From: Tor Didriksen Date: January 31 2011 10:32am Subject: bzr commit into mysql-trunk branch (tor.didriksen:3580) Bug#59111 List-Archive: http://lists.mysql.com/commits/130030 X-Bug: 59111 Message-Id: <20110131103204.5A9603754@atum07.norway.sun.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3209689155037719222==" --===============3209689155037719222== MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline #At file:///export/home/didrik/repo/trunk-bug59111-gis-crash/ based on revid:jon.hauglid@stripped 3580 Tor Didriksen 2011-01-31 Bug #59111 gis crashes when server is compiled without performance schema The crash was due to pointer aliasing, nothing to do with perf.schema. @ sql/gcalc_slicescan.cc Use proper type for result_hook in new_slice(). Then static_cast<> before returning result (this was the bug). Cleanup some C-style casts, use reinterpret_cast instead. Move declarations closer to where they are actually needed. Remove the recursion between alloc_new_block() and new_item() @ sql/gcalc_slicescan.h Remove the recursion between alloc_new_block() and new_item() (it looked suspicious) modified: sql/gcalc_slicescan.cc sql/gcalc_slicescan.h === modified file 'sql/gcalc_slicescan.cc' --- a/sql/gcalc_slicescan.cc 2010-11-08 11:34:12 +0000 +++ b/sql/gcalc_slicescan.cc 2011-01-31 10:31:59 +0000 @@ -1,4 +1,4 @@ -/* Copyright (c) 2000, 2010 Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2011 Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -62,15 +62,14 @@ void Gcalc_dyn_list::format_blk(void* bl } -Gcalc_dyn_list::Item *Gcalc_dyn_list::alloc_new_blk() +void Gcalc_dyn_list::alloc_new_blk() { void *new_block= my_malloc(m_blk_size, MYF(MY_WME)); if (!new_block) - return NULL; + return; *m_blk_hook= new_block; m_blk_hook= (void**)new_block; format_blk(new_block); - return new_item(); } @@ -260,8 +259,8 @@ Gcalc_scan_iterator::Gcalc_scan_iterator Gcalc_scan_iterator::point *Gcalc_scan_iterator::new_slice(Gcalc_scan_iterator::point *example) { - point *result= NULL; - Gcalc_dyn_list::Item **result_hook= (Gcalc_dyn_list::Item **)&result; + Gcalc_dyn_list::Item *item_result= NULL; + Gcalc_dyn_list::Item **result_hook= &item_result; while (example) { *result_hook= new_slice_point(); @@ -269,6 +268,7 @@ Gcalc_scan_iterator::point example= example->get_next(); } *result_hook= NULL; + point *result= static_cast(item_result); return result; } @@ -321,13 +321,10 @@ static inline bool slice_first(const Gca int Gcalc_scan_iterator::insert_top_point() { - point *sp= m_slice1; - Gcalc_dyn_list::Item **prev_hook= (Gcalc_dyn_list::Item **)&m_slice1; - point *sp1; point *sp0= new_slice_point(); - if (!sp0) return 1; + sp0->pi= m_cur_pi; sp0->next_pi= m_cur_pi->left; sp0->thread= m_cur_thread++; @@ -338,7 +335,8 @@ int Gcalc_scan_iterator::insert_top_poin m_event1= scev_thread; /*Now just to increase the size of m_slice0 to be same*/ - if (!