Project

General

Profile

Bug #4810

spa_async_tasks_pending suffers from an integer overflow bug

Added by Josef Sipek about 5 years ago. Updated about 5 years ago.

Status:
Closed
Priority:
High
Assignee:
Josef Sipek
Category:
zfs - Zettabyte File System
Start date:
2014-04-25
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:

Description

spa_async_tasks_pending multiplies NANOSEC by zfs_ccw_retry_interval (a global static int = 300), the compiler simply replaces the expression with a constant. It essentially turns from:

(gethrtime() - spa->spa_ccw_fail_time) < (zfs_ccw_retry_interval * NANOSEC);

To:

(gethrtime() - spa->spa_ccw_fail_time) < -3647256576

-3647256576 0xd964b800 300 seconds as nanoseconds truncated to 32-bit signed

Related issues

Related to illumos gate - Bug #4809: NANOSEC should be 'long long' to avoid integer overflow bugsClosed2014-04-25

Actions

History

#1

Updated by Electric Monk about 5 years ago

  • Status changed from New to Closed
  • % Done changed from 80 to 100

git commit b59e2127f21675e88c58a4dd924bc55eeb83c7a6

commit  b59e2127f21675e88c58a4dd924bc55eeb83c7a6
Author: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
Date:   2014-04-29T15:42:11.000Z

    4809 NANOSEC should be 'long long' to avoid integer overflow bugs
    4810 spa_async_tasks_pending suffers from an integer overflow bug
    4811 in.mpathd: tv2ns suffers from an integer overflow bug
    Reviewed by: Marcel Telka <marcel.telka@nexenta.com>
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

#2

Updated by Robert Mustacchi about 5 years ago

  • Tags deleted (needs-triage)

Also available in: Atom PDF