#At file:///G:/bzr/mysql-5.1-bugteam/ based on revid:staale.smedseng@stripped
2875 Vladislav Vaintroub 2009-04-28
Bug#43932 myisam index corruption with large index and large
key_buffer_size.
The cause of corruption was number overflow when multiplying
two ulong values, number of used keycache blocks with size
of a single block. The result of multiplication exceeded ulong
range (4G) and this lead to incorrectly calculated buffer offset
in the key cache.
The fix is to use size_t for multiplication result.
This patch also fixes pointless cast in safemalloc
(size of allocated block to uint), that creates lot of false
alarm warnings when using big keycache (> 4GB) in debug mode.
modified:
mysys/mf_keycache.c
mysys/safemalloc.c
=== modified file 'mysys/mf_keycache.c'
--- a/mysys/mf_keycache.c 2009-02-13 16:41:47 +0000
+++ b/mysys/mf_keycache.c 2009-04-28 18:58:40 +0000
@@ -2044,13 +2044,15 @@ restart:
}
else
{
+ size_t block_mem_offset;
/* There are some never used blocks, take first of them */
DBUG_ASSERT(keycache->blocks_used <
(ulong) keycache->disk_blocks);
block= &keycache->block_root[keycache->blocks_used];
+ block_mem_offset=
+ ((size_t)keycache->blocks_used)*keycache->key_cache_block_size;
block->buffer= ADD_TO_PTR(keycache->block_mem,
- ((ulong) keycache->blocks_used*
- keycache->key_cache_block_size),
+ block_mem_offset,
uchar*);
keycache->blocks_used++;
DBUG_ASSERT(!block->next_used);
=== modified file 'mysys/safemalloc.c'
--- a/mysys/safemalloc.c 2009-02-13 16:41:47 +0000
+++ b/mysys/safemalloc.c 2009-04-28 18:58:40 +0000
@@ -174,7 +174,7 @@ void *_mymalloc(size_t size, const char
data[size + 3]= MAGICEND3;
irem->filename= (char *) filename;
irem->linenum= lineno;
- irem->datasize= (uint32) size;
+ irem->datasize= size;
irem->prev= NULL;
/* Add this remember structure to the linked list */
Attachment: [text/bzr-bundle] bzr/vvaintroub@mysql.com-20090428185840-v6etabci2lqz97yn.bundle
