From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
To: Ilya Kosarev <i.kosarev@tarantool.org>,
tarantool-patches@dev.tarantool.org
Subject: Re: [Tarantool-patches] [PATCH v4 2/4] b-tree: return NULL on matras_alloc fail
Date: Sat, 15 Feb 2020 00:50:03 +0100 [thread overview]
Message-ID: <72d0875b-7309-ac79-83c6-51d58f751e6f@tarantool.org> (raw)
In-Reply-To: <cb6ff16c53add3baf7581f922b6e28ab08e73737.1581705033.git.i.kosarev@tarantool.org>
Thanks for the patch!
See 3 comments below.
On 14/02/2020 20:39, Ilya Kosarev wrote:
> In bps_tree_create_leaf we use matras_alloc in case
1. This is not only about bps_tree_create_leaf() anymore. You
also patched bps_tree_create_inner().
> bps_tree_garbage_pop didn't work out. However it also might not
> succeed. Then we need to return NULL instead of dereferencing NULL
> pointer.
>
> Part of #3807
> ---
> src/lib/salad/bps_tree.h | 22 ++++++++++++++++++----
> 1 file changed, 18 insertions(+), 4 deletions(-)
>
> diff --git a/src/lib/salad/bps_tree.h b/src/lib/salad/bps_tree.h
> index d28b53f53..d71340143 100644
> --- a/src/lib/salad/bps_tree.h
> +++ b/src/lib/salad/bps_tree.h
> @@ -3710,6 +3718,8 @@ bps_tree_process_insert_leaf(struct bps_tree *tree,
> bps_tree_block_id_t new_root_id = (bps_tree_block_id_t)(-1);
> struct bps_inner *new_root = bps_tree_create_inner(tree,
> &new_root_id);
> + if (!new_root)
> + return -1;
2. Here are two problems.
1) This can't fail, because above there is bps_tree_reserve_blocks()
invocation. Looks like it reserves enough blocks (but I propose you
to check it, I don't know).
2) Even if that fails, the tree to that moment is already partially
changed. And if you return -1 here, it is corrupted. To test that I
added an error injection to bps_tree_process_insert_leaf() in this
place. Initially it was false. I called box.cfg{}. Then I set it
true. And created a space, an index. Tried to insert 100 numbers.
It failed due to OOM. Then I turned the errinj off again, inserted
the values again, and made a select. I got broken order of the
select, and values returned multiple times.
Here is what I have done:
================================================================================
--- a/src/lib/salad/bps_tree.h
+++ b/src/lib/salad/bps_tree.h
@@ -38,6 +38,8 @@
#include <stdio.h> /* printf */
#include "small/matras.h"
+extern int bps_errinj;
+
/* {{{ BPS-tree description */
/**
* BPS-tree implementation.
@@ -3716,6 +3718,8 @@ bps_tree_process_insert_leaf(struct bps_tree *tree,
leaf_path_elem, &new_path_elem, mc1, new_elem);
bps_tree_block_id_t new_root_id = (bps_tree_block_id_t)(-1);
+ if (bps_errinj)
+ return -1;
struct bps_inner *new_root = bps_tree_create_inner(tree,
&new_root_id);
if (!new_root)
================================================================================
Also you need to declare bps_errinj somewhere in a .c file.
Here is the test:
box.cfg{}
-- In lldb/gdb make bps_errinj variable 1.
s = box.schema.create_space('test')
_ = s:create_index('pk')
for i = 1, 100 do s:replace{i} end
-- This was an error. Now make bps_errinj 0 again.
for i = 1, 100 do s:replace{i} end
s:select{}
The select will return tuples in a wrong order.
> new_root->header.size = 2;
> new_root->child_ids[0] = tree->root_id;
> new_root->child_ids[1] = new_block_id;
> @@ -4030,6 +4042,8 @@ bps_tree_process_insert_inner(struct bps_tree *tree,
> bps_tree_block_id_t new_root_id = (bps_tree_block_id_t)(-1);
> struct bps_inner *new_root =
> bps_tree_create_inner(tree, &new_root_id);
> + if (!new_root)
> + return -1;
3. The same problem is here. You can't return from now on, the
tree is changed already.
> new_root->header.size = 2;
> new_root->child_ids[0] = tree->root_id;
> new_root->child_ids[1] = new_block_id;
>
next prev parent reply other threads:[~2020-02-14 23:50 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-02-14 19:39 [Tarantool-patches] [PATCH v4 0/4] Safe truncation and deletion Ilya Kosarev
2020-02-14 19:39 ` [Tarantool-patches] [PATCH v4 1/4] small: bump small version Ilya Kosarev
2020-02-14 19:39 ` [Tarantool-patches] [PATCH v4 2/4] b-tree: return NULL on matras_alloc fail Ilya Kosarev
2020-02-14 23:50 ` Vladislav Shpilevoy [this message]
2020-02-14 19:39 ` [Tarantool-patches] [PATCH v4 3/4] memtx: allow quota overuse for truncation and deletion Ilya Kosarev
2020-02-14 23:50 ` Vladislav Shpilevoy
2020-02-14 19:39 ` [Tarantool-patches] [PATCH v4 4/4] test: add tests " Ilya Kosarev
2020-02-14 23:50 ` Vladislav Shpilevoy
2020-02-14 21:00 ` [Tarantool-patches] [PATCH v4 0/4] Safe " Konstantin Osipov
2020-02-14 21:12 ` Ilya Kosarev
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=72d0875b-7309-ac79-83c6-51d58f751e6f@tarantool.org \
--to=v.shpilevoy@tarantool.org \
--cc=i.kosarev@tarantool.org \
--cc=tarantool-patches@dev.tarantool.org \
--subject='Re: [Tarantool-patches] [PATCH v4 2/4] b-tree: return NULL on matras_alloc fail' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox