Page MenuHomeFreeBSD
Differential D51845

vfs_syscalls.c: Fix handling of offset arguments for copy_file_range
ClosedPublic
Actions

Authored by rmacklem on Aug 9 2025, 2:34 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Oct 13, 3:13 AM
Unknown Object (File)
Fri, Oct 10, 9:44 PM
Unknown Object (File)
Fri, Oct 10, 9:44 PM
Unknown Object (File)
Fri, Oct 10, 9:44 PM
Unknown Object (File)
Fri, Oct 10, 3:56 PM
Unknown Object (File)
Thu, Oct 9, 4:59 PM
Unknown Object (File)
Fri, Oct 3, 9:10 AM
Unknown Object (File)
Fri, Oct 3, 8:53 AM
View All 24 Files
Subscribers
imp
olce

Details

Reviewers
markj
Commits
rG4046ad6bb0ee: vfs_syscalls.c: Fix handling of offset args for copy_file_range
Summary

Commit 197997a broke handling of the offset
arguments to copy_file_range() when specified non-NULL.
The code fails to update the offsets and, as such, a loop like:

do {

len = copy_file_range(infd, &inpos, outfd, &outpos,
      SSIZE_MAX, 0);

} while (len > 0);

becomes an infinite loop, just doing the same copy over and
over again.

This patch fixes it.

The clause "(foffsets_locked || foffsets_set)" is not actually
needed for correctness, but I thought it made the code
a little more readable and might avoid some static
analyzer from throwing a "user before being set" for
the savinoff and savoutoff variables.

Test Plan

Tested with a little program that has the do loop
mentioned in the summary.

The good news is that all the uses of copy_file_range()
in /usr/src pass in NULL offset arguments, so they were
not broken.

The not so good news is that this bug made it out into
14.3.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rmacklem created this revision.Aug 9 2025, 2:34 PM
Herald added subscribers: olce, imp. · View Herald TranscriptAug 9 2025, 2:34 PM
rmacklem requested review of this revision.Aug 9 2025, 2:34 PM
markj accepted this revision.Aug 9 2025, 9:01 PM

The not so good news is that this bug made it out into 14.3.

I'll submit an EN since this is my bug (unless you'd really like to).

This revision is now accepted and ready to land.Aug 9 2025, 9:01 PM
rmacklem added a comment.Aug 9 2025, 9:04 PM
In D51845#1184634, @markj wrote:

The not so good news is that this bug made it out into 14.3.

I'll submit an EN since this is my bug (unless you'd really like to).

You are more than welcome to do so.
I'll give it a 2week MFC and you'll see it go into stable/14 in two weeks.

Closed by commit rG4046ad6bb0ee: vfs_syscalls.c: Fix handling of offset args for copy_file_range (authored by rmacklem). · Explain WhyAug 9 2025, 9:21 PM
This revision was automatically updated to reflect the committed changes.
rmacklem added a commit: rG4046ad6bb0ee: vfs_syscalls.c: Fix handling of offset args for copy_file_range.
rmacklem added a comment.Aug 23 2025, 9:49 PM
In D51845#1184637, @rmacklem wrote:
In D51845#1184634, @markj wrote:

The not so good news is that this bug made it out into 14.3.

I'll submit an EN since this is my bug (unless you'd really like to).

You are more than welcome to do so.
I'll give it a 2week MFC and you'll see it go into stable/14 in two weeks.

This is now in stable/14 as 2fd0083fcc23, so it's all yours.
Thanks for doing the EN, rick

Revision Contents
Changeset List

PathSize
sys/
kern/
17 lines

Diff 160138

View Options

sys/kern/vfs_syscalls.c

Loading...