(sp1= new_slice_point())) + point *sp1= new_slice_point(); + if (!sp1) return 1; sp1->next= m_slice0; m_slice0= sp1; @@ -354,15 +352,18 @@ int Gcalc_scan_iterator::insert_top_poin Binary search could probably make things faster here, but structures used aren't suitable, and the scan is usually not really long */ - for (; sp && slice_first(sp, sp0); - prev_hook= &sp->next, sp=sp->get_next()) - {} + point *sp= m_slice1; + point **prev_hook= &m_slice1; + for (; sp && slice_first(sp, sp0); sp=sp->get_next()) + { + prev_hook= reinterpret_cast(&(sp->next)); + } if (m_cur_pi->right) { m_event1= scev_two_threads; /*We have two threads so should decide which one will be first*/ - sp1= new_slice_point(); + point *sp1= new_slice_point(); if (!sp1) return 1; sp1->pi= m_cur_pi; @@ -549,7 +550,6 @@ int Gcalc_scan_iterator::add_intersectio int Gcalc_scan_iterator::find_intersections() { point *sp1= m_slice1; - Gcalc_dyn_list::Item **hook; m_n_intersections= 0; { @@ -564,7 +564,8 @@ int Gcalc_scan_iterator::find_intersecti } } - hook= (Gcalc_dyn_list::Item **)&m_intersections; + Gcalc_dyn_list::Item **hook= + reinterpret_cast(&m_intersections); bool intersections_found; point *last_possible_isc= NULL; === modified file 'sql/gcalc_slicescan.h' --- a/sql/gcalc_slicescan.h 2010-11-05 09:34:03 +0000 +++ b/sql/gcalc_slicescan.h 2011-01-31 10:31:59 +0000 @@ -1,4 +1,4 @@ -/* Copyright (c) 2000, 2010 Oracle and/or its affiliates. All rights reserved. +/* Copyright (c) 2000, 2011 Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -42,14 +42,17 @@ public: Item *new_item() { Item *result; + if (!m_free) + alloc_new_blk(); if (m_free) { result= m_free; m_free= m_free->next; } else - result= alloc_new_blk(); + return NULL; + result->next= NULL; return result; } inline void free_item(Item *item) @@ -83,7 +86,7 @@ protected: Item *m_free; Item *m_keep; - Item *alloc_new_blk(); + void alloc_new_blk(); void format_blk(void* block); inline Item *ptr_add(Item *ptr, int n_items) { --===============3209689155037719222== MIME-Version: 1.0 Content-Type: text/bzr-bundle; charset="us-ascii"; name="bzr/tor.didriksen@stripped" Content-Transfer-Encoding: 7bit Content-Disposition: inline # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: tor.didriksen@stripped\ # 2hfht7hf9sg199e6 # target_branch: file:///export/home/didrik/repo/trunk-bug59111-gis-\ # crash/ # testament_sha1: 79221eeec193b096f93fe2ee9fd55325f5ca3339 # timestamp: 2011-01-31 