is triggered when qmail is used with INET6 enabled. The bug
manifests itself in that the space variable can become negative
and that in the comparison in the guards of the 2 loops, this was
not noticed because sizeof() returns an unsigned and thus the signed
variable gets promoted to unsigned. I decided not to make space
unsigned because I think we should guard against this from happening.
Thus panic() in case space becomes negative.
Approved by: jkh
parents flags.
Note on the PR:
The PR contains another patch that's not being committed without
further background information. The PR stays open for now.
PR: 16946 (Victor A. Salaman <salaman@teknos.com>)
Prompted by: msmith
Indirect/implicit approval: jkh (shoot me if I'm wrong :-)
This
This feature allows you to specify if mmap'd data is included in
an application's corefile.
Change the type of eflags in struct vm_map_entry from u_char to
vm_eflags_t (an unsigned int).
Reviewed by: dillon,jdp,alfred
Approved by: jkh
Added receive code and support for Webgear encapsulation.
More debugging macros/functions.
conditionalised timeout for start/join network
conditonalised attribute/common memory hacks
identified tracking code with XXX_TRACK
sorted out initialistion of instance structure to some extent
finished docuementing the start/join sequence
The code doesn't compile (I'll do that in a minute), but functionally
it gets to receveing the interrupt from the start or join net command.
There is a lot of code to deal with the limitations of the PCCard memory
mapping code - I'm changing some of it hence the check in to preserve something
that worked.
how the kernel was booted and perhaps do conditional things
based upon it (sysinstall, for example, will now turn Debug mode
on automatically if boot -v was done).
Submitted by: msmith
Suggested by: ulf
Call intr_teardown on detach.
Always add non masterdevice from unit 2 upwards.
Update to the pccard code, at least some cards are now working,
more testing to follow.
First, it was failing to reset the PCB's pcb_onfault member to NULL.
Under some really obscure circumstances this might cause a wild jump
within the kernel when a panic would otherwise occur. Second, the
handler was loading the GP register needlessly and with an incorrect
value.
Reviewed by: Doug Rabson <dfr>
Approved by: Jordan Hubbard <jkh>
filesystem fills up. If the first indirect block exists and FFS is able
to allocate deeper indirect blocks, but is not able to allocate the
data block, FFS improperly unwinds the indirect blocks and leaves a
block pointer hanging to a freed block. This will cause a panic later
when the file is removed. The solution is to properly account for the
first block-pointer-to-an-indirect-block we had to create in a balloc
operation and then unwind it if a failure occurs.
Detective work by: Ian Dowse <iedowse@maths.tcd.ie>
Reviewed by: mckusick, Ian Dowse <iedowse@maths.tcd.ie>
Approved by: jkh
Now this check is necessary because IPv6 source routing might use
control data bigger than MLEN. (e.g. 16bytes IPv6 addr x 23 hops)
Actually mbuf cluster should be used in uipc_socket.c:sbcreatecontrol()
and uipc_syscalls.c:sockargs() when data size is bigger then MLEN,
and such patches were already in KAME environment and have been
confirmed to work well. I just forgot to merge them into 4.0, sorry.
For safety, I'll postpone such patches until after 4.0 release.
The effect of postponement is followings.
-Ping6 source routing hops are limitted to around 6 or so.
-If some apps do setsockopt IPV6_RTHDR and try to receive
incoming IPv6 source routing info, it can't receive more
than 6 hops source routing info.
(But currently, no apps seems to be doing it.)
Approved by: jkh
VFS_AIO option is specified, all aio-related syscalls return ENOSYS.
The aio code is very fragile right now, and is unsuitable for default
inclusion in a production shell box.
Approved by: jkh
to the current jail/chflags interactions. This fix conditionalizes ``root
behavior'' in the chflags() case on not being in jail, so attempts to
perform a chflags in a jail are limited to what a normal user could do.
For example, this does allow setting of user flags as appropriate, but
prohibits changing of system flags.
Reviewed by: bde
Enable the driver in sys/conf/files.i386.
In isa/isavar.h increase ISA_NPORT from 32 to 50. This is required
because this brain-damaged card maps 49 (!) port ranges. This does
not have a negative impact because this value only specifies the maximum
number of entries in a linked list and not the size of an array which
is allocated in all drivers.
The register/fifo access routines were not newbus-ified because
1) I knew that the old code worked and is simpler and more efficient
2) the if_ed driver does something similar and
3) the newbus macros collapse to inb/outb anyway.
Reviewed and tested by: hm
Approved by: jkh
was using them exits.
Don't allow a user process to cause the kernel to take a TRCTRAP on a
user space address.
Reviewed by: jlemon, sef
Approved by: jkh
it should have been to start with. The implications of that are not
pleasant when combined with >> as it breaks on multiples of NFDBITS.
Right shifting of a signed value fills with a copy of the sign bit,
not a zero.
Reported by: bde
fd's in the range of 32-63, 96-127 etc. The first problem was the
FD_*() macros were shifting a 32 bit integer "1" left by more than
32 bits. The same problem happened in selscan(). ffs() also takes
an int argument and causes failure. For cases where int == long
(ie: the usual case for x86, but not always as gcc can have long
being a 64 bit quantity) ffs() could be used.
Reported by: Marian Stagarescu <marian@bile.skycache.com>
Reviewed by: dfr, gallatin (sys/types.h only)
Approved by: jkh
256 bytes) caused it to break on many devices.
The SCSI spec says that for commands with 8-bit length fields, a value of 0
means 256 bytes. As it turns out, many devices don't deal with that
properly. Some interpret the 0 as 0, and return no data. Others return
more than 256 bytes of data, and cause an overrun.
The fix is to tell the device we've only allocated SHORT_INQUIRY_LENGTH (36
bytes) of inquiry data, instead of sizeof(struct scsi_inquiry_data).
camcontrol.c: Change inq_len in the call to scsi_inquiry() to
SHORT_INQUIRY_LENGTH, and add a long comment
explaining the reason for the change.
scsi_all.h: Add a comment above the definitinon of
SHORT_INQUIRY_LENGTH alerting people that it is
both the initial probe inquiry length, and the
minimum amount of data needed for scsi_print_inquiry()
to function.
scsi_all.c: Add a comment about SHORT_INQUIRY_LENGTH being the
minimum amount of data needed for
scsi_print_inquiry() to function.
Reviewed by: gibbs
Approved by: jkh
Reported by: "John W. DeBoskey" <jwd@unx.sas.com>