Uploaded image for project: 'WiredTiger'
  1. WiredTiger
  2. WT-6464

Fix memory leak in __rollback_row_add_update

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: WT3.2.2, 4.5.1, 4.4.0-rc11
    • Component/s: None
    • Labels:
      None

      Description

      Since we now can append multiple updates to the head of the update chain, the following code may leak memory as it assumes it always append one update to the head:

      /*
       * __rollback_row_add_update --
       *     Add the provided update to the head of the update list.
       */
      static inline int
      __rollback_row_add_update(WT_SESSION_IMPL *session, WT_PAGE *page, WT_ROW *rip, WT_UPDATE *upd)
      {
          WT_DECL_RET;
          WT_PAGE_MODIFY *mod;
          WT_UPDATE *old_upd, **upd_entry;
          size_t upd_size;
       
          /* If we don't yet have a modify structure, we'll need one. */
          WT_RET(__wt_page_modify_init(session, page));
          mod = page->modify;
       
          /* Allocate an update array as necessary. */
          WT_PAGE_ALLOC_AND_SWAP(session, page, mod->mod_row_update, upd_entry, page->entries);
       
          /* Set the WT_UPDATE array reference. */
          upd_entry = &mod->mod_row_update[WT_ROW_SLOT(page, rip)];
          upd_size = __wt_update_list_memsize(upd);
       
          /*
           * If it's a full update list, we're trying to instantiate the row. Otherwise, it's just a
           * single update that we'd like to append to the update list.
           *
           * Set the "old" entry to the second update in the list so that the serialization function
           * succeeds in swapping the first update into place.
           */
          if (upd->next != NULL)
              *upd_entry = upd->next;
          old_upd = *upd_entry;
       
          /*
           * Point the new WT_UPDATE item to the next element in the list. The serialization function acts
           * as our memory barrier to flush this write.
           */
          upd->next = old_upd;
       
          /*
           * Serialize the update. Rollback to stable doesn't need to check the visibility of the on page
           * value to detect conflict.
           */
          WT_ERR(__wt_update_serial(session, NULL, page, upd_entry, &upd, upd_size, true));
       
      err:
          return (ret);
      }
      

        Attachments

          Activity

            People

            Assignee:
            chenhao.qu Chenhao Qu
            Reporter:
            chenhao.qu Chenhao Qu
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: