CVS commit: src/lib/libc/stdlib
Module Name:src Committed By: kre Date: Sun Mar 13 01:44:37 UTC 2022 Modified Files: src/lib/libc/stdlib: hcreate.c Log Message: Avoid referencing uninit'd memory. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/lib/libc/stdlib/hcreate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/stdlib/hcreate.c diff -u src/lib/libc/stdlib/hcreate.c:1.12 src/lib/libc/stdlib/hcreate.c:1.13 --- src/lib/libc/stdlib/hcreate.c:1.12 Sat Mar 12 17:31:39 2022 +++ src/lib/libc/stdlib/hcreate.c Sun Mar 13 01:44:37 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: hcreate.c,v 1.12 2022/03/12 17:31:39 christos Exp $ */ +/* $NetBSD: hcreate.c,v 1.13 2022/03/13 01:44:37 kre Exp $ */ /* * Copyright (c) 2001 Christopher G. Demetriou @@ -43,7 +43,7 @@ #include #if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: hcreate.c,v 1.12 2022/03/12 17:31:39 christos Exp $"); +__RCSID("$NetBSD: hcreate.c,v 1.13 2022/03/13 01:44:37 kre Exp $"); #endif /* LIBC_SCCS and not lint */ #if !defined(lint) @@ -124,6 +124,7 @@ hcreate_r(size_t nel, struct hsearch_dat /* Allocate the table. */ head->size = nel; head->filled = 0; + table = NULL; errno = reallocarr(&table, nel, sizeof(*table)); if (errno) return 0;
CVS commit: src/lib/libc/stdlib
Module Name:src Committed By: kre Date: Sun Mar 13 01:44:37 UTC 2022 Modified Files: src/lib/libc/stdlib: hcreate.c Log Message: Avoid referencing uninit'd memory. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/lib/libc/stdlib/hcreate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/lib/libc/stdlib
On Sat, 12 Mar 2022 08:26:01 + Nia Alarie wrote: > Module Name: src > Committed By: nia > Date: Sat Mar 12 08:26:01 UTC 2022 > > Modified Files: > src/lib/libc/stdlib: hcreate.c > > Log Message: > hcreate(3): use reallocarr instead of malloc(x * y) Caution: malloc(0) and reallocarr(&p, 0, s) have different semantics for the returned pointer value.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 22:20:34 UTC 2022 Modified Files: src/sys/kern: subr_kmem.c Log Message: kmem(9): Show the pointer in kmem_free(..., 0) assertion like before. To generate a diff of this commit: cvs rdiff -u -r1.83 -r1.84 src/sys/kern/subr_kmem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/subr_kmem.c diff -u src/sys/kern/subr_kmem.c:1.83 src/sys/kern/subr_kmem.c:1.84 --- src/sys/kern/subr_kmem.c:1.83 Sat Mar 12 16:54:17 2022 +++ src/sys/kern/subr_kmem.c Sat Mar 12 22:20:34 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_kmem.c,v 1.83 2022/03/12 16:54:17 riastradh Exp $ */ +/* $NetBSD: subr_kmem.c,v 1.84 2022/03/12 22:20:34 riastradh Exp $ */ /* * Copyright (c) 2009-2020 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: subr_kmem.c,v 1.83 2022/03/12 16:54:17 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_kmem.c,v 1.84 2022/03/12 22:20:34 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_kmem.h" @@ -258,7 +258,7 @@ kmem_intr_free(void *p, size_t requested pool_cache_t pc; KASSERT(p != NULL); - KASSERT(requested_size > 0); + KASSERTMSG(requested_size > 0, "kmem_intr_free(%p, 0)", p); kasan_add_redzone(&requested_size); size = kmem_roundup_size(requested_size);
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 22:20:34 UTC 2022 Modified Files: src/sys/kern: subr_kmem.c Log Message: kmem(9): Show the pointer in kmem_free(..., 0) assertion like before. To generate a diff of this commit: cvs rdiff -u -r1.83 -r1.84 src/sys/kern/subr_kmem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/elftoolchain/dist/libelf
Module Name:src Committed By: jkoshy Date: Sat Mar 12 21:37:55 UTC 2022 Modified Files: src/external/bsd/elftoolchain/dist/libelf: elf_begin.3 elf_cntl.3 elf_end.3 elf_errmsg.3 elf_flagdata.3 elf_getarhdr.3 elf_getarsym.3 elf_getbase.3 elf_getdata.3 elf_getident.3 elf_getphdrnum.3 elf_getphnum.3 elf_getscn.3 elf_getshdrnum.3 elf_getshdrstrndx.3 elf_getshnum.3 elf_getshstrndx.3 elf_hash.3 elf_kind.3 elf_memory.3 elf_next.3 elf_open.3 elf_rand.3 elf_rawfile.3 elf_strptr.3 elf_update.3 elf_version.3 gelf_checksum.3 gelf_fsize.3 gelf_getcap.3 gelf_getclass.3 gelf_getdyn.3 gelf_getehdr.3 gelf_getmove.3 gelf_getphdr.3 gelf_getrel.3 gelf_getrela.3 gelf_getshdr.3 gelf_getsym.3 gelf_getsyminfo.3 gelf_getsymshndx.3 gelf_newehdr.3 gelf_newphdr.3 gelf_update_ehdr.3 gelf_xlatetof.3 Log Message: Sync libelf's manual pages with upstream [r3963]. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/external/bsd/elftoolchain/dist/libelf/elf_begin.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_cntl.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_end.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_errmsg.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_flagdata.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getarhdr.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getarsym.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getbase.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getdata.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getident.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getphdrnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getphnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getscn.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshdrnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshdrstrndx.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshstrndx.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_hash.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_kind.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_memory.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_next.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_open.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_rand.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_rawfile.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_strptr.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_update.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_version.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_checksum.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_fsize.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getcap.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getclass.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getdyn.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getehdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getmove.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getphdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getrel.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getrela.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getshdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getsym.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getsyminfo.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getsymshndx.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_newehdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_newphdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_update_ehdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_xlatetof.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/elftoolchain/dist/libelf/elf_begin.3 diff -u src/external/bsd/elftoolchain/dist/libelf/elf_begin.3:1.4 src/external/bsd/elftoolchain/dist/libelf/elf_begin.3:1.5 --- src/external/bsd/elftoolchain/dist/libelf/elf_begin.3:1.4 Mon Mar 8 20:55:06 2021 +++ src/external/bsd/elftoolchain/dist/libelf/elf_begin.3 Sat Mar 12 21:37:55 2022 @@ -1,4 +1,4 @@ -.\" $NetBSD: elf_begin.3,v 1.4 2021/03/08 20:55:06 jkoshy Exp $ +.\" $NetBSD: elf_begin.3,v 1.5 2022/03/12 21:37:55 jkoshy Exp $ .\" .\" Copyright (c) 2006,2008-2011 Joseph Koshy. All rights reserved. .\" @@ -23,7 +23,7 @@ .\" out of the use of this software, even if advised of the possibility of .\" such damage. .\" -.\" Id: elf_begin.3 3928 2021-03-07 19:47:55Z jkoshy +.\" Id: elf_begin.3 3952 2022-03-12 09:09:50Z jkoshy .\" .Dd December 11, 2011 .Dt ELF_BEGIN 3 @@ -54,22 +54,22 @@ and APIs. .Pp Argument -.Ar fd +.Fa fd is an open file descriptor returned from an .Xr open 2 system call. Function .Fn elf_begin
CVS commit: src/external/bsd/elftoolchain/dist/libelf
Module Name:src Committed By: jkoshy Date: Sat Mar 12 21:37:55 UTC 2022 Modified Files: src/external/bsd/elftoolchain/dist/libelf: elf_begin.3 elf_cntl.3 elf_end.3 elf_errmsg.3 elf_flagdata.3 elf_getarhdr.3 elf_getarsym.3 elf_getbase.3 elf_getdata.3 elf_getident.3 elf_getphdrnum.3 elf_getphnum.3 elf_getscn.3 elf_getshdrnum.3 elf_getshdrstrndx.3 elf_getshnum.3 elf_getshstrndx.3 elf_hash.3 elf_kind.3 elf_memory.3 elf_next.3 elf_open.3 elf_rand.3 elf_rawfile.3 elf_strptr.3 elf_update.3 elf_version.3 gelf_checksum.3 gelf_fsize.3 gelf_getcap.3 gelf_getclass.3 gelf_getdyn.3 gelf_getehdr.3 gelf_getmove.3 gelf_getphdr.3 gelf_getrel.3 gelf_getrela.3 gelf_getshdr.3 gelf_getsym.3 gelf_getsyminfo.3 gelf_getsymshndx.3 gelf_newehdr.3 gelf_newphdr.3 gelf_update_ehdr.3 gelf_xlatetof.3 Log Message: Sync libelf's manual pages with upstream [r3963]. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 \ src/external/bsd/elftoolchain/dist/libelf/elf_begin.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_cntl.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_end.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_errmsg.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_flagdata.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getarhdr.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getarsym.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getbase.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getdata.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getident.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getphdrnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getphnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getscn.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshdrnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshdrstrndx.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshnum.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_getshstrndx.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_hash.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_kind.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_memory.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_next.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_open.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_rand.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_rawfile.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_strptr.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_update.3 \ src/external/bsd/elftoolchain/dist/libelf/elf_version.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_checksum.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_fsize.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getcap.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getclass.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getdyn.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getehdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getmove.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getphdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getrel.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getrela.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getshdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getsym.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getsyminfo.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_getsymshndx.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_newehdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_newphdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_update_ehdr.3 \ src/external/bsd/elftoolchain/dist/libelf/gelf_xlatetof.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 21:15:25 UTC 2022 Modified Files: src/sys/dev/usb: ustir.c Log Message: ustir(4): Avoid undefined behaviour if register read fails. To generate a diff of this commit: cvs rdiff -u -r1.50 -r1.51 src/sys/dev/usb/ustir.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/usb/ustir.c diff -u src/sys/dev/usb/ustir.c:1.50 src/sys/dev/usb/ustir.c:1.51 --- src/sys/dev/usb/ustir.c:1.50 Sun Sep 26 01:16:09 2021 +++ src/sys/dev/usb/ustir.c Sat Mar 12 21:15:25 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ustir.c,v 1.50 2021/09/26 01:16:09 thorpej Exp $ */ +/* $NetBSD: ustir.c,v 1.51 2022/03/12 21:15:25 riastradh Exp $ */ /* * Copyright (c) 2001 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ustir.c,v 1.50 2021/09/26 01:16:09 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ustir.c,v 1.51 2022/03/12 21:15:25 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_usb.h" @@ -1144,7 +1144,7 @@ Static int ustir_ioctl(void *h, u_long c int error; unsigned int regnum; usbd_status err; - uint8_t regdata; + uint8_t regdata = 0; if (sc->sc_dying) return EIO;
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 21:15:25 UTC 2022 Modified Files: src/sys/dev/usb: ustir.c Log Message: ustir(4): Avoid undefined behaviour if register read fails. To generate a diff of this commit: cvs rdiff -u -r1.50 -r1.51 src/sys/dev/usb/ustir.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/compat/common
