Hello all. This is a small patch that fixes a serious bug.
When we open /proc/xenomai/stat, function stat_seq_open kmalloc the area, write the data and increment iter->nentries. The last increment of this value reaches "count", and at the next iteration "stat_info->cpu = cpu;" overwrites zero on illegal address! Here is my proposal of the fix.. =====patch start=====> diff -Nur xenomai-2.4.4-org/ksrc/nucleus/module.c xenomai-2.4.4/ksrc/nucleus/module.c --- xenomai-2.4.4-org/ksrc/nucleus/module.c 2008-06-02 00:44:48.000000000 +0900 +++ xenomai-2.4.4/ksrc/nucleus/module.c 2008-07-29 09:46:45.000000000 +0900 @@ -443,6 +443,9 @@ int cpu = 0; int err; + if (iter->nentries >= count) + break; + /* ...over all shared IRQs on all CPUs */ while (1) { stat_info = &iter->stat_info[iter->nentries]; @@ -464,7 +467,9 @@ stat_info->pf = 0; iter->nentries++; - }; + if (iter->nentries >= count) + break; + } } seq = file->private_data; <=====patch end===== I hope someone who knows this function well will solve the problem. Regards, Atsushi KATAGIRI Software Engineer A&D Company, Limited Tokyo, Japan _______________________________________________ Xenomai-core mailing list Xenomai-core@gna.org https://mail.gna.org/listinfo/xenomai-core