__has_feature(leak_sanitizer) was merged with Clang/LLVM today:
https://reviews.llvm.org/D67719
GCC specific ifdef __SANITIZE_LEAK__ is pending in upstream review...
https://gcc.gnu.org/ml/gcc-patches/2019-09/msg01270.html and can be
rejected as GCC upstream does not see value in feature parity with LLVM
sanitizers. For the time being this will be a NetBSD specific extension.
Today GCC/Clang allow to specify typedef char[] with the dynamic VLA
property (as introduced in C99). This means that __CTASSERT(), when
misused with run-time semantics, was a dummy check generating either
1 or -1 size of typedef char[].
It was caught in runtime by kUBSan as -1 is size of VLA with unspecified
semantics in runtime (Undefined Behavior).
Use bit-field to enforce compile-time constant.
This approach has been inspired by the Perl variation of static_assert().
The new member is caled f_mntfromlabel and it is the dkw_wname
of the corresponding wedge. This is now used by df -W to display
the mountpoint name as NAME=
by /sbin/{zfs,zpool,mount_zfs}. The general effect is to move them
from /usr/lib to /lib. Compatibility links are installed in /usr/lib
and nothing that is installed, say in /usr/pkg, appears to break.
With this, it is possible to have a /var and /usr mount using ZFS
legacy mounting early on in the boot process.
Run tested on amd64 and i386 and compile tested on evbarm.
validate that utimes() cannot update the times of a file on a read only
filesystem. The values are never actually used, but since
src/sys/kern/vfs_syscalls.c 1.535
they are validated for sanity, and the syscall returns EINVAL if the
values passed are invalid (tv_usec <0 or >= 1000000). If that happens
we don't get as far as the test which produces the EROFS that is expected
from this test (these tests - one for each filesystem type).
So, init the timeval structs (just to 0, the values will still not be
used) so that the EINVAL doesn't bite us before we're eaten by the EROFS
which is the way we're supposed to die.
If the syscall API args were labelled as "const" the compiler probably
would have caught the use of uninit'd vars and complained much sooner.
- zero out fs_args32 to prevent info leaks
- remove unused and non-functional copyin in NFS (lgtm bot)
- declare udata, and don't pass kernel pointers to copyout (lgtm bot)
- make sure data_len is just big enough, to mimic the native behavior
- don't forget to update *retval with the 32bit value
- add an XXX for NFS
