From ced754d3f8ce796d0d894dbb0f340e9c905c206a Mon Sep 17 00:00:00 2001
From: Tao Liu <ltao@redhat.com>
Date: Wed, 3 Apr 2024 15:06:54 +0800
Subject: [PATCH] Fix segmentation fault in value_search_module_6_4()

The following segmentation fault occurred during session initialization:

  $ crash vmlinx vmcore
  ...
  please wait... (determining panic task)Segmentation fault

Here is the backtrace of the crash-utility:

  (gdb) bt
  #0  value_search_module_6_4 (value=18446603338276298752, offset=0x7ffffffface0) at symbols.c:5564
  #1  0x0000555555812bd0 in value_to_symstr (value=18446603338276298752,
      buf=buf@entry=0x7fffffffb9c0 "", radix=10, radix@entry=0) at symbols.c:5872
  #2  0x00005555557694a2 in display_memory (addr=<optimized out>, count=2048, flag=208,
      memtype=memtype@entry=1, opt=opt@entry=0x0) at memory.c:1740
  #3  0x0000555555769e1f in raw_stack_dump (stackbase=<optimized out>, size=<optimized out>)
      at memory.c:2194
  #4  0x00005555557923ff in get_active_set_panic_task () at task.c:8639
  #5  0x00005555557930d2 in get_dumpfile_panic_task () at task.c:7628
  #6  0x00005555557a89d3 in panic_search () at task.c:7380
  #7  get_panic_context () at task.c:6267
  #8  task_init () at task.c:687
  #9  0x00005555557305b3 in main_loop () at main.c:787
  ...

This is due to lack of existence check on module symbol table.  Not all
mod_mem_type will be existent for a module, e.g. in the following module
case:

  (gdb) p lm->symtable[0]
  $1 = (struct syment *) 0x4dcbad0
  (gdb) p lm->symtable[1]
  $2 = (struct syment *) 0x4dcbb70
  (gdb) p lm->symtable[2]
  $3 = (struct syment *) 0x4dcbc10
  (gdb) p lm->symtable[3]
  $4 = (struct syment *) 0x0
  (gdb) p lm->symtable[4]
  $5 = (struct syment *) 0x4dcbcb0
  (gdb) p lm->symtable[5]
  $6 = (struct syment *) 0x4dcbd00
  (gdb) p lm->symtable[6]
  $7 = (struct syment *) 0x0

MOD_RO_AFTER_INIT(3) and MOD_INIT_RODATA(6) do not exist, which should
be skipped, otherwise the segmentation fault will happen.

Fixes: 7750e61fdb2a ("Support module memory layout change on Linux 6.4")
Closes: https://github.com/crash-utility/crash/issues/176
Reported-by: Naveen Chaudhary <naveenchaudhary2010@hotmail.com>
Signed-off-by: Tao Liu <ltao@redhat.com>

Conflict: NA
Reference:https://github.com/crash-utility/crash/commit/ced754d3f8ce796d0d894dbb0f340e9c905c206a
---
 symbols.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/symbols.c b/symbols.c
index cbc9ed13..b7627a83 100644
--- a/symbols.c
+++ b/symbols.c
@@ -5577,6 +5577,9 @@ value_search_module_6_4(ulong value, ulong *offset)
 			continue;
 
 		for_each_mod_mem_type(t) {
+			if (!lm->symtable[t])
+				continue;
+
 			sp = lm->symtable[t];
 			sp_end = lm->symend[t];