svn commit: r230583 - head/sys/kern

[David Schultz]

On Fri, Jan 27, 2012, Kostik Belousov wrote:
> On Fri, Jan 27, 2012 at 07:50:30PM +1100, Bruce Evans wrote:
> > On Thu, 26 Jan 2012, Gleb Smirnoff wrote:
> > 
> > >On Thu, Jan 26, 2012 at 11:53:57PM +1100, Bruce Evans wrote:
> > >B> > @@ -1552,6 +1552,12 @@ aio_aqueue(struct thread *td, struct aio
> > >B> > 		return (error);
> > >B> > 	}
> > >B> >
> > >B> > +	/* XXX: aio_nbytes is later casted to signed types. */
> > >B> > +	if ((int)aiocbe->uaiocb.aio_nbytes < 0) {
> > >B>
> > >B> This should avoid implementation-defined behaviour by checking if
> > >B>
> > >B>  	(uncast)aiocbe->uaiocb.aio_nbytes > INT_MAX.
> > 
> > >Is the attached patch okay?
> > 
> > Yes.  It now matches the style used for read^Wsys_read() and friends.
> > This used to have to fit the count in "int uio_resid".  uio_resid now
> > has type ssize_t, but for some reason the old INT_MAX limits remain.
> 
> Well, I can revive the patch. I still think it is good to get rid of
> the limit.

The correct limit on the maximum size of a single read/write is
SSIZE_MAX, but FreeBSD uses INT_MAX.  It's not safe to raise the
limit yet, though, because of bugs in several filesystems.  For
example, FFS copies uio_resid into a local variable of type int.
I have some old patches that fix some of these issues for FFS and
cd9660, but surely there are more places I didn't notice.

By the way, PR 147226 is about this.