* Fwd: fs/sysfs/file.c:fill_read_buffer -- signed/unsigned bug?
@ 2004-07-25 15:23 James Mastros
0 siblings, 0 replies; only message in thread
From: James Mastros @ 2004-07-25 15:23 UTC (permalink / raw)
To: linux-kernel
Hello, kernel hackers,
fill_read_buffer (in fs/sysfs/file.c) seems to have a signed/unsigned
bug with the return value of show. count is a ssize_t here, so I'm not
clear on why, but somehow, returning a negative value causes the
BUG_ON(count > PAGE_SIZE); to trigger. This means that returning an
error from the show function makes the kernel oops!
I'm amazed that this apparently hasn't been triggered until now. I'm
working on further sysfsification of ACPI, and I have enough problems
without the core oopsing for me on valid code. ;) (And it's even
documented that you can return errors from show functions, and there
seems to be other code in the function explicitly for dealing with error
returns, so I assume I'm not simply off the deep end.)
Unfornatly, my knowledge of C is rather lacking -- I'm not sure how to
fix this, but I'm fairly certian my diagnosis is correct.
Thanks
-=- James Mastros
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2004-07-25 15:23 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-07-25 15:23 Fwd: fs/sysfs/file.c:fill_read_buffer -- signed/unsigned bug? James Mastros
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox