Debian Bug report logs - #306517
epoll_ctl(2) description differs from implementation

version graph

Package: manpages-dev; Maintainer for manpages-dev is Martin Schulze <joey@debian.org>; Source for manpages-dev is src:manpages.

Reported by: Mike Furr <mfurr@debian.org>

Date: Wed, 27 Apr 2005 06:18:02 UTC

Severity: normal

Tags: fixed-upstream

Found in version 2.02-1

Fixed in version 2.09-1

Done: Justin Pryzby <justinpryzby@users.sourceforge.net>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Martin Schulze <joey@debian.org>:
Bug#306517; Package manpages-dev. Full text and rfc822 format available.

Acknowledgement sent to Mike Furr <mfurr@debian.org>:
New Bug report received and forwarded. Copy sent to Martin Schulze <joey@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Mike Furr <mfurr@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: epoll_ctl(2) description differs from implementation
Date: Wed, 27 Apr 2005 02:06:01 -0400
Package: manpages-dev
Version: 2.02-1
Severity: normal

The epoll_ctl(2) man page states that when using the op parameter
EPOLL_CTL_DEL, "The event is ignored and can be NULL".  However, if
epoll_ctl is passed a value of NULL in its event paramter in this 
case, it returns EFAULT (which is also not listed as a possibility
in the ERRORS section).

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages manpages-dev depends on:
ii  manpages                      2.02-1     Manual pages about using a GNU/Lin

-- no debconf information



Information forwarded to debian-bugs-dist@lists.debian.org, Martin Schulze <joey@debian.org>:
Bug#306517; Package manpages-dev. Full text and rfc822 format available.

Acknowledgement sent to "Michael Kerrisk" <mtk-manpages@gmx.net>:
Extra info received and forwarded to list. Copy sent to Martin Schulze <joey@debian.org>. Full text and rfc822 format available.

Message #10 received at 306517@bugs.debian.org (full text, mbox):

From: "Michael Kerrisk" <mtk-manpages@gmx.net>
To: Martin Schulze <joey@infodrom.org>
Cc: 306517@bugs.debian.org,Mike Furr <mfurr@debian.org>,Davide Libenzi <davidel@xmailserver.org>
Subject: Re: #306517 epoll_ctl(2) description differs from implementation
Date: Thu, 16 Jun 2005 18:25:17 +0200 (MEST)
Regarding this bug report:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306517

I believe that the manual page probably correctly documents the 
intended behaviour, but the implementation is wrong.  In
fs/eventpoll.c::sys_epoll_ctl(), I believe the following:

   error = -EFAULT;
   if (EP_OP_HASH_EVENT(op) &&
          copy_from_user(&epds, event, sizeof(struct epoll_event)))
     goto eexit_1;


Should be guarded by something like

  if (op != EPOLL_CTL_DEL)

But hopefully Davide (the implementer) can shed some light.

Cheers,

Michael

-- 
Michael Kerrisk
maintainer of Linux man pages Sections 2, 3, 4, 5, and 7 

Want to help with man page maintenance?  Grab the latest
tarball at ftp://ftp.win.tue.nl/pub/linux-local/manpages/
and grep the source files for 'FIXME'.

Please submit non-trivial man page suggestions as 
"diff -u" patches.

Weitersagen: GMX DSL-Flatrates mit Tempo-Garantie!
Ab 4,99 Euro/Monat: http://www.gmx.net/de/go/dsl



Information forwarded to debian-bugs-dist@lists.debian.org, Martin Schulze <joey@debian.org>:
Bug#306517; Package manpages-dev. Full text and rfc822 format available.

Acknowledgement sent to Davide Libenzi <davidel@xmailserver.org>:
Extra info received and forwarded to list. Copy sent to Martin Schulze <joey@debian.org>. Full text and rfc822 format available.

Message #15 received at 306517@bugs.debian.org (full text, mbox):

From: Davide Libenzi <davidel@xmailserver.org>
To: Michael Kerrisk <mtk-manpages@gmx.net>
Cc: Martin Schulze <joey@infodrom.org>, 306517@bugs.debian.org, Mike Furr <mfurr@debian.org>
Subject: Re: #306517 epoll_ctl(2) description differs from implementation
Date: Thu, 16 Jun 2005 10:03:01 -0700 (PDT)
On Thu, 16 Jun 2005, Michael Kerrisk wrote:

> Regarding this bug report:
>
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306517
>
> I believe that the manual page probably correctly documents the
> intended behaviour, but the implementation is wrong.  In
> fs/eventpoll.c::sys_epoll_ctl(), I believe the following:
>
>   error = -EFAULT;
>   if (EP_OP_HASH_EVENT(op) &&
>          copy_from_user(&epds, event, sizeof(struct epoll_event)))
>     goto eexit_1;
>
>
> Should be guarded by something like
>
>  if (op != EPOLL_CTL_DEL)
>
> But hopefully Davide (the implementer) can shed some light.

The code looks right to me. This is the EP_OP_HASH_EVENT() macro:

#define EP_OP_HASH_EVENT(op) ((op) != EPOLL_CTL_DEL)

If you call:

epoll_ctl(EPOLL_CTL_DEL, NULL);

you have that EP_OP_HASH_EVENT() is false, and hence the copy_from_user() in:

   error = -EFAULT;
   if (EP_OP_HASH_EVENT(op) &&
          copy_from_user(&epds, event, sizeof(struct epoll_event)))
     goto eexit_1;

is never executed. Has the bug report been run on recent kernels? That fix 
is pretty old though, I think about a year old.



- Davide




Information forwarded to debian-bugs-dist@lists.debian.org, Martin Schulze <joey@debian.org>:
Bug#306517; Package manpages-dev. Full text and rfc822 format available.

Acknowledgement sent to "Michael Kerrisk" <mtk-manpages@gmx.net>:
Extra info received and forwarded to list. Copy sent to Martin Schulze <joey@debian.org>. Full text and rfc822 format available.

Message #20 received at 306517@bugs.debian.org (full text, mbox):

From: "Michael Kerrisk" <mtk-manpages@gmx.net>
To: Davide Libenzi <davidel@xmailserver.org>
Cc: joey@infodrom.org,306517@bugs.debian.org,mfurr@debian.org
Subject: Re: #306517 epoll_ctl(2) description differs from implementation
Date: Fri, 17 Jun 2005 13:31:28 +0200 (MEST)
> > Regarding this bug report:
> >
> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=306517
> >
> > I believe that the manual page probably correctly documents the
> > intended behaviour, but the implementation is wrong.  In
> > fs/eventpoll.c::sys_epoll_ctl(), I believe the following:
> >
> >   error = -EFAULT;
> >   if (EP_OP_HASH_EVENT(op) &&
> >          copy_from_user(&epds, event, sizeof(struct epoll_event)))
> >     goto eexit_1;
> >
> >
> > Should be guarded by something like
> >
> >  if (op != EPOLL_CTL_DEL)
> >
> > But hopefully Davide (the implementer) can shed some light.
> 
> The code looks right to me. This is the EP_OP_HASH_EVENT() macro:
> 
> #define EP_OP_HASH_EVENT(op) ((op) != EPOLL_CTL_DEL)
> 
> If you call:
> 
> epoll_ctl(EPOLL_CTL_DEL, NULL);
> 
> you have that EP_OP_HASH_EVENT() is false, and hence the copy_from_user()
> in:
> 
>     error = -EFAULT;
>     if (EP_OP_HASH_EVENT(op) &&
>            copy_from_user(&epds, event, sizeof(struct epoll_event)))
>       goto eexit_1;
> 
> is never executed. Has the bug report been run on recent kernels? That 
> fix is pretty old though, I think about a year old.

Hi Davide,

Sorry -- I should have looked more closely.  I've tested on 
2.6.12-rc6 and indeed the problem isn't there.  Looking at 
the kernel patches, I see the fix came in 2.6.9 (Oct 04).

Joey, Mike,

I will add a note under BUGS to the man page to point
out this bug in older kernels.  That will appear in 
man-pages-2.04.

Cheers,

Michael

-- 
Michael Kerrisk
maintainer of Linux man pages Sections 2, 3, 4, 5, and 7 

Want to help with man page maintenance?  Grab the latest
tarball at ftp://ftp.win.tue.nl/pub/linux-local/manpages/
and grep the source files for 'FIXME'.

Please submit non-trivial man page suggestions as 
"diff -u" patches.

