Actions
Bug #4810
closedspa_async_tasks_pending suffers from an integer overflow bug
Start date:
2014-04-25
Due date:
% Done:
100%
Estimated time:
Difficulty:
Bite-size
Tags:
Gerrit CR:
Description
spa_async_tasks_pending multiplies NANOSEC by zfs_ccw_retry_interval (a global static int = 300), the compiler simply replaces the expression with a constant. It essentially turns from:
(gethrtime() - spa->spa_ccw_fail_time) < (zfs_ccw_retry_interval * NANOSEC);
To:
(gethrtime() - spa->spa_ccw_fail_time) < -3647256576
-3647256576 0xd964b800 300 seconds as nanoseconds truncated to 32-bit signed
Related issues
Updated by Electric Monk over 8 years ago
- Status changed from New to Closed
- % Done changed from 80 to 100
git commit b59e2127f21675e88c58a4dd924bc55eeb83c7a6
commit b59e2127f21675e88c58a4dd924bc55eeb83c7a6 Author: Josef 'Jeff' Sipek <josef.sipek@nexenta.com> Date: 2014-04-29T15:42:11.000Z 4809 NANOSEC should be 'long long' to avoid integer overflow bugs 4810 spa_async_tasks_pending suffers from an integer overflow bug 4811 in.mpathd: tv2ns suffers from an integer overflow bug Reviewed by: Marcel Telka <marcel.telka@nexenta.com> Reviewed by: Dan McDonald <danmcd@omniti.com> Approved by: Robert Mustacchi <rm@joyent.com>
Actions