This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: __memcpy_sse2_unaligned on non-8-byte aligned pointer

On Mon, Jul 06, 2015 at 02:22:32PM +0200, Stephan Bergmann wrote:
> <> is a SIGSEGV
> backtrace where apparently glibc's __memcpy_sse2_unaligned
> (sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S) is trying to
> write to an address that is not 8-byte aligned,
> >Dump of assembler code for function __memcpy_sse2_unaligned:
> >   0x00007fcf46f35b90 <+0>:	mov    %rsi,%rax
> >   0x00007fcf46f35b93 <+3>:	lea    (%rdx,%rdx,1),%rcx
> >   0x00007fcf46f35b97 <+7>:	sub    %rdi,%rax
> >   0x00007fcf46f35b9a <+10>:	sub    %rdx,%rax
> >   0x00007fcf46f35b9d <+13>:	cmp    %rcx,%rax
> >   0x00007fcf46f35ba0 <+16>:	jb     0x7fcf46f35cad <__memcpy_sse2_unaligned+285>
> >   0x00007fcf46f35ba6 <+22>:	cmp    $0x10,%rdx
> >   0x00007fcf46f35baa <+26>:	jbe    0x7fcf46f35d3b <__memcpy_sse2_unaligned+427>
> >   0x00007fcf46f35bb0 <+32>:	movdqu (%rsi),%xmm8
> >   0x00007fcf46f35bb5 <+37>:	cmp    $0x20,%rdx
> >=> 0x00007fcf46f35bb9 <+41>:	movdqu %xmm8,(%rdi)
> [...]
> where rdi is 0x7ffc3830b63c (while rsi is 8-byte aligned at 0x7fcf4a314a08).
> The code leading up to that memcpy call looks rather unsuspecting,
> and it's unclear to me from the crash report data why it caused a
> However, the Intel documentation for MOVDQU states:  "If alignment
> checking is enabled (CR0.AM = 1, RFLAGS.AC = 1, and CPL = 3), an
> alignment-check exception (#AC) may or may not be generated
> (depending on processor implementation) when the operand is not
> aligned on an 8-byte boundary."
> Could it be plausible that (a) those alignment checking conditions
> are met for a Linux user space process, (b) that alignment-check
> exception would translate into a SIGSEGV (instead of a SIGBUS, say),
> and (c) that there actually are processor implementations that would
> check for non-8-byte alignment?
> It doesn't sound too likely that that would be true, as it would
> mean that arbitrary calls to memcpy (which unconditionally calls
> __memcpy_sse2_unaligned without checking for pointer alignment,
> AFAIU) could fail, but I thought I'd ask here anyway.

Could you check with valgrind first? This is probably just a invalid src
pointer. Basically all string functions use these loads
so alignment checking so it would be bigger problem.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]