On Sun, Dec 15, 2013 at 02:43:50PM +0100, Marin Ramesa wrote: > On 15.12.2013 14:00:22, Richard Braun wrote: > > What makes you think the content could be something else than a > > vm_map_copy object ? > > Well io_data is a pointer to char, not a pointer to vm_map_copy. And > there is not one member in io_req structure that keeps track of the > io_data size. The function char_write() could be called with io_data > having it's origin in something other than vm_map_copy.
You're reasoning only on what you see at the language level. If you look more closely, you'll see this case only applies when the data hasn't been transferred in-band. I'm pretty certain the VM system will have used a vm_map_copy object to list the pages concerned in the ou-of-band case. > > No, nothing guarantees that structures are null-terminated. This is a > > very wrong assumption. In addition, even if it was possible for the > > data to be something else than a vm_map_copy (in which case we'd want > > an assertion, because it should *never* happen), the data size could > > be 0, in which case simply accessing the first byte might cause a > > crash. > > The tests I've run always show null-termination. But you're right, the > structure could very well contain a '\0' in which case strlen() > wouldn't work. But there has to be some way to detect the end of a > structure in memory without knowing the types. Now you're reasoning only on what you saw with a few tests ! And no, what you want to do here makes no sense. You can't "detect" the end of a structure in memory. You have to know, either directly, or through some mechanism (e.G. a header containing the real type and length). -- Richard Braun