[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Patches] lio_listio() doesn't validate the aio_lio_opcode?
- To: Khem Raj <raj.khem@xxxxxxxxx>
- Subject: Re: [Patches] lio_listio() doesn't validate the aio_lio_opcode?
- From: "Carlos O'Donell" <carlos@xxxxxxxxxxxxxxxx>
- Date: Fri, 17 Feb 2012 10:31:39 -0500
On Fri, Feb 17, 2012 at 9:43 AM, Khem Raj <raj.khem@xxxxxxxxx> wrote:
> On Fri, Feb 17, 2012 at 1:46 AM, Kang Kai <Kai.Kang@xxxxxxxxxxxxx> wrote:
>> Hi All,
>>
>> If pass a invalid aio_lio_opcode to lio_listio() with mode LIO_NOWAIT, it
>> return 0 which means success. Is this the proper action for invalid
>> aio_lio_opcode?
>>
>> I check the source code ./sysdeps/pthread/lio_listio.c Line 81:
>>
>> if (list[cnt] != NULL && list[cnt]->aio_lio_opcode != LIO_NOP)
>>
>> it just checks aio_lio_opcode is not LIO_NOP then enqueue the request? I
>> wonder this is buggy.
>
> for aio_lio_opcode posix says "The supported operations are LIO_READ,
> LIO_WRITE, and LIO_NOP"
>
> but it does not say what should happen if the value it not one of the above
> so IMO its not a bug but falls into undefined behavior.
The value gets passed down to the AIO layer.
In sysdeps/pthread/aio_misc.c we have code to process LIO_READ,
LIO_WRITE, LIO_DYSNC, LIO_SYNC and then:
~~~
else
{
/* This is an invalid opcode. */
aiocbp->aiocb.__return_value = -1;
__set_errno (EINVAL);
}
~~~
However, LIO_READ == LIO_WAIT, so your LIO_WAIT is processed as a LIO_READ.
Cheers,
Carlos.
_______________________________________________
Patches mailing list
Patches@xxxxxxxxxx
http://eglibc.org/cgi-bin/mailman/listinfo/patches