Opened on 01/07/21 at 03:47:11

Closed on 11/29/22 at 23:34:37

#4211 closed defect (fixed)

_Timespec_To_ticks overflow

Reported by: Chris Johns Owned by:
Priority: normal Milestone: Indefinite
Component: score Version: 7
Severity: normal Keywords:
Cc: Blocked By:
Blocking:

Description

The FreeBSD NFSv4 sets a timeout of INT_MAX seconds and that translates as a call to tvtohz() with the struct timeval argument fields set to:

tvtohz: tv_sec=2147483647 tv_usec=0

The call overflows the unsigned 32bit integer number of ticks. Should an overflow be checked and the maximum number of ticks returned?

Change History (8)

comment:1 Changed on 01/07/21 at 08:23:23 by Sebastian Huber

I would simply use the tvtohz() implementation from FreeBSD.

comment:2 in reply to:  1 ; Changed on 01/07/21 at 22:21:25 by Chris Johns

Replying to Sebastian Huber:

I would simply use the tvtohz() implementation from FreeBSD.

The ticket is about correctness in the score and not libbsd.

comment:3 in reply to:  2 ; Changed on 01/08/21 at 05:42:44 by Sebastian Huber

Replying to Chris Johns:

Replying to Sebastian Huber:

I would simply use the tvtohz() implementation from FreeBSD.

The ticket is about correctness in the score and not libbsd.

The ticket description doesn't mention _Timespec_To_ticks().

_Timespec_To_ticks() is used for the sporadic server and the POSIX timer. Maybe the implementation should be changed to use CLOCK_MONOTONIC, but I don't really know what is specified by POSIX. Maybe Joel can have a look at this.

comment:4 in reply to:  3 Changed on 01/08/21 at 05:44:23 by Sebastian Huber

Replying to Sebastian Huber:

Replying to Chris Johns:

Replying to Sebastian Huber:

I would simply use the tvtohz() implementation from FreeBSD.

The ticket is about correctness in the score and not libbsd.

The ticket description doesn't mention _Timespec_To_ticks().

Sorry, it is in the subject.

comment:5 Changed on 01/08/21 at 06:07:06 by Sebastian Huber

I think the general question is what should be the behaviour if a user specifies a timeout which is after the specified uptime of the system (which is WATCHDOG_MAX_SECONDS, about 544 years). See also _Watchdog_Is_far_future_timespec().

comment:6 in reply to:  5 Changed on 01/10/21 at 01:09:21 by Chris Johns

Replying to Sebastian Huber:

I think the general question is what should be the behaviour if a user specifies a timeout which is after the specified uptime of the system (which is WATCHDOG_MAX_SECONDS, about 544 years). See also _Watchdog_Is_far_future_timespec().

Yes that would work. If the tv_sec field is more than WATCHDOG_MAX_SECONDS limit it to that value. We need to make the conversion predictable for all possible timespec input values.

comment:7 Changed on 12/17/21 at 17:04:17 by Joel Sherrill

Did this get resolved? Any updates?

comment:8 Changed on 11/29/22 at 23:34:37 by Chris Johns

Milestone: 6.1Indefinite
Resolution: fixed
Status: newclosed
Version: 67
Note: See TracTickets for help on using tickets.