4

我有一个较旧的基于 ncurses 的程序,它对一些文件(即:安装程序)执行一些简单的 IO。但是,从不同于 PuTTY 的终端,它与 SIGBUS 一起崩溃

Program received signal SIGBUS, Bus error.
0x00000000004028b1 in fDisplay (ptr=Variable "ptr" is not available.
) at file_cpy.c:676
676             sprintf(p, " %-36s ", (*ptr)->datainfo.option);
(gdb) where
#0  0x00000000004028b1 in fDisplay (ptr=Variable "ptr" is not available.
) at file_cpy.c:676
#1  0x0000000000402cdb in fredraw (c=0x7fffffffe860) at file_cpy.c:696
#2  0x0000000000401996 in ls_dispatch (c=0x2020202020202020) at ds_cell.c:324
#3  0x0000000000403bf2 in main_dir (c=0x2020202020202020) at file_cpy.c:811
#4  0x0000000000403cb3 in main () at file_cpy.c:1345
(gdb) x/i $pc
0x4028b1 <fDisplay+17>: mov    (%rax),%rdx
(gdb)

无论 ncurses 版本和 32/64 位架构如何,这都会发生在 Linux 和 FreeBSD 上。我完全被难住了。

fDisplay() 在这里被调用:

/*
 * File redraw routine. Draws current list on screen.
 */
int fredraw (CELL * c)
{
        register int row = c->srow;
        dlistptr p = c->list_start;
        int i = 0;
        char buff[200];
        if (c->ecol - c->scol)
                sprintf(buff, "%*s",c->ecol - c->scol + 1, " ");
        while (i <= c->erow - c->srow && p != NULL)
        {
                if (p == c->current) wattron(c->window,A_REVERSE);
                        mvaddstr (row , c->scol, fDisplay(&p));
                if (p == c->current) wattroff(c->window,A_REVERSE);
                        row++; i++;
                p = p->nextlistptr;
        }
        if (row <= c -> erow)
                for (; row <= c -> erow ; row++)
                        mvaddstr(row, c->scol, buff);
        wrefresh(c->window);
        c -> redraw = FALSE;
        return TRUE;
}

fredraw() 在这里被调用:

int main_dir(CELL *c) {
int i;

        getcwd(current_path, sizeof(current_path));
        strcat(current_path, "/.config.h");
        load_file(current_path);

        c->keytable = file_cpy_menu;
        c->func_table = file_cpy_table;
        c->ListEntryProc = File_Entry;
        c->UpdateStatusProc = status_update;
        c->redraw = TRUE;
        c->ListExitProc = List_Exit;
        c->ListPaintProc = fredraw;

        c->srow = 3;
        c->scol = 1;
        c->erow = c->window->_maxy - 5;
        c->ecol = c->window->_maxx - 1;
        c->max_rows = c->window->_maxy;
        c->max_cols = c->window->_maxx;

        c->filename = "[ Config ]";
        c->menu_bar = 0;
        c->normcolor = 0x07;
        c->barcolor = 0x1f;
        init_dlist(c);
        for (i = 0; config_type[i].option; i++)
                insert_fdlist(c, &config_type[i]);


        /*
        * Go Do It
        */
        do {
                c->redraw = TRUE;
                ls_dispatch(c);
        } while (c->termkey != ESC && c->termkey != ALT_X);
        return TRUE;
}

最后,main() 调用上述函数:

int main() {
    CELL file_cpy = {0};
    WINDOW *mainwin;
    mainwin = initscr();
    start_color();
    setup_colors();
    cbreak();
    noecho();
    keypad(mainwin, TRUE);
    meta(mainwin, TRUE);
    raw();

    leaveok(mainwin, TRUE);
    wbkgd(mainwin, COLOR_PAIR(COLOR_MAIN));
    wattron(mainwin, COLOR_PAIR(COLOR_MAIN));
    werase(mainwin);
    refresh();

    file_cpy.window = mainwin;

    main_dir(&file_cpy);

    wbkgd(mainwin, A_NORMAL);
    werase(mainwin);
    echo();
    nocbreak();
    noraw();
    refresh();
    endwin();
    return TRUE;
}
4

1 回答 1

1

显然,您正在调用main_dir并且ls_dispatch指针c初始化为0x2020202020202020. 虽然并非完全不可能,但我觉得这不太可能,而且在我看来,好像你正在用空格覆盖指针。

valgrind可能会有所帮助,或者某种内存或堆栈保护检查。

为什么这取决于终端,我不能说;可能有一些依赖于 TERM 的代码(例如“分配与屏幕上一样多的行”)。无论如何,这不是错误:这只是将错误公开的条件。这种错误通常是由一个硬连线常量引起的,该常量有时会被实际值超出(在上面的示例中,我可以说“分配 96 行”,假设96 行对每个人来说总是足够的;而 TERM 与100 行会破坏假设并导致缓冲区溢出)。

它也可能是调试器的工件,看如何c在堆栈上分配(但我不这么认为:它应该是c=0x7fffsomething- 至少在我检查的系统上)。无论如何,我会通过使file_cpy堆动态化来重复这样的测试:

int main() {
    CELL *file_cpy = NULL;
    WINDOW *mainwin;

    file_cpy = malloc(sizeof(CELL));

    ...

    file_cpy->window = mainwin;

    main_dir(file_cpy);

    ...
    free(file_cpy); // file_cpy = NULL; // we immediately return
    return TRUE;

然后我会尝试在整个main_dir函数中列出指针的值,以防它被覆盖。

于 2012-10-16T10:38:39.200 回答