Module Name:src Committed By: riastradh Date: Sat Mar 12 20:46:03 UTC 2022 Modified Files: src/sys/compat/common: vfs_syscalls_30.c Log Message: compat_30: Fix thinko in previous. Let's not go into an infinite loop of stack smashing! To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/sys/compat/common/vfs_syscalls_30.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/common/vfs_syscalls_30.c diff -u src/sys/compat/common/vfs_syscalls_30.c:1.44 src/sys/compat/common/vfs_syscalls_30.c:1.45 --- src/sys/compat/common/vfs_syscalls_30.c:1.44 Sat Mar 12 15:54:23 2022 +++ src/sys/compat/common/vfs_syscalls_30.c Sat Mar 12 20:46:03 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls_30.c,v 1.44 2022/03/12 15:54:23 riastradh Exp $ */ +/* $NetBSD: vfs_syscalls_30.c,v 1.45 2022/03/12 20:46:03 riastradh Exp $ */ /*- * Copyright (c) 2005, 2008 The NetBSD Foundation, Inc. @@ -29,7 +29,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.44 2022/03/12 15:54:23 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.45 2022/03/12 20:46:03 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_compat_netbsd.h" @@ -310,7 +310,7 @@ again: } /* if we squished out the whole block, try again */ - if (any) { + if (!any) { if (cookiebuf) free(cookiebuf, M_TEMP); cookiebuf = NULL;
CVS commit: src/sys/compat/common
Module Name:src Committed By: riastradh Date: Sat Mar 12 20:46:03 UTC 2022 Modified Files: src/sys/compat/common: vfs_syscalls_30.c Log Message: compat_30: Fix thinko in previous. Let's not go into an infinite loop of stack smashing! To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/sys/compat/common/vfs_syscalls_30.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 19:26:34 UTC 2022 Modified Files: src/sys/kern: subr_autoconf.c Log Message: autoconf(9): Refuse to consider negative unit numbers in cfdata. Reported-by: syzbot+a63ae6c58df86f40b...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.295 -r1.296 src/sys/kern/subr_autoconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/subr_autoconf.c diff -u src/sys/kern/subr_autoconf.c:1.295 src/sys/kern/subr_autoconf.c:1.296 --- src/sys/kern/subr_autoconf.c:1.295 Sun Feb 6 19:29:52 2022 +++ src/sys/kern/subr_autoconf.c Sat Mar 12 19:26:33 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_autoconf.c,v 1.295 2022/02/06 19:29:52 tnn Exp $ */ +/* $NetBSD: subr_autoconf.c,v 1.296 2022/03/12 19:26:33 riastradh Exp $ */ /* * Copyright (c) 1996, 2000 Christopher G. Demetriou @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: subr_autoconf.c,v 1.295 2022/02/06 19:29:52 tnn Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_autoconf.c,v 1.296 2022/03/12 19:26:33 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_ddb.h" @@ -1473,10 +1473,12 @@ config_devdelete(device_t dev) static int config_unit_nextfree(cfdriver_t cd, cfdata_t cf) { - int unit; + int unit = cf->cf_unit; + if (unit < 0) + return -1; if (cf->cf_fstate == FSTATE_STAR) { - for (unit = cf->cf_unit; unit < cd->cd_ndevs; unit++) + for (; unit < cd->cd_ndevs; unit++) if (cd->cd_devs[unit] == NULL) break; /* @@ -1484,7 +1486,6 @@ config_unit_nextfree(cfdriver_t cd, cfda * or max(cd->cd_ndevs,cf->cf_unit). */ } else { - unit = cf->cf_unit; if (unit < cd->cd_ndevs && cd->cd_devs[unit] != NULL) unit = -1; }
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 19:26:34 UTC 2022 Modified Files: src/sys/kern: subr_autoconf.c Log Message: autoconf(9): Refuse to consider negative unit numbers in cfdata. Reported-by: syzbot+a63ae6c58df86f40b...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.295 -r1.296 src/sys/kern/subr_autoconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 18:31:39 UTC 2022 Modified Files: src/sys/dev/usb: emdtv.c Log Message: emdtv(4): If register read fails, read as all zero. Avoids undefined behaviour if device is yanked or broken. Reported-by: syzbot+18ce1e017b9f802ed...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/sys/dev/usb/emdtv.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 18:31:39 UTC 2022 Modified Files: src/sys/dev/usb: emdtv.c Log Message: emdtv(4): If register read fails, read as all zero. Avoids undefined behaviour if device is yanked or broken. Reported-by: syzbot+18ce1e017b9f802ed...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/sys/dev/usb/emdtv.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/usb/emdtv.c diff -u src/sys/dev/usb/emdtv.c:1.15 src/sys/dev/usb/emdtv.c:1.16 --- src/sys/dev/usb/emdtv.c:1.15 Sat Mar 14 02:35:33 2020 +++ src/sys/dev/usb/emdtv.c Sat Mar 12 18:31:39 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: emdtv.c,v 1.15 2020/03/14 02:35:33 christos Exp $ */ +/* $NetBSD: emdtv.c,v 1.16 2022/03/12 18:31:39 riastradh Exp $ */ /*- * Copyright (c) 2008, 2011 Jared D. McNeill @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: emdtv.c,v 1.15 2020/03/14 02:35:33 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: emdtv.c,v 1.16 2022/03/12 18:31:39 riastradh Exp $"); #include #include @@ -326,9 +326,11 @@ emdtv_read_multi_1(struct emdtv_softc *s status = usbd_do_request(sc->sc_udev, &request, datap); KERNEL_UNLOCK_ONE(curlwp); - if (status != USBD_NORMAL_COMPLETION) + if (status != USBD_NORMAL_COMPLETION) { aprint_error_dev(sc->sc_dev, "couldn't read %x/%x: %s\n", req, index, usbd_errstr(status)); + memset(datap, 0, count); + } if (emdtv_debug_regs) { int i;
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:45:53 UTC 2022 Modified Files: src/sys/kern: kern_ktrace.c Log Message: ktrace(9): Avoid stomping over colliding KTROP_SET. Reported-by: syzbot+1e2a24aaa5725cab1...@syzkaller.appspotmail.com Reported-by: syzbot+3f89dc33fa3020fab...@syzkaller.appspotmail.com Reported-by: syzbot+44898c094ce209759...@syzkaller.appspotmail.com Reported-by: syzbot+99826cb4b0494bfbb...@syzkaller.appspotmail.com Reported-by: syzbot+a7c4752dc308936c4...@syzkaller.appspotmail.com Reported-by: syzbot+c062464baf148ed5f...@syzkaller.appspotmail.com Reported-by: syzbot+dfa19489edc185f94...@syzkaller.appspotmail.com Reported-by: syzbot+e2c4a8195d3ad8434...@syzkaller.appspotmail.com Reported-by: syzbot+f31927b2905188fdd...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.178 -r1.179 src/sys/kern/kern_ktrace.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_ktrace.c diff -u src/sys/kern/kern_ktrace.c:1.178 src/sys/kern/kern_ktrace.c:1.179 --- src/sys/kern/kern_ktrace.c:1.178 Sat Feb 27 13:02:42 2021 +++ src/sys/kern/kern_ktrace.c Sat Mar 12 17:45:53 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_ktrace.c,v 1.178 2021/02/27 13:02:42 simonb Exp $ */ +/* $NetBSD: kern_ktrace.c,v 1.179 2022/03/12 17:45:53 riastradh Exp $ */ /*- * Copyright (c) 2006, 2007, 2008, 2020 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_ktrace.c,v 1.178 2021/02/27 13:02:42 simonb Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_ktrace.c,v 1.179 2022/03/12 17:45:53 riastradh Exp $"); #include #include @@ -1396,7 +1396,11 @@ ktrace_thread(void *arg) mutex_enter(&ktrace_lock); } - TAILQ_REMOVE(&ktdq, ktd, ktd_list); + if (ktd_lookup(ktd->ktd_fp) == ktd) { + TAILQ_REMOVE(&ktdq, ktd, ktd_list); + } else { + /* nothing, collision in KTROP_SET */ + } callout_halt(&ktd->ktd_wakch, &ktrace_lock); callout_destroy(&ktd->ktd_wakch);
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:45:53 UTC 2022 Modified Files: src/sys/kern: kern_ktrace.c Log Message: ktrace(9): Avoid stomping over colliding KTROP_SET. Reported-by: syzbot+1e2a24aaa5725cab1...@syzkaller.appspotmail.com Reported-by: syzbot+3f89dc33fa3020fab...@syzkaller.appspotmail.com Reported-by: syzbot+44898c094ce209759...@syzkaller.appspotmail.com Reported-by: syzbot+99826cb4b0494bfbb...@syzkaller.appspotmail.com Reported-by: syzbot+a7c4752dc308936c4...@syzkaller.appspotmail.com Reported-by: syzbot+c062464baf148ed5f...@syzkaller.appspotmail.com Reported-by: syzbot+dfa19489edc185f94...@syzkaller.appspotmail.com Reported-by: syzbot+e2c4a8195d3ad8434...@syzkaller.appspotmail.com Reported-by: syzbot+f31927b2905188fdd...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.178 -r1.179 src/sys/kern/kern_ktrace.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/miscfs/kernfs
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:36:14 UTC 2022 Modified Files: src/sys/miscfs/kernfs: kernfs_vnops.c Log Message: kernfs: Just fail with EOPNOTSUPP, don't panic, on VOP_BMAP. Reported-by: syzbot+870d2eb4b4c8904ac...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.172 -r1.173 src/sys/miscfs/kernfs/kernfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/miscfs/kernfs/kernfs_vnops.c diff -u src/sys/miscfs/kernfs/kernfs_vnops.c:1.172 src/sys/miscfs/kernfs/kernfs_vnops.c:1.173 --- src/sys/miscfs/kernfs/kernfs_vnops.c:1.172 Mon Jul 19 01:33:53 2021 +++ src/sys/miscfs/kernfs/kernfs_vnops.c Sat Mar 12 17:36:14 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: kernfs_vnops.c,v 1.172 2021/07/19 01:33:53 dholland Exp $ */ +/* $NetBSD: kernfs_vnops.c,v 1.173 2022/03/12 17:36:14 riastradh Exp $ */ /* * Copyright (c) 1992, 1993 @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kernfs_vnops.c,v 1.172 2021/07/19 01:33:53 dholland Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kernfs_vnops.c,v 1.173 2022/03/12 17:36:14 riastradh Exp $"); #include #include @@ -195,7 +195,7 @@ const struct vnodeopv_entry_desc kernfs_ { &vop_reclaim_desc, kernfs_reclaim }, /* reclaim */ { &vop_lock_desc, genfs_lock }, /* lock */ { &vop_unlock_desc, genfs_unlock }, /* unlock */ - { &vop_bmap_desc, genfs_badop }, /* bmap */ + { &vop_bmap_desc, genfs_eopnotsupp }, /* bmap */ { &vop_strategy_desc, genfs_eopnotsupp }, /* strategy */ { &vop_print_desc, kernfs_print }, /* print */ { &vop_islocked_desc, genfs_islocked }, /* islocked */
CVS commit: src/sys/miscfs/kernfs
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:36:14 UTC 2022 Modified Files: src/sys/miscfs/kernfs: kernfs_vnops.c Log Message: kernfs: Just fail with EOPNOTSUPP, don't panic, on VOP_BMAP. Reported-by: syzbot+870d2eb4b4c8904ac...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.172 -r1.173 src/sys/miscfs/kernfs/kernfs_vnops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc
Module Name:src Committed By: christos Date: Sat Mar 12 17:31:40 UTC 2022 Modified Files: src/lib/libc/gen: fts.c scandir.c setmode.3 setmode.c stringlist.c src/lib/libc/net: getprotoent_r.c getservent_r.c src/lib/libc/stdio: vfwprintf.c src/lib/libc/stdlib: _env.c hcreate.c radixsort.c src/lib/libc/string: wcsdup.c Log Message: reallocarr returns errno. preserve it. To generate a diff of this commit: cvs rdiff -u -r1.50 -r1.51 src/lib/libc/gen/fts.c cvs rdiff -u -r1.29 -r1.30 src/lib/libc/gen/scandir.c cvs rdiff -u -r1.22 -r1.23 src/lib/libc/gen/setmode.3 cvs rdiff -u -r1.36 -r1.37 src/lib/libc/gen/setmode.c cvs rdiff -u -r1.14 -r1.15 src/lib/libc/gen/stringlist.c cvs rdiff -u -r1.7 -r1.8 src/lib/libc/net/getprotoent_r.c cvs rdiff -u -r1.12 -r1.13 src/lib/libc/net/getservent_r.c cvs rdiff -u -r1.37 -r1.38 src/lib/libc/stdio/vfwprintf.c cvs rdiff -u -r1.12 -r1.13 src/lib/libc/stdlib/_env.c cvs rdiff -u -r1.11 -r1.12 src/lib/libc/stdlib/hcreate.c cvs rdiff -u -r1.21 -r1.22 src/lib/libc/stdlib/radixsort.c cvs rdiff -u -r1.5 -r1.6 src/lib/libc/string/wcsdup.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/fts.c diff -u src/lib/libc/gen/fts.c:1.50 src/lib/libc/gen/fts.c:1.51 --- src/lib/libc/gen/fts.c:1.50 Tue Nov 2 04:39:20 2021 +++ src/lib/libc/gen/fts.c Sat Mar 12 12:31:39 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: fts.c,v 1.50 2021/11/02 08:39:20 nia Exp $ */ +/* $NetBSD: fts.c,v 1.51 2022/03/12 17:31:39 christos Exp $ */ /*- * Copyright (c) 1990, 1993, 1994 @@ -38,7 +38,7 @@ #if 0 static char sccsid[] = "@(#)fts.c 8.6 (Berkeley) 8/14/94"; #else -__RCSID("$NetBSD: fts.c,v 1.50 2021/11/02 08:39:20 nia Exp $"); +__RCSID("$NetBSD: fts.c,v 1.51 2022/03/12 17:31:39 christos Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -1015,9 +1015,10 @@ fts_sort(FTS *sp, FTSENT *head, size_t n * 40 so don't realloc one entry at a time. */ if (nitems > sp->fts_nitems) { - if (reallocarr(&sp->fts_array, - nitems + 40, sizeof(FTSENT *)) != 0) - return (head); + errno = reallocarr(&sp->fts_array, + nitems + 40, sizeof(*sp->fts_array)); + if (errno) + return head; sp->fts_nitems = fts_nitems_truncate(nitems + 40); } for (ap = sp->fts_array, p = head; p; p = p->fts_link) Index: src/lib/libc/gen/scandir.c diff -u src/lib/libc/gen/scandir.c:1.29 src/lib/libc/gen/scandir.c:1.30 --- src/lib/libc/gen/scandir.c:1.29 Fri Oct 29 06:40:00 2021 +++ src/lib/libc/gen/scandir.c Sat Mar 12 12:31:39 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: scandir.c,v 1.29 2021/10/29 10:40:00 nia Exp $ */ +/* $NetBSD: scandir.c,v 1.30 2022/03/12 17:31:39 christos Exp $ */ /* * Copyright (c) 1983, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)scandir.c 8.3 (Berkeley) 1/2/94"; #else -__RCSID("$NetBSD: scandir.c,v 1.29 2021/10/29 10:40:00 nia Exp $"); +__RCSID("$NetBSD: scandir.c,v 1.30 2022/03/12 17:31:39 christos Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -94,6 +94,7 @@ scandir(const char *dirname, struct dire struct dirent *d, *p, **names; size_t nitems, arraysz; DIR *dirp; + int serrno; _DIAGASSERT(dirname != NULL); _DIAGASSERT(namelist != NULL); @@ -105,7 +106,8 @@ scandir(const char *dirname, struct dire goto bad; names = NULL; - if (reallocarr(&names, arraysz, sizeof(*names)) != 0) + errno = reallocarr(&names, arraysz, sizeof(*names)); + if (errno) goto bad; nitems = 0; @@ -120,7 +122,8 @@ scandir(const char *dirname, struct dire if (nitems >= arraysz) { if ((arraysz = dirsize(dirp->dd_fd, arraysz)) == 0) goto bad2; - if (reallocarr(&names, arraysz, sizeof(*names)) != 0) + errno = reallocarr(&names, arraysz, sizeof(*names)); + if (errno) goto bad2; } @@ -146,10 +149,14 @@ scandir(const char *dirname, struct dire return (int)nitems; bad2: + serrno = errno; while (nitems-- > 0) free(names[nitems]); free(names); + errno = serrno; bad: + serrno = errno; (void)closedir(dirp); + errno = serrno; return -1; } Index: src/lib/libc/gen/setmode.3 diff -u src/lib/libc/gen/setmode.3:1.22 src/lib/libc/gen/setmode.3:1.23 --- src/lib/libc/gen/setmode.3:1.22 Mon Jul 3 17:32:49 2017 +++ src/lib/libc/gen/setmode.3 Sat Mar 12 12:31:39 2022 @@ -1,4 +1,4 @@ -.\" $NetBSD: setmode.3,v 1.22 2017/07/03 21:32:49 wiz Exp $ +.\" $NetBSD: setmode.3,v 1.23 2022/03/12 17:31:39 christos Exp $ .\" .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" @(#)setmode.3 8.2 (Berkeley) 4/28/95 .\" -.Dd January 4, 2009 +.Dd March 12, 2022 .Dt SETMODE 3 .Os .Sh NAME @@ -111,7 +111,7 @@ function may fail and set .Va errno for any of the errors specified for the library routines -.Xr malloc 3 +.Xr reallocarr 3 or .Xr strtol 3 . In addition, Index: src/lib/libc/gen/setmode.c diff -u src/lib/libc/gen/
