Subject: Re: kern/32193: vop_strategy gets broken struct buf's passed by genfs/bread, possible memory leakage
To: None <,,>
From: Reinoud Zandijk <>
List: netbsd-bugs
Date: 11/30/2005 18:22:01
The following reply was made to PR kern/32193; it has been noted by GNATS.

From: Reinoud Zandijk <>
Subject: Re: kern/32193: vop_strategy gets broken struct buf's passed by genfs/bread, possible memory leakage
Date: Wed, 30 Nov 2005 19:21:28 +0100

 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
   > UDF's VOP_STRATEGY() gets calls from VOP_READ() using bread() on the vnode 
   > and from genfs's {get,put}_pages. Both buffers are are not according to the 
   > spec.
 > what spec are you talking about?
 What about the struct buf definition? If we can't rely on fields to have 
 valid info in their fields.... rely on (undocumented) conventions?
   > line 673, all seems OK but at the buffer `bp' created at line 810,
   > bp->b_bufsize is not initialised and thus ZERO!!!! quite a violation.
 > violate what?
 That bp->b_bufsize indicates the length of the datablock pointed to by 
 bp->b_data ?
 > they are released by uvm_aio_biodone1().
 Undocumented feature of UVM aparently... maybe a comment would be good :)
   > These buffers are claimed/looked up just before in line 577's getblk(). 
   > When passed to UDF's vop_strategy() bp->b_resid is undefined though mostly 
   > ZERO. Also not according to the struct buf's specs wich would suggest the 
   > number of bytes to be read/written in/from the buffer to be bp->b_resid.
 > so?  do you have any problem with it?
 > b_resid will be set by device drivers if needed.
 Consistency. If one wants to be consistent, b_resid ought to allways 
 indicate the number of bytes to be transfered independent of the place one 
 finds the buf used and not for conventions sake suddenly been taken over by 
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 Version: GnuPG v1.2.6 (NetBSD)