On 03.11.21 07:59, Jan Kiszka wrote:
> On 02.11.21 23:57, C Smith via Xenomai wrote:
>> I added some printf/printk to rtcansend.c as well as rtcan_raw.c:
>>
>> rtcan_raw.c:
>> /* Check size of buffer */
>> if (iov->iov_len != sizeof(can_frame_t)) {
>> printk("rtcan_raw.c, 850: sizeof(can_frame_t): %ld\n",
>> sizeof(can_frame_t));
>> printk("rtcan_raw.c, 852: iov->iov_len: %ld\n",
>> iov->iov_len);
>> return -EMSGSIZE;
>> }
>>
>> when running rtcansend (32-bit compile, which fails with EMSGSIZE):
>> [root@pc can]# /usr/xenomai/bin/rtcansend rtcan0 -s 0xde 0xad
>> sizeof(can_frame_t): 16
>> send: Message too long
>>
>> [root@pc can]# dmesg
>> [11275.197125] rtcan_raw.c, 850: sizeof(can_frame_t): 16
>> [11275.197133] rtcan_raw.c, 852: iov->iov_len: 34494267600
>>
>> when running rtcansend (64-bit compile, sends out can msg OK):
>> [root@pc can]# /usr/xenomai/bin/rtcansend rtcan0 -s 0xde 0xad
>> sizeof(can_frame_t): 16
>>
>> [root@pc can]# dmesg
>> [12476.571032] rtcan_raw.c, 850: sizeof(can_frame_t): 16
>> [12476.571040] rtcan_raw.c, 852: iov->iov_len: 16
>>
>> It looks like the struct user_msghdr *msg passed into rtcan_raw_sendmsg()
>> is corrupt.
>> I'm using Xenomai 3.1, with kernel 4.19.989 x86_64
>> -C Smith
>
> OK, my guess was wrong. Let me see where we corrupt this.
>
> Brings https://gitlab.com/Xenomai/xenomai-hacker-space/-/issues/21 into
> memory...
>
Found it: We are lacking use of rtdm_get_iovec in rtcan - in contrast to
RTnet (see e.g. rt_packet_sendmsg). Would you feel like looking into
such a change?
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