CVS commit: src/lib/libc
Module Name:src Committed By: christos Date: Sat Mar 12 17:31:40 UTC 2022 Modified Files: src/lib/libc/gen: fts.c scandir.c setmode.3 setmode.c stringlist.c src/lib/libc/net: getprotoent_r.c getservent_r.c src/lib/libc/stdio: vfwprintf.c src/lib/libc/stdlib: _env.c hcreate.c radixsort.c src/lib/libc/string: wcsdup.c Log Message: reallocarr returns errno. preserve it. To generate a diff of this commit: cvs rdiff -u -r1.50 -r1.51 src/lib/libc/gen/fts.c cvs rdiff -u -r1.29 -r1.30 src/lib/libc/gen/scandir.c cvs rdiff -u -r1.22 -r1.23 src/lib/libc/gen/setmode.3 cvs rdiff -u -r1.36 -r1.37 src/lib/libc/gen/setmode.c cvs rdiff -u -r1.14 -r1.15 src/lib/libc/gen/stringlist.c cvs rdiff -u -r1.7 -r1.8 src/lib/libc/net/getprotoent_r.c cvs rdiff -u -r1.12 -r1.13 src/lib/libc/net/getservent_r.c cvs rdiff -u -r1.37 -r1.38 src/lib/libc/stdio/vfwprintf.c cvs rdiff -u -r1.12 -r1.13 src/lib/libc/stdlib/_env.c cvs rdiff -u -r1.11 -r1.12 src/lib/libc/stdlib/hcreate.c cvs rdiff -u -r1.21 -r1.22 src/lib/libc/stdlib/radixsort.c cvs rdiff -u -r1.5 -r1.6 src/lib/libc/string/wcsdup.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:27:50 UTC 2022 Modified Files: src/sys/dev: ccd.c Log Message: ccd(4): Only pathbuf_destroy if pathbuf_copyin succeeded. Reported-by: syzbot+a46aadc788a80afc8...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.186 -r1.187 src/sys/dev/ccd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/ccd.c diff -u src/sys/dev/ccd.c:1.186 src/sys/dev/ccd.c:1.187 --- src/sys/dev/ccd.c:1.186 Fri Feb 11 23:20:09 2022 +++ src/sys/dev/ccd.c Sat Mar 12 17:27:50 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ccd.c,v 1.186 2022/02/11 23:20:09 riastradh Exp $ */ +/* $NetBSD: ccd.c,v 1.187 2022/03/12 17:27:50 riastradh Exp $ */ /*- * Copyright (c) 1996, 1997, 1998, 1999, 2007, 2009 The NetBSD Foundation, Inc. @@ -88,7 +88,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ccd.c,v 1.186 2022/02/11 23:20:09 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ccd.c,v 1.187 2022/03/12 17:27:50 riastradh Exp $"); #include #include @@ -1313,8 +1313,8 @@ ccdioctl(dev_t dev, u_long cmd, void *da error = pathbuf_copyin(cpp[i], &pb); if (error == 0) { error = vn_bdev_openpath(pb, &vpp[i], l); +pathbuf_destroy(pb); } - pathbuf_destroy(pb); if (error != 0) { for (j = 0; j < lookedup; ++j) (void)vn_close(vpp[j], FREAD|FWRITE,
CVS commit: src/sys/dev
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:27:50 UTC 2022 Modified Files: src/sys/dev: ccd.c Log Message: ccd(4): Only pathbuf_destroy if pathbuf_copyin succeeded. Reported-by: syzbot+a46aadc788a80afc8...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.186 -r1.187 src/sys/dev/ccd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:23:33 UTC 2022 Modified Files: src/sys/net: bpf.c Log Message: bpf(4): Nix KM_NOSLEEP and prune dead branch. https://syzkaller.appspot.com/bug?id=0fa7029d5565d9670a24c364d44bd116c76d7e7f To generate a diff of this commit: cvs rdiff -u -r1.244 -r1.245 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/bpf.c diff -u src/sys/net/bpf.c:1.244 src/sys/net/bpf.c:1.245 --- src/sys/net/bpf.c:1.244 Sat Mar 12 16:19:08 2022 +++ src/sys/net/bpf.c Sat Mar 12 17:23:32 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: bpf.c,v 1.244 2022/03/12 16:19:08 riastradh Exp $ */ +/* $NetBSD: bpf.c,v 1.245 2022/03/12 17:23:32 riastradh Exp $ */ /* * Copyright (c) 1990, 1991, 1993 @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.244 2022/03/12 16:19:08 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.245 2022/03/12 17:23:32 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_bpf.h" @@ -2136,9 +2136,8 @@ static void _bpfattach(struct ifnet *ifp, u_int dlt, u_int hdrlen, struct bpf_if **driverp) { struct bpf_if *bp; - bp = kmem_alloc(sizeof(*bp), KM_NOSLEEP); - if (bp == NULL) - panic("%s: out of memory", __func__); + + bp = kmem_alloc(sizeof(*bp), KM_SLEEP); mutex_enter(&bpf_mtx); bp->bif_driverp = driverp;
CVS commit: src/sys/net
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:23:33 UTC 2022 Modified Files: src/sys/net: bpf.c Log Message: bpf(4): Nix KM_NOSLEEP and prune dead branch. https://syzkaller.appspot.com/bug?id=0fa7029d5565d9670a24c364d44bd116c76d7e7f To generate a diff of this commit: cvs rdiff -u -r1.244 -r1.245 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/opencrypto
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:15:04 UTC 2022 Modified Files: src/sys/opencrypto: ocryptodev.c Log Message: crypto(4): Refuse count>1 for old CIOCNCRYPTM. This hasn't worked since it was written in 2009; if anyone cared surely they would have fixed it by now! (Fixing this properly -- and putting a more reasonable upper bound than the maximum that size_t arithmetic allows -- left as an exercise or the reader.) Reported-by: syzbot+798d4a16bc15ae885...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/sys/opencrypto/ocryptodev.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/opencrypto
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:15:04 UTC 2022 Modified Files: src/sys/opencrypto: ocryptodev.c Log Message: crypto(4): Refuse count>1 for old CIOCNCRYPTM. This hasn't worked since it was written in 2009; if anyone cared surely they would have fixed it by now! (Fixing this properly -- and putting a more reasonable upper bound than the maximum that size_t arithmetic allows -- left as an exercise or the reader.) Reported-by: syzbot+798d4a16bc15ae885...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/sys/opencrypto/ocryptodev.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/opencrypto/ocryptodev.c diff -u src/sys/opencrypto/ocryptodev.c:1.16 src/sys/opencrypto/ocryptodev.c:1.17 --- src/sys/opencrypto/ocryptodev.c:1.16 Mon Jan 27 17:09:17 2020 +++ src/sys/opencrypto/ocryptodev.c Sat Mar 12 17:15:04 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ocryptodev.c,v 1.16 2020/01/27 17:09:17 pgoyette Exp $ */ +/* $NetBSD: ocryptodev.c,v 1.17 2022/03/12 17:15:04 riastradh Exp $ */ /* $FreeBSD: src/sys/opencrypto/cryptodev.c,v 1.4.2.4 2003/06/03 00:09:02 sam Exp $ */ /* $OpenBSD: cryptodev.c,v 1.53 2002/07/10 22:21:30 mickey Exp $ */ @@ -69,7 +69,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ocryptodev.c,v 1.16 2020/01/27 17:09:17 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ocryptodev.c,v 1.17 2022/03/12 17:15:04 riastradh Exp $"); #include #include @@ -167,8 +167,7 @@ mbail: break; case OCIOCNCRYPTM: omop = (struct ocrypt_mop *)data; - if ((omop->count <= 0) || - (SIZE_MAX/sizeof(struct ocrypt_n_op) <= omop->count)) { + if (omop->count <= 0 || omop->count > 1) { error = EINVAL; break; }
CVS commit: src/sys/dev/pad
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:07:10 UTC 2022 Modified Files: src/sys/dev/pad: pad.c Log Message: pad(4): Do harmless, not harmful, integer truncation. Reported-by: syzbot+917ff3551897f1a99...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/sys/dev/pad/pad.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/pad
Module Name:src Committed By: riastradh Date: Sat Mar 12 17:07:10 UTC 2022 Modified Files: src/sys/dev/pad: pad.c Log Message: pad(4): Do harmless, not harmful, integer truncation. Reported-by: syzbot+917ff3551897f1a99...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/sys/dev/pad/pad.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pad/pad.c diff -u src/sys/dev/pad/pad.c:1.75 src/sys/dev/pad/pad.c:1.76 --- src/sys/dev/pad/pad.c:1.75 Mon Jun 14 18:44:53 2021 +++ src/sys/dev/pad/pad.c Sat Mar 12 17:07:10 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: pad.c,v 1.75 2021/06/14 18:44:53 riastradh Exp $ */ +/* $NetBSD: pad.c,v 1.76 2022/03/12 17:07:10 riastradh Exp $ */ /*- * Copyright (c) 2007 Jared D. McNeill @@ -27,7 +27,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: pad.c,v 1.75 2021/06/14 18:44:53 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pad.c,v 1.76 2022/03/12 17:07:10 riastradh Exp $"); #include #include @@ -506,7 +506,7 @@ pad_read(struct pad_softc *sc, off_t *of DPRINTF("%s: resid=%zu\n", __func__, uio->uio_resid); while (uio->uio_resid > 0) { mutex_enter(&sc->sc_intr_lock); - err = pad_get_block(sc, &pb, uio->uio_resid); + err = pad_get_block(sc, &pb, MIN(uio->uio_resid, INT_MAX)); mutex_exit(&sc->sc_intr_lock); if (err) break;
CVS commit: src/sys/dev/scsipi
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:57:16 UTC 2022 Modified Files: src/sys/dev/scsipi: scsiconf.c Log Message: scsi(9): Handle bogus number of LUNs in SCSI_REPORT_LUNS. Reported-by: syzbot+76ef9084533d4bcce...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.299 -r1.300 src/sys/dev/scsipi/scsiconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/scsipi/scsiconf.c diff -u src/sys/dev/scsipi/scsiconf.c:1.299 src/sys/dev/scsipi/scsiconf.c:1.300 --- src/sys/dev/scsipi/scsiconf.c:1.299 Sat Mar 12 15:32:32 2022 +++ src/sys/dev/scsipi/scsiconf.c Sat Mar 12 16:57:15 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: scsiconf.c,v 1.299 2022/03/12 15:32:32 riastradh Exp $ */ +/* $NetBSD: scsiconf.c,v 1.300 2022/03/12 16:57:15 riastradh Exp $ */ /*- * Copyright (c) 1998, 1999, 2004 The NetBSD Foundation, Inc. @@ -48,7 +48,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: scsiconf.c,v 1.299 2022/03/12 15:32:32 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: scsiconf.c,v 1.300 2022/03/12 16:57:15 riastradh Exp $"); #include #include @@ -400,7 +400,7 @@ scsi_report_luns(struct scsibus_softc *s uint16_t tmp; int error; - size_t i, rlrlen; + size_t i, rlrlen, rlrlenmin; memset(&replun, 0, sizeof(replun)); @@ -421,7 +421,7 @@ scsi_report_luns(struct scsibus_softc *s goto end2; } - rlrlen = sizeof(*rlr) + sizeof(*lunp) * 1; + rlrlen = rlrlenmin = sizeof(*rlr) + sizeof(*lunp) * 1; again: rlr = kmem_zalloc(rlrlen, KM_SLEEP); @@ -443,6 +443,10 @@ again: 16383 * sizeof(*lunp)); kmem_free(rlr, old_rlrlen); rlr = NULL; + if (rlrlen < rlrlenmin) { + error = EIO; + goto end; + } goto again; }
CVS commit: src/sys/dev/scsipi
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:57:16 UTC 2022 Modified Files: src/sys/dev/scsipi: scsiconf.c Log Message: scsi(9): Handle bogus number of LUNs in SCSI_REPORT_LUNS. Reported-by: syzbot+76ef9084533d4bcce...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.299 -r1.300 src/sys/dev/scsipi/scsiconf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:54:17 UTC 2022 Modified Files: src/sys/kern: subr_kmem.c Log Message: kmem(9): Make kmem_alloc and kmem_free agree about rejecting zero. Let's do both as KASSERT, unless there's a good reason to make them both do an unconditional if/panic even in release builds. To generate a diff of this commit: cvs rdiff -u -r1.82 -r1.83 src/sys/kern/subr_kmem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/subr_kmem.c diff -u src/sys/kern/subr_kmem.c:1.82 src/sys/kern/subr_kmem.c:1.83 --- src/sys/kern/subr_kmem.c:1.82 Sat Feb 6 13:54:48 2021 +++ src/sys/kern/subr_kmem.c Sat Mar 12 16:54:17 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_kmem.c,v 1.82 2021/02/06 13:54:48 joerg Exp $ */ +/* $NetBSD: subr_kmem.c,v 1.83 2022/03/12 16:54:17 riastradh Exp $ */ /* * Copyright (c) 2009-2020 The NetBSD Foundation, Inc. @@ -78,7 +78,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: subr_kmem.c,v 1.82 2021/02/06 13:54:48 joerg Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_kmem.c,v 1.83 2022/03/12 16:54:17 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_kmem.h" @@ -258,9 +258,7 @@ kmem_intr_free(void *p, size_t requested pool_cache_t pc; KASSERT(p != NULL); - if (__predict_false(requested_size == 0)) { - panic("%s: zero size with pointer %p", __func__, p); - } + KASSERT(requested_size > 0); kasan_add_redzone(&requested_size); size = kmem_roundup_size(requested_size);
