You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "B Wyatt (JIRA)" <ji...@apache.org> on 2011/09/02 00:06:10 UTC
[jira] [Issue Comment Edited] (TS-941) invalid cast of off_t math
to int
[ https://issues.apache.org/jira/browse/TS-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13095636#comment-13095636 ]
B Wyatt edited comment on TS-941 at 9/1/11 10:05 PM:
-----------------------------------------------------
I will be testing this change on this test machine overnight
EDIT: ignore the "revision" number as that is my local svn repo's revision it is the same as Trunk#HEAD
{noformat}
Index: CacheWrite.cc
===================================================================
--- CacheWrite.cc (revision 13981)
+++ CacheWrite.cc (working copy)
@@ -694,8 +695,8 @@
int
Vol::evac_range(off_t low, off_t high, int evac_phase)
{
- int s = offset_to_vol_offset(this, low);
- int e = offset_to_vol_offset(this, high);
+ off_t s = offset_to_vol_offset(this, low);
+ off_t e = offset_to_vol_offset(this, high);
int si = dir_offset_evac_bucket(s);
int ei = dir_offset_evac_bucket(e);
{noformat}
was (Author: wanderingbort):
I will be testing this change on this test machine overnight
{noformat}
Index: CacheWrite.cc
===================================================================
--- CacheWrite.cc (revision 13981)
+++ CacheWrite.cc (working copy)
@@ -694,8 +695,8 @@
int
Vol::evac_range(off_t low, off_t high, int evac_phase)
{
- int s = offset_to_vol_offset(this, low);
- int e = offset_to_vol_offset(this, high);
+ off_t s = offset_to_vol_offset(this, low);
+ off_t e = offset_to_vol_offset(this, high);
int si = dir_offset_evac_bucket(s);
int ei = dir_offset_evac_bucket(e);
{noformat}
> invalid cast of off_t math to int
> ---------------------------------
>
> Key: TS-941
> URL: https://issues.apache.org/jira/browse/TS-941
> Project: Traffic Server
> Issue Type: Bug
> Components: Cache
> Affects Versions: 3.1.0
> Environment: Stock debian amd64 2.6.34.7 kernel modified to increase XEN domU max RAM to 96Gb
> Stock build with:
> ./configure --enable-layout=Debian --sysconfdir=/etc/trafficserver --libdir=
> /usr/lib/trafficserver --with-user=root --with-group=root --enable-debug --enabl
> e-static-libts CFLAGS= CXXFLAGS= --enable-wccp
> Reporter: B Wyatt
>
> iocore/CacheWrite.cc:Vol::evac_range calculates its looping values from 64bit off_t values but stores them in 32bit integers:
> {code:title=CacheWrite.cc#1086711:694-700}
> int
> Vol::evac_range(off_t low, off_t high, int evac_phase)
> {
> int s = offset_to_vol_offset(this, low);
> int e = offset_to_vol_offset(this, high);
> int si = dir_offset_evac_bucket(s);
> int ei = dir_offset_evac_bucket(e);
> {code}
> When Vol::start and/or the low high parameters get large enough these loop values become truncated and potentially negative causing a general protection fault as it attempts to access memory addresses below the valid range.
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira