tech-kern: findsym

Subject: findsym
To: None <tech-kern@netbsd.org>
From: Bronstein, Dan <D.Bronstein@flarion.com>
List: tech-kern
Date: 09/14/2004 19:01:17
I have found in starting and stopping an application that
loads and unloads kernel modules that if a program such as
netstat is invoked while some modules are still loaded that
the kernel crashes in findsym in the for loop after the ptree
check when looking for a symbol that doesn't exist.  I have
seen this on an evbppc based target.  I'm no expert on this
code, but it looks like userreq may not be needed and that
realstart should be set to table->sd_strstart - table->sd_usroffset
since it appears that the string table is always offset by the
usroffset.  Based on the trace info that was gathered, it looked
like realstart was at an invalid address (way beyond what it should
have been) due to subtracting 0 and not the usroffset.  Can someone
who has knowledge in this area shed some light on this.  Thanks.
See findsym below:

static Elf_Sym *
findsym(char *name, struct symtab *table, int userreq)
{
        Elf_Sym *start =3D table->sd_symstart;
        int i, sz =3D table->sd_symsize/sizeof(Elf_Sym);
        char *np;
        caddr_t realstart =3D table->sd_strstart - (userreq ? 0 : =
table->sd_usroffset);
=20
#ifdef USE_PTREE
        if (table =3D=3D &kernel_symtab && (i =3D ptree_find(name)) !=3D =
0)
                return &start[i];
#endif=20

        for (i =3D 0; i < sz; i++) {
                np =3D realstart + start[i].st_name;
                if (name[0] =3D=3D np[0] && name[1] =3D=3D np[1] &&
                    strcmp(name, np) =3D=3D 0)
                        return &start[i];
        }
        return NULL;
}

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D
This email may contain confidential and privileged material for the sole =
use
 of the intended recipient.  Any review or distribution by others is =
strictly
 prohibited.  If you are not the intended recipient please contact the =
sender
 and delete all copies.
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D