From nobody Tue Jan 6 14:37:12 2026 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dltzY2nZgz6Nj0r; Tue, 06 Jan 2026 14:37:13 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dltzY28mpz3gZC; Tue, 06 Jan 2026 14:37:13 +0000 (UTC) (envelope-from jhb@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1767710233; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mjscDEStg6g2hFcSqY+4ObZWkRtFj7lNViW1m0Dtxlk=; b=JVtE/22Ps2CifQOgpHCT4SAbHb7RndRdkf0LQnnqnVLqt3IfTyEQB7QzRsplPcSCgBP/IN NfTpCf/G0GgYtyeckykDeKJfGB28oIsJWmGNwmXxFe/9IyXd95G/3sBdeuagHyBkXbgkO6 0u/rKYiSOsDT2S5he9gD2DYwNccDp6rlf0GXBnVfDglshP7rheVwwdcmxzMbt1p3zi6tuy hRHTUsfJ+wMyYti4HvmeOWbmfMHBGW7w1mCebsFGM3Jh7bFD1P1jWESMJSP7roF/WzC9ip AdIkFb6QILu5ynAyko3xpY6+XsiRBBX/5z2s3et566ETh8+67xpJOwVa3zIP9A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1767710233; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=mjscDEStg6g2hFcSqY+4ObZWkRtFj7lNViW1m0Dtxlk=; b=nL0RHLvHPkHJ+j/r3TaRh3CSmFZ/J56+w87YASS2sGkHLFpyuoHO7hAzlmbZ+j6ba31KN6 NudIOOt10qrQska+4EblRhiC+4ZXKmpQhNjXka//g7YzBDPfojVIAdNFLUtqPsnPkEuqfZ ex5yzuEt455nS6etNG16sTeql6H4ZFv5FYQ7Ejfe8OqvIy4G1xHKCC2ea7jT7Bfa47Gc6w a+xcHPVR5acftX2HtsSGj++GeRVZ54t/YXIbnujEt/9OwkEz7dBmqMyOI6+E+bux1CL/M+ 1mN0T8myhcILoVZuEBDvQpD+ARQsQNfsv658ZNdqKhmRJggZICLeKmmkrNNX8A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1767710233; a=rsa-sha256; cv=none; b=IDQ7Zo3PLIgTYWgLRvIuvKyPxs2AuJtSZLZCtX5zl+Sy1iZAsYo4eg6SO13NOQxBjsJbxj CFrJ/Qydop5EAhvrKI4XvEjUQxHHegjJCgTYOz/Bg5n4eIwmkLe8qI86BHcSplAaRWtPt1 uLa6F1qVvXOzdaBjg5TgVhGHxm44ZZz4AxcQWUmqxpXDyKSU8pONjBWGxK2eS7Z7Uw/ZiG 9ReTpqnowk5Wg+S3eMEddkZ6jUz8xo8szcJ9BXqMH020YTs4etCZSmrJzAq0JTsciDI/Cc fsD4GePtIrirPi8qEesx15gySrtsEhXyE9D0SwtFmRNlF7aO5T0qsPGTXEgh8A== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from [172.20.6.23] (unknown [12.195.162.27]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: jhb) by smtp.freebsd.org (Postfix) with ESMTPSA id 4dltzY0NhHzwDT; Tue, 06 Jan 2026 14:37:12 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Message-ID: Date: Tue, 6 Jan 2026 08:37:12 -0600 List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: git: 27894e20f140 - main - libgeom: Fix segfault in 32-on-64 case Content-Language: en-US To: =?UTF-8?Q?Dag-Erling_Sm=C3=B8rg_rav?= , src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org References: <6958dd10.b4b9.2aebecda@gitrepo.freebsd.org> From: John Baldwin In-Reply-To: <6958dd10.b4b9.2aebecda@gitrepo.freebsd.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit On 1/3/26 04:10, Dag-Erling Smørg rav wrote: > The branch main has been updated by des: > > URL: https://cgit.FreeBSD.org/src/commit/?id=27894e20f140ee2729c14b589035870c8185b87d > > commit 27894e20f140ee2729c14b589035870c8185b87d > Author: Dag-Erling Smørgrav > AuthorDate: 2026-01-03 09:09:51 +0000 > Commit: Dag-Erling Smørgrav > CommitDate: 2026-01-03 09:10:23 +0000 > > libgeom: Fix segfault in 32-on-64 case > > We were using strtoul() to parse object identifiers, which are kernel > pointers. This works fine as long as the kernel and userland match, > but in a 32-bit libgeom on a 64-bit kernel this will return ULONG_MAX > for all objects, resulting in memory corruption when we later pick the > wrong object while resolving consumer-producer references. > > MFC after: 1 week > PR: 292127 > Reviewed by: imp > Differential Revision: https://reviews.freebsd.org/D54452 > --- > lib/libgeom/geom_xml2tree.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/lib/libgeom/geom_xml2tree.c b/lib/libgeom/geom_xml2tree.c > index 2d2c43e29e77..161425d9fadf 100644 > --- a/lib/libgeom/geom_xml2tree.c > +++ b/lib/libgeom/geom_xml2tree.c > @@ -76,10 +76,10 @@ StartElement(void *userData, const char *name, const char **attr) > ref = NULL; > for (i = 0; attr[i] != NULL; i += 2) { > if (!strcmp(attr[i], "id")) { > - id = (void *)strtoul(attr[i + 1], NULL, 0); > + id = (void *)strtoumax(attr[i + 1], NULL, 0); > mt->nident++; > } else if (!strcmp(attr[i], "ref")) { > - ref = (void *)strtoul(attr[i + 1], NULL, 0); > + ref = (void *)strtoumax(attr[i + 1], NULL, 0); Should we perhaps not use pointers to hold the cookies? This is going to truncate in the lib32 case which will probably still work in practice as the low 32 bits of kernel object addresses are probably unique, but isn't foolproof. Perhaps the cookie values should be stored as either kvaddr_t values, or uintmax_t? -- John Baldwin