Project

General

Profile

Actions

Bug #4810

closed

spa_async_tasks_pending suffers from an integer overflow bug

Added by Josef Sipek about 7 years ago. Updated about 7 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
zfs - Zettabyte File System
Start date:
2014-04-25
Due date:
% Done:

100%

Estimated time:
Difficulty:
Bite-size
Tags:
Gerrit CR:

Description

spa_async_tasks_pending multiplies NANOSEC by zfs_ccw_retry_interval (a global static int = 300), the compiler simply replaces the expression with a constant. It essentially turns from:

(gethrtime() - spa->spa_ccw_fail_time) < (zfs_ccw_retry_interval * NANOSEC);

To:

(gethrtime() - spa->spa_ccw_fail_time) < -3647256576

-3647256576 0xd964b800 300 seconds as nanoseconds truncated to 32-bit signed


Related issues

Related to illumos gate - Bug #4809: NANOSEC should be 'long long' to avoid integer overflow bugsClosedJosef Sipek2014-04-25

Actions
Actions #1

Updated by Electric Monk about 7 years ago

  • Status changed from New to Closed
  • % Done changed from 80 to 100

git commit b59e2127f21675e88c58a4dd924bc55eeb83c7a6

commit  b59e2127f21675e88c58a4dd924bc55eeb83c7a6
Author: Josef 'Jeff' Sipek <josef.sipek@nexenta.com>
Date:   2014-04-29T15:42:11.000Z

    4809 NANOSEC should be 'long long' to avoid integer overflow bugs
    4810 spa_async_tasks_pending suffers from an integer overflow bug
    4811 in.mpathd: tv2ns suffers from an integer overflow bug
    Reviewed by: Marcel Telka <marcel.telka@nexenta.com>
    Reviewed by: Dan McDonald <danmcd@omniti.com>
    Approved by: Robert Mustacchi <rm@joyent.com>

Actions #2

Updated by Robert Mustacchi about 7 years ago

  • Tags deleted (needs-triage)
Actions

Also available in: Atom PDF