[#MDEV-4203] Possible bug in maria's repair functions

[MDEV-4203] Possible bug in maria's repair functions Created: 2013-02-25 Updated: 2013-02-26 Resolved: 2013-02-26
Status:	Closed
Project:	MariaDB Server
Component/s:	None
Affects Version/s:	10.0.1, 5.5.29, 5.1.67, 5.2.14, 5.3.12
Fix Version/s:	10.0.2, 5.5.31, 5.1.73, 5.2.15, 5.3.13

Type:

Bug

Priority:

Major

Reporter:

Pavel Ivanov

Assignee:

Vladislav Vaintroub

Resolution:

Fixed

Votes:

Labels:

None

Description

File storage/maria/ma_check.c in 10.0.1 tarball has very suspicious code on line 4028:

    my_off_t skr= (share->state.state.data_file_length +

                   (sort_info.org_data_file_type == COMPRESSED_RECORD) ?

                   MEMMAP_EXTRA_MARGIN : 0);

It looks like the intention was to add to data_file_length either MEMMAP_EXTRA_MARGIN or 0. But according to C operator precedence '+' has a priority over '?:', so the result of the whole expression will be either 0 or something non-zero.
I don't know how to hit this code in a test case, so I can't prove my theory. So could you please check what's the real intention here?

I saw another instance of similar code at line 4548 at the same file. So if this one has bug then the one on line 4548 has it too I guess.

Comments

Comment by Elena Stepanova [ 2013-02-26 ]

Wlad, could you please take a look?

Generated at Thu Feb 08 06:54:35 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-4203] Possible bug in maria's repair functions Created: 2013-02-25 Updated: 2013-02-26 Resolved: 2013-02-26