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:54:17 UTC 2022 Modified Files: src/sys/kern: subr_kmem.c Log Message: kmem(9): Make kmem_alloc and kmem_free agree about rejecting zero. Let's do both as KASSERT, unless there's a good reason to make them both do an unconditional if/panic even in release builds. To generate a diff of this commit: cvs rdiff -u -r1.82 -r1.83 src/sys/kern/subr_kmem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:51:10 UTC 2022 Modified Files: src/sys/dev/usb: uvideo.c Log Message: uvideo(4): Use kmem_zalloc, not kmem_alloc and memset. To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/sys/dev/usb/uvideo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/usb/uvideo.c diff -u src/sys/dev/usb/uvideo.c:1.69 src/sys/dev/usb/uvideo.c:1.70 --- src/sys/dev/usb/uvideo.c:1.69 Thu Mar 3 06:23:25 2022 +++ src/sys/dev/usb/uvideo.c Sat Mar 12 16:51:10 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: uvideo.c,v 1.69 2022/03/03 06:23:25 riastradh Exp $ */ +/* $NetBSD: uvideo.c,v 1.70 2022/03/12 16:51:10 riastradh Exp $ */ /* * Copyright (c) 2008 Patrick Mahoney @@ -42,7 +42,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: uvideo.c,v 1.69 2022/03/03 06:23:25 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uvideo.c,v 1.70 2022/03/12 16:51:10 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_usb.h" @@ -851,7 +851,7 @@ uvideo_unit_alloc(const uvideo_descripto if (desc->bDescriptorType != UDESC_CS_INTERFACE) return NULL; - vu = kmem_alloc(sizeof(*vu), KM_SLEEP); + vu = kmem_zalloc(sizeof(*vu), KM_SLEEP); err = uvideo_unit_init(vu, desc); if (err != USBD_NORMAL_COMPLETION) { DPRINTF(("uvideo_unit_alloc: error initializing unit: " @@ -875,8 +875,6 @@ uvideo_unit_init(struct uvideo_unit *vu, const uvideo_processing_unit_descriptor_t *processing; const uvideo_extension_unit_descriptor_t *extension; - memset(vu, 0, sizeof(*vu)); - switch (desc->bDescriptorSubtype) { case UDESC_INPUT_TERMINAL: if (desc->bLength < sizeof(*input))
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:51:10 UTC 2022 Modified Files: src/sys/dev/usb: uvideo.c Log Message: uvideo(4): Use kmem_zalloc, not kmem_alloc and memset. To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/sys/dev/usb/uvideo.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:46:57 UTC 2022 Modified Files: src/sys/kern: kern_time.c Log Message: kern: Clamp time_adjtime to avoid overflow. Reported-by: syzbot+7edce1a31dfd2a5ea...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.211 -r1.212 src/sys/kern/kern_time.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_time.c diff -u src/sys/kern/kern_time.c:1.211 src/sys/kern/kern_time.c:1.212 --- src/sys/kern/kern_time.c:1.211 Sat Apr 3 12:57:21 2021 +++ src/sys/kern/kern_time.c Sat Mar 12 16:46:57 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_time.c,v 1.211 2021/04/03 12:57:21 simonb Exp $ */ +/* $NetBSD: kern_time.c,v 1.212 2022/03/12 16:46:57 riastradh Exp $ */ /*- * Copyright (c) 2000, 2004, 2005, 2007, 2008, 2009, 2020 @@ -62,7 +62,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.211 2021/04/03 12:57:21 simonb Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_time.c,v 1.212 2022/03/12 16:46:57 riastradh Exp $"); #include #include @@ -610,10 +610,19 @@ adjtime1(const struct timeval *delta, st } mutex_spin_exit(&timecounter_lock); } - + if (delta) { mutex_spin_enter(&timecounter_lock); - time_adjtime = delta->tv_sec * 100 + delta->tv_usec; + /* + * XXX This should maybe just report failure to + * userland for nonsense deltas. + */ + if (delta->tv_sec > INT64_MAX/100 - 1) { + time_adjtime = INT64_MAX; + } else { + time_adjtime = MAX(0, delta->tv_sec) * 100 + + MAX(0, MIN(99, delta->tv_usec)); + } if (time_adjtime) { /* We need to save the system time during shutdown */
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:46:57 UTC 2022 Modified Files: src/sys/kern: kern_time.c Log Message: kern: Clamp time_adjtime to avoid overflow. Reported-by: syzbot+7edce1a31dfd2a5ea...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.211 -r1.212 src/sys/kern/kern_time.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc
Brad Spencer writes: > What is referred to here is a specific ZFS idea and should not be > confused with any sort of global notion. Specifically, ZFS, by default > and in common use, does not use anything like a /etc/fstab or > /etc/vfstab to specify where the filesets get mounted. It also does not > usually use the usual mount command either to mount them, although that > would work in Solaris if I remember correctly (at least in some cases). > What happens is that the mount point is specified in the fileset meta > data and "zfs mount " takes care of getting it mounted. If you > wanted to use /etc/fstab or /etc/vfstab with ZFS you need to mark the > mountpoint in the fileset as being legacy, then you could fill in your > /etc/... files as you wanted. This, of course, strongly suggests that > Sun was going to make all of the other filesystems except ZFS second > class, but Sun fell apart before that really progressed to anything > final and Oracle never really ran to that conclusion either. No one is Somehow I am not shocked that this usage (by Sun) had that lurking. > at all suggesting that any filesystem become second class in the NetBSD > realization of ZFS. > > So the term legacy when speaking of ZFS is used to refer to a filesystem > that uses whatever /etc/... files you use and uses the usual mount > command. Thanks, and Taylor also sent me a clue privately.A superceding comment by me crossed in the mail. signature.asc Description: PGP signature
Re: CVS commit: src/etc
I apologize for failing to understand "zfs legacy mount" and incorrectly associating it with how I usually encounter the word legacy. I now understand that you meant to separate: zfs's preferred path of having mountpoints stored as volume properties, which is a different way of specifying what is mounted where than everything else, but makes sense in a world with many zfs volumes having a zfs volume where instead of the normal zfs way, there is an fstab entry So having re-thought I would say: It makes sense to have a boolean "critical" property (the name you suggested is fine) for zfs volumes that specify a mount point, so that such volumes would be mounted in mountcritlocal. I am 100% happy for someone to add that and see no big problems. It makes sense to just put zfs volume mountpoints in critical_filesystems_local, if those volumes use the fstab method instead of mountpoint properties (i.e., are "zfs legacy mounts"). I think this is tricky if there are multiple pools and some don't come up. But I think it's ok if the main path is that one should have all critical zfs filesytems on the same pool as root, with root on zfs. With root not on zfs but say /usr and /var on zfs, there needs to be some way for the boot to fail if they aren't mountable, just like if they were in fstab, if the pool doesn't attach and thus the critical variable aren't readable. That might mean "if root is not zfs, and something in critical_fileystems_{local,remote} is in zfs, then those things have to use zfs legacy mounts". It might mean having "critical_zfs_pools_{local,remote}" which will fail the boot if they are not attached at the mountcritlocal/mountcritremote stage, so that the critical properties are reliably there. I am opposed to deciding that all zfs filesystems should be treated as critical (in a world where we have not abolished the notion). We could have a discussion about why we even have the concept of critical filesystems, but if so that should not be about zfs and should be in a new thread on tech-userlevel. And, I think it really isn't strongly releated to this discussion. for background, I used to understand the critical filesystem scheme better, but I'll briefly say (projecting to modern rc.d) that I think it's about sequencing getting enough filesystems mounted to be able to hit the NETWORKING rc.d barrier. Consider a diskless workstation with separate / and /usr (because /usr is shared across all 10 Sun 3/50s :-) that also needs to mount some other filesystem from a server beyond the LAN, which requires running routed. Sorry if that gives yuo bad flashbacks to the 80s :-) In modern NetBSD I put /var and /usr in critical_fileystems_local, because I want route6d to start, and that's in /usr/sbin. Arguably route6d should be in /sbin, or NETWORKING should be split into things needed to talk to the local link vs the broader network, but I have avoided digging in because adding a line to rc.conf is easy, and moving route6d would be actual work. Greg signature.asc Description: PGP signature
CVS commit: src/sys/net
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:19:08 UTC 2022 Modified Files: src/sys/net: bpf.c Log Message: bpf(4): Clamp read timeout to INT_MAX ticks to avoid overflow. Reported-by: syzbot+c543d35064d3492b9...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.243 -r1.244 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/net
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:19:08 UTC 2022 Modified Files: src/sys/net: bpf.c Log Message: bpf(4): Clamp read timeout to INT_MAX ticks to avoid overflow. Reported-by: syzbot+c543d35064d3492b9...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.243 -r1.244 src/sys/net/bpf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/bpf.c diff -u src/sys/net/bpf.c:1.243 src/sys/net/bpf.c:1.244 --- src/sys/net/bpf.c:1.243 Sun Sep 26 01:16:10 2021 +++ src/sys/net/bpf.c Sat Mar 12 16:19:08 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: bpf.c,v 1.243 2021/09/26 01:16:10 thorpej Exp $ */ +/* $NetBSD: bpf.c,v 1.244 2022/03/12 16:19:08 riastradh Exp $ */ /* * Copyright (c) 1990, 1991, 1993 @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.243 2021/09/26 01:16:10 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: bpf.c,v 1.244 2022/03/12 16:19:08 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_bpf.h" @@ -1152,7 +1152,12 @@ bpf_ioctl(struct file *fp, u_long cmd, v struct timeval *tv = addr; /* Compute number of ticks. */ - d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; + if (tv->tv_sec > INT_MAX/hz - 1) { +d->bd_rtout = INT_MAX; + } else { +d->bd_rtout = tv->tv_sec * hz ++ tv->tv_usec / tick; + } if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) d->bd_rtout = 1; break; @@ -1181,7 +1186,12 @@ bpf_ioctl(struct file *fp, u_long cmd, v struct timeval50 *tv = addr; /* Compute number of ticks. */ - d->bd_rtout = tv->tv_sec * hz + tv->tv_usec / tick; + if (tv->tv_sec > INT_MAX/hz - 1) { +d->bd_rtout = INT_MAX; + } else { +d->bd_rtout = tv->tv_sec * hz ++ tv->tv_usec / tick; + } if ((d->bd_rtout == 0) && (tv->tv_usec != 0)) d->bd_rtout = 1; break;
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:06:15 UTC 2022 Modified Files: src/sys/kern: uipc_socket.c Log Message: kern: m_copym(M_DONTWAIT) can fail; handle that case gracefully. Not sure if this should truncate the result or just fail with nonzero error code (ENOBUFS?). Feel free to change this the other way if you know better! Reported-by: syzbot+54c34f25d1e4124eb...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.300 -r1.301 src/sys/kern/uipc_socket.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/uipc_socket.c diff -u src/sys/kern/uipc_socket.c:1.300 src/sys/kern/uipc_socket.c:1.301 --- src/sys/kern/uipc_socket.c:1.300 Sat Oct 23 01:28:33 2021 +++ src/sys/kern/uipc_socket.c Sat Mar 12 16:06:15 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: uipc_socket.c,v 1.300 2021/10/23 01:28:33 thorpej Exp $ */ +/* $NetBSD: uipc_socket.c,v 1.301 2022/03/12 16:06:15 riastradh Exp $ */ /* * Copyright (c) 2002, 2007, 2008, 2009 The NetBSD Foundation, Inc. @@ -71,7 +71,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.300 2021/10/23 01:28:33 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: uipc_socket.c,v 1.301 2022/03/12 16:06:15 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_compat_netbsd.h" @@ -1367,7 +1367,8 @@ dontblock: if (flags & MSG_PEEK) { if (controlp != NULL) { *controlp = m_copym(m, 0, m->m_len, M_DONTWAIT); - controlp = &(*controlp)->m_next; + controlp = (*controlp == NULL ? NULL : + &(*controlp)->m_next); } m = m->m_next; } else {
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sat Mar 12 16:06:15 UTC 2022 Modified Files: src/sys/kern: uipc_socket.c Log Message: kern: m_copym(M_DONTWAIT) can fail; handle that case gracefully. Not sure if this should truncate the result or just fail with nonzero error code (ENOBUFS?). Feel free to change this the other way if you know better! Reported-by: syzbot+54c34f25d1e4124eb...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.300 -r1.301 src/sys/kern/uipc_socket.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/etc
Greg Troxel writes: [snip] > [I don't really know what you mean by legacy (other than non-zfs, but > you didn't say that, so perhaps you mean something different).] [snip] I am only going to speak to the use of "legacy" in this conversation. What is referred to here is a specific ZFS idea and should not be confused with any sort of global notion. Specifically, ZFS, by default and in common use, does not use anything like a /etc/fstab or /etc/vfstab to specify where the filesets get mounted. It also does not usually use the usual mount command either to mount them, although that would work in Solaris if I remember correctly (at least in some cases). What happens is that the mount point is specified in the fileset meta data and "zfs mount " takes care of getting it mounted. If you wanted to use /etc/fstab or /etc/vfstab with ZFS you need to mark the mountpoint in the fileset as being legacy, then you could fill in your /etc/... files as you wanted. This, of course, strongly suggests that Sun was going to make all of the other filesystems except ZFS second class, but Sun fell apart before that really progressed to anything final and Oracle never really ran to that conclusion either. No one is at all suggesting that any filesystem become second class in the NetBSD realization of ZFS. So the term legacy when speaking of ZFS is used to refer to a filesystem that uses whatever /etc/... files you use and uses the usual mount command. -- Brad Spencer - b...@anduin.eldar.org - KC8VKS - http://anduin.eldar.org
