Skip to content

[storage/qmdb] fix panic in find_next when fetch_batch_size overflows MAX_LOCATION#3526

Open
0xAysh wants to merge 1 commit into
commonwarexyz:mainfrom
0xAysh:fix/gaps-checked-add-panic
Open

[storage/qmdb] fix panic in find_next when fetch_batch_size overflows MAX_LOCATION#3526
0xAysh wants to merge 1 commit into
commonwarexyz:mainfrom
0xAysh:fix/gaps-checked-add-panic

Conversation

@0xAysh
Copy link
Copy Markdown
Contributor

@0xAysh 0xAysh commented Apr 3, 2026
edited
Loading

Fixes #2068

Problem

find_next in qmdb/sync/gaps.rs panics when projecting the end location of an outstanding request:

 let end_loc = start_loc.checked_add(fetch_batch_size.get()).unwrap();

Location::checked_add returns None when the result exceeds MAX_LOCATION (2^62 - 1). With a start_loc near MAX_LOCATION and a fetch_batch_size large enough to overflow that bound, .unwrap() panics. fetch_batch_size is
caller-supplied config with no upper-bound validation relative to the target range, so this is reachable in normal sync invocations.

The same .unwrap() pattern exists one line above for fetched_operations operation counts and is fixed for consistency.

Fix

Replace both .checked_add(...).unwrap() calls with .saturating_add(...), lamping at MAX_LOCATION instead of returning None. end_loc is only used to determine coverage within the range, and range.end <= MAX_LOCATION always holds.

@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 3, 2026

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 95.74%. Comparing base (54ee26b) to head (097e9cf).

@@            Coverage Diff             @@
##             main    #3526      +/-   ##
==========================================
- Coverage   95.74%   95.74%   -0.01%     
==========================================
  Files         438      438              
  Lines      157975   157975              
  Branches     3706     3706              
==========================================
- Hits       151249   151248       -1     
- Misses       5541     5542       +1     
  Partials     1185     1185
Files with missing lines Coverage Δ
storage/src/qmdb/sync/gaps.rs 95.55% <100.00%> (ø)

... and 1 file with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 54ee26b...097e9cf. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

panicking at storage/src/adb/sync/gaps.rs:51

1 participant

@0xAysh