From a222314fe6fd370e1ac4c821ea104fb1b421ada7 Mon Sep 17 00:00:00 2001 From: "Tim J. Robbins" Date: Fri, 20 Jun 2003 14:52:52 +0000 Subject: [PATCH] Merge from NetBSD src/sys/ntfs/ntfs_subr.c 1.5 & 1.30 (jdolecek): - Avoid calling bread() with different sizes on the same blkno. Although the buffer cache is designed to handle differing size buffers, it erroneously tries to write the incorrectly-sized buffer buffer back to disk before reading the correctly-sized one, even when it's not dirty. This behaviour caused a panic for read-only NTFS mounts when INVARIANTS was enabled ("bundirty: buffer x still on queue y"), reported by NAKAJI Hiroyuki. - Fix a bug in the code handling holes: a variable was incremented instead of decremented, which could cause an infinite loop. --- sys/fs/ntfs/ntfs_subr.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/sys/fs/ntfs/ntfs_subr.c b/sys/fs/ntfs/ntfs_subr.c index 68f654f2fa0..814a91e2075 100644 --- a/sys/fs/ntfs/ntfs_subr.c +++ b/sys/fs/ntfs/ntfs_subr.c @@ -1544,6 +1544,20 @@ ntfs_readntvattr_plain( min(ntfs_cntob(ccl) - off, MAXBSIZE - off)); cl = ntfs_btocl(tocopy + off); + + /* + * If 'off' pushes us to next + * block, don't attempt to read whole + * 'tocopy' at once. This is to avoid + * bread() with varying 'size' for + * same 'blkno', which is not good. + */ + if (cl > ntfs_btocl(tocopy)) { + tocopy -= + ntfs_btocnoff(tocopy + off); + cl--; + } + ddprintf(("ntfs_readntvattr_plain: " \ "read: cn: 0x%x cl: %d, " \ "off: %d len: %d, left: %d\n", @@ -1587,7 +1601,7 @@ ntfs_readntvattr_plain( off = 0; if (uio) { size_t remains = tocopy; - for(; remains; remains++) + for(; remains; remains--) uiomove("", 1, uio); } else bzero(data, tocopy);