perryh@pluto.rain.com
2011-Feb-07 09:01 UTC
minor data-typing error in 8.1 fs/devfs/devfs_vnops.c
Noticed while digging through devfs_read_f() and devfs_write_f() in
the course of investigating some unexpected (by me) geom behavior:
...
int ioflag, error, resid;
...
resid = uio->uio_resid;
...
if (uio->uio_resid != resid || ...
IOW resid (an int) is being assigned from and compared with
uio->uio_resid (an ssize_t).
I suppose it's probably harmless on any arch where an (int) is at
least as large as an (ssize_t), but strictly speaking it does look
like a bug -- or am I missing something?
-------------- next part --------------
--- fs/devfs/devfs_vnops.c-81R Sun Jun 13 19:09:06 2010
+++ - Sun Feb 6 23:58:34 2011
@@ -1046,7 +1046,8 @@
devfs_read_f(struct file *fp, struct uio *uio, struct ucred *cred, int flags,
struct thread *td)
{
struct cdev *dev;
- int ioflag, error, resid;
+ int ioflag, error;
+ ssize_t resid;
struct cdevsw *dsw;
struct file *fpop;
@@ -1489,7 +1490,8 @@
devfs_write_f(struct file *fp, struct uio *uio, struct ucred *cred, int flags,
struct thread *td)
{
struct cdev *dev;
- int error, ioflag, resid;
+ int error, ioflag;
+ ssize_t resid;
struct cdevsw *dsw;
struct file *fpop;
Kostik Belousov
2011-Feb-07 10:22 UTC
minor data-typing error in 8.1 fs/devfs/devfs_vnops.c
On Mon, Feb 07, 2011 at 12:53:14AM -0800, perryh@pluto.rain.com wrote:> Noticed while digging through devfs_read_f() and devfs_write_f() in > the course of investigating some unexpected (by me) geom behavior: > > ... > int ioflag, error, resid; > ... > resid = uio->uio_resid; > ... > if (uio->uio_resid != resid || ... > > IOW resid (an int) is being assigned from and compared with > uio->uio_resid (an ssize_t). > > I suppose it's probably harmless on any arch where an (int) is at > least as large as an (ssize_t), but strictly speaking it does look > like a bug -- or am I missing something?The only consequence of resid truncating uio_resid would be failure to update access time for the devfs node, which is probably not a big issue. In fact, HEAD cannot generate request for i/o greater than 4GB anyway. The type of uio_resid was increased from int to ssize_t to not break the KBI and ease indended fix to support full size_t arguments for read(2)/write(2). The change requires lots of careful review, and thus stalled. I integrated your fix into the patch, see http://people.freebsd.org/~kib/misc/uio_resid.4.patch -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 196 bytes Desc: not available Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20110207/12be3a56/attachment.pgp