Geschenkt: 3 Monate GMX ProMail gratis + 3 Ausgaben stern gratis
++ Jetzt anmelden & testen ++ http://www.gmx.net/de/go/promail ++



Information forwarded to debian-bugs-dist@lists.debian.org, Martin Schulze <joey@debian.org>:
Bug#306517; Package manpages-dev. Full text and rfc822 format available.

Acknowledgement sent to Mike Furr <mfurr@debian.org>:
Extra info received and forwarded to list. Copy sent to Martin Schulze <joey@debian.org>. Full text and rfc822 format available.

Message #25 received at 306517@bugs.debian.org (full text, mbox):

From: Mike Furr <mfurr@debian.org>
To: Michael Kerrisk <mtk-manpages@gmx.net>
Cc: 306517@bugs.debian.org
Subject: Re: #306517 epoll_ctl(2) description differs from implementation
Date: Fri, 17 Jun 2005 17:58:41 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Kerrisk wrote:
> Joey, Mike,
> 
> I will add a note under BUGS to the man page to point
> out this bug in older kernels.  That will appear in 
> man-pages-2.04.
Great, thanks.  Sorry for not checking more recent kernel versions.  I
tend not to update my kernel as frequently these days.

Cheers,
- -Mike
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCs0eQ7ZPKKRJLJvMRAhc7AJ4imN0y7iX3EYcZIj/HPLNLdvHIQACfaSq8
LQ02gGf98BCI1VCOEDiSJf0=
=PNpT
-----END PGP SIGNATURE-----



Tags added: fixed-upstream Request was from Justin Pryzby <justinpryzby@users.sourceforge.net> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to Justin Pryzby <justinpryzby@users.sourceforge.net>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Mike Furr <mfurr@debian.org>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #32 received at 306517-done@bugs.debian.org (full text, mbox):

From: Justin Pryzby <justinpryzby@users.sourceforge.net>
To: 317037-done@bugs.debian.org, 315411-done@bugs.debian.org, 209323-done@bugs.debian.org, 330877-done@bugs.debian.org, 321131-done@bugs.debian.org, 299795-done@bugs.debian.org, 295666-done@bugs.debian.org, 326520-done@bugs.debian.org, 306517-done@bugs.debian.org, 291121-done@bugs.debian.org, 323851-done@bugs.debian.org, 323062-done@bugs.debian.org, 101433-done@bugs.debian.org, 113812-done@bugs.debian.org, 219695-done@bugs.debian.org, 294890-done@bugs.debian.org
Cc: Martin Schulze <joey@debian.org>, Michael Kerrisk <mtk-manpages@gmx.net>
Subject: fixed in recent uploads of manpages
Date: Tue, 22 Nov 2005 11:35:39 -0500
Version: 2.09-1

These bugs are all reported fixed by the upstream manpages maintainer,
Michael Kerrisk.  For my own convenience, I'm marking them all as
"fixed by version 2.09-1", even though some of them are fixed by
earlier uploads.  The bug number, correct fixed-in version, and title
are listed below:

 #317037 2.06 Difficult to understand in sscanf RETURN VALUE
 #315411 2.09 New upstream release: 2.09
 #209323 2.09 please include pty(4) manpage
 #330877 2.09 read can return EINVAL when using O_DIRECT and buffer not aligned
 #321131 2.08 exit.3 missing &quot;is&quot;
 #299795 2.07 Some library functions' manpage use wrong hyphen
 #295666 2.03 regex.7.gz: The word boundary regexps are unsupported
 #326520 2.08 'man msgget' typo: one line not displayed
 #306517 2.04 epoll_ctl(2) description differs from implementation
 #291121 2.04 flock(2) second time by same process
 #323851 2.08 getpwnam.3 manpage should clarify the scope of pw_dir
 #323062 2.08 clone(2) CLONE_PARENT_SETTID description incorrect

 #101433 2.04 "man setitimer" give bad informations
 #113812 2.04 libc6-dev: iconv prototype
 #317037 2.06 Difficult to understand in sscanf RETURN VALUE
 #219695 2.04 sysconf(3): describes _SC_2_DEV, which doesn't exist
 #294890 2.03 Typo in wait(2): "watpid"

-- 
Clear skies,
Justin



Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 24 Jun 2007 17:59:03 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Fri Apr 25 07:42:57 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.