Context Navigation

Opened 5 years ago

Closed 5 years ago

Last modified 5 years ago

#15175 closed bug (fixed)

SMEP violation in /dev/mem

Reported by:	diver	Owned by:	nobody
Priority:	normal	Milestone:	R1/beta2
Component:	System	Version:	R1/Development
Keywords:		Cc:
Blocked By:		Blocking:
Platform:	All

Description

hrev53233 x86_64.

Running strings /dev/mem crashes Haiku.

Attachments (1)

smep.png (38.7 KB ) - added by diver 5 years ago.

Download all attachments as: .zip

Change History (5)

by diver, 5 years ago

Attachment:	smep.png added

comment:1 by waddlesplash, 5 years ago

https://xref.plausible.coop/source/xref/haiku/src/system/kernel/fs/fd.cpp#510

There is already a NULL check here. So how is it *calling* (SMEP) a NULL pointer?

/dev/mem's control is indeed NULL though: https://xref.plausible.coop/source/xref/haiku/src/add-ons/kernel/drivers/misc/mem.c#41

comment:2 by waddlesplash, 5 years ago

Ah, it must be a tail call. Probably the culprit is this: https://xref.plausible.coop/source/xref/haiku/src/system/kernel/device_manager/AbstractModuleDevice.cpp#90

comment:3 by waddlesplash, 5 years ago

Resolution:	→ fixed
Status:	new → closed

Fixed in hrev53481~2.

comment:4 by nielx, 5 years ago

Milestone:	Unscheduled → R1/beta2

Assign tickets with status=closed and resolution=fixed within the R1/beta2 development window to the R1/beta2 Milestone

Note: See TracTickets for help on using tickets.

Download in other formats: