From owner-freebsd-current Sat Mar 16 16:18:25 1996 Return-Path: owner-current Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id QAA09669 for current-outgoing; Sat, 16 Mar 1996 16:18:25 -0800 (PST) Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.2.228.19]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id QAA09659 Sat, 16 Mar 1996 16:18:16 -0800 (PST) Received: (from bde@localhost) by godzilla.zeta.org.au (8.6.12/8.6.9) id LAA10427; Sun, 17 Mar 1996 11:14:34 +1100 Date: Sun, 17 Mar 1996 11:14:34 +1100 From: Bruce Evans Message-Id: <199603170014.LAA10427@godzilla.zeta.org.au> To: FreeBSD-Current@freebsd.org, gpalmer@freebsd.org Subject: Re: 4.4 lite 2 Sender: owner-current@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >I stumbled onto some changes that were made between lite & lite 2 >which I would like to see brought over onto the HEAD branch >(i.e. -current), which weren't brought over by hsu's integration work. You can bring over any correct changes that someone else isn't already working on. >Specifically, in sys/kern/kern_subr.c: >Index: kern_subr.c >=================================================================== >RCS file: /home/cvs/src/sys/kern/kern_subr.c,v >retrieving revision 1.8 >retrieving revision 1.1.1.2 >diff -u -r1.8 -r1.1.1.2 >--- 1.8 1995/05/08 23:11:12 >+++ 1.1.1.2 1996/03/11 20:01:23 >@@ -113,11 +109,13 @@ > { > register struct iovec *iov; > >+ if (uio->uio_resid <= 0) >+ panic("ureadc: non-positive resid"); This panic may occur for write(0, "", 0x80000000). read() immediately, rejects counts that are negative after they are converted to an int, but write() doesn't. I traced this as far as write() but ureadc() wasn't called for my test. In fact ureadc() is never called for the write() case :-). This is because per-char i/o is braindamaged and isn't even easier for writes. uiomove() is used more and only checks that the residual is nonzero. >- if (iov->iov_len == 0) { >+ if (iov->iov_len <= 0) { iov_len is an unsigned type (size_t) so testing for it to be < 0 is bogus. Bruce