[MDEV-3507] LP:686010 - maria.optimize corrupts stack around alloca() call Created: 2010-12-06  Updated: 2012-10-04  Resolved: 2012-10-04

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Minor
Reporter: Vladislav Vaintroub Assignee: Michael Widenius
Resolution: Fixed Votes: 0
Labels: Launchpad

Attachments: XML File LPexportBug686010.xml    

 Description   

5.1, debug compilation, VS2010.
maria.optimize fails due to runtime check by compiler

maria.optimize [ fail ] Found warnings/errors in server log file!
Test ended at 2010-12-06 14:09:08
line
Error:Run-Time Check Failure #4 - Stack area around _alloca memory reserved by this function is corrupted

 Comments   
Comment by Vladislav Vaintroub [ 2010-12-06 ]

Re: maria.optimize corrupts stack around alloca() call
This is runtime check due to compiler option /RTC1.

The callstack leading to it is can be examined if mysqld.exe is started under debugger

perl mysql-test-run.pl --suite=maria optimize --debugger=devenv

> mysqld.exe!sort_one_index(st_handler_check_param * param, st_maria_handler * info, st_maria_keydef * keyinfo, unsigned __int64 pagepos, int new_file) Line 3211 + 0x15 bytes C

mysqld.exe!sort_one_index(st_handler_check_param * param, st_maria_handler * info, st_maria_keydef * keyinfo, unsigned __int64 pagepos, int new_file) Line 3163 + 0x1d bytes C

mysqld.exe!maria_sort_index(st_handler_check_param * param, st_maria_handler * info, char * name) Line 3036 + 0x2d bytes C

mysqld.exe!ha_maria::repair(THD * thd, st_handler_check_param * param, bool do_optimize) Line 1526 + 0x1a bytes C++

mysqld.exe!ha_maria::optimize(THD * thd, st_ha_check_opt * check_opt) Line 1403 + 0x12 bytes C++

mysqld.exe!handler::ha_optimize(THD * thd, st_ha_check_opt * check_opt) Line 3296 + 0x1a bytes C++

mysqld.exe!mysql_admin_table(THD * thd, TABLE_LIST * tables, st_ha_check_opt * check_opt, const char * operator_name, thr_lock_type lock_type, bool open_for_modify, bool no_warnings_for_error, unsigned int extra_open_options, int (THD , TABLE_LIST *, st_ha_check_opt *) prepare_func, int (THD , st_ha_check_opt *) operator_func, int (THD , TABLE_LIST *) view_operator_func) Line 4819 + 0x19 bytes C++

mysqld.exe!mysql_optimize_table(THD * thd, TABLE_LIST * tables, st_ha_check_opt * check_opt) Line 5093 + 0x51 bytes C++

mysqld.exe!mysql_execute_command(THD * thd) Line 3130 + 0x3d bytes C++

mysqld.exe!mysql_parse(THD * thd, char * rawbuf, unsigned int length, const char * * found_semicolon) Line 6151 + 0x9 bytes C++

mysqld.exe!dispatch_command(enum_server_command command, THD * thd, char * packet, unsigned int packet_length) Line 1273 + 0x22 bytes C++

mysqld.exe!do_command(THD * thd) Line 899 + 0x1b bytes C++

Comment by Vladislav Vaintroub [ 2010-12-06 ]

Re: maria.optimize corrupts stack around alloca() call
It looks like

next_page= _ma_kpos(nod_flag,keypos);

statement in ma_check.c : sort_one_index()

overwrites at least one byte after the end of buff (that was allocated with my_alloca).

Comment by Oleksandr Byelkin [ 2010-12-09 ]

Re: maria.optimize corrupts stack around alloca() call
The bug is visible under valgrind if change my_alloca call with malloc() (not alloca())

Comment by Michael Widenius [ 2010-12-10 ]

Re: maria.optimize corrupts stack around alloca() call
Fix committed into 5.1

Comment by Rasmus Johansson (Inactive) [ 2010-12-17 ]

Launchpad bug id: 686010

Generated at Thu Feb 08 06:49:08 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.