Legacy Networking | missaligned pointer dereference in cpukit/libnetworking/libc/res_query.c:131 (#21)
Trac Migrate (@tracmigrate)
gitlab at rtems.org
Fri Jan 31 18:28:33 UTC 2025
Trac Migrate created an issue: https://gitlab.rtems.org/rtems/pkg/rtems-net-legacy/-/issues/21
Assignee: Trac Migrate
Original author: johill
nios2-rtems4.11-gcc (GCC) 4.9.3 20150626 (RTEMS 4.11, RSB no-repo, Newlib 2.2.0.20150423)
configure --target=nios2-rtems4.11 --prefix=/ade/rtems/install/rtems-4-11 --disable-itron --disable-tests --enable-posix --enable-cxx --enable-rtemsbsp=altera-sys-config-S43X-TDAQ-dev --enable-networking
This is occurring in 4.11.1.99.
I don't suggest that this fix is a great design, but its what we are currently using here to get our regression tests to pass w/o causing a misaligned pointer exception. This change probably requires at least gcc 4.6 to properly align a char buffer on the stack this way.
```
git diff /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/res_query.c
diff --git a/cpukit/libnetworking/libc/res_query.c b/cpukit/libnetworking/libc/res_query.c
index b742c30..e06f70f 100644
--- a/cpukit/libnetworking/libc/res_query.c
+++ b/cpukit/libnetworking/libc/res_query.c
@@ -113,7 +113,7 @@ res_query(
u_char *answer, /* buffer to put answer */
int anslen) /* size of answer buffer */
{
- u_char buf[MAXPACKET];
+ u_char buf[MAXPACKET] __attribute ((aligned(4)));
HEADER *hp = (HEADER *) answer;
int n;
```
```
#0 _Thread_Do_dispatch (cpu_self=<optimized out>, level=<optimized out>, level at entry=1) at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/score/src/threaddispatch.c:132
#1 0x0807a6d4 in _Thread_Dispatch_enable (cpu_self=<optimized out>) at ../../cpukit/../../../altera-sys-config-llrf-fcm-diacrode/lib/include/rtems/score/threaddispatch.h:313
#2 _Thread_Enable_dispatch_body () at ../../cpukit/../../../altera-sys-config-llrf-fcm-diacrode/lib/include/rtems/score/threaddispatch.h:343
#3 _Thread_Enable_dispatch () at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/score/src/threadenabledispatch.c:30
#4 0x08075f3c in _Objects_Put (the_object=<optimized out>) at ../../cpukit/../../../altera-sys-config-llrf-fcm-diacrode/lib/include/rtems/score/objectimpl.h:975
#5 rtems_task_suspend (id=id at entry=0) at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/rtems/src/tasksuspend.c:37
#6 0x0813d808 in _Nios2_CPU_exception_handler_last_resort (pefr=0x81d498c, ctx=<optimized out>) at /ade/rtems/release/rtems-4-11/c/src/lib/libcpu/nios2/shared/except/except-last-resort.c:64
#7 0x0809d9ac in _Nios2_Exception_handler_high_level (pefr=0x81d498c) at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/score/cpu/nios2/nios2-except.c:119
#8 0x0809d86c in _Nios2_Exception_handler () at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/score/cpu/nios2/nios2-except-low-level.S:96
#9 0x08085980 in CPU_swap_u16 (value=10412) at ../../cpukit/../../../altera-sys-config-llrf-fcm-diacrode/lib/include/rtems/score/cpu.h:402
#10 htons (_x=10412) at ../../cpukit/../../../altera-sys-config-llrf-fcm-diacrode/lib/include/rtems/endian.h:83
#11 __res_mkquery (op=op at entry=0, dname=dname at entry=0x81d4aa8 "localhost.lcs.net", class=class at entry=1, type=type at entry=1, data=data at entry=0x0, datalen=datalen at entry=0, newrr_in=newrr_in at entry=0x0, buf=buf at entry-11/c/src/../../cpukit/libnetworking/libc/res_mkquery.c:122
#12 0x08058bcc in __res_query (anslen=<optimized out>, answer=0x81d5318 "stupwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzpe=1, class=1, name=0x81d4aa8 "localhost.lcs.net") at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/res_query.c:131
