From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp44.i.mail.ru (smtp44.i.mail.ru [94.100.177.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id 381094696C3 for ; Thu, 9 Apr 2020 00:37:11 +0300 (MSK) From: Nikita Pettik Date: Thu, 9 Apr 2020 00:37:06 +0300 Message-Id: Subject: [Tarantool-patches] [PATCH 0/2] vinyl: fix uninitialized memory accesses List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: tarantool-patches@dev.tarantool.org Cc: v.shpilevoy@tarantool.org It is found that if vy_stmt_alloc() fails (due to OOM or most likely owing to exceeding max tuple size) during compaction process, it may result in instance crashes. This patch-set contains two fixes for problems connected with wrong handling of vy_stmt_alloc() failure. Branch: https://github.com/tarantool/tarantool/commits/np/gh-4864-access-to-uninit-mem Issue: https://github.com/tarantool/tarantool/issues/4864 @ChangeLog: * Fixed crash during compaction due to tuples with size exceeding vinyl_max_tuple_size setting. Nikita Pettik (2): vinyl: init all vars before cleanup in vy_lsm_split_range() vinyl: clean-up read views if *_build_history() fails src/box/vy_lsm.c | 4 +- src/box/vy_stmt.c | 5 + src/box/vy_write_iterator.c | 5 +- src/errinj.h | 1 + test/box/errinj.result | 1 + .../gh-4864-stmt-alloc-fail-compact.result | 144 ++++++++++++++++++ .../gh-4864-stmt-alloc-fail-compact.test.lua | 73 +++++++++ test/vinyl/suite.ini | 2 +- 8 files changed, 231 insertions(+), 4 deletions(-) create mode 100644 test/vinyl/gh-4864-stmt-alloc-fail-compact.result create mode 100644 test/vinyl/gh-4864-stmt-alloc-fail-compact.test.lua -- 2.17.1