[
https://issues.apache.org/jira/browse/YARN-11964?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18083462#comment-18083462
]
ASF GitHub Bot commented on YARN-11964:
---------------------------------------
steveloughran commented on code in PR #8506:
URL: https://github.com/apache/hadoop/pull/8506#discussion_r3303153722
##########
hadoop-yarn-project/hadoop-yarn/hadoop-yarn-api/src/test/java/org/apache/hadoop/yarn/api/records/TestResource.java:
##########
@@ -43,6 +43,11 @@ void testCastToIntSafely() {
Resource.castToIntSafely(Long.MAX_VALUE),
"Cast to Integer.MAX_VALUE if the long is greater than "
+ "Integer.MAX_VALUE");
+
+ assertEquals(0, Resource.castToIntSafely(-1),
Review Comment:
keeping with assertEquals as it's already in use...FYI for new test suites
we like AssertJ as it's more informative and cherrypicks easily from junit5
branches (3.5+) and Junit4 (3.4.x)
> Resource.castToIntSafely() should clamp negative values to 0 to prevent
> propagation of invalid resource counts
> --------------------------------------------------------------------------------------------------------------
>
> Key: YARN-11964
> URL: https://issues.apache.org/jira/browse/YARN-11964
> Project: Hadoop YARN
> Issue Type: Bug
> Components: resourcemanager
> Affects Versions: 3.4.3
> Reporter: Ryu Kobayashi
> Assignee: Ryu Kobayashi
> Priority: Minor
> Labels: pull-request-available
>
> h2. Problem
> Resource.castToIntSafely() clamps values exceeding Integer.MAX_VALUE to
> Integer.MAX_VALUE,
> but silently passes through negative values. The method comment states
> "This method assumes resource value is positive", however this assumption
> is not guaranteed in practice.
> When YARN RM temporarily reports negative available resources
> (e.g. due to overload, node failures, or transient resource calculation
> errors),
> the negative value is propagated as-is to callers.
> h2. Root Cause
> The method only guards against positive overflow:
> {code:java}
> protected static int castToIntSafely(long value) {
> if (value > Integer.MAX_VALUE) {
> return Integer.MAX_VALUE;
> }
> return Long.valueOf(value).intValue();
> }
> {code}
> There is no guard for negative values. When a negative long is passed,
> it is returned as a negative int, which can cause unexpected behavior
> in downstream components that assume resource values are non-negative.
> h2. Impact
> Downstream components that rely on this method receiving a non-negative int
> may compute invalid results (e.g. negative slot counts, illegal collection
> sizes)
> when YARN temporarily reports negative available resources.
> h2. Fix
> Return 0 when value < 0, consistent with the existing behavior of
> clamping out-of-range values to a safe boundary:
> {code:java}
> protected static int castToIntSafely(long value) {
> if (value < 0) {
> return 0;
> }
> if (value > Integer.MAX_VALUE) {
> return Integer.MAX_VALUE;
> }
> return Long.valueOf(value).intValue();
> }
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
