On Wed, 2021-11-03 at 11:46 +0100, Jan Kiszka via Xenomai wrote: > On 03.11.21 07:59, Jan Kiszka wrote: > > On 02.11.21 23:57, C Smith via Xenomai wrote: > > > I added some printf/printk to rtcansend.c as well as rtcan_raw.c: > > > > > > rtcan_raw.c: > > > /* Check size of buffer */ > > > if (iov->iov_len != sizeof(can_frame_t)) { > > > printk("rtcan_raw.c, 850: sizeof(can_frame_t): %ld\n", > > > sizeof(can_frame_t)); > > > printk("rtcan_raw.c, 852: iov->iov_len: %ld\n", > > > iov->iov_len); > > > return -EMSGSIZE; > > > } > > > > > > when running rtcansend (32-bit compile, which fails with EMSGSIZE): > > > [root@pc can]# /usr/xenomai/bin/rtcansend rtcan0 -s 0xde 0xad > > > sizeof(can_frame_t): 16 > > > send: Message too long > > > > > > [root@pc can]# dmesg > > > [11275.197125] rtcan_raw.c, 850: sizeof(can_frame_t): 16 > > > [11275.197133] rtcan_raw.c, 852: iov->iov_len: 34494267600 > > > > > > when running rtcansend (64-bit compile, sends out can msg OK): > > > [root@pc can]# /usr/xenomai/bin/rtcansend rtcan0 -s 0xde 0xad > > > sizeof(can_frame_t): 16 > > > > > > [root@pc can]# dmesg > > > [12476.571032] rtcan_raw.c, 850: sizeof(can_frame_t): 16 > > > [12476.571040] rtcan_raw.c, 852: iov->iov_len: 16 > > > > > > It looks like the struct user_msghdr *msg passed into rtcan_raw_sendmsg() > > > is corrupt. > > > I'm using Xenomai 3.1, with kernel 4.19.989 x86_64 > > > -C Smith > > > > OK, my guess was wrong. Let me see where we corrupt this. > > > > Brings https://gitlab.com/Xenomai/xenomai-hacker-space/-/issues/21 into > > memory... > > > > Found it: We are lacking use of rtdm_get_iovec in rtcan - in contrast to > RTnet (see e.g. rt_packet_sendmsg). Would you feel like looking into > such a change?
Just a note: rtcan_raw_sendmsg() and rtcan_raw_recvmsg() are both affected. Both should be using rtdm_get_iovec(). > > Jan >