netbsd-bugs: kern/14388: chrtoblk() DIAGNOSTIC suggestion

Subject: kern/14388: chrtoblk() DIAGNOSTIC suggestion
To: None <gnats-bugs@gnats.netbsd.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: netbsd-bugs
Date: 10/28/2001 22:03:22

>Number:         14388
>Category:       kern
>Synopsis:       chrtoblk() invites trouble
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          change-request
>Submitter-Id:   net
>Arrival-Date:   Sun Oct 28 19:04:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     der Mouse
>Release:        1.4T; apparently -current also
>Organization:
	Dis-
>Environment:
	Any whose chrtoblk() lacks checks as described below (alpha,
	i386, sparc, sun3, probably others).
>Description:
	chrtoblk() invites mistakes.  Specifically, it is easy to add a
	driver to cdevsw[] and forget to add it to chrtoblktbl[];
	chrtoblk() will then access beyond the end of the table and
	often provoke spurious errors when trying to open the device.
	The patch below adds a check to chrtoblk() to make it object
	strenuously if this happens.
>How-To-Repeat:
	Add a device to cdevsw.  Neglect chrtoblktbl[].  Try to open
	the device.  Get a strange error (EBUSY, typically) without
	your device open routine even being called.  Scratch your head.
	Sprinkle debugging code around and discover chrotblk() and your
	mistake.  Wish you'd been saved all that debugging time. :-)
>Fix:
	This is part of a larger patch, taken from my private patch
	tree's file for sys/arch/sparc/sparc/conf.c.  I have an
	essentially identical change to chrtoblk() on alpha and i386 as
	well, and should but don't on sun3.  I haven't checked other
	architectures, but others probably could use something similar.

	Arguably, this should be only #ifdef DIAGNOSTIC.  However, it's
	cheap enough, and the trouble it heads off is serious enough,
	that I am inclined to leave it as it is.

	@@ -429,6 +461,8 @@
	 {
	 	int blkmaj;
	 
	+	if ((sizeof(chrtoblktbl)/sizeof(chrtoblktbl[0])) < nchrdev)
	+		panic("chrtoblktbl too small for cdevsw");
	 	if (major(dev) >= nchrdev)
	 		return (NODEV);
	 	blkmaj = chrtoblktbl[major(dev)];

/~\ The ASCII				der Mouse
\ / Ribbon Campaign
 X  Against HTML	       mouse@rodents.montreal.qc.ca
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
>Release-Note:
>Audit-Trail:
>Unformatted: