bin/51419:

[joseyluis%gmail.com@localhost]

>Number:         51419
>Category:       bin
>Synopsis:       
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Aug 17 12:05:00 +0000 2016
>Originator:     joseyluis%gmail.com@localhost
>Release:        All relases and current
>Organization:
	
>Environment:
	
	
>Description:
	The  incore function in the file bufcache.c is declared as: 
struct ubuf *incore(struct uvnode *, int);

instead of:
struct ubuf *incore(struct uvnode *, daddr_t);

daddr_t is declared as uint64_t.

In architectures of 32 bits, for sizes > 1 Tbyte, produces most singificant bit activated=> negative number (at least in i386).
It produces:

1- bufcacache, dosn't cache blocks above > 1 Tbyte range.
2- For the same block, bufcache add various buffers to the cache, because incore always says that it isn't in cache (compares real address against a negative number).
3- Pontetially can corrupt information: It can contain the same block in several buffers marked with B_DELWRI (dirty blocks). What block will be written first or last?

I think that it must be pulled to previous releases. Volumes > 1 Tbyte, user buffer cache doesn't work, and there is risk of corruption.

>How-To-Repeat:
	Code review
>Fix:

I have only tested the compilation of the fix ( a world build).

Index: bufcache.c
===================================================================
RCS file: /cvsroot/src/sbin/fsck_lfs/bufcache.c,v
retrieving revision 1.16
diff -u -r1.16 bufcache.c
--- bufcache.c	31 Jul 2016 18:27:26 -0000	1.16
+++ bufcache.c	17 Aug 2016 09:59:33 -0000
@@ -194,7 +194,7 @@
 
 /* Return a buffer if it is in the cache, otherwise return NULL. */
 struct ubuf *
-incore(struct uvnode * vp, int lbn)
+incore(struct uvnode * vp, daddr_t lbn)
 {
 	struct ubuf *bp;
 	int hash, depth;
Index: bufcache.h
===================================================================
RCS file: /cvsroot/src/sbin/fsck_lfs/bufcache.h,v
retrieving revision 1.12
diff -u -r1.12 bufcache.h
--- bufcache.h	29 Mar 2015 19:35:58 -0000	1.12
+++ bufcache.h	17 Aug 2016 09:59:33 -0000
@@ -116,7 +116,7 @@
 void bufstats(void);
 void buf_destroy(struct ubuf *);
 void bremfree(struct ubuf *);
-struct ubuf *incore(struct uvnode *, int);
+struct ubuf *incore(struct uvnode *, daddr_t);
 struct ubuf *getblk(struct uvnode *, daddr_t, int);
 void bwrite(struct ubuf *);
 void brelse(struct ubuf *, int);