From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounce@freelists.org>
Received: from localhost (localhost [127.0.0.1])
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 0C6A72CD34
	for <tarantool-patches@freelists.org>; Thu,  6 Dec 2018 04:17:14 -0500 (EST)
Received: from turing.freelists.org ([127.0.0.1])
	by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id jb3sZgCYArz2 for <tarantool-patches@freelists.org>;
	Thu,  6 Dec 2018 04:17:13 -0500 (EST)
Received: from smtp36.i.mail.ru (smtp36.i.mail.ru [94.100.177.96])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id BEE7B2BC32
	for <tarantool-patches@freelists.org>; Thu,  6 Dec 2018 04:17:13 -0500 (EST)
Subject: [tarantool-patches] Re: [PATCH v1 1/1] sql: fix
 tarantoolSqlite3TupleColumnFast
References: <a2427513583b3c0e63f9e976babdf84fe6a9a6dd.1543945044.git.kshcherbatov@tarantool.org>
 <fe963156-9765-b353-e0ca-66e5669547f9@tarantool.org>
 <f46fd82c-e3ae-a4e6-454a-e59b633ba99c@tarantool.org>
 <f33a53d8-6e45-f31e-dc6c-e86860de5000@tarantool.org>
 <df9114ba-663e-3065-8d99-c6f2a70f7577@tarantool.org>
From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
Message-ID: <2c7b9e1f-f462-1439-4c85-990c95d5de2b@tarantool.org>
Date: Thu, 6 Dec 2018 12:17:10 +0300
MIME-Version: 1.0
In-Reply-To: <df9114ba-663e-3065-8d99-c6f2a70f7577@tarantool.org>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: tarantool-patches-bounce@freelists.org
Errors-to: tarantool-patches-bounce@freelists.org
Reply-To: tarantool-patches@freelists.org
List-help: <mailto:ecartis@freelists.org?Subject=help>
List-unsubscribe: <tarantool-patches-request@freelists.org?Subject=unsubscribe>
List-software: Ecartis version 1.0.0
List-Id: tarantool-patches <tarantool-patches.freelists.org>
List-subscribe: <tarantool-patches-request@freelists.org?Subject=subscribe>
List-owner: <mailto:>
List-post: <mailto:tarantool-patches@freelists.org>
List-archive: <http://www.freelists.org/archives/tarantool-patches>
To: Kirill Shcherbatov <kshcherbatov@tarantool.org>, tarantool-patches@freelists.org, Nikita Pettik <korablev@tarantool.org>



On 06/12/2018 09:59, Kirill Shcherbatov wrote:
> Hi! Thank you for research, I've included your conclusions to
> the commit message.
> 
> 
> The tarantoolSqlite3TupleColumnFast routine used to lookup
> offset_slot in unallocated memory in some cases.
> The assert with exact_field_count same as motivation to change
> old correct assert with field_count in 7a8de28 is not correct.
> assert(format->exact_field_count == 0 ||
>         fieldno < format->exact_field_count);
> The tarantoolSqlite3TupleColumnFast routine requires offset_slot
> that has been allocated during tuple_format_create call. This
> value is stored in indexed field with index that limited with
> index_field_count that is <= field_count. Look at
> tuple_format_alloc for more details.
> 
> The format in cursor triggering valid assertion has such
> structure because first 4 tuples in _space: 257, 272, 276 and
> 280 have an old format of _space with only one field
> (format->field_count == 1).
> It happens because these 4 tuples are recovered not after tuple
> with id 280 which stores actual format of _space. After tuple
> 280 is recovered, an actual format is set in struct space of
> _space and all next tuples have full featured formats.
> 
> So for these 4 tuples tarantoolSqlite3TupleColumnFast can fail
> even if a field exists, is indexed and has a name. Those
> features are just described in a newer format.
> (thank Gerold103 for problem explanation)
> 
> Closes #3772
> 

LGTM. Nikita, please, review. Especially English part.