11:32:03 +0100 # base_revision_id: jon.hauglid@stripped\ # 93a4ubzhesdrfc9h # # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWZ9CFlsAA2XfgFAQeXf//36n lgC////6YAec6u7l8HPQHtzye091B2zdz3u7AkkjRPU2k01T9TyUeo2ao/STyh+ponqepkGgMRgS iNTajU8U1T9MVM9JGYpqNP1QBpggDQGCUUxqaaRqbSZDT1DaQAAAAyNNABIimhoppoaZGINT1NMh oaBoAABocwJiaDCZMmTIwmCaaZGJgCGASSE0AaJpNpqT9TU3qj01Q/KnpM2pNNA0MmTJJ6WBv5Ts Zz8pXL3SiHY/nrKl+meSzVdEd22TF2UbIudkuCzGOatObLkY2i+6EsGsjAtKVtpbWLkzajbbRGUX SwCIjgQ8Pa+eJn0EV9xVFDGeaCGfMIZx0zq9aODPwxnvRo4zqIwMCvHhWil0dG3MxayGsiYppohP CK3RXikKsRbwGGxMrYiRPoJ2YwkD9xvIjiqvOEDcvwfdOO1EWvcPIoxxeR/N9EtUL7HLBoLtHRxw 5qmlozwCMFFokM2eYqISnOenXcZMLzVqJvZYiWgx4nuNtchydDOTRMSOgdNs32b9a88eDgIV+qON yyGW5uwpiG0hw22rC/ZXR0Db3FpWdCsA2jKcjOroWet/JR7dms+d8FolXwZ0S2vMikS2JDgPdrMz XJmsI4UkpxXsKhkD8rh7GJAUwnIQ5AfEb0sAxRAf3rRlQKgUOdCHKJLI7CmmPz+ql1LXAHnnte+5 xClTmxz1Do4D2wEtjCN5s5xIDJHYkMYmPvropwsow7IbyAlbNfEK1MRwqjIDaKrQrk/aTflQcKVt fyAo3tvvLzEyGHDvMb85itFTb3bWLGOACiohU7ulEXIxPGF5tmRinGcWHprG0mQxF7e7LIDSCWK7 YT3Rl5fI8aohEBUwArW0WVPKo99SssilQzDOIFZBJQFvXnNFhkvq4fNOXKTE8cVm69kmuS2ToYpT ZjTdBT/Rk32nCzqPderKsIeBY70cgyOijEnSuO4D2d/nPtob4lizf8nWhHHVXNNmkhiOTTFEUS/D ArB1wJne0siY5EcfPMHSpbmTec7bm4pNLiK2e2Y0aZx5piWqUv6YtEkS5b4nBiAL1A0zs2omi3GW q3VccpgaylSFe6nkScCuqePDstDWHakAKhEgYSImWfNJD8IXK5v2MHAy2WgF8kyAnrZOxDPtBmuW NJkivB7o3hSSRTCAMQuWFbLRde7lTDYvqPwsipHmdDxpnL4lB03EybCR2qqUitxc55dCZMiRIoqB dJVCiqLlse5UfKYHhivmowRByb4pvqjHvYYVUnnMeDi6ESCHoiiZ5MvLjAJ4DERDjvNIizJjkFv2 83sAMZfe1l6gMno0qhJS8KPxIuFpbOI5MswU9GMlaWgmWaAoDh47KPuXP51oL600m5sydT4Itluy LUhE24ZUbzE3jsTgOYZZGaPWhhFB8kdRGojFGy3qjWsWODhHgQdSNrIdvXogAWViWbtjZtGLFA1Y xYMoPG7a/hp44I4eY4k7TC6QFNrzUnvnvbJEOieyWSUQTWSC9CG2YWGDNucRolGf6ph3LJDIgJ7N TzSO0EfGeTiB4eZ+pkenf6EW2IOhAuo2OfAl6rrtBp8EV8uXJqclXqVM+bzT58Oxen5Q0QKn/mrE SCIYJmihKEeGm1zsUkIhTJoEbZVTWDSNTWYaWZCvRbbcU0mSR0MVp3EKgJFxUoqNaoMCgD2HPgMc Sk4yNpA3t2C6106GN8QEdva6RDcRvAcvAGOPkqspcuo15OYZvNFB7CgofZj0GEHROUWn1VHiB4gO N/uZO4mADLuQDw0y6J4wA7Xh4lR2siK+nJIhT8h6qB7ArkFbDzgeKJU3ct0bxGCw8vu4V0JWmkq9 1rdEZIstG+GfcUmtxRngvC/smcMbnPRQXIeogon8hkFaHuWkfBJcrXnWpOEmF8GixUAZK1EPUvoc siItUh5bF4EpnFYhea9O79L00HGAPiWqw2rj2FvWVL71ZUrSGSTBFEDTdjJSHpRiUFah0NyHIb8S Bgy8Kts+Y8pIiLEyGTMFblLivO7YVrJKr0nIRYLtEuDFi9yYM2OSKqlqXdPUO2JH+EmQ5FTl1KG2 umnwtLLWQ5gsY03sMKVX7+KpIXwL3Y6i9D7CGlpHFPrvlv89TQqHo3ULjoKdFgNIa7iEg68FQmm4 cz3XRJrNLN6XivlSyTf8srDqT+Dw1lCgLdDOZlrNt+QwChsi+2FCgvsOCRxBoQe8mZNZHCFzumDN RZ0gkcDEe8CoebK1jig0kPJGLDlSwJj2/6zuuh7xn7Li4vUpSQ4Hzm6KGfxkA0uKepPoOs0J8aW/ q4aEoiq4DIRUGgPRQWkWBRN9wVRTiYXmQK0kkNWiz6FLGcPPmJ5Up56zNMO6YIkD7TaQsmCFW1E1 fHcbWX8LvP76GKp6MBL9Fe/CxXmV8zpy1PWBBVFSZ6OdDhDFQwTrWCCOjF09aG7TywyWKrVdp/4u 5IpwoSE+hCy2 --===============3209689155037719222==--