From: Grzegorz Nosek <grzegorz.nosek@gmail.com>
To: Andy Isaacson <adi@hexapodia.org>
Cc: linux-kernel@vger.kernel.org
Subject: Re: sys_sendfile oops in 2.6.13?
Date: Wed, 12 Oct 2005 11:11:08 +0200 [thread overview]
Message-ID: <121a28810510120211s62ae88d6m@mail.gmail.com> (raw)
In-Reply-To: <20051012040006.GA31099@hexapodia.org>
2005/10/12, Andy Isaacson <adi@hexapodia.org>:
> On Tue, Oct 11, 2005 at 10:56:43AM +0200, Grzegorz Nosek wrote:
> > I found an (IMHO) silly bug in do_sendfile in 2.6.13.x kernels (at
> > least in 2.6.13.3 and .4, didn't backtrack to find where it
> > originated). Without the patch all I apparently get from sys_sendfile
> > is an oops due to a call in sys_sendfile with ppos being NULL. With the
> > patch it works OK. Noticed in vsftpd.
> >
> > @@ -719,7 +719,7 @@
> > current->syscr++;
> > current->syscw++;
> >
> > - if (*ppos > max)
> > + if (ppos && *ppos > max)
>
> That change can't fix a bug in 2.6.13, because ppos is forced to be
> non-null further up the file:
>
> 622 static ssize_t do_sendfile(int out_fd, int in_fd, loff_t *ppos,
> ...
> 647 if (!ppos)
> 648 ppos = &in_file->f_pos;
> ...
> 684 pos = *ppos;
> ...
> 701 current->syscr++;
> 702 current->syscw++;
> 703
> 704 if (*ppos > max)
> 705 retval = -EOVERFLOW;
>
> (line numbers from 2.6.13.)
>
> So there must be something else at work. Perhaps your patches?
>
> On Tue, Oct 11, 2005 at 04:53:47PM +0200, Jiri Slaby wrote:
> > I don't know the code surrounding this, but shouldn't be this
> > (!ppos || *ppos > max)?
>
> That would be wrong, too; if it were valid to call in with ppos==0, you
> wouldn't want to return EOVERFLOW; and if ppos==0 were not valid and you
> wanted to return an error, EOVERFLOW would be the wrong error to return.
>
> -andy
>
OK so I must have a broken kernel tree then. The lines you mention in
my version belong to vfs_sendfile function which indeed ensures ppos
is a valid pointer but do_sendfile is called from sys_sendfile(64).
I'll find the patch that did the change (some must have, obviously)
and report it there (probably linux-vserver is to blame)
This section of the file in vanilla 2.6.13.4 looks nothing like in my
file and the 2.6.13.3 and 2.6.13.4 patches have no changes there so at
least that's cleared up.
Regards,
Greg
next prev parent reply other threads:[~2005-10-12 21:06 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-11 8:56 sys_sendfile oops in 2.6.13? Grzegorz Nosek
2005-10-11 14:53 ` Jiri Slaby
2005-10-12 4:00 ` Andy Isaacson
2005-10-12 9:11 ` Grzegorz Nosek [this message]
2005-10-12 17:38 ` Chris Wright
2005-10-12 20:06 ` Grzegorz Nosek
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=121a28810510120211s62ae88d6m@mail.gmail.com \
--to=grzegorz.nosek@gmail.com \
--cc=adi@hexapodia.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox