From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp20.mail.ru (smtp20.mail.ru [94.100.179.251]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 1E3624696C3 for ; Tue, 14 Apr 2020 01:29:11 +0300 (MSK) Date: Mon, 13 Apr 2020 22:29:10 +0000 From: Nikita Pettik Message-ID: <20200413222909.GB24818@tarantool.org> References: <3595ddfb-4635-61b8-97ae-105f9994087d@tarantool.org> <20200410154050.GD9428@tarantool.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: Subject: Re: [Tarantool-patches] [PATCH 1/2] vinyl: init all vars before cleanup in vy_lsm_split_range() List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Vladislav Shpilevoy Cc: tarantool-patches@dev.tarantool.org On 11 Apr 19:39, Vladislav Shpilevoy wrote: > >>> diff --git a/src/box/vy_lsm.c b/src/box/vy_lsm.c > >>> index 3d3f41b7a..04c9926a8 100644 > >>> --- a/src/box/vy_lsm.c > >>> +++ b/src/box/vy_lsm.c > >>> @@ -134,6 +134,11 @@ vy_stmt_alloc(struct tuple_format *format, uint32_t bsize) > >>> { > >>> uint32_t total_size = sizeof(struct vy_stmt) + format->field_map_size + > >>> bsize; > >>> + struct errinj *inj = errinj(ERRINJ_VY_MAX_TUPLE_SIZE, ERRINJ_INT); > >>> + if (inj != NULL && inj->iparam >= 0) { > >>> + if (inj->iparam-- == 0) > >> > >> 1. You set ERRINJ_VY_MAX_TUPLE_SIZE to an integer. Why not to a boolean, > >> which would set it to false instead of decrement? That would make it > >> clear the injection works only once. > > > > Cause integer allows setting delay of vy_stmt_alloc() failure. > > For instance, I don't want first invocation to vy_stmt_alloc() > > fail, but the second, third or tenth one - it may turn out to be > > vital. This patch fixes bug when first call of vy_stmt_alloc() > > during compaction fails; the next patch - if tenth call of > > vy_stmt_alloc() fails. > > Nope, in the next patch you use 0 too. Moreover, when I changed it > to 10, I got the test hanging in 100% CPU. Regardless of with the > fix or without. It should have been 10. Kind of strange since it is exactly this value that helped me to reveal this bug. Mb it is still unpredictable consequences of invalid memory access. I will investigate and test on my mac before next updates. Thx. > >> Also it looks too artificial. The injection basically simulates a tuple > >> with too big size which was inserted bypassing max_tuple_size check, > >> and suddenly it was checked here, already after insertion. > > > > Konstantint said, that squashing two upserts of size 'x' may result > > in new vy_stmt with size > 'x'. Despite the fact that I did not > > attempt at reproducing this statement, I saw these errors appearing > > on production machine during compaction. I do not know the exact reason > > why they revealed, but it is a fact. > > And still this particular test does not use any upserts. So OOM here > is more likely to happen than max tuple size violation. > > >> Better add an OOM injection for malloc a few lines below, would be more > >> correct.