On Tue, Feb 16, 2016 at 05:52:36PM +0000, Sprow wrote:
> In article <20160216173419.GA20045@spod.org>,
> > For the long explanation of why this HostFS patch is not included in
> > RPCEmu, please see this post from 2011.
> >
> > http://www.riscos.info/pipermail/rpcemu/2011-October/001383.html
>
> I recall that discussion at the time, and the thread continued
> http://www.riscos.info/pipermail/rpcemu/2011-October/001384.html
> then fell silent.
>
> The tests performed in the post you've highlighted didn't really elicit any
> new information:
> Old FileSwitch + 4GB files + vanilla HostFS => doesn't work
> Old FileSwitch + 4GB files + 4GB HostFS => doesn't work
> New FileSwitch + 4GB files + vanilla HostFS => doesn't work
> New FileSwitch + 4GB files + 4GB HostFS => does work
>
> the point being that having the underlying HostFS being 4GB capable is
> harmless for OS versions that it already doesn't work on, it's only when
> coupled with RISC OS 5.20 and (chronologically) later that you get benefit.
Unfortuanately it is not harmless on OSes < 5.20 nor harmless on >= 5.20.
At this time it seems to be important to state the requirements that
HostFS should have. These may only have been implicit before.
1) HostFS needs to work on all versions of RISC OS that RPCEmu can run (at
least 3.5, possibly even 3.1 for arcem support).
2) RPCEmu users can place any size file in their HostFS directory on the
Host Side, and HostFS must handle this gracefully.
3) HostFS should protect RPCEmu user's data from loss or corruption.
One specific case discussed here of 3) is that allowing files to be opened
that are larger than the maximum size that RO supports risks data loss, as
a program can only work on only some of the data in a file, which can cause
corruption.
Here follows a table describing the current situation in RPCEmu.
I have used the phrase 'Data Safe' to represent that they don't allow
files to be opened that are larger than OS supports.
32bit builds 64bit builds
RO 3,4,6 Data Safe (2GB filesize limit) Data Unsafe (no filesize limit)
RO 5 Data Safe (2GB filesize limit) Data Unsafe (no filesize limit)
The problem of RPCEmu as it stands at the moment is that it does not meet
our requirements of protecting users data on 64bit builds. Because HostFS
allows the opening of files that are beyond what the OS can safely handle.
The 32bit builds (including windows binaries) are implicitly data safe,
due to using the 2^31 file APIs.
The 64bit builds allow files from 2^31 (2^32 on RO5) to 2^63 to be opened
when they shouldn't.
This is the effect your patch has:
32bit builds 64bit builds
RO 3,4,6 Data Unsafe (no filesize limit) Data Unsafe (no filesize limit)
RO 5 Data Unsafe (no filesize limit) Data Unsafe (no filesize limit)
Your patch has the effect of increasing the cases in which user's data is
not protected. As such, we can not commit it.
I propose that we do the following instead, add a check in HostFS's file
open to prevent large files being opened (>2GB) and return a "file too
large" error to RISC OS, this meets the requirements of protecting the
users data in all scenarios.
The effects of this proposal are in this table:
32bit builds 64bit builds
RO 3,4,6 Data Safe (2GB filesize limit) Data Safe (2GB filesize limit)
RO 5 Data Safe (2GB filesize limit) Data Safe (2GB filesize limit)
A limitation of 2GB files on a RISC OS that supports 4GB files is not
ideal, but safe from data corruption. It is much safer than setting the
limit at 4GB and allowing 2-4GB files to be opened on a RISC OS that only
supports 2GB files.
If there is a backwards compatible way that a RISC OS file system module
can determine that it is running on an OS that supports files up to 4GB
in size, then this API could be used to modify HostFS to increase its
filesize limit to 4GB on supported RISC OSes.
This would need to be something much more robust than an OS version check,
and involve HostFS declaring it could use 4GB files as well as the OS
declaring it wants to use 4GB files (a negotiation).
Peter
--
Peter Howkins
peter.howkins@marutan.net
_______________________________________________
Rpcemu mailing list
Rpcemu@riscos.info
http://www.riscos.info/cgi-bin/mailman/listinfo/rpcemu
No comments:
Post a Comment