[PATCH] fix integer overflow in txg_delay()
Martin Matuska
mm at FreeBSD.org
Sun Jul 31 22:35:38 UTC 2011
The txg_delay() function in txg.c uses the following initialization:
int timeout = ddi_get_lbolt() + ticks;
Later, we have:
while (ddi_get_lbolt() < timeout &&
tx->tx_syncing_txg < txg-1 && !txg_stalled(dp))
(void) cv_timedwait(&tx->tx_quiesce_more_cv,
&tx->tx_sync_lock,
timeout - ddi_get_lbolt());
The function txg_delay() is called from:
dsl_pool_tempreserve_space() and dsl_dir_tempreserve_space()
In 24.855 days ddi_get_lbolt will be never smaller than timeout.
Please review and/or comment the attached patch.
--
Martin Matuska
FreeBSD committer
http://blog.vx.sk
-------------- next part --------------
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/txg.c
===================================================================
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/txg.c (revision 224527)
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/txg.c (working copy)
@@ -488,7 +488,7 @@
txg_delay(dsl_pool_t *dp, uint64_t txg, int ticks)
{
tx_state_t *tx = &dp->dp_tx;
- int timeout = ddi_get_lbolt() + ticks;
+ clock_t timeout = ddi_get_lbolt() + ticks;
/* don't delay if this txg could transition to quiesing immediately */
if (tx->tx_open_txg > txg ||
More information about the zfs-devel
mailing list