summaryrefslogtreecommitdiff
path: root/libmysqld
diff options
context:
space:
mode:
authorunknown <jimw@mysql.com>2005-03-31 19:17:45 -0800
committerunknown <jimw@mysql.com>2005-03-31 19:17:45 -0800
commite7332e64ca5ef7208846488935a2249285212f91 (patch)
tree046d9ad3bbf129292636ad08e19e842f8417d8a0 /libmysqld
parentab77d7d7633a2cff057b17ec43233d4f0d0b0822 (diff)
downloadmariadb-git-e7332e64ca5ef7208846488935a2249285212f91.tar.gz
Fix crash in embedded server due to incorrect storage of results
in the query cache. (Bug #9549) libmysqld/emb_qcache.h: Fix Querycache_stream::use_next_block() to actually use the next block and mark blocks as used when it writes to them. mysql-test/r/query_cache.result: Update results. mysql-test/t/query_cache.test: Add new regression test. libmysqld/emb_qcache.cc: Fix calls to use_next_block() to indicate whether we are writing to the next block or not. sql/sql_cache.cc: Initialize the first block properly when storing a result in the embedded server.
Diffstat (limited to 'libmysqld')
-rw-r--r--libmysqld/emb_qcache.cc36
-rw-r--r--libmysqld/emb_qcache.h27
2 files changed, 42 insertions, 21 deletions
diff --git a/libmysqld/emb_qcache.cc b/libmysqld/emb_qcache.cc
index 2d3d82b7952..ecc45096165 100644
--- a/libmysqld/emb_qcache.cc
+++ b/libmysqld/emb_qcache.cc
@@ -22,7 +22,7 @@
void Querycache_stream::store_char(char c)
{
if (data_end == cur_data)
- use_next_block();
+ use_next_block(TRUE);
*(cur_data++)= c;
#ifndef DBUG_OFF
stored_size++;
@@ -42,13 +42,13 @@ void Querycache_stream::store_short(ushort s)
}
if (data_end == cur_data)
{
- use_next_block();
+ use_next_block(TRUE);
int2store(cur_data, s);
cur_data+= 2;
return;
}
*cur_data= ((byte *)(&s))[0];
- use_next_block();
+ use_next_block(TRUE);
*(cur_data++)= ((byte *)(&s))[1];
}
@@ -66,7 +66,7 @@ void Querycache_stream::store_int(uint i)
}
if (!rest_len)
{
- use_next_block();
+ use_next_block(TRUE);
int4store(cur_data, i);
cur_data+= 4;
return;
@@ -74,7 +74,7 @@ void Querycache_stream::store_int(uint i)
char buf[4];
int4store(buf, i);
memcpy(cur_data, buf, rest_len);
- use_next_block();
+ use_next_block(TRUE);
memcpy(cur_data, buf+rest_len, 4-rest_len);
cur_data+= 4-rest_len;
}
@@ -93,13 +93,13 @@ void Querycache_stream::store_ll(ulonglong ll)
}
if (!rest_len)
{
- use_next_block();
+ use_next_block(TRUE);
int8store(cur_data, ll);
cur_data+= 8;
return;
}
memcpy(cur_data, &ll, rest_len);
- use_next_block();
+ use_next_block(TRUE);
memcpy(cur_data, ((byte*)&ll)+rest_len, 8-rest_len);
cur_data+= 8-rest_len;
}
@@ -112,14 +112,14 @@ void Querycache_stream::store_str_only(const char *str, uint str_len)
do
{
size_t rest_len= data_end - cur_data;
- if (rest_len > str_len)
+ if (rest_len >= str_len)
{
memcpy(cur_data, str, str_len);
cur_data+= str_len;
return;
}
memcpy(cur_data, str, rest_len);
- use_next_block();
+ use_next_block(TRUE);
str_len-= rest_len;
str+= rest_len;
} while(str_len);
@@ -145,7 +145,7 @@ void Querycache_stream::store_safe_str(const char *str, uint str_len)
char Querycache_stream::load_char()
{
if (cur_data == data_end)
- use_next_block();
+ use_next_block(FALSE);
return *(cur_data++);
}
@@ -160,13 +160,13 @@ ushort Querycache_stream::load_short()
}
if (data_end == cur_data)
{
- use_next_block();
+ use_next_block(FALSE);
result= uint2korr(cur_data);
cur_data+= 2;
return result;
}
((byte*)&result)[0]= *cur_data;
- use_next_block();
+ use_next_block(FALSE);
((byte*)&result)[1]= *(cur_data++);
return result;
}
@@ -183,14 +183,14 @@ uint Querycache_stream::load_int()
}
if (!rest_len)
{
- use_next_block();
+ use_next_block(FALSE);
result= uint4korr(cur_data);
cur_data+= 4;
return result;
}
char buf[4];
memcpy(buf, cur_data, rest_len);
- use_next_block();
+ use_next_block(FALSE);
memcpy(buf+rest_len, cur_data, 4-rest_len);
cur_data+= 4-rest_len;
result= uint4korr(buf);
@@ -209,13 +209,13 @@ ulonglong Querycache_stream::load_ll()
}
if (!rest_len)
{
- use_next_block();
+ use_next_block(FALSE);
result= uint8korr(cur_data);
cur_data+= 8;
return result;
}
memcpy(&result, cur_data, rest_len);
- use_next_block();
+ use_next_block(FALSE);
memcpy(((byte*)&result)+rest_len, cur_data, 8-rest_len);
cur_data+= 8-rest_len;
return result;
@@ -226,7 +226,7 @@ void Querycache_stream::load_str_only(char *buffer, uint str_len)
do
{
size_t rest_len= data_end - cur_data;
- if (rest_len > str_len)
+ if (rest_len >= str_len)
{
memcpy(buffer, cur_data, str_len);
cur_data+= str_len;
@@ -234,7 +234,7 @@ void Querycache_stream::load_str_only(char *buffer, uint str_len)
break;
}
memcpy(buffer, cur_data, rest_len);
- use_next_block();
+ use_next_block(FALSE);
str_len-= rest_len;
buffer+= rest_len;
} while(str_len);
diff --git a/libmysqld/emb_qcache.h b/libmysqld/emb_qcache.h
index 32ce19847ff..6201058ce56 100644
--- a/libmysqld/emb_qcache.h
+++ b/libmysqld/emb_qcache.h
@@ -22,22 +22,43 @@ class Querycache_stream
uint headers_len;
public:
#ifndef DBUG_OFF
+ Query_cache_block *first_block;
uint stored_size;
#endif
Querycache_stream(Query_cache_block *ini_block, uint ini_headers_len) :
block(ini_block), headers_len(ini_headers_len)
{
- use_next_block();
+ cur_data= ((byte*)block)+headers_len;
+ data_end= cur_data + (block->used-headers_len);
#ifndef DBUG_OFF
+ first_block= ini_block;
stored_size= 0;
#endif
}
- void use_next_block()
+ void use_next_block(bool writing)
{
+ /*
+ This shouldn't be called if there is only one block, or to loop
+ around to the first block again. That means we're trying to write
+ more data than we allocated space for.
+ */
+ DBUG_ASSERT(block->next != block);
+ DBUG_ASSERT(block->next != first_block);
+
+ block= block->next;
+ /*
+ While writing, update the type of each block as we write to it.
+ While reading, make sure that the block is of the expected type.
+ */
+ if (writing)
+ block->type= Query_cache_block::RES_CONT;
+ else
+ DBUG_ASSERT(block->type == Query_cache_block::RES_CONT);
+
cur_data= ((byte*)block)+headers_len;
data_end= cur_data + (block->used-headers_len);
}
-
+
void store_char(char c);
void store_short(ushort s);
void store_int(uint i);