• Greg Kurz's avatar
    Kill bogus TYPE_BLOB marker type · 9619c861
    Greg Kurz authored
    Since commit 32b9c613 "Preserve datatype markers when emitting dts
    format", we no longer try to guess the value type. Instead, we reuse
    the type of the datatype markers when they are present, if the type
    is either TYPE_UINT* or TYPE_STRING.
    
    This causes 'dtc -I fs' to crash:
    
    Starting program: /root/dtc -q -f -O dts -I fs /proc/device-tree
    /dts-v1/;
    
    / {
    
    Program received signal SIGSEGV, Segmentation fault.
    __strlen_power8 () at ../sysdeps/powerpc/powerpc64/power8/strlen.S:47
    47              ld      r12,0(r4)     /* Load doubleword from memory.  */
    (gdb) bt
    #0  __strlen_power8 () at ../sysdeps/powerpc/powerpc64/power8/strlen.S:47
    #1  0x00007ffff7de3d10 in __GI__IO_fputs (str=<optimized out>,
        fp=<optimized out>) at iofputs.c:33
    #2  0x000000001000c7a0 in write_propval (prop=0x100525e0,
        f=0x7ffff7f718a0 <_IO_2_1_stdout_>) at treesource.c:245
    
    The offending line is:
    
                    fprintf(f, "%s", delim_start[emit_type]);
    
    where emit_type is TYPE_BLOB and:
    
    static const char *delim_start[] = {
            [TYPE_UINT8] = "[",
            [TYPE_UINT16] = "/bits/ 16 <",
            [TYPE_UINT32] = "<",
            [TYPE_UINT64] = "/bits/ 64 <",
            [TYPE_STRING] = "",
    };
    
    /* Data blobs */
    enum markertype {
            TYPE_NONE,
            REF_PHANDLE,
            REF_PATH,
            LABEL,
            TYPE_UINT8,
            TYPE_UINT16,
            TYPE_UINT32,
            TYPE_UINT64,
            TYPE_BLOB,
            TYPE_STRING,
    };
    
    Because TYPE_BLOB < TYPE_STRING and delim_start[] is a static array,
    delim_start[emit_type] is 0x0. The glibc usually prints out "(null)"
    when one passes 0x0 to %s, but it seems to call fputs() internally if
    the format is exactly "%s", hence the crash.
    
    TYPE_BLOB basically means the data comes from a file and we don't know
    its type. We don't care for the former, and the latter is TYPE_NONE.
    
    So let's drop TYPE_BLOB completely and use TYPE_NONE instead when reading
    the file. Then, try to guess the data type at emission time, like the
    code already does for refs and labels.
    
    Instead of adding yet another check for TYPE_NONE, an helper is introduced
    to check if the data marker has type information, ie, >= TYPE_UINT8.
    
    Fixes: 32b9c613Suggested-by: 's avatarDavid Gibson <david@gibson.dropbear.id.au>
    Signed-off-by: 's avatarGreg Kurz <groug@kaod.org>
    Signed-off-by: 's avatarDavid Gibson <david@gibson.dropbear.id.au>
    9619c861