在 spike 中使用 riscv64-unknown-linux-gnu-gcc 编译 运行 二进制文件时出现分段错误
Segmentation fault when running binaries compiled using riscv64-unknown-linux-gnu-gcc in spike
#include<stdio.h>
int main()
{
int src = 5;
int dst = 0;
asm ("mv %0,%1":"=X"(dst):"r"(src));
asm("mv a0,a1");
printf(" %d\n", dst);
return 0;
}
prashantravi@ubuntu:~/rocket-chip$ riscv64-unknown-linux-gnu-gcc -o asm_test asm_test.c
prashantravi@ubuntu:~/rocket-chip$ 秒杀 riscv/bin/pk asm_test
z 0000000000000000 ra 0000000000000000 sp 00000000fefffb50 gp 0000000000801fb8
tp 0000000000000000 t0 0000000000000000 t1 0000000000000008 t2 00000000008012e0
s0 0000000000000000 s1 0000000000000000 a0 0000000000800430 a1 0000000000000001
a2 00000000fefffb58 a3 0000000000800484 a4 0000000000800514 a5 0000000000000000
a6 00000000fefffb50 a7 0000000000000000 s2 0000000000000000 s3 0000000000000000
s4 0000000000000000 s5 0000000000000000 s6 0000000000000000 s7 0000000000000000
s8 0000000000000000 s9 0000000000000000 sA 0000000000000000 sB 0000000000000000
t3 ffffffffffffffff t4 0000000000000000 t5 0000000000000000 t6 0000000000000000
pc ffffffffffffffffe va fffffffffffffffe insn ffffffff sr 8000000000003008
用户获取段错误 @ 0xfffffffffffffffe
当我在 spike 中使用 riscv64-unknown-linux-gnu-gcc 编译程序时出现上述错误。
当 运行 使用 riscv64-unknown-elf gcc
时,相同的代码完美执行
您不能 运行 在代理内核上动态 linked 程序。
如果您要在代理内核上 运行 您的程序,则必须静态地 link 它们。这是默认使用 riscv64-unknown-elf-gcc 编译器执行的。如果您要使用 riscv64-unknown-linux-gnu-gcc 编译器,则必须在 Linux 内核上传递 -static 或 运行。
$ riscv64-unknown-elf-gcc -o asm_test asm_test.c [or...]
$ riscv64-unknown-linux-gnu-gcc -static -o asm_test asm_test.c
$ spike pk asm_test
更详细地说,在我记得上面的限制之前我是如何调试它的:
通过运行ning $ spike -d pk asm_test 2> output.txt,可以看到程序的踪迹:
<snippet>
374618 : core 0: 0x0000000000800320 (0x00002197) auipc gp, 0x2
374619 : core 0: 0x0000000000800324 (0xc9818193) addi gp, gp, -872
374620 : core 0: 0x0000000000800328 (0x00050793) mv a5, a0
374621 : core 0: 0x000000000080032c (0x00000517) auipc a0, 0x0
374622 : core 0: 0x0000000000800330 (0x10450513) addi a0, a0, 260
374623 : core 0: 0x0000000000800334 (0x00013583) ld a1, 0(sp)
374624 : core 0: 0x0000000000800338 (0x00810613) addi a2, sp, 8
374625 : core 0: 0x000000000080033c (0xff017113) andi sp, sp, -16
374626 : core 0: 0x0000000000800340 (0x00000697) auipc a3, 0x0
374627 : core 0: 0x0000000000800344 (0x14468693) addi a3, a3, 324
374628 : core 0: 0x0000000000800348 (0x00000717) auipc a4, 0x0
374629 : core 0: 0x000000000080034c (0x1cc70713) addi a4, a4, 460
374630 : core 0: 0x0000000000800350 (0x00010813) mv a6, sp
374631 : core 0: 0x0000000000800354 (0xfbdff06f) j pc - 0x44
374632 : core 0: 0x0000000000800310 (0x00001e17) auipc t3, 0x1
374633 : core 0: 0x0000000000800314 (0x498e3e03) ld t3, 1176(t3)
374634 : core 0: 0x0000000000800318 (0x000e0367) jalr t1, t3, 0
374635 : core 0: 0x00000000008002e0 (0x00001397) auipc t2, 0x1
374636 : core 0: 0x00000000008002e4 (0x41c30333) sub t1, t1, t3
374637 : core 0: 0x00000000008002e8 (0x4b03be03) ld t3, 1200(t2)
374638 : core 0: 0x00000000008002ec (0xfd430313) addi t1, t1, -44
374639 : core 0: 0x00000000008002f0 (0x4b038293) addi t0, t2, 1200
374640 : core 0: 0x00000000008002f4 (0x00135313) srli t1, t1, 1
374641 : core 0: 0x00000000008002f8 (0x0082b283) ld t0, 8(t0)
374642 : core 0: 0x00000000008002fc (0x000e0067) jr t3
374643 : core 0: exception trap_instruction_access_fault, epc 0xfffffffffffffffe
374644 core 0: 0x0000000000000100 (0x34011173) csrrw sp, mscratch, sp
374645 : core 0: 0x0000000000000104 (0x04a13823) sd a0, 80(sp)
374646 : core 0: 0x0000000000000108 (0x04b13c23) sd a1, 88(sp)
如果你 objdump asm_test,你会看到它在 _start,然后是 __libc_start_main,然后是 __libc_start_main@plt (0x800310),然后是 _PROCEDURE_LINKAGE_TABLE_ (0x8002e0)。
从那里,它尝试 jr,跳转到 0xfffffffffffffffe,这是一个未对齐的提取地址。因此崩溃。
#include<stdio.h>
int main()
{
int src = 5;
int dst = 0;
asm ("mv %0,%1":"=X"(dst):"r"(src));
asm("mv a0,a1");
printf(" %d\n", dst);
return 0;
}
prashantravi@ubuntu:~/rocket-chip$ riscv64-unknown-linux-gnu-gcc -o asm_test asm_test.c prashantravi@ubuntu:~/rocket-chip$ 秒杀 riscv/bin/pk asm_test z 0000000000000000 ra 0000000000000000 sp 00000000fefffb50 gp 0000000000801fb8 tp 0000000000000000 t0 0000000000000000 t1 0000000000000008 t2 00000000008012e0 s0 0000000000000000 s1 0000000000000000 a0 0000000000800430 a1 0000000000000001 a2 00000000fefffb58 a3 0000000000800484 a4 0000000000800514 a5 0000000000000000 a6 00000000fefffb50 a7 0000000000000000 s2 0000000000000000 s3 0000000000000000 s4 0000000000000000 s5 0000000000000000 s6 0000000000000000 s7 0000000000000000 s8 0000000000000000 s9 0000000000000000 sA 0000000000000000 sB 0000000000000000 t3 ffffffffffffffff t4 0000000000000000 t5 0000000000000000 t6 0000000000000000 pc ffffffffffffffffe va fffffffffffffffe insn ffffffff sr 8000000000003008 用户获取段错误 @ 0xfffffffffffffffe
当我在 spike 中使用 riscv64-unknown-linux-gnu-gcc 编译程序时出现上述错误。
当 运行 使用 riscv64-unknown-elf gcc
时,相同的代码完美执行您不能 运行 在代理内核上动态 linked 程序。
如果您要在代理内核上 运行 您的程序,则必须静态地 link 它们。这是默认使用 riscv64-unknown-elf-gcc 编译器执行的。如果您要使用 riscv64-unknown-linux-gnu-gcc 编译器,则必须在 Linux 内核上传递 -static 或 运行。
$ riscv64-unknown-elf-gcc -o asm_test asm_test.c [or...]
$ riscv64-unknown-linux-gnu-gcc -static -o asm_test asm_test.c
$ spike pk asm_test
更详细地说,在我记得上面的限制之前我是如何调试它的:
通过运行ning $ spike -d pk asm_test 2> output.txt,可以看到程序的踪迹:
<snippet>
374618 : core 0: 0x0000000000800320 (0x00002197) auipc gp, 0x2
374619 : core 0: 0x0000000000800324 (0xc9818193) addi gp, gp, -872
374620 : core 0: 0x0000000000800328 (0x00050793) mv a5, a0
374621 : core 0: 0x000000000080032c (0x00000517) auipc a0, 0x0
374622 : core 0: 0x0000000000800330 (0x10450513) addi a0, a0, 260
374623 : core 0: 0x0000000000800334 (0x00013583) ld a1, 0(sp)
374624 : core 0: 0x0000000000800338 (0x00810613) addi a2, sp, 8
374625 : core 0: 0x000000000080033c (0xff017113) andi sp, sp, -16
374626 : core 0: 0x0000000000800340 (0x00000697) auipc a3, 0x0
374627 : core 0: 0x0000000000800344 (0x14468693) addi a3, a3, 324
374628 : core 0: 0x0000000000800348 (0x00000717) auipc a4, 0x0
374629 : core 0: 0x000000000080034c (0x1cc70713) addi a4, a4, 460
374630 : core 0: 0x0000000000800350 (0x00010813) mv a6, sp
374631 : core 0: 0x0000000000800354 (0xfbdff06f) j pc - 0x44
374632 : core 0: 0x0000000000800310 (0x00001e17) auipc t3, 0x1
374633 : core 0: 0x0000000000800314 (0x498e3e03) ld t3, 1176(t3)
374634 : core 0: 0x0000000000800318 (0x000e0367) jalr t1, t3, 0
374635 : core 0: 0x00000000008002e0 (0x00001397) auipc t2, 0x1
374636 : core 0: 0x00000000008002e4 (0x41c30333) sub t1, t1, t3
374637 : core 0: 0x00000000008002e8 (0x4b03be03) ld t3, 1200(t2)
374638 : core 0: 0x00000000008002ec (0xfd430313) addi t1, t1, -44
374639 : core 0: 0x00000000008002f0 (0x4b038293) addi t0, t2, 1200
374640 : core 0: 0x00000000008002f4 (0x00135313) srli t1, t1, 1
374641 : core 0: 0x00000000008002f8 (0x0082b283) ld t0, 8(t0)
374642 : core 0: 0x00000000008002fc (0x000e0067) jr t3
374643 : core 0: exception trap_instruction_access_fault, epc 0xfffffffffffffffe
374644 core 0: 0x0000000000000100 (0x34011173) csrrw sp, mscratch, sp
374645 : core 0: 0x0000000000000104 (0x04a13823) sd a0, 80(sp)
374646 : core 0: 0x0000000000000108 (0x04b13c23) sd a1, 88(sp)
如果你 objdump asm_test,你会看到它在 _start,然后是 __libc_start_main,然后是 __libc_start_main@plt (0x800310),然后是 _PROCEDURE_LINKAGE_TABLE_ (0x8002e0)。
从那里,它尝试 jr,跳转到 0xfffffffffffffffe,这是一个未对齐的提取地址。因此崩溃。