From: Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
Date: Tue, 11 Feb 97 10:35:21 +0100
To: linux-m68k@phil.uni-sb.de
Subject: L68K: Serious bug in dump_fpu!
X-Yow: Am I in GRADUATE SCHOOL yet?
Sender: owner-linux-m68k@phil.uni-sb.de
Reply-To: schwab@issan.informatik.uni-dortmund.de

I have found a serious bug in the dump_fpu function: it only expects a
struct user_m68kfp_struct pointer as its only argument, but elf_core_dump
additionally passes a struct pt_regs pointer as the first argument.  This
causes the function to write beyond the kernel stack page whenever a
process dumps core!  That's the price for not putting a prototype in a
header. :-((

Andreas.

--- arch/m68k/kernel/process.c.~1~	Fri Aug 30 20:08:55 1996
+++ arch/m68k/kernel/process.c	Sun Feb  9 20:32:38 1997
@@ -149,7 +149,7 @@
 
 /* Fill in the fpu structure for a core dump.  */
 
-int dump_fpu (struct user_m68kfp_struct *fpu)
+int dump_fpu (struct pt_regs *regs, struct user_m68kfp_struct *fpu)
 {
   char fpustate[216];
 
@@ -189,7 +189,7 @@
 	dump->regs = *regs;
 	dump->regs2 = ((struct switch_stack *)regs)[-1];
 	/* dump floating point stuff */
-	dump->u_fpvalid = dump_fpu (&dump->m68kfp);
+	dump->u_fpvalid = dump_fpu (regs, &dump->m68kfp);
 }
 
 /*