have we found something already? */
111 cbnz synd, .Ltail
112
113 .Lloop:
114 ld1 {vdata1.16b, vdata2.16b}, [src], #32
115 subs cntin, cntin, #32
116 cmeq vhas_chr1.16b, vdata1.16b, vrepchr.16b
117 cmeq vhas_chr2.16b, vdata2.16b, vrepchr.16b
118 /* If we're out of data we finish regardless of the result */
119 b.ls .Lend
bionic/libc/include/bits/fortify/string.h::138
133 __BIONIC_FORTIFY_INLINE
134 void* memchr(const void* const s __pass_object_size, int c, size_t n) __overloadable {
135 size_t bos = __bos(s);
136
137 if (__bos_trivially_ge(bos, n)) {
138 return __builtin_memchr(s, c, n);
139 }
140
141 return __memchr_chk(s, c, n, bos);
142 }
143
bionic/libc/upstream-openbsd/lib/libc/string/strstr.c::139
134 for (;;) {
135 /* Update incremental end-of-haystack pointer */
136 if (z-h < l) {
137 /* Fast estimate for MIN(l,63) */
138 size_t grow = l | 63;
139 const unsigned char *z2 = memchr(z, 0, grow);
140 if (z2) {
141 z = z2;
142 if (z-h < l) return 0;
143 } else z += grow;
144 }
bionic/libc/upstream-openbsd/lib/libc/string/strstr.c::195
190 if (!h[2]) return 0;
191 if (!n[3]) return threebyte_strstr((void *)h, (void *)n);
192 if (!h[3]) return 0;
193 if (!n[4]) return fourbyte_strstr((void *)h, (void *)n);
194
195 return twoway_strstr((void *)h, (void *)n);
196 }
197 DEF_STRONG(strstr);
vendor/source/demoapp.c::37
37 bool ok = (bool)strstr(srcstr, deststr);
貌似srcstr和deststr都不是NULL,issue不易重现,只能分析stack来寻找线索了!
如果不是 NULL 指针问题,那么还有其他原因会导致 strstr 崩溃吗?
function strstr()
崩溃的最常见原因是:
char*
之一是nullptr
,char*
之一指向没有'\0'
终止符的字符串。char*
之一发生缓冲区溢出。还有很多其他可能的原因。 如果这没有帮助,请提供出现问题的代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.