From 95a477b5ecd41e6c8e8d2b2f3d7a349b02a3e420 Mon Sep 17 00:00:00 2001 From: unknown Date: Wed, 21 Feb 2007 16:33:16 +0100 Subject: [PATCH] ndb - bug#26514 fix overflow that could occur when have either lots of dd-data or very high dd-parallelism storage/ndb/src/kernel/vm/RWPool.cpp: Add define for sizeof WOPage Make sure correct size is used when checking for end of page storage/ndb/src/kernel/vm/RWPool.hpp: Add define for sizeof RWPage storage/ndb/src/kernel/vm/WOPool.cpp: Add define for sizeof WOPage Make sure correct size is used when checking for end of page storage/ndb/src/kernel/vm/WOPool.hpp: Add define for sizeof WOPage Make sure correct size is used when checking for end of page --- storage/ndb/src/kernel/vm/RWPool.cpp | 14 +++++++++----- storage/ndb/src/kernel/vm/RWPool.hpp | 4 +++- storage/ndb/src/kernel/vm/WOPool.cpp | 2 +- storage/ndb/src/kernel/vm/WOPool.hpp | 6 ++++-- 4 files changed, 17 insertions(+), 9 deletions(-) diff --git a/storage/ndb/src/kernel/vm/RWPool.cpp b/storage/ndb/src/kernel/vm/RWPool.cpp index 040e6ddac45..192a8f87402 100644 --- a/storage/ndb/src/kernel/vm/RWPool.cpp +++ b/storage/ndb/src/kernel/vm/RWPool.cpp @@ -22,7 +22,7 @@ RWPool::RWPool() { bzero(this, sizeof(* this)); - m_current_pos = GLOBAL_PAGE_SIZE_WORDS; + m_current_pos = RWPage::RWPAGE_WORDS; m_current_first_free = REC_NIL; m_first_free_page = RNIL; } @@ -57,7 +57,7 @@ seize_free: m_current_first_free = pageP->m_data[pos+m_record_info.m_offset_next_pool]; return true; } - else if (pos + size < GLOBAL_PAGE_SIZE_WORDS) + else if (pos + size < RWPage::RWPAGE_WORDS) { seize_first: ptr.i = (m_current_page_no << POOL_RECORD_BITS) + pos; @@ -81,11 +81,14 @@ seize_first: { pageP = m_current_page = m_memroot + m_first_free_page; m_current_page_no = m_first_free_page; - m_current_pos = GLOBAL_PAGE_SIZE_WORDS; + m_current_pos = RWPage::RWPAGE_WORDS; m_current_first_free = m_current_page->m_first_free; m_first_free_page = m_current_page->m_next_page; m_current_ref_count = m_current_page->m_ref_count; - (m_memroot + m_first_free_page)->m_prev_page = RNIL; + if (m_first_free_page != RNIL) + { + (m_memroot + m_first_free_page)->m_prev_page = RNIL; + } goto seize_free; } @@ -105,7 +108,7 @@ seize_first: m_current_page = 0; m_current_page_no = RNIL; - m_current_pos = GLOBAL_PAGE_SIZE_WORDS; + m_current_pos = RWPage::RWPAGE_WORDS; m_current_first_free = REC_NIL; return false; @@ -154,6 +157,7 @@ RWPool::release(Ptr ptr) } page->m_next_page = ffp; page->m_prev_page = RNIL; + m_first_free_page = ptr_page; return; } else if(ref_cnt == 1) diff --git a/storage/ndb/src/kernel/vm/RWPool.hpp b/storage/ndb/src/kernel/vm/RWPool.hpp index 1da27c56799..13001b4d9dc 100644 --- a/storage/ndb/src/kernel/vm/RWPool.hpp +++ b/storage/ndb/src/kernel/vm/RWPool.hpp @@ -20,12 +20,14 @@ struct RWPage { + STATIC_CONST( RWPAGE_WORDS = GLOBAL_PAGE_SIZE_WORDS - 4 ); + Uint32 m_type_id; Uint16 m_first_free; Uint16 m_ref_count; Uint32 m_next_page; Uint32 m_prev_page; - Uint32 m_data[GLOBAL_PAGE_SIZE_WORDS - 4]; + Uint32 m_data[RWPAGE_WORDS]; }; /** diff --git a/storage/ndb/src/kernel/vm/WOPool.cpp b/storage/ndb/src/kernel/vm/WOPool.cpp index 634d8b03ea7..e318001da30 100644 --- a/storage/ndb/src/kernel/vm/WOPool.cpp +++ b/storage/ndb/src/kernel/vm/WOPool.cpp @@ -20,7 +20,7 @@ WOPool::WOPool() { bzero(this, sizeof(* this)); - m_current_pos = GLOBAL_PAGE_SIZE_WORDS; + m_current_pos = WOPage::WOPAGE_WORDS; } void diff --git a/storage/ndb/src/kernel/vm/WOPool.hpp b/storage/ndb/src/kernel/vm/WOPool.hpp index 6e852b580df..f38716b98f3 100644 --- a/storage/ndb/src/kernel/vm/WOPool.hpp +++ b/storage/ndb/src/kernel/vm/WOPool.hpp @@ -20,9 +20,11 @@ struct WOPage { + STATIC_CONST( WOPAGE_WORDS = GLOBAL_PAGE_SIZE_WORDS - 2 ); + Uint32 m_type_id; Uint32 m_ref_count; - Uint32 m_data[GLOBAL_PAGE_SIZE_WORDS - 2]; + Uint32 m_data[WOPAGE_WORDS]; }; /** @@ -61,7 +63,7 @@ WOPool::seize(Ptr& ptr) Uint32 pos = m_current_pos; Uint32 size = m_record_info.m_size; WOPage *pageP = m_current_page; - if (likely(pos + size < GLOBAL_PAGE_SIZE_WORDS)) + if (likely(pos + size < WOPage::WOPAGE_WORDS)) { ptr.i = (m_current_page_no << POOL_RECORD_BITS) + pos; ptr.p = (pageP->m_data + pos);