From 0189d5afe8f5f74d21d2603a7ba8048286ff16e9 Mon Sep 17 00:00:00 2001 From: "heikki@hundin.mysql.fi" <> Date: Tue, 18 May 2004 01:53:06 +0300 Subject: mem0pool.c: Fix a memory corruption bug: in 32-bit computers, every 4 billionth malloc outside innodb_additional_mem_pool_size was mistreated when freeing the memory; this could corrupt the InnoDB additional mem pool and could have caused crashes anywhere, also inside MySQL, or even database corruption! the bug exists also in 3.23 and 4.1; workaround: configure innodb_additional_mem_pool_size big enough --- innobase/mem/mem0pool.c | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) (limited to 'innobase/mem') diff --git a/innobase/mem/mem0pool.c b/innobase/mem/mem0pool.c index 3c409e3fceb..d77432a1e20 100644 --- a/innobase/mem/mem0pool.c +++ b/innobase/mem/mem0pool.c @@ -97,8 +97,6 @@ struct mem_pool_struct{ /* The common memory pool */ mem_pool_t* mem_comm_pool = NULL; -ulint mem_out_of_mem_err_msg_count = 0; - /* We use this counter to check that the mem pool mutex does not leak; this is to track a strange assertion failure reported at mysql@lists.mysql.com */ @@ -266,8 +264,6 @@ mem_pool_fill_free_list( if (i >= 63) { /* We come here when we have run out of space in the memory pool: */ - - mem_out_of_mem_err_msg_count++; return(FALSE); } @@ -460,17 +456,13 @@ mem_area_free( ulint size; ulint n; - if (mem_out_of_mem_err_msg_count > 0) { - /* It may be that the area was really allocated from the - OS with regular malloc: check if ptr points within - our memory pool */ + /* It may be that the area was really allocated from the OS with + regular malloc: check if ptr points within our memory pool */ - if ((byte*)ptr < pool->buf - || (byte*)ptr >= pool->buf + pool->size) { - ut_free(ptr); + if ((byte*)ptr < pool->buf || (byte*)ptr >= pool->buf + pool->size) { + ut_free(ptr); - return; - } + return; } area = (mem_area_t*) (((byte*)ptr) - MEM_AREA_EXTRA_SIZE); -- cgit v1.2.1