Subject: Re: kern/32193: vop_strategy gets broken struct buf's passed by genfs/bread, possible memory leakage
To: None <email@example.com>
From: Chuck Silvers <firstname.lastname@example.org>
Date: 11/30/2005 21:31:47
On Tue, Nov 29, 2005 at 11:29:00PM +0000, email@example.com wrote:
> VOP_STRATEGY buffers
> vop_strategy buffers are passed from genfs in
> sys/miscfs/genfs/genfs_vnops.c:836's VOP_TRATEGY call and created at either
> line 673 or at line 810 of the same file. In the buffer `mbp' created at
> line 673, all seems OK but at the buffer `bp' created at line 810,
> bp->b_bufsize is not initialised and thus ZERO!!!! quite a violation.
the b_bufsize is for the caching usage of struct buf,
not the I/O descriptor usage. device drivers should not look at it
(and neither should file systems for that matter).
> bread buffers
> vop_strategy buffers are passed from bread() in sys/kern/vfs_bio.c's
> bio_doread() at line 597's VOP_STRATEGY().
> These buffers are claimed/looked up just before in line 577's getblk().
> When passed to UDF's vop_strategy() bp->b_resid is undefined though mostly
> ZERO. Also not according to the struct buf's specs wich would suggest the
> number of bytes to be read/written in/from the buffer to be bp->b_resid.
b_resid is a return value, it is initialized by the device driver
before it calls biodone().
> Other filingsystems
> Filingsystems seem to cope with it by passing the buffers directly to the
> device layer that aparently ignores most of the buf contents and only
> reacts to bp->b_count.
> Filingsystems that do care about the buffer contents are also only looking
> at bp->b_count.
right, this is by design.
as other people have also said, none of the behaviours you've described