Bug #4810

spa_async_tasks_pending suffers from an integer overflow bug

Added by Josef Sipek over 4 years ago. Updated over 4 years ago.

Status:ClosedStart date:2014-04-25
Priority:HighDue date:
Assignee:Josef Sipek% Done:

100%

Category:zfs - Zettabyte File System
Target version:-
Difficulty:Bite-size Tags:

Description

spa_async_tasks_pending multiplies NANOSEC by zfs_ccw_retry_interval (a global static int = 300), the compiler simply replaces the expression with a constant. It essentially turns from:

(gethrtime() - spa->spa_ccw_fail_time) < (zfs_ccw_retry_interval * NANOSEC);

To:

(gethrtime() - spa->spa_ccw_fail_time) < -3647256576

-3647256576 0xd964b800 300 seconds as nanoseconds truncated to 32-bit signed


Related issues

Related to illumos gate - Bug #4809: NANOSEC should be 'long long' to avoid integer overflow bugs Closed 2014-04-25

History

#1 Updated by Electric Monk over 4 years ago

  • % Done changed from 80 to 100
  • Status changed from New to Closed

git commit b59e2127f21675e88c58a4dd924bc55eeb83c7a6

commit  b59e2127f21675e88c58a4dd924bc55eeb83c7a6
Author: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
Date:   2014-04-29T15:42:11.000Z

    4809 NANOSEC should be 'long long' to avoid integer overflow bugs
    4810 spa_async_tasks_pending suffers from an integer overflow bug
    4811 in.mpathd: tv2ns suffers from an integer overflow bug
    Reviewed by: Marcel Telka <marcel.telka@nexenta.com>
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

#2 Updated by Robert Mustacchi over 4 years ago

  • Tags deleted (needs-triage)

Also available in: Atom