#13 __res_querydomain (name=name at entry=0x81d576c "localhost", domain=<optimized out>, class=class at entry=1, type=type at entry=1, answer=answer at entry=0x81d5318 "stupwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghij"..., anslen=anslen at entry=1024) at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/res_query.c:368
#14 0x080590e0 in __res_search (name=0x81d576c "localhost", class=1, type=1, answer=0x81d5318 "stupwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdwxyzabcdefghij"..., anslen=1024) at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/res_query.c:242
#15 0x080808b8 in _gethostbydnsname (name=name at entry=0x81d576c "localhost", af=af at entry=2) at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/gethostbydns.c:588
#16 0x08056c58 in gethostbyname2 (type=2, name=0x81d576c "localhost") at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/gethostnamadr.c:153
#17 gethostbyname (name=name at entry=0x81d576c "localhost") at /ade/rtems/release/rtems-4-11/c/src/../../cpukit/libnetworking/libc/gethostnamadr.c:133
#18 0x08045198 in hostToIPAddr (pHostName=pHostName at entry=0x81d576c "localhost", pIPA=pIPA at entry=0x81d5984) at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/osi/os/posix/osdSock.c:170
#19 0x0803990c in aToIPAddr (pAddrString=pAddrString at entry=0x81d59b0 "localhost", defaultPort=defaultPort at entry=0, pIP=pIP at entry=0x81d5a30) at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/misc/aToIPAddr.c:168
#20 0x0804ed80 in envGetInetAddrConfigParam (pParam=pParam at entry=0x81a723c <EPICS_IOC_LOG_INET>, pAddr=pAddr at entry=0x81d5a50) at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/env/envSubr.c:258
#21 0x08036b2c in getConfig (pserver_port=<synthetic pointer>, pserver_addr=0x81d5a50) at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/log/iocLog.c:57
#22 iocLogClientInit () at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/log/iocLog.c:88
#23 iocLogInit () at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/log/iocLog.c:116
#24 0x08008d60 in testLogPrefix () at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/test/epicsErrlogTest.c:402
#25 epicsErrlogTest () at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/test/epicsErrlogTest.c:324
#26 0x0803c51c in runTestFunc (name=name at entry=0x8189cf4 "epicsErrlogTest", func=0x80085e4 <epicsErrlogTest>) at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/misc/epicsUnitTest.c:262
#27 0x08018b74 in epicsRunLibComTests () at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/test/epicsRunLibComTests.c:66
#28 0x0802854c in main (argc=<optimized out>, argv=<optimized out>) at /ade/epics/supTop/base/DAR3.15.1.1/src/libCom/test/rtemsTestHarness.c:16
(
```
```
(gdb) print &buf
$9 = (u_char (*)[1024]) 0x81d4ea9
(gdb) list -
116 u_char buf[MAXPACKET];
117 HEADER *hp = (HEADER *) answer;
118 int n;
119
120 hp->rcode = NOERROR; /* default */
121
122 if ((_res.options & RES_INIT) == 0 && res_init() == -1) {
123 h_errno = NETDB_INTERNAL;
124 return (-1);
125 }
```
```
(gdb) print &hp->id
$3 = (unsigned int *) 0x81d4ea9
(gdb) print &hp
$4 = (HEADER **) 0x81d4aa0
(gdb) print *hp
$5 = {id = 0, rd = 0, tc = 0, aa = 0, opcode = 0, qr = 0, rcode = 0, cd = 0, ad = 0, unused = 0, ra = 0, qdcount = 0, ancount = 0, nscount = 0, arcount = 0}
(gdb) print &hp->id
$6 = (unsigned int *) 0x81d4ea9
(gdb) print hp
$7 = (HEADER *) 0x81d4ea9
(gdb) list
117 */
118 if ((buf == NULL) || (buflen < HFIXEDSZ))
119 return (-1);
120 memset(buf, 0, HFIXEDSZ);
121 hp = (HEADER *) buf;
122 hp->id = htons(++_res.id);
123 hp->opcode = op;
124 hp->rd = (_res.options & RES_RECURSE) != 0;
125 hp->rcode = NOERROR;
```
--
View it on GitLab: https://gitlab.rtems.org/rtems/pkg/rtems-net-legacy/-/issues/21
You're receiving this email because of your account on gitlab.rtems.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/bugs/attachments/20250131/f7766695/attachment.htm>
More information about the bugs
mailing list