CVS commit: src/sys/compat/common
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:54:24 UTC 2022 Modified Files: src/sys/compat/common: vfs_syscalls_30.c Log Message: compat_30: Avoid what might be technically undefined behaviour. Not sure advancing a user pointer by one for the purpose of making an equality test fail later on is actually likely to be a problem, but let's just pacify the sanitizer. Reported-by: syzbot+758b18164c5c444f4...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 src/sys/compat/common/vfs_syscalls_30.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/common/vfs_syscalls_30.c diff -u src/sys/compat/common/vfs_syscalls_30.c:1.43 src/sys/compat/common/vfs_syscalls_30.c:1.44 --- src/sys/compat/common/vfs_syscalls_30.c:1.43 Tue Sep 7 11:43:02 2021 +++ src/sys/compat/common/vfs_syscalls_30.c Sat Mar 12 15:54:23 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls_30.c,v 1.43 2021/09/07 11:43:02 riastradh Exp $ */ +/* $NetBSD: vfs_syscalls_30.c,v 1.44 2022/03/12 15:54:23 riastradh Exp $ */ /*- * Copyright (c) 2005, 2008 The NetBSD Foundation, Inc. @@ -29,7 +29,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.43 2021/09/07 11:43:02 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_30.c,v 1.44 2022/03/12 15:54:23 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_compat_netbsd.h" @@ -219,6 +219,7 @@ compat_30_sys_getdents(struct lwp *l, int buflen, error, eofflag; off_t *cookiebuf = NULL, *cookie; int ncookies; + bool any = false; /* fd_getvnode() will use the descriptor for us */ if ((error = fd_getvnode(SCARG(uap, fd), &fp)) != 0) @@ -285,7 +286,7 @@ again: idb.d_reclen = _DIRENT_SIZE(&idb); if (reclen > len || resid < idb.d_reclen) { /* entry too big for buffer, so just stop */ - outp++; + any = true; break; } /* @@ -305,10 +306,11 @@ again: /* advance output past NetBSD-3.0-shaped entry */ outp += idb.d_reclen; resid -= idb.d_reclen; + any = true; } /* if we squished out the whole block, try again */ - if (outp == SCARG(uap, buf)) { + if (any) { if (cookiebuf) free(cookiebuf, M_TEMP); cookiebuf = NULL;
CVS commit: src/sys/compat/common
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:54:24 UTC 2022 Modified Files: src/sys/compat/common: vfs_syscalls_30.c Log Message: compat_30: Avoid what might be technically undefined behaviour. Not sure advancing a user pointer by one for the purpose of making an equality test fail later on is actually likely to be a problem, but let's just pacify the sanitizer. Reported-by: syzbot+758b18164c5c444f4...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.43 -r1.44 src/sys/compat/common/vfs_syscalls_30.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:50:53 UTC 2022 Modified Files: src/sys/arch/x86/x86: syscall.c Log Message: x86: Provide better attribution for syscall biglock slippage. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/sys/arch/x86/x86/syscall.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/syscall.c diff -u src/sys/arch/x86/x86/syscall.c:1.19 src/sys/arch/x86/x86/syscall.c:1.20 --- src/sys/arch/x86/x86/syscall.c:1.19 Thu Oct 7 12:52:27 2021 +++ src/sys/arch/x86/x86/syscall.c Sat Mar 12 15:50:53 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: syscall.c,v 1.19 2021/10/07 12:52:27 msaitoh Exp $ */ +/* $NetBSD: syscall.c,v 1.20 2022/03/12 15:50:53 riastradh Exp $ */ /*- * Copyright (c) 1998, 2000, 2009 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: syscall.c,v 1.19 2021/10/07 12:52:27 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: syscall.c,v 1.20 2022/03/12 15:50:53 riastradh Exp $"); #include #include @@ -136,6 +136,13 @@ syscall(struct trapframe *frame) } #endif error = sy_invoke(callp, l, args, rval, code); +#ifdef DIAGNOSTIC + kpreempt_disable(); /* make curcpu() stable */ + KASSERTMSG(curcpu()->ci_biglock_count == 0, + "syscall %ld of emul %s leaked %d kernel locks", + (long)code, p->p_emul->e_name, curcpu()->ci_biglock_count); + kpreempt_enable(); +#endif if (__predict_true(error == 0)) { X86_TF_RAX(frame) = rval[0];
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:50:53 UTC 2022 Modified Files: src/sys/arch/x86/x86: syscall.c Log Message: x86: Provide better attribution for syscall biglock slippage. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 src/sys/arch/x86/x86/syscall.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/x86
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:50:45 UTC 2022 Modified Files: src/sys/arch/x86/include: intr.h src/sys/arch/x86/x86: intr.c Log Message: x86: Check for biglock leakage in interrupt handlers. To generate a diff of this commit: cvs rdiff -u -r1.62 -r1.63 src/sys/arch/x86/include/intr.h cvs rdiff -u -r1.159 -r1.160 src/sys/arch/x86/x86/intr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/include/intr.h diff -u src/sys/arch/x86/include/intr.h:1.62 src/sys/arch/x86/include/intr.h:1.63 --- src/sys/arch/x86/include/intr.h:1.62 Sat Apr 25 15:26:18 2020 +++ src/sys/arch/x86/include/intr.h Sat Mar 12 15:50:44 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: intr.h,v 1.62 2020/04/25 15:26:18 bouyer Exp $ */ +/* $NetBSD: intr.h,v 1.63 2022/03/12 15:50:44 riastradh Exp $ */ /*- * Copyright (c) 1998, 2001, 2006, 2007, 2008, 2019 The NetBSD Foundation, Inc. @@ -145,6 +145,7 @@ struct intrhand { struct intrhand *ih_evt_next; #endif struct cpu_info *ih_cpu; + char ih_xname[INTRDEVNAMEBUF]; }; #define IMASK(ci,level) (ci)->ci_imask[(level)] Index: src/sys/arch/x86/x86/intr.c diff -u src/sys/arch/x86/x86/intr.c:1.159 src/sys/arch/x86/x86/intr.c:1.160 --- src/sys/arch/x86/x86/intr.c:1.159 Thu Dec 23 02:45:43 2021 +++ src/sys/arch/x86/x86/intr.c Sat Mar 12 15:50:45 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: intr.c,v 1.159 2021/12/23 02:45:43 yamaguchi Exp $ */ +/* $NetBSD: intr.c,v 1.160 2022/03/12 15:50:45 riastradh Exp $ */ /* * Copyright (c) 2007, 2008, 2009, 2019 The NetBSD Foundation, Inc. @@ -133,7 +133,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: intr.c,v 1.159 2021/12/23 02:45:43 yamaguchi Exp $"); +__KERNEL_RCSID(0, "$NetBSD: intr.c,v 1.160 2022/03/12 15:50:45 riastradh Exp $"); #include "opt_intrdebug.h" #include "opt_multiprocessor.h" @@ -653,11 +653,16 @@ static int intr_biglock_wrapper(void *vp) { struct intrhand *ih = vp; + int locks; int ret; KERNEL_LOCK(1, NULL); + locks = curcpu()->ci_biglock_count; ret = (*ih->ih_realfun)(ih->ih_realarg); + KASSERTMSG(locks == curcpu()->ci_biglock_count, + "%s @ %p slipped locks %d -> %d", + ih->ih_xname, ih->ih_realfun, locks, curcpu()->ci_biglock_count); KERNEL_UNLOCK_ONE(NULL); @@ -904,6 +909,7 @@ intr_establish_xname(int legacy_irq, str ih->ih_pin = pin; ih->ih_cpu = ci; ih->ih_slot = slot; + strlcpy(ih->ih_xname, xname, sizeof(ih->ih_xname)); #ifdef MULTIPROCESSOR if (!mpsafe) { ih->ih_fun = intr_biglock_wrapper;
CVS commit: src/sys/arch/x86
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:50:45 UTC 2022 Modified Files: src/sys/arch/x86/include: intr.h src/sys/arch/x86/x86: intr.c Log Message: x86: Check for biglock leakage in interrupt handlers. To generate a diff of this commit: cvs rdiff -u -r1.62 -r1.63 src/sys/arch/x86/include/intr.h cvs rdiff -u -r1.159 -r1.160 src/sys/arch/x86/x86/intr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/ufs/ffs
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:36:53 UTC 2022 Modified Files: src/sys/ufs/ffs: ffs_vfsops.c Log Message: ffs: Fix 64-bit inode integer truncation. Reported-by: syzbot+1ae93e092d532582b...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.373 -r1.374 src/sys/ufs/ffs/ffs_vfsops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/ufs/ffs/ffs_vfsops.c diff -u src/sys/ufs/ffs/ffs_vfsops.c:1.373 src/sys/ufs/ffs/ffs_vfsops.c:1.374 --- src/sys/ufs/ffs/ffs_vfsops.c:1.373 Sat Sep 18 03:05:20 2021 +++ src/sys/ufs/ffs/ffs_vfsops.c Sat Mar 12 15:36:53 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: ffs_vfsops.c,v 1.373 2021/09/18 03:05:20 christos Exp $ */ +/* $NetBSD: ffs_vfsops.c,v 1.374 2022/03/12 15:36:53 riastradh Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.373 2021/09/18 03:05:20 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.374 2022/03/12 15:36:53 riastradh Exp $"); #if defined(_KERNEL_OPT) #include "opt_ffs.h" @@ -190,7 +190,7 @@ static const struct ufs_ops ffs_ufsops = }; static int -ffs_checkrange(struct mount *mp, uint32_t ino) +ffs_checkrange(struct mount *mp, ino_t ino) { struct fs *fs = VFSTOUFS(mp)->um_fs;
CVS commit: src/sys/ufs/ffs
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:36:53 UTC 2022 Modified Files: src/sys/ufs/ffs: ffs_vfsops.c Log Message: ffs: Fix 64-bit inode integer truncation. Reported-by: syzbot+1ae93e092d532582b...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.373 -r1.374 src/sys/ufs/ffs/ffs_vfsops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:32:33 UTC 2022 Modified Files: src/sys/arch/aarch64/aarch64: pmap.c src/sys/arch/alpha/alpha: pmap.c src/sys/arch/arm/arm32: pmap.c src/sys/arch/hppa/hppa: pmap.c src/sys/arch/ia64/ia64: pmap.c src/sys/arch/powerpc/oea: pmap.c src/sys/arch/sparc/sparc: pmap.c src/sys/arch/sparc64/sparc64: pmap.c src/sys/dev/hyperv: vmbus.c src/sys/dev/marvell: mvxpsec.c src/sys/dev/scsipi: atapiconf.c scsiconf.c scsipi_base.c src/sys/external/bsd/drm2/linux: linux_stop_machine.c src/sys/kern: kern_auth.c kern_exec.c kern_mutex_obj.c kern_resource.c kern_rwlock_obj.c kern_sig.c subr_kcpuset.c sys_futex.c uipc_mbuf.c vfs_cwd.c vfs_mount.c vfs_vnode.c vfs_wapbl.c src/sys/net: if.c src/sys/net/npf: npf_nat.c npf_rproc.c npf_tableset.c src/sys/uvm: uvm_aobj.c uvm_map.c src/sys/uvm/pmap: pmap.c Log Message: sys: Membar audit around reference count releases. If two threads are using an object that is freed when the reference count goes to zero, we need to ensure that all memory operations related to the object happen before freeing the object. Using an atomic_dec_uint_nv(&refcnt) == 0 ensures that only one thread takes responsibility for freeing, but it's not enough to ensure that the other thread's memory operations happen before the freeing. Consider: Thread AThread B obj->foo = 42; obj->baz = 73; mumble(&obj->bar); grumble(&obj->quux); /* membar_exit(); *//* membar_exit(); */ atomic_dec -- not last atomic_dec -- last /* membar_enter(); */ KASSERT(invariant(obj->foo, obj->bar)); free_stuff(obj); The memory barriers ensure that obj->foo = 42; mumble(&obj->bar); in thread A happens before KASSERT(invariant(obj->foo, obj->bar)); free_stuff(obj); in thread B. Without them, this ordering is not guaranteed. So in general it is necessary to do membar_exit(); if (atomic_dec_uint_nv(&obj->refcnt) != 0) return; membar_enter(); to release a reference, for the `last one out hit the lights' style of reference counting. (This is in contrast to the style where one thread blocks new references and then waits under a lock for existing ones to drain with a condvar -- no membar needed thanks to mutex(9).) I searched for atomic_dec to find all these. Obviously we ought to have a better abstraction for this because there's so much copypasta. This is a stop-gap measure to fix actual bugs until we have that. It would be nice if an abstraction could gracefully handle the different styles of reference counting in use -- some years ago I drafted an API for this, but making it cover everything got a little out of hand (particularly with struct vnode::v_usecount) and I ended up setting it aside to work on psref/localcount instead for better scalability. I got bored of adding #ifdef __HAVE_ATOMIC_AS_MEMBAR everywhere, so I only put it on things that look performance-critical on 5sec review. We should really adopt membar_enter_preatomic/membar_exit_postatomic or something (except they are applicable only to atomic r/m/w, not to atomic_load/store_*, making the naming annoying) and get rid of all the ifdefs. To generate a diff of this commit: cvs rdiff -u -r1.129 -r1.130 src/sys/arch/aarch64/aarch64/pmap.c cvs rdiff -u -r1.304 -r1.305 src/sys/arch/alpha/alpha/pmap.c cvs rdiff -u -r1.432 -r1.433 src/sys/arch/arm/arm32/pmap.c cvs rdiff -u -r1.114 -r1.115 src/sys/arch/hppa/hppa/pmap.c cvs rdiff -u -r1.40 -r1.41 src/sys/arch/ia64/ia64/pmap.c cvs rdiff -u -r1.111 -r1.112 src/sys/arch/powerpc/oea/pmap.c cvs rdiff -u -r1.375 -r1.376 src/sys/arch/sparc/sparc/pmap.c cvs rdiff -u -r1.313 -r1.314 src/sys/arch/sparc64/sparc64/pmap.c cvs rdiff -u -r1.15 -r1.16 src/sys/dev/hyperv/vmbus.c cvs rdiff -u -r1.10 -r1.11 src/sys/dev/marvell/mvxpsec.c cvs rdiff -u -r1.93 -r1.94 src/sys/dev/scsipi/atapiconf.c cvs rdiff -u -r1.298 -r1.299 src/sys/dev/scsipi/scsiconf.c cvs rdiff -u -r1.187 -r1.188 src/sys/dev/scsipi/scsipi_base.c cvs rdiff -u -r1.2 -r1.3 src/sys/external/bsd/drm2/linux/linux_stop_machine.c cvs rdiff -u -r1.78 -r1.79 src/sys/kern/kern_auth.c cvs rdiff -u -r1.515 -r1.516 src/sys/kern/kern_exec.c cvs rdiff -u -r1.7 -r1.8 src/sys/kern/kern_mutex_obj.c cvs rdiff -u -r1.187 -r1.188 src/sys/kern/kern_resource.c cvs rdiff -u -r1.5 -r1.6 src/sys/kern/kern_rwlock_obj.c cvs rdiff -u -r1.402 -r1.403 src/sys/kern/kern_sig.c cvs rdiff -u -r1.12 -r1.13 src/sys/kern/subr_kcpuset.c cvs rdiff -u -r1.15 -r1.16 src/sys/kern/sys_futex.c cvs rdiff -u -r1.244 -r1.245 src/sys/kern/uipc_mbuf.
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:32:33 UTC 2022 Modified Files: src/sys/arch/aarch64/aarch64: pmap.c src/sys/arch/alpha/alpha: pmap.c src/sys/arch/arm/arm32: pmap.c src/sys/arch/hppa/hppa: pmap.c src/sys/arch/ia64/ia64: pmap.c src/sys/arch/powerpc/oea: pmap.c src/sys/arch/sparc/sparc: pmap.c src/sys/arch/sparc64/sparc64: pmap.c src/sys/dev/hyperv: vmbus.c src/sys/dev/marvell: mvxpsec.c src/sys/dev/scsipi: atapiconf.c scsiconf.c scsipi_base.c src/sys/external/bsd/drm2/linux: linux_stop_machine.c src/sys/kern: kern_auth.c kern_exec.c kern_mutex_obj.c kern_resource.c kern_rwlock_obj.c kern_sig.c subr_kcpuset.c sys_futex.c uipc_mbuf.c vfs_cwd.c vfs_mount.c vfs_vnode.c vfs_wapbl.c src/sys/net: if.c src/sys/net/npf: npf_nat.c npf_rproc.c npf_tableset.c src/sys/uvm: uvm_aobj.c uvm_map.c src/sys/uvm/pmap: pmap.c Log Message: sys: Membar audit around reference count releases. If two threads are using an object that is freed when the reference count goes to zero, we need to ensure that all memory operations related to the object happen before freeing the object. Using an atomic_dec_uint_nv(&refcnt) == 0 ensures that only one thread takes responsibility for freeing, but it's not enough to ensure that the other thread's memory operations happen before the freeing. Consider: Thread AThread B obj->foo = 42; obj->baz = 73; mumble(&obj->bar); grumble(&obj->quux); /* membar_exit(); *//* membar_exit(); */ atomic_dec -- not last atomic_dec -- last /* membar_enter(); */ KASSERT(invariant(obj->foo, obj->bar)); free_stuff(obj); The memory barriers ensure that obj->foo = 42; mumble(&obj->bar); in thread A happens before KASSERT(invariant(obj->foo, obj->bar)); free_stuff(obj); in thread B. Without them, this ordering is not guaranteed. So in general it is necessary to do membar_exit(); if (atomic_dec_uint_nv(&obj->refcnt) != 0) return; membar_enter(); to release a reference, for the `last one out hit the lights' style of reference counting. (This is in contrast to the style where one thread blocks new references and then waits under a lock for existing ones to drain with a condvar -- no membar needed thanks to mutex(9).) I searched for atomic_dec to find all these. Obviously we ought to have a better abstraction for this because there's so much copypasta. This is a stop-gap measure to fix actual bugs until we have that. It would be nice if an abstraction could gracefully handle the different styles of reference counting in use -- some years ago I drafted an API for this, but making it cover everything got a little out of hand (particularly with struct vnode::v_usecount) and I ended up setting it aside to work on psref/localcount instead for better scalability. I got bored of adding #ifdef __HAVE_ATOMIC_AS_MEMBAR everywhere, so I only put it on things that look performance-critical on 5sec review. We should really adopt membar_enter_preatomic/membar_exit_postatomic or something (except they are applicable only to atomic r/m/w, not to atomic_load/store_*, making the naming annoying) and get rid of all the ifdefs. To generate a diff of this commit: cvs rdiff -u -r1.129 -r1.130 src/sys/arch/aarch64/aarch64/pmap.c cvs rdiff -u -r1.304 -r1.305 src/sys/arch/alpha/alpha/pmap.c cvs rdiff -u -r1.432 -r1.433 src/sys/arch/arm/arm32/pmap.c cvs rdiff -u -r1.114 -r1.115 src/sys/arch/hppa/hppa/pmap.c cvs rdiff -u -r1.40 -r1.41 src/sys/arch/ia64/ia64/pmap.c cvs rdiff -u -r1.111 -r1.112 src/sys/arch/powerpc/oea/pmap.c cvs rdiff -u -r1.375 -r1.376 src/sys/arch/sparc/sparc/pmap.c cvs rdiff -u -r1.313 -r1.314 src/sys/arch/sparc64/sparc64/pmap.c cvs rdiff -u -r1.15 -r1.16 src/sys/dev/hyperv/vmbus.c cvs rdiff -u -r1.10 -r1.11 src/sys/dev/marvell/mvxpsec.c cvs rdiff -u -r1.93 -r1.94 src/sys/dev/scsipi/atapiconf.c cvs rdiff -u -r1.298 -r1.299 src/sys/dev/scsipi/scsiconf.c cvs rdiff -u -r1.187 -r1.188 src/sys/dev/scsipi/scsipi_base.c cvs rdiff -u -r1.2 -r1.3 src/sys/external/bsd/drm2/linux/linux_stop_machine.c cvs rdiff -u -r1.78 -r1.79 src/sys/kern/kern_auth.c cvs rdiff -u -r1.515 -r1.516 src/sys/kern/kern_exec.c cvs rdiff -u -r1.7 -r1.8 src/sys/kern/kern_mutex_obj.c cvs rdiff -u -r1.187 -r1.188 src/sys/kern/kern_resource.c cvs rdiff -u -r1.5 -r1.6 src/sys/kern/kern_rwlock_obj.c cvs rdiff -u -r1.402 -r1.403 src/sys/kern/kern_sig.c cvs rdiff -u -r1.12 -r1.13 src/sys/kern/subr_kcpuset.c cvs rdiff -u -r1.15 -r1.16 src/sys/kern/sys_futex.c cvs rdiff -u -r1.244 -r1.245 src/sys/kern/uipc_mbuf.
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:30:51 UTC 2022 Modified Files: src/sys/dev/usb: vhci.c Log Message: vhci(4): Make vhci_usb_attach/detach return void. These never fail, so no need to return zero. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/sys/dev/usb/vhci.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/usb/vhci.c diff -u src/sys/dev/usb/vhci.c:1.26 src/sys/dev/usb/vhci.c:1.27 --- src/sys/dev/usb/vhci.c:1.26 Sat Mar 12 15:30:42 2022 +++ src/sys/dev/usb/vhci.c Sat Mar 12 15:30:51 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: vhci.c,v 1.26 2022/03/12 15:30:42 riastradh Exp $ */ +/* $NetBSD: vhci.c,v 1.27 2022/03/12 15:30:51 riastradh Exp $ */ /* * Copyright (c) 2019-2020 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: vhci.c,v 1.26 2022/03/12 15:30:42 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vhci.c,v 1.27 2022/03/12 15:30:51 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_usb.h" @@ -780,7 +780,7 @@ vhci_root_intr_done(struct usbd_xfer *xf /* -- */ -static int +static void vhci_usb_attach(vhci_fd_t *vfd) { vhci_softc_t *sc = vfd->softc; @@ -819,7 +819,6 @@ vhci_usb_attach(vhci_fd_t *vfd) done: mutex_exit(&sc->sc_lock); - return 0; } static void @@ -870,7 +869,7 @@ vhci_port_flush(vhci_softc_t *sc, vhci_p } } -static int +static void vhci_usb_detach(vhci_fd_t *vfd) { vhci_softc_t *sc = vfd->softc; @@ -909,7 +908,6 @@ vhci_usb_detach(vhci_fd_t *vfd) mutex_exit(&port->lock); done: mutex_exit(&sc->sc_lock); - return 0; } static int @@ -1019,11 +1017,9 @@ static int vhci_fd_close(file_t *fp) { vhci_fd_t *vfd = fp->f_data; - int ret __diagused; KASSERT(vfd != NULL); - ret = vhci_usb_detach(vfd); - KASSERT(ret == 0); + vhci_usb_detach(vfd); kmem_free(vfd, sizeof(*vfd)); fp->f_data = NULL; @@ -1198,9 +1194,11 @@ vhci_fd_ioctl(file_t *fp, u_long cmd, vo case VHCI_IOC_SET_ADDR: return vhci_set_addr(vfd, data); case VHCI_IOC_USB_ATTACH: - return vhci_usb_attach(vfd); + vhci_usb_attach(vfd); + return 0; case VHCI_IOC_USB_DETACH: - return vhci_usb_detach(vfd); + vhci_usb_detach(vfd); + return 0; default: return EINVAL; }
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:30:51 UTC 2022 Modified Files: src/sys/dev/usb: vhci.c Log Message: vhci(4): Make vhci_usb_attach/detach return void. These never fail, so no need to return zero. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/sys/dev/usb/vhci.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:30:42 UTC 2022 Modified Files: src/sys/dev/usb: vhci.c Log Message: vhci(4): Don't fail with ENOBUFS if no intrxfer is set up. uhub(4) will set up the intrxfer and query the current state at its leisure -- no need to treat racing with it as a failure. (If there's some reason the caller needs to know about this state, then (a) there should be a comment explaining why, and (b) the assertion in vhci_fd_close needs to change.) Should fix a host of syzbot crashes that were all tripping over the same assertion but with different gobbledegook on the console -- here's all the ones I found in a quick skim of the front page: Reported-by: syzbot+58b183ac688d656e1...@syzkaller.appspotmail.com Reported-by: syzbot+e7b0e904184aa2c18...@syzkaller.appspotmail.com Reported-by: syzbot+476b25a0a3655f356...@syzkaller.appspotmail.com Reported-by: syzbot+e5b69892daf87a746...@syzkaller.appspotmail.com Reported-by: syzbot+db7f0bc71c33a488d...@syzkaller.appspotmail.com Reported-by: syzbot+71d0e82df292c5673...@syzkaller.appspotmail.com Reported-by: syzbot+dbfaad061b2c909d6...@syzkaller.appspotmail.com Reported-by: syzbot+d8b90cead59b887fe...@syzkaller.appspotmail.com Reported-by: syzbot+ea147adc4461acb9f...@syzkaller.appspotmail.com Reported-by: syzbot+cb7239776d4f51c39...@syzkaller.appspotmail.com Reported-by: syzbot+ffbae2dd4d4a0196b...@syzkaller.appspotmail.com Reported-by: syzbot+95d4852ea931f775c...@syzkaller.appspotmail.com Reported-by: syzbot+3236a5e1bc356909b...@syzkaller.appspotmail.com Reported-by: syzbot+f5ac32d58eab38bce...@syzkaller.appspotmail.com Reported-by: syzbot+beb9643da72188117...@syzkaller.appspotmail.com Reported-by: syzbot+896191203695ba350...@syzkaller.appspotmail.com Reported-by: syzbot+7c175b48b2682cc32...@syzkaller.appspotmail.com Reported-by: syzbot+caa5bc391d36d7533...@syzkaller.appspotmail.com Reported-by: syzbot+9fe6d4c43fa10f9e4...@syzkaller.appspotmail.com Reported-by: syzbot+ae9ae663386e72d17...@syzkaller.appspotmail.com Reported-by: syzbot+a0c3a5c2f7af91e44...@syzkaller.appspotmail.com Reported-by: syzbot+3c157b017d0cafa7a...@syzkaller.appspotmail.com Reported-by: syzbot+1e05efbbf2d7df821...@syzkaller.appspotmail.com Reported-by: syzbot+999f20b408f61e22f...@syzkaller.appspotmail.com Reported-by: syzbot+22d227370f78b3a34...@syzkaller.appspotmail.com Reported-by: syzbot+33760fa9b95349460...@syzkaller.appspotmail.com Reported-by: syzbot+75d865aafbc9ebadb...@syzkaller.appspotmail.com Reported-by: syzbot+3ddff5cb80bc0c9ac...@syzkaller.appspotmail.com Reported-by: syzbot+0f942570160d533d8...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/sys/dev/usb/vhci.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/usb/vhci.c diff -u src/sys/dev/usb/vhci.c:1.25 src/sys/dev/usb/vhci.c:1.26 --- src/sys/dev/usb/vhci.c:1.25 Thu Mar 3 06:12:11 2022 +++ src/sys/dev/usb/vhci.c Sat Mar 12 15:30:42 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: vhci.c,v 1.25 2022/03/03 06:12:11 riastradh Exp $ */ +/* $NetBSD: vhci.c,v 1.26 2022/03/12 15:30:42 riastradh Exp $ */ /* * Copyright (c) 2019-2020 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: vhci.c,v 1.25 2022/03/03 06:12:11 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vhci.c,v 1.26 2022/03/12 15:30:42 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_usb.h" @@ -787,7 +787,6 @@ vhci_usb_attach(vhci_fd_t *vfd) vhci_port_t *port; struct usbd_xfer *xfer; u_char *p; - int ret = 0; port = &sc->sc_port[vfd->port]; @@ -802,7 +801,6 @@ vhci_usb_attach(vhci_fd_t *vfd) xfer = sc->sc_intrxfer; if (xfer == NULL) { - ret = ENOBUFS; goto done; } KASSERT(xfer->ux_status == USBD_IN_PROGRESS); @@ -821,7 +819,7 @@ vhci_usb_attach(vhci_fd_t *vfd) done: mutex_exit(&sc->sc_lock); - return ret; + return 0; } static void @@ -886,8 +884,7 @@ vhci_usb_detach(vhci_fd_t *vfd) xfer = sc->sc_intrxfer; if (xfer == NULL) { - mutex_exit(&sc->sc_lock); - return ENOBUFS; + goto done; } KASSERT(xfer->ux_status == USBD_IN_PROGRESS); @@ -910,6 +907,7 @@ vhci_usb_detach(vhci_fd_t *vfd) vhci_port_flush(sc, port); mutex_exit(&port->lock); +done: mutex_exit(&sc->sc_lock); return 0; }
CVS commit: src/sys/dev/usb
