> Indeed, get_wchan ensures that fp<stack+THREAD_SIZE, but then dereferences > fp+8: > > 434 if (fp < (unsigned long)stack || > 435 fp >= (unsigned long)stack+THREAD_SIZE) > 436 return 0; > 437 ip = *(u64 *)(fp+8); > > It must check that fp+8<stack+THREAD_SIZE. > As far as I see, the bug can lead to garbage return values or in the > worst case to crash.
Thanks for the report. The change looks good to me. Can you please submit a formal signed off patch to x...@kernel.org ? -Andi -- a...@linux.intel.com -- Speaking for myself only -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/