From a0cea9fcecaf666df935b8e62df8ddddd1f25c14 Mon Sep 17 00:00:00 2001 From: HATAYAMA Daisuke Date: Tue, 26 Jul 2022 10:16:19 +0900 Subject: [PATCH] coredump: fix segmentation fault caused by type mismatch MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Backport from the upstream crash-gcore. commit 1ba701c1d7bd94cc5a02f51652712acdcbf0875c Author: Vincent Whitchurch Date: Tue Jun 21 09:15:33 2022 +0000 coredump: fix segmentation fault caused by type mismatch crash gcore command on ARM sometimes results in segmentation fault: crash> gcore -v 0 Segmentation fault (core dumped) This is caused by type mismatch of a variable paddr in function gcore_readmem_user() to hold a physical address, which is indicated by the following warning message: libgcore/gcore_coredump.c: In function ‘gcore_readmem_user’: libgcore/gcore_coredump.c:85:26: warning: passing argument 2 of ‘uvtop_quiet’ from incompatible pointer type [-Wincompatible-pointer-types] if (!uvtop_quiet(addr, &paddr)) { ^~~~~~ libgcore/gcore_coredump.c:71:49: note: expected ‘physaddr_t *’ {aka ‘long long unsigned int *’} but argument is of type ‘ulong *’ {aka ‘long unsigned int *’} static int uvtop_quiet(ulong vaddr, physaddr_t *paddr); ~~~~~~~~~~~~^~~~~ On ARM, long unsigned int has 4 byte length, while physaddr_t has 8 byte length. The mismatch causes overwriting of stack variables. Fix this by changing the type of the variable paddr to physaddr_t. Signed-off-by: Vincent Whitchurch Signed-off-by: HATAYAMA Daisuke --- ...mentation-fault-caused-by-type-misma.patch | 58 +++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 crash-gcore-1.6.3-coredump-fix-segmentation-fault-caused-by-type-misma.patch diff --git a/crash-gcore-1.6.3-coredump-fix-segmentation-fault-caused-by-type-misma.patch b/crash-gcore-1.6.3-coredump-fix-segmentation-fault-caused-by-type-misma.patch new file mode 100644 index 0000000..0758d28 --- /dev/null +++ b/crash-gcore-1.6.3-coredump-fix-segmentation-fault-caused-by-type-misma.patch @@ -0,0 +1,58 @@ +From 1ba701c1d7bd94cc5a02f51652712acdcbf0875c Mon Sep 17 00:00:00 2001 +From: Vincent Whitchurch +Date: Tue, 21 Jun 2022 09:15:33 +0000 +Subject: [PATCH 5/8] coredump: fix segmentation fault caused by type mismatch +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +crash gcore command on ARM sometimes results in segmentation fault: + + crash> gcore -v 0 + Segmentation fault (core dumped) + +This is caused by type mismatch of a variable paddr in function +gcore_readmem_user() to hold a physical address, which is indicated by +the following warning message: + + libgcore/gcore_coredump.c: In function ‘gcore_readmem_user’: + libgcore/gcore_coredump.c:85:26: warning: passing argument 2 of + ‘uvtop_quiet’ from incompatible pointer type + [-Wincompatible-pointer-types] + + if (!uvtop_quiet(addr, &paddr)) { + ^~~~~~ + libgcore/gcore_coredump.c:71:49: note: expected ‘physaddr_t *’ {aka + ‘long long unsigned int *’} but argument is of type ‘ulong *’ {aka ‘long + unsigned int *’} + + static int uvtop_quiet(ulong vaddr, physaddr_t *paddr); + ~~~~~~~~~~~~^~~~~ + +On ARM, long unsigned int has 4 byte length, while physaddr_t has 8 +byte length. The mismatch causes overwriting of stack variables. + +Fix this by changing the type of the variable paddr to physaddr_t. + +Signed-off-by: Vincent Whitchurch +--- + src/libgcore/gcore_coredump.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/libgcore/gcore_coredump.c b/src/libgcore/gcore_coredump.c +index c14cc11..424b0a4 100644 +--- a/src/libgcore/gcore_coredump.c ++++ b/src/libgcore/gcore_coredump.c +@@ -78,7 +78,8 @@ readswap(ulonglong pte_val, char *buf, ulong len, ulonglong vaddr) + + void gcore_readmem_user(ulong addr, void *buf, long size, char *type) + { +- ulong paddr, cnt; ++ physaddr_t paddr; ++ ulong cnt; + char *bufptr = buf; + + while (size > 0) { +-- +2.37.1 +