OpenSolaris

Printable Version Enter a New Search
Bug ID 6538819
Synopsis ict_tcgeta() accesses lx_termio.c_cc[LX_VEOL] which doesn't exist
State 10-Fix Delivered (Fix available in build)
Category:Subcategory kernel:brandz
Keywords
Responsible Engineer Edward Pilatowicz
Reported Against snv_49
Duplicate Of
Introduced In solaris_nevada
Commit to Fix snv_64
Fixed In snv_64
Release Fixed solaris_nevada(snv_64)
Related Bugs
Submit Date 26-March-2007
Last Update Date 14-May-2007
Description 
When building ON with Studio 12 the build will fail with the following error:

 /opt/SUNWspro/SS12/bin/cc -O -K pic -xspace -Xa -xildoff -errtags=yes -errwarn=%all -erroff=E_EMPTY_TRANSLATION_UNIT -erroff=E_STATEMENT_NOT_REACHED -xc99=%none -W0,-xglobalstatic -v -g -xc99=%none -W0,-noglobal -xdebugformat=stabs -DTEXT_DOMAIN="SUNW_OST_OSLIB" -D_TS_ERRNO -I/export/builds/gk/onnv-clone-mars/proto/root_i386/usr/include -D_REENTRANT -I../ -I../../../../../uts/common/brand/lx -I/export/builds/gk/onnv-clone-mars/usr/src/common/brand/lx -DPIC -D_REENTRANT -c -o pics/ioctl.o ../common/ioctl.c 
"../common/ioctl.c", line 1349: warning: pointer expression or its operand do not point to the same object l_tio, result is undefined and non-portable  (E_BAD_VAR_ADDRESS_ARITH)

*** Error code 2
dmake: Warning: Command failed for target `pics/ioctl.o'
Current working directory /export/builds/gk/onnv-clone-mars/usr/src/lib/brand/lx/lx_brand/i386

Looking at the source we see:

usr/src/lib/brand/lx/lx_brand/common/ioctl.c:

static int
/*ARGSUSED*/
ict_tcgeta(int fd, struct stat *stat, int cmd, char *cmd_str, intptr_t arg)
{
        struct lx_termio        l_tio, *l_tiop = (struct lx_termio *)arg;
        struct termio           s_tio;
        struct lx_cc            lio;
        int                     ldlinux;
	....
        l_tio.c_cc[LX_VEOF] = lio.veof;
        l_tio.c_cc[LX_VEOL] = lio.veol;
        l_tio.c_cc[LX_VMIN] = lio.vmin;
        l_tio.c_cc[LX_VTIME] = lio.vtime;
	....
}

and then in 

usr/src/lib/brand/lx/lx_brand/sys/lx_ioctl.h:

#define LX_NCC  8
struct lx_termio {
        unsigned short c_iflag;         /* input mode flags */
        unsigned short c_oflag;         /* output mode flags */
        unsigned short c_cflag;         /* control mode flags */
        unsigned short c_lflag;         /* local mode flags */
        unsigned char c_line;           /* line discipline */
        unsigned char c_cc[LX_NCC];     /* control characters */
};

#define LX_NCCS 19
struct lx_termios {
        uint32_t c_iflag;               /* input mode flags */
        uint32_t c_oflag;               /* output mode flags */
        uint32_t c_cflag;               /* control mode flags */
        uint32_t c_lflag;               /* local mode flags */
        unsigned char c_line;           /* line discipline */
        unsigned char c_cc[LX_NCCS];    /* control characters */
};

/* c_cc characters */
#define LX_VINTR        0
#define LX_VQUIT        1
#define LX_VERASE       2
#define LX_VKILL        3
#define LX_VEOF         4
#define LX_VTIME        5
#define LX_VMIN         6
#define LX_VSWTC        7
#define LX_VSTART       8
#define LX_VSTOP        9
#define LX_VSUSP        10
#define LX_VEOL         11
#define LX_VREPRINT     12
#define LX_VDISCARD     13
#define LX_VWERASE      14
#define LX_VLNEXT       15
#define LX_VEOL2        16

So note that LX_VEOL is 11 which means in the code we are doing setting c_cc[11] which is
beyond the size of the array and thus causing the failure to build.

Questions:
o why is LX_NCC set to 8 as opposed to matching LX_NCCS (which is 19) ?
o why are their two #defines (LX_NCC and LX_NCCS) defining the same thing ? 

A trivial fix is to set the LX_NCC to be the same as LX_NCCS.
Answers:
o because lx_termio and lx_termios represent two different structures on
  linux (struct termio and struct termios respectively).  these structures
  are different sizes on linux, hence our corresponding structures must be
  different sizes.  actually, you'll notice that solaris also has these
  same two structures defined and they are different sizes as well.
o there have to be two defines because each structure is a different size.

the actual bug here is that ict_tcgeta() is tying to access LX_VEOL for
a struct lx_termio when is should be ignoring ignoring it.

actually, if you compare:
	l2s_termios() to l2s_termio()
and:
	termios2lx_cc() to termio2lx_cc()

you'll notice that these functions are almost identical, the only
differences between the functions are to handle the differences between
the termio and termios structures, and in both cases above the functions
that deal with termios structures manipulate the LX_VEOL member while
the functions dealing with the termio structure don't.  the problem
seems like this bug is probably a cut-and-paste error from
ict_tcgets_native() to ict_tcgeta().
it's worth noting that most the delta in the fix involves adding comments
and renaming structures such that the naming is consistent and it's
easier to tell when reading the coded if we're manipulating a
termio vs a termios structure.  the actual heart of the bug fix
boils down to this one line change in ict_tcgeta():
---8<---
@@ -1346,7 +1346,6 @@
                return (-errno);
 
        l_tio.c_cc[LX_VEOF] = lio.veof;
-       l_tio.c_cc[LX_VEOL] = lio.veol;
        l_tio.c_cc[LX_VMIN] = lio.vmin;
        l_tio.c_cc[LX_VTIME] = lio.vtime;
---8<---
Work Around 
N/A
Comments 
N/A