MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:<gshchepa Date:October 26 2007 4:26pm
Subject:bk commit into 5.1 tree (gshchepa:1.2582) BUG#31036
View as plain text  
Below is the list of changes that have just been committed into a local
5.1 repository of uchum. When uchum does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-10-26 21:26:06+05:00, gshchepa@stripped +4 -0
  Fixed bug #31036: Using order by with archive table crashes server.
  
  1. Memory overrun have been fixed.
  2. Server failure on assertion has been fixed.

  mysql-test/r/archive.result@stripped, 2007-10-26 20:55:06+05:00, gshchepa@stripped +4 -0
    Added test case for bug #31036.

  mysql-test/t/archive.test@stripped, 2007-10-26 20:54:55+05:00, gshchepa@stripped +22 -0
    Added test case for bug #31036.

  storage/archive/azio.c@stripped, 2007-10-26 20:54:40+05:00, gshchepa@stripped +5 -5
    Fixed bug #31036.
    The ha_archive::rnd_pos function has been modified to take
    into account the result of the azseek function and
    to return HA_ERR_CRASHED_ON_USAGE in case of seek error.

  storage/archive/ha_archive.cc@stripped, 2007-10-26 20:54:49+05:00, gshchepa@stripped +2 -2
    Fixed bug #31036.
    1. Memory overrun has been fixed: maximal sizes of azio_stream::inbuf
       and azio_stream::outbuf was mixed.
    2. Zero value of the output parameter of the azread function was
       incorrectly interpreted by the azseek function: after the first
       successful read attempt the execution of the azseek loop was
       interrupted and negative value was returned.
       (See ha_archive::rnd_pos: that negative value was silently ignored,
       and an incomplete data was used, for example, as a size of a packed
       record, and server failed with the assertion:
       "row_len <= record_buffer->length".)

diff -Nrup a/mysql-test/r/archive.result b/mysql-test/r/archive.result
--- a/mysql-test/r/archive.result	2007-06-28 14:04:19 +05:00
+++ b/mysql-test/r/archive.result	2007-10-26 20:55:06 +05:00
@@ -12682,3 +12682,7 @@ check table t1 extended;
 Table	Op	Msg_type	Msg_text
 test.t1	check	status	OK
 drop table t1;
+CREATE TABLE t1(a VARCHAR(510)) ENGINE = ARCHIVE;
+INSERT INTO t1(a) VALUES ('');
+SELECT * FROM t1 ORDER BY a;
+DROP TABLE t1;
diff -Nrup a/mysql-test/t/archive.test b/mysql-test/t/archive.test
--- a/mysql-test/t/archive.test	2007-06-28 12:03:43 +05:00
+++ b/mysql-test/t/archive.test	2007-10-26 20:54:55 +05:00
@@ -1559,3 +1559,25 @@ insert into t1 set a='';
 insert into t1 set a='a';
 check table t1 extended;
 drop table t1;
+
+#
+# BUG#31036 - Using order by with archive table crashes server
+#
+
+CREATE TABLE t1(a VARCHAR(510)) ENGINE = ARCHIVE;
+
+let $bug31036=41;
+--disable_query_log
+while($bug31036)
+{
+  INSERT INTO t1(a) VALUES (REPEAT('a', 510));
+  dec $bug31036;
+}
+--enable_query_log
+INSERT INTO t1(a) VALUES ('');
+
+--disable_result_log
+SELECT * FROM t1 ORDER BY a;
+--enable_result_log
+
+DROP TABLE t1;
diff -Nrup a/storage/archive/azio.c b/storage/archive/azio.c
--- a/storage/archive/azio.c	2007-08-13 18:11:15 +05:00
+++ b/storage/archive/azio.c	2007-10-26 20:54:40 +05:00
@@ -681,8 +681,8 @@ my_off_t azseek (s, offset, whence)
     /* There was a zmemzero here if inbuf was null -Brian */
     while (offset > 0)  
     {
-      uInt size = AZ_BUFSIZE_WRITE;
-      if (offset < AZ_BUFSIZE_WRITE) size = (uInt)offset;
+      uInt size = AZ_BUFSIZE_READ;
+      if (offset < AZ_BUFSIZE_READ) size = (uInt)offset;
 
       size = azwrite(s, s->inbuf, size);
       if (size == 0) return -1L;
@@ -725,11 +725,11 @@ my_off_t azseek (s, offset, whence)
   }
   while (offset > 0)  {
     int error;
-    unsigned int size = AZ_BUFSIZE_READ;
-    if (offset < AZ_BUFSIZE_READ) size = (int)offset;
+    unsigned int size = AZ_BUFSIZE_WRITE;
+    if (offset < AZ_BUFSIZE_WRITE) size = (int)offset;
 
     size = azread(s, s->outbuf, size, &error);
-    if (error <= 0) return -1L;
+    if (error < 0) return -1L;
     offset -= size;
   }
   return s->out;
diff -Nrup a/storage/archive/ha_archive.cc b/storage/archive/ha_archive.cc
--- a/storage/archive/ha_archive.cc	2007-07-13 05:39:03 +05:00
+++ b/storage/archive/ha_archive.cc	2007-10-26 20:54:49 +05:00
@@ -1241,8 +1241,8 @@ int ha_archive::rnd_pos(uchar * buf, uch
   DBUG_ENTER("ha_archive::rnd_pos");
   ha_statistic_increment(&SSV::ha_read_rnd_next_count);
   current_position= (my_off_t)my_get_ptr(pos, ref_length);
-  (void)azseek(&archive, current_position, SEEK_SET);
-
+  if (azseek(&archive, current_position, SEEK_SET) < 0)
+    DBUG_RETURN(HA_ERR_CRASHED_ON_USAGE);
   DBUG_RETURN(get_row(&archive, buf));
 }
 
Thread
bk commit into 5.1 tree (gshchepa:1.2582) BUG#31036gshchepa26 Oct