diff options
| author | Oleksandr Byelkin <sanja@mariadb.com> | 2022-06-23 14:48:29 +0200 |
|---|---|---|
| committer | Oleksandr Byelkin <sanja@mariadb.com> | 2022-06-24 10:03:23 +0200 |
| commit | 5feb60ce186a41ba97f4c9dc4ab23bab4e87296e (patch) | |
| tree | 2b2683d044c62b5bec1fb6302b43a822d5bce60b | |
| parent | 3e09c6199dc4c74ee628cf01486927e4d3261887 (diff) | |
| download | mariadb-git-5feb60ce186a41ba97f4c9dc4ab23bab4e87296e.tar.gz | |
MDEV-22590 SIGSEGV in flush_all_key_blocks when changing key_buffer_size / ASAN: heap-use-after-free in flush_all_key_blocks
Take into account that in preparation of a simple key cache for resizing no disk blocks might be assigned to it.
Reviewer: IgorBabaev <igor@mariadb.com>
| -rw-r--r-- | mysql-test/main/key_cache.result | 22 | ||||
| -rw-r--r-- | mysql-test/main/key_cache.test | 21 | ||||
| -rw-r--r-- | mysys/mf_keycache.c | 2 |
3 files changed, 44 insertions, 1 deletions
diff --git a/mysql-test/main/key_cache.result b/mysql-test/main/key_cache.result index 1146ae8bbfa..3c5ed7679f9 100644 --- a/mysql-test/main/key_cache.result +++ b/mysql-test/main/key_cache.result @@ -834,3 +834,25 @@ set global keycache2.key_buffer_size=0; set global key_buffer_size=@save_key_buffer_size; set global key_cache_segments=@save_key_cache_segments; set global key_cache_file_hash_size=@save_key_cache_file_hash_size; +# +# SIGSEGV in flush_all_key_blocks when changing +# key_buffer_size / ASAN: heap-use-after-free in flush_all_key_blocks +# +SET GLOBAL keycache1.key_cache_segments=7; +SET GLOBAL keycache1.key_buffer_size=1*1024*1024; +SET GLOBAL keycache1.key_buffer_size=0; +SET GLOBAL keycache1.key_buffer_size=128*1024; +create table t1 (p int primary key, a char(10)) delay_key_write=1; +cache index t1 key (`primary`) in keycache1; +Table Op Msg_type Msg_text +test.t1 assign_to_keycache status OK +insert into t1 values (1, 'qqqq'), (11, 'yyyy'); +select * from t1; +p a +1 qqqq +11 yyyy +drop table t1; +SET GLOBAL keycache1.key_buffer_size=0; +# +# End of 10.3 tests +# diff --git a/mysql-test/main/key_cache.test b/mysql-test/main/key_cache.test index fb6ae497e74..a99bb4ea04c 100644 --- a/mysql-test/main/key_cache.test +++ b/mysql-test/main/key_cache.test @@ -538,3 +538,24 @@ set global key_cache_segments=@save_key_cache_segments; set global key_cache_file_hash_size=@save_key_cache_file_hash_size; # End of 5.2 tests + +--echo # +--echo # SIGSEGV in flush_all_key_blocks when changing +--echo # key_buffer_size / ASAN: heap-use-after-free in flush_all_key_blocks +--echo # + +SET GLOBAL keycache1.key_cache_segments=7; +SET GLOBAL keycache1.key_buffer_size=1*1024*1024; +SET GLOBAL keycache1.key_buffer_size=0; +SET GLOBAL keycache1.key_buffer_size=128*1024; +create table t1 (p int primary key, a char(10)) delay_key_write=1; +cache index t1 key (`primary`) in keycache1; +insert into t1 values (1, 'qqqq'), (11, 'yyyy'); +select * from t1; +drop table t1; +SET GLOBAL keycache1.key_buffer_size=0; + + +--echo # +--echo # End of 10.3 tests +--echo # diff --git a/mysys/mf_keycache.c b/mysys/mf_keycache.c index 8f62869b57e..8aa60064e06 100644 --- a/mysys/mf_keycache.c +++ b/mysys/mf_keycache.c @@ -701,7 +701,7 @@ int prepare_resize_simple_key_cache(SIMPLE_KEY_CACHE_CB *keycache, keycache->in_resize= 1; /* Need to flush only if keycache is enabled. */ - if (keycache->can_be_used) + if (keycache->can_be_used && keycache->disk_blocks != -1) { /* Start the flush phase. */ keycache->resize_in_flush= 1; |