Module Name:src Committed By: riastradh Date: Sat Mar 12 15:30:42 UTC 2022 Modified Files: src/sys/dev/usb: vhci.c Log Message: vhci(4): Don't fail with ENOBUFS if no intrxfer is set up. uhub(4) will set up the intrxfer and query the current state at its leisure -- no need to treat racing with it as a failure. (If there's some reason the caller needs to know about this state, then (a) there should be a comment explaining why, and (b) the assertion in vhci_fd_close needs to change.) Should fix a host of syzbot crashes that were all tripping over the same assertion but with different gobbledegook on the console -- here's all the ones I found in a quick skim of the front page: Reported-by: syzbot+58b183ac688d656e1...@syzkaller.appspotmail.com Reported-by: syzbot+e7b0e904184aa2c18...@syzkaller.appspotmail.com Reported-by: syzbot+476b25a0a3655f356...@syzkaller.appspotmail.com Reported-by: syzbot+e5b69892daf87a746...@syzkaller.appspotmail.com Reported-by: syzbot+db7f0bc71c33a488d...@syzkaller.appspotmail.com Reported-by: syzbot+71d0e82df292c5673...@syzkaller.appspotmail.com Reported-by: syzbot+dbfaad061b2c909d6...@syzkaller.appspotmail.com Reported-by: syzbot+d8b90cead59b887fe...@syzkaller.appspotmail.com Reported-by: syzbot+ea147adc4461acb9f...@syzkaller.appspotmail.com Reported-by: syzbot+cb7239776d4f51c39...@syzkaller.appspotmail.com Reported-by: syzbot+ffbae2dd4d4a0196b...@syzkaller.appspotmail.com Reported-by: syzbot+95d4852ea931f775c...@syzkaller.appspotmail.com Reported-by: syzbot+3236a5e1bc356909b...@syzkaller.appspotmail.com Reported-by: syzbot+f5ac32d58eab38bce...@syzkaller.appspotmail.com Reported-by: syzbot+beb9643da72188117...@syzkaller.appspotmail.com Reported-by: syzbot+896191203695ba350...@syzkaller.appspotmail.com Reported-by: syzbot+7c175b48b2682cc32...@syzkaller.appspotmail.com Reported-by: syzbot+caa5bc391d36d7533...@syzkaller.appspotmail.com Reported-by: syzbot+9fe6d4c43fa10f9e4...@syzkaller.appspotmail.com Reported-by: syzbot+ae9ae663386e72d17...@syzkaller.appspotmail.com Reported-by: syzbot+a0c3a5c2f7af91e44...@syzkaller.appspotmail.com Reported-by: syzbot+3c157b017d0cafa7a...@syzkaller.appspotmail.com Reported-by: syzbot+1e05efbbf2d7df821...@syzkaller.appspotmail.com Reported-by: syzbot+999f20b408f61e22f...@syzkaller.appspotmail.com Reported-by: syzbot+22d227370f78b3a34...@syzkaller.appspotmail.com Reported-by: syzbot+33760fa9b95349460...@syzkaller.appspotmail.com Reported-by: syzbot+75d865aafbc9ebadb...@syzkaller.appspotmail.com Reported-by: syzbot+3ddff5cb80bc0c9ac...@syzkaller.appspotmail.com Reported-by: syzbot+0f942570160d533d8...@syzkaller.appspotmail.com To generate a diff of this commit: cvs rdiff -u -r1.25 -r1.26 src/sys/dev/usb/vhci.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libedit
Module Name:src Committed By: christos Date: Sat Mar 12 15:29:18 UTC 2022 Modified Files: src/lib/libedit: filecomplete.c Log Message: Fix filename autocompletion for strings like a\)b An escaped character should unconditionally be skipped together with the character that does the escaping. For example, in "a\)b" only the ")b" part was skipped but then the loop stopped at the "\" since it's one of the characters listed in word_break. (Piotr P. Stefaniak) To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/lib/libedit/filecomplete.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libedit/filecomplete.c diff -u src/lib/libedit/filecomplete.c:1.69 src/lib/libedit/filecomplete.c:1.70 --- src/lib/libedit/filecomplete.c:1.69 Sun Sep 26 09:45:37 2021 +++ src/lib/libedit/filecomplete.c Sat Mar 12 10:29:17 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: filecomplete.c,v 1.69 2021/09/26 13:45:37 christos Exp $ */ +/* $NetBSD: filecomplete.c,v 1.70 2022/03/12 15:29:17 christos Exp $ */ /*- * Copyright (c) 1997 The NetBSD Foundation, Inc. @@ -31,7 +31,7 @@ #include "config.h" #if !defined(lint) && !defined(SCCSID) -__RCSID("$NetBSD: filecomplete.c,v 1.69 2021/09/26 13:45:37 christos Exp $"); +__RCSID("$NetBSD: filecomplete.c,v 1.70 2022/03/12 15:29:17 christos Exp $"); #endif /* not lint && not SCCSID */ #include @@ -127,7 +127,7 @@ fn_tilde_expand(const char *txt) } static int -needs_escaping(char c) +needs_escaping(wchar_t c) { switch (c) { case '\'': @@ -612,13 +612,13 @@ find_word_to_complete(const wchar_t * cu for (;;) { if (ctemp <= buffer) break; - if (wcschr(word_break, ctemp[-1])) { - if (ctemp - buffer >= 2 && ctemp[-2] == '\\') { -ctemp -= 2; -continue; - } - break; + if (ctemp - buffer >= 2 && ctemp[-2] == '\\' && + needs_escaping(ctemp[-1])) { + ctemp -= 2; + continue; } + if (wcschr(word_break, ctemp[-1])) + break; if (special_prefixes && wcschr(special_prefixes, ctemp[-1])) break; ctemp--;
CVS commit: src/lib/libedit
Module Name:src Committed By: christos Date: Sat Mar 12 15:29:18 UTC 2022 Modified Files: src/lib/libedit: filecomplete.c Log Message: Fix filename autocompletion for strings like a\)b An escaped character should unconditionally be skipped together with the character that does the escaping. For example, in "a\)b" only the ")b" part was skipped but then the loop stopped at the "\" since it's one of the characters listed in word_break. (Piotr P. Stefaniak) To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/lib/libedit/filecomplete.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch
Module Name:src Committed By: skrll Date: Sat Mar 12 09:16:05 UTC 2022 Modified Files: src/sys/arch/aarch64/aarch64: aarch64_machdep.c src/sys/arch/arm/arm32: arm32_machdep.c Log Message: No need to call arm_fdt_platform twice. To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.65 src/sys/arch/aarch64/aarch64/aarch64_machdep.c cvs rdiff -u -r1.142 -r1.143 src/sys/arch/arm/arm32/arm32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/aarch64/aarch64/aarch64_machdep.c diff -u src/sys/arch/aarch64/aarch64/aarch64_machdep.c:1.64 src/sys/arch/aarch64/aarch64/aarch64_machdep.c:1.65 --- src/sys/arch/aarch64/aarch64/aarch64_machdep.c:1.64 Mon Jan 31 09:16:09 2022 +++ src/sys/arch/aarch64/aarch64/aarch64_machdep.c Sat Mar 12 09:16:05 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: aarch64_machdep.c,v 1.64 2022/01/31 09:16:09 ryo Exp $ */ +/* $NetBSD: aarch64_machdep.c,v 1.65 2022/03/12 09:16:05 skrll Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(1, "$NetBSD: aarch64_machdep.c,v 1.64 2022/01/31 09:16:09 ryo Exp $"); +__KERNEL_RCSID(1, "$NetBSD: aarch64_machdep.c,v 1.65 2022/03/12 09:16:05 skrll Exp $"); #include "opt_arm_debug.h" #include "opt_cpuoptions.h" @@ -674,8 +674,9 @@ cpu_startup(void) consinit(); #ifdef FDT - if (arm_fdt_platform()->ap_startup != NULL) - arm_fdt_platform()->ap_startup(); + const struct arm_platform * const plat = arm_fdt_platform(); + if (plat->ap_startup != NULL) + plat->ap_startup(); #endif /* Index: src/sys/arch/arm/arm32/arm32_machdep.c diff -u src/sys/arch/arm/arm32/arm32_machdep.c:1.142 src/sys/arch/arm/arm32/arm32_machdep.c:1.143 --- src/sys/arch/arm/arm32/arm32_machdep.c:1.142 Sat Nov 13 00:13:17 2021 +++ src/sys/arch/arm/arm32/arm32_machdep.c Sat Mar 12 09:16:05 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: arm32_machdep.c,v 1.142 2021/11/13 00:13:17 jmcneill Exp $ */ +/* $NetBSD: arm32_machdep.c,v 1.143 2022/03/12 09:16:05 skrll Exp $ */ /* * Copyright (c) 1994-1998 Mark Brinicombe. @@ -42,7 +42,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: arm32_machdep.c,v 1.142 2021/11/13 00:13:17 jmcneill Exp $"); +__KERNEL_RCSID(0, "$NetBSD: arm32_machdep.c,v 1.143 2022/03/12 09:16:05 skrll Exp $"); #include "opt_arm_debug.h" #include "opt_arm_start.h" @@ -301,8 +301,9 @@ cpu_startup(void) pmap_postinit(); #ifdef FDT - if (arm_fdt_platform()->ap_startup != NULL) - arm_fdt_platform()->ap_startup(); + const struct arm_platform * const plat = arm_fdt_platform(); + if (plat->ap_startup != NULL) + plat->ap_startup(); #endif /*
CVS commit: src/sys/arch
Module Name:src Committed By: skrll Date: Sat Mar 12 09:16:05 UTC 2022 Modified Files: src/sys/arch/aarch64/aarch64: aarch64_machdep.c src/sys/arch/arm/arm32: arm32_machdep.c Log Message: No need to call arm_fdt_platform twice. To generate a diff of this commit: cvs rdiff -u -r1.64 -r1.65 src/sys/arch/aarch64/aarch64/aarch64_machdep.c cvs rdiff -u -r1.142 -r1.143 src/sys/arch/arm/arm32/arm32_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/stdlib
Module Name:src Committed By: nia Date: Sat Mar 12 08:44:39 UTC 2022 Modified Files: src/lib/libc/stdlib: _env.c Log Message: _env: use reallocarr To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/lib/libc/stdlib/_env.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/stdlib/_env.c diff -u src/lib/libc/stdlib/_env.c:1.11 src/lib/libc/stdlib/_env.c:1.12 --- src/lib/libc/stdlib/_env.c:1.11 Tue Apr 20 21:42:32 2021 +++ src/lib/libc/stdlib/_env.c Sat Mar 12 08:44:38 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: _env.c,v 1.11 2021/04/20 21:42:32 christos Exp $ */ +/* $NetBSD: _env.c,v 1.12 2022/03/12 08:44:38 nia Exp $ */ /*- * Copyright (c) 2010 The NetBSD Foundation, Inc. @@ -31,7 +31,7 @@ #include #if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: _env.c,v 1.11 2021/04/20 21:42:32 christos Exp $"); +__RCSID("$NetBSD: _env.c,v 1.12 2022/03/12 08:44:38 nia Exp $"); #endif /* LIBC_SCCS and not lint */ #include "namespace.h" @@ -296,18 +296,23 @@ __getenvslot(const char *name, size_t l_ /* Allocate a new environment array. */ if (environ == allocated_environ) { - new_environ = realloc(environ, - new_size * sizeof(*new_environ)); - if (new_environ == NULL) + new_environ = environ; + if (reallocarr(&new_environ, + new_size, sizeof(*new_environ)) != 0) { + errno = ENOMEM; return -1; + } } else { free(allocated_environ); allocated_environ = NULL; allocated_environ_size = 0; - new_environ = malloc(new_size * sizeof(*new_environ)); - if (new_environ == NULL) + new_environ = NULL; + if (reallocarr(&new_environ, + new_size, sizeof(*new_environ)) != 0) { + errno = ENOMEM; return -1; + } (void)memcpy(new_environ, environ, num_entries * sizeof(*new_environ)); }
CVS commit: src/lib/libc/stdlib
Module Name:src Committed By: nia Date: Sat Mar 12 08:44:39 UTC 2022 Modified Files: src/lib/libc/stdlib: _env.c Log Message: _env: use reallocarr To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/lib/libc/stdlib/_env.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/net
Module Name:src Committed By: nia Date: Sat Mar 12 08:43:12 UTC 2022 Modified Files: src/lib/libc/net: getservent_r.c Log Message: getservent_r: use reallocarr CVSv -- To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/lib/libc/net/getservent_r.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/net/getservent_r.c diff -u src/lib/libc/net/getservent_r.c:1.11 src/lib/libc/net/getservent_r.c:1.12 --- src/lib/libc/net/getservent_r.c:1.11 Sat Oct 15 23:00:02 2011 +++ src/lib/libc/net/getservent_r.c Sat Mar 12 08:43:11 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: getservent_r.c,v 1.11 2011/10/15 23:00:02 christos Exp $ */ +/* $NetBSD: getservent_r.c,v 1.12 2022/03/12 08:43:11 nia Exp $ */ /* * Copyright (c) 1983, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)getservent.c 8.1 (Berkeley) 6/4/93"; #else -__RCSID("$NetBSD: getservent_r.c,v 1.11 2011/10/15 23:00:02 christos Exp $"); +__RCSID("$NetBSD: getservent_r.c,v 1.12 2022/03/12 08:43:11 nia Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -291,9 +291,12 @@ _servent_parsedb(struct servent_data *sd if (sd->aliases == NULL) { sd->maxaliases = 10; - sd->aliases = malloc(sd->maxaliases * sizeof(char *)); - if (sd->aliases == NULL) + sd->aliases = NULL; + if (reallocarr(&sd->aliases, + sd->maxaliases, sizeof(char *)) != 0) { + errno = ENOMEM; goto fail; + } } sp->s_aliases = sd->aliases; i = 0; @@ -302,9 +305,11 @@ _servent_parsedb(struct servent_data *sd goto fail; if (i == sd->maxaliases - 2) { sd->maxaliases *= 2; - q = realloc(sd->aliases, sd->maxaliases * sizeof(*q)); - if (q == NULL) + q = sd->aliases; + if (reallocarr(&q, sd->maxaliases, sizeof(*q)) != 0) { +errno = ENOMEM; goto fail; + } sp->s_aliases = sd->aliases = q; } sp->s_aliases[i++] = __UNCONST(data + 1);
CVS commit: src/lib/libc/net
Module Name:src Committed By: nia Date: Sat Mar 12 08:43:12 UTC 2022 Modified Files: src/lib/libc/net: getservent_r.c Log Message: getservent_r: use reallocarr CVSv -- To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/lib/libc/net/getservent_r.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/net
Module Name:src Committed By: nia Date: Sat Mar 12 08:41:38 UTC 2022 Modified Files: src/lib/libc/net: getprotoent_r.c Log Message: getprotoent_r: use reallocarr To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/lib/libc/net/getprotoent_r.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/net
Module Name:src Committed By: nia Date: Sat Mar 12 08:41:38 UTC 2022 Modified Files: src/lib/libc/net: getprotoent_r.c Log Message: getprotoent_r: use reallocarr To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/lib/libc/net/getprotoent_r.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/net/getprotoent_r.c diff -u src/lib/libc/net/getprotoent_r.c:1.6 src/lib/libc/net/getprotoent_r.c:1.7 --- src/lib/libc/net/getprotoent_r.c:1.6 Sat Oct 15 23:00:02 2011 +++ src/lib/libc/net/getprotoent_r.c Sat Mar 12 08:41:38 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: getprotoent_r.c,v 1.6 2011/10/15 23:00:02 christos Exp $ */ +/* $NetBSD: getprotoent_r.c,v 1.7 2022/03/12 08:41:38 nia Exp $ */ /* * Copyright (c) 1983, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)getprotoent.c 8.1 (Berkeley) 6/4/93"; #else -__RCSID("$NetBSD: getprotoent_r.c,v 1.6 2011/10/15 23:00:02 christos Exp $"); +__RCSID("$NetBSD: getprotoent_r.c,v 1.7 2022/03/12 08:41:38 nia Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -87,7 +87,6 @@ getprotoent_r(struct protoent *pr, struc { char *p, *cp, **q; size_t i = 0; - int oerrno; if (pd->fp == NULL && (pd->fp = fopen(_PATH_PROTOCOLS, "re")) == NULL) return NULL; @@ -111,12 +110,12 @@ getprotoent_r(struct protoent *pr, struc *p++ = '\0'; pr->p_proto = atoi(cp); if (pd->aliases == NULL) { + pd->aliases = NULL; pd->maxaliases = 10; - pd->aliases = malloc(pd->maxaliases * sizeof(char *)); - if (pd->aliases == NULL) { -oerrno = errno; + if (reallocarr(&pd->aliases, + pd->maxaliases, sizeof(char *)) != 0) { endprotoent_r(pd); -errno = oerrno; +errno = ENOMEM; return NULL; } } @@ -130,12 +129,10 @@ getprotoent_r(struct protoent *pr, struc } if (i == pd->maxaliases - 2) { pd->maxaliases *= 2; - q = realloc(q, - pd->maxaliases * sizeof(char *)); - if (q == NULL) { - oerrno = errno; + if (reallocarr(&q, + pd->maxaliases, sizeof(char *)) != 0) { endprotoent_r(pd); - errno = oerrno; + errno = ENOMEM; return NULL; } pr->p_aliases = pd->aliases = q;
CVS commit: src/lib/libc/stdio
Module Name:src Committed By: nia Date: Sat Mar 12 08:36:52 UTC 2022 Modified Files: src/lib/libc/stdio: vfwprintf.c Log Message: vfwprintf(3): use reallocarr To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/lib/libc/stdio/vfwprintf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/stdio/vfwprintf.c diff -u src/lib/libc/stdio/vfwprintf.c:1.36 src/lib/libc/stdio/vfwprintf.c:1.37 --- src/lib/libc/stdio/vfwprintf.c:1.36 Tue Jul 11 19:36:38 2017 +++ src/lib/libc/stdio/vfwprintf.c Sat Mar 12 08:36:52 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: vfwprintf.c,v 1.36 2017/07/11 19:36:38 perseant Exp $ */ +/* $NetBSD: vfwprintf.c,v 1.37 2022/03/12 08:36:52 nia Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -38,7 +38,7 @@ static char sccsid[] = "@(#)vfprintf.c 8.1 (Berkeley) 6/4/93"; __FBSDID("$FreeBSD: src/lib/libc/stdio/vfwprintf.c,v 1.27 2007/01/09 00:28:08 imp Exp $"); #else -__RCSID("$NetBSD: vfwprintf.c,v 1.36 2017/07/11 19:36:38 perseant Exp $"); +__RCSID("$NetBSD: vfwprintf.c,v 1.37 2022/03/12 08:36:52 nia Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -459,9 +459,11 @@ __mbsconv(char *mbsarg, int prec, locale * converting at most `size' bytes of the input multibyte string to * wide characters for printing. */ - convbuf = malloc((insize + 1) * sizeof(*convbuf)); - if (convbuf == NULL) + convbuf = NULL; + if (reallocarr(&convbuf, insize + 1, sizeof(*convbuf)) != 0) { + errno = ENOMEM; return NULL; + } wcp = convbuf; p = mbsarg; mbs = initial; @@ -1976,12 +1978,16 @@ __grow_type_table (size_t nextarg, enum if (newsize < nextarg + 1) newsize = nextarg + 1; if (oldsize == STATIC_ARG_TBL_SIZE) { - if ((newtable = malloc(newsize * sizeof(*newtable))) == NULL) + newtable = NULL; + if (reallocarr(&newtable, newsize, sizeof(*newtable)) != 0) { + errno = ENOMEM; return -1; + } memcpy(newtable, oldtable, oldsize * sizeof(*newtable)); } else { - newtable = realloc(oldtable, newsize * sizeof(*newtable)); - if (newtable == NULL) { + newtable = oldtable; + if (reallocarr(&newtable, newsize, sizeof(*newtable)) != 0) { + errno = ENOMEM; free(oldtable); return -1; }
CVS commit: src/lib/libc/stdio
Module Name:src Committed By: nia Date: Sat Mar 12 08:36:52 UTC 2022 Modified Files: src/lib/libc/stdio: vfwprintf.c Log Message: vfwprintf(3): use reallocarr To generate a diff of this commit: cvs rdiff -u -r1.36 -r1.37 src/lib/libc/stdio/vfwprintf.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: nia Date: Sat Mar 12 08:32:02 UTC 2022 Modified Files: src/lib/libc/gen: setmode.c Log Message: setmode(3): use reallocarr instead of realloc(x * y) To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/lib/libc/gen/setmode.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/setmode.c diff -u src/lib/libc/gen/setmode.c:1.35 src/lib/libc/gen/setmode.c:1.36 --- src/lib/libc/gen/setmode.c:1.35 Sat Mar 12 08:28:30 2022 +++ src/lib/libc/gen/setmode.c Sat Mar 12 08:32:02 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: setmode.c,v 1.35 2022/03/12 08:28:30 nia Exp $ */ +/* $NetBSD: setmode.c,v 1.36 2022/03/12 08:32:02 nia Exp $ */ /* * Copyright (c) 1989, 1993, 1994 @@ -37,7 +37,7 @@ #if 0 static char sccsid[] = "@(#)setmode.c 8.2 (Berkeley) 3/25/94"; #else -__RCSID("$NetBSD: setmode.c,v 1.35 2022/03/12 08:28:30 nia Exp $"); +__RCSID("$NetBSD: setmode.c,v 1.36 2022/03/12 08:32:02 nia Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -163,9 +163,11 @@ common: if (set->cmd2 & CMD2_CLR) { if (set >= endset) { \ BITCMD *newset; \ setlen += SET_LEN_INCR; \ - newset = realloc(saveset, sizeof(BITCMD) * setlen); \ - if (newset == NULL) \ + newset = saveset; \ + if (reallocarr(&newset, setlen, sizeof(BITCMD)) != 0) { \ + errno = ENOMEM; \ goto out; \ + } \ set = newset + (set - saveset);\ saveset = newset; \ endset = newset + (setlen - 2);\
CVS commit: src/lib/libc/gen
Module Name:src Committed By: nia Date: Sat Mar 12 08:32:02 UTC 2022 Modified Files: src/lib/libc/gen: setmode.c Log Message: setmode(3): use reallocarr instead of realloc(x * y) To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/lib/libc/gen/setmode.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: nia Date: Sat Mar 12 08:28:30 UTC 2022 Modified Files: src/lib/libc/gen: setmode.c Log Message: setmode(3): use reallocarr instead of malloc(x * y) To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/lib/libc/gen/setmode.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: nia Date: Sat Mar 12 08:28:30 UTC 2022 Modified Files: src/lib/libc/gen: setmode.c Log Message: setmode(3): use reallocarr instead of malloc(x * y) To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/lib/libc/gen/setmode.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/setmode.c diff -u src/lib/libc/gen/setmode.c:1.34 src/lib/libc/gen/setmode.c:1.35 --- src/lib/libc/gen/setmode.c:1.34 Mon Jun 25 22:32:43 2012 +++ src/lib/libc/gen/setmode.c Sat Mar 12 08:28:30 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: setmode.c,v 1.34 2012/06/25 22:32:43 abs Exp $ */ +/* $NetBSD: setmode.c,v 1.35 2022/03/12 08:28:30 nia Exp $ */ /* * Copyright (c) 1989, 1993, 1994 @@ -37,7 +37,7 @@ #if 0 static char sccsid[] = "@(#)setmode.c 8.2 (Berkeley) 3/25/94"; #else -__RCSID("$NetBSD: setmode.c,v 1.34 2012/06/25 22:32:43 abs Exp $"); +__RCSID("$NetBSD: setmode.c,v 1.35 2022/03/12 08:28:30 nia Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -205,9 +205,11 @@ setmode(const char *p) (void)sigprocmask(SIG_SETMASK, &sigoset, NULL); setlen = SET_LEN + 2; - - if ((set = malloc((u_int)(sizeof(BITCMD) * setlen))) == NULL) + set = NULL; + if (reallocarr(&set, setlen, sizeof(BITCMD)) != 0) { + errno = ENOMEM; return (NULL); + } saveset = set; endset = set + (setlen - 2);
CVS commit: src/lib/libc/stdlib
Module Name:src Committed By: nia Date: Sat Mar 12 08:26:01 UTC 2022 Modified Files: src/lib/libc/stdlib: hcreate.c Log Message: hcreate(3): use reallocarr instead of malloc(x * y) To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/lib/libc/stdlib/hcreate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/stdlib/hcreate.c diff -u src/lib/libc/stdlib/hcreate.c:1.10 src/lib/libc/stdlib/hcreate.c:1.11 --- src/lib/libc/stdlib/hcreate.c:1.10 Sun Jul 20 20:17:21 2014 +++ src/lib/libc/stdlib/hcreate.c Sat Mar 12 08:26:01 2022 @@ -1,4 +1,4 @@ -/* $NetBSD: hcreate.c,v 1.10 2014/07/20 20:17:21 christos Exp $ */ +/* $NetBSD: hcreate.c,v 1.11 2022/03/12 08:26:01 nia Exp $ */ /* * Copyright (c) 2001 Christopher G. Demetriou @@ -43,7 +43,7 @@ #include #if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: hcreate.c,v 1.10 2014/07/20 20:17:21 christos Exp $"); +__RCSID("$NetBSD: hcreate.c,v 1.11 2022/03/12 08:26:01 nia Exp $"); #endif /* LIBC_SCCS and not lint */ #if !defined(lint) @@ -125,8 +125,8 @@ hcreate_r(size_t nel, struct hsearch_dat /* Allocate the table. */ head->size = nel; head->filled = 0; - p = malloc(nel * sizeof table[0]); - if (p == NULL) { + p = NULL; + if (reallocarr(&p, nel, sizeof(table[0])) != 0) { errno = ENOMEM; return 0; }
CVS commit: src/lib/libc/stdlib
Module Name:src Committed By: nia Date: Sat Mar 12 08:26:01 UTC 2022 Modified Files: src/lib/libc/stdlib: hcreate.c Log Message: hcreate(3): use reallocarr instead of malloc(x * y) To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/lib/libc/stdlib/hcreate.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.