From 1d7626df1c2f83513d991ad33296da5c6e5194ef Mon Sep 17 00:00:00 2001 From: Bomin Zhang Date: Fri, 7 Aug 2020 17:58:52 +0800 Subject: [PATCH] fix several bugs related to subscribe including: * server side crash * client side crash * server side memory leak --- src/client/inc/tscUtil.h | 6 ++++++ src/client/src/tscServer.c | 2 +- src/client/src/tscSub.c | 3 +++ src/query/src/qExecutor.c | 5 ++++- src/tsdb/src/tsdbRead.c | 7 ++----- 5 files changed, 16 insertions(+), 7 deletions(-) diff --git a/src/client/inc/tscUtil.h b/src/client/inc/tscUtil.h index 590f205e1d..fbec2e2167 100644 --- a/src/client/inc/tscUtil.h +++ b/src/client/inc/tscUtil.h @@ -53,12 +53,18 @@ typedef struct SParsedDataColInfo { bool hasVal[TSDB_MAX_COLUMNS]; } SParsedDataColInfo; +#pragma pack(push,1) +// this struct is transfered as binary, padding two bytes to avoid +// an 'uid' whose low bytes is 0xff being recoginized as NULL, +// and set 'pack' to 1 to avoid break existing code. typedef struct STidTags { + int16_t padding; int64_t uid; int32_t tid; int32_t vgId; char tag[]; } STidTags; +#pragma pack(pop) typedef struct SJoinSupporter { SSubqueryState* pState; diff --git a/src/client/src/tscServer.c b/src/client/src/tscServer.c index 4d4254fa46..2977ed01ec 100644 --- a/src/client/src/tscServer.c +++ b/src/client/src/tscServer.c @@ -912,7 +912,7 @@ int tscBuildQueryMsg(SSqlObj *pSql, SSqlInfo *pInfo) { pSql->cmd.msgType = TSDB_MSG_TYPE_QUERY; pQueryMsg->head.contLen = htonl(msgLen); - assert(msgLen + minMsgSize() <= size); + assert(msgLen + minMsgSize() <= pCmd->allocSize); return TSDB_CODE_SUCCESS; } diff --git a/src/client/src/tscSub.c b/src/client/src/tscSub.c index 81d73236a4..bef754d69f 100644 --- a/src/client/src/tscSub.c +++ b/src/client/src/tscSub.c @@ -410,6 +410,9 @@ TAOS_RES *taos_consume(TAOS_SUB *tsub) { } } + size_t size = taosArrayGetSize(pSub->progress) * sizeof(STableIdInfo); + size += sizeof(SQueryTableMsg) + 4096; + tscAllocPayload(&pSql->cmd, size); for (int retry = 0; retry < 3; retry++) { tscRemoveFromSqlList(pSql); diff --git a/src/query/src/qExecutor.c b/src/query/src/qExecutor.c index 22c2bb5c9a..be3d476be5 100644 --- a/src/query/src/qExecutor.c +++ b/src/query/src/qExecutor.c @@ -6549,12 +6549,15 @@ static void buildTagQueryResult(SQInfo* pQInfo) { int32_t i = pQInfo->tableIndex++; STableQueryInfo *item = taosArrayGetP(pa, i); - char *output = pQuery->sdata[0]->data + i * rsize; + char *output = pQuery->sdata[0]->data + count * rsize; varDataSetLen(output, rsize - VARSTR_HEADER_SIZE); output = varDataVal(output); STableId* id = TSDB_TABLEID(item->pTable); + *(int16_t *)output = 0; + output += sizeof(int16_t); + *(int64_t *)output = id->uid; // memory align problem, todo serialize output += sizeof(id->uid); diff --git a/src/tsdb/src/tsdbRead.c b/src/tsdb/src/tsdbRead.c index a34216d2fb..7fd2e62070 100644 --- a/src/tsdb/src/tsdbRead.c +++ b/src/tsdb/src/tsdbRead.c @@ -2442,11 +2442,8 @@ void tsdbCleanupQueryHandle(TsdbQueryHandleT queryHandle) { STableCheckInfo* pTableCheckInfo = taosArrayGet(pQueryHandle->pTableCheckInfo, i); destroyTableMemIterator(pTableCheckInfo); - if (pTableCheckInfo->pDataCols != NULL) { - taosTFree(pTableCheckInfo->pDataCols->buf); - } - - taosTFree(pTableCheckInfo->pDataCols); + tdFreeDataCols(pTableCheckInfo->pDataCols); + pTableCheckInfo->pDataCols = NULL; taosTFree(pTableCheckInfo->pCompInfo); } taosArrayDestroy(pQueryHandle->pTableCheckInfo); -- GitLab