From: Jon Olav Hauglid Date: September 13 2010 8:25am Subject: bzr commit into mysql-5.5-runtime branch (jon.hauglid:3136) Bug#56678 List-Archive: http://lists.mysql.com/commits/118056 X-Bug: 56678 Message-Id: <201009130826.o8CNlWRw028925@acsinet15.oracle.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1731705926560757591==" --===============1731705926560757591== MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline #At file:///export/home/x/mysql-5.5-runtime-bug56678/ based on revid:jon.hauglid@stripped 3136 Jon Olav Hauglid 2010-09-13 Bug #56678 Valgrind warnings from binlog.binlog_unsafe After the patch for Bug#54579, multi inserts done with INSERT DELAYED are binlogged as normal INSERT. During processing of the statement, a new query string without the DELAYED keyword is made. The problem was that this new string was incorrectly made when the INSERT DELAYED was part of a prepared statement - data was read outside the allocated buffer. The reason for this bug was that a pointer to the position of the DELAYED keyword inside the query string was stored when parsing the statement. This pointer was then later (at runtime) used (via pointer subtraction) to find the number of characters to skip when making a new query string without DELAYED. But when the statement was re-executed as part of a prepared statement, the original pointer would be invalid and the pointer subtraction would give a wrong/random result. This patch fixes the problem by instead storing the number of characters to skip at parse time. This value will not depend on the memory position of the query string at runtime and therefore not give wrong results when the statement is executed in a prepared statement. This bug was a regression introduced by the patch for Bug#54579. No test case added as this bug is already covered by the existing binlog.binlog_unsafe test case when running with valgrind. modified: sql/sql_insert.cc sql/sql_lex.h sql/sql_yacc.yy === modified file 'sql/sql_insert.cc' --- a/sql/sql_insert.cc 2010-09-01 13:12:42 +0000 +++ b/sql/sql_insert.cc 2010-09-13 08:25:06 +0000 @@ -634,14 +634,10 @@ bool open_and_lock_for_insert_delayed(TH static int create_insert_stmt_from_insert_delayed(THD *thd, String *buf) { - /* Append the part of thd->query before "DELAYED" keyword */ - if (buf->append(thd->query(), - thd->lex->keyword_delayed_begin - thd->query())) + /* Make a copy of thd->query() and then remove the "DELAYED" keyword */ + if (buf->append(thd->query()) || + buf->replace(thd->lex->keyword_delayed_begin_offset, 7, 0)) return 1; - /* Append the part of thd->query after "DELAYED" keyword */ - if (buf->append(thd->lex->keyword_delayed_begin + 7)) - return 1; - return 0; } === modified file 'sql/sql_lex.h' --- a/sql/sql_lex.h 2010-09-01 13:12:42 +0000 +++ b/sql/sql_lex.h 2010-09-13 08:25:06 +0000 @@ -2355,12 +2355,12 @@ struct LEX: public Query_tables_list This pointer is required to add possibly omitted DEFINER-clause to the DDL-statement before dumping it to the binlog. - keyword_delayed_begin points to the begin of the DELAYED keyword in - INSERT DELAYED statement. + keyword_delayed_begin_offset is the offset to the beginning of the DELAYED + keyword in INSERT DELAYED statement. */ union { const char *stmt_definition_begin; - const char *keyword_delayed_begin; + uint keyword_delayed_begin_offset; }; const char *stmt_definition_end; === modified file 'sql/sql_yacc.yy' --- a/sql/sql_yacc.yy 2010-09-09 14:29:14 +0000 +++ b/sql/sql_yacc.yy 2010-09-13 08:25:06 +0000 @@ -10447,7 +10447,8 @@ insert_lock_option: | LOW_PRIORITY { $$= TL_WRITE_LOW_PRIORITY; } | DELAYED_SYM { - Lex->keyword_delayed_begin= YYLIP->get_tok_start(); + Lex->keyword_delayed_begin_offset= (uint)(YYLIP->get_tok_start() - + YYTHD->query()); $$= TL_WRITE_DELAYED; } | HIGH_PRIORITY { $$= TL_WRITE; } @@ -10457,7 +10458,8 @@ replace_lock_option: opt_low_priority { $$= $1; } | DELAYED_SYM { - Lex->keyword_delayed_begin= YYLIP->get_tok_start(); + Lex->keyword_delayed_begin_offset= (uint)(YYLIP->get_tok_start() - + YYTHD->query()); $$= TL_WRITE_DELAYED; } ; --===============1731705926560757591== MIME-Version: 1.0 Content-Type: text/bzr-bundle; charset="us-ascii"; name="bzr/jon.hauglid@stripped" Content-Transfer-Encoding: 7bit Content-Disposition: inline # Bazaar merge directive format 2 (Bazaar 0.90) # revision_id: jon.hauglid@stripped # target_branch: file:///export/home/x/mysql-5.5-runtime-bug56678/ # testament_sha1: 1f5d862bab09388ef7a94a33b5630fc215fd0b31 # timestamp: 2010-09-13 10:25:10 +0200 # source_branch: file:///export/home/x/mysql-5.5-bugfixing/ # base_revision_id: jon.hauglid@stripped\ # g410ntzqvdpayclt # # Begin bundle IyBCYXphYXIgcmV2aXNpb24gYnVuZGxlIHY0CiMKQlpoOTFBWSZTWd5T79YAA4nfgFEQWHf//3Z3 3SC////0YAjOOfXb3maNNGGw13sOq9DKlSp7YNEJNpoUep5lNPRT2qPFMQAAAaAACSkTNT1TNppM p+ojTQ00aGjQaAaAAANJoxNIpmoaNDQ8p6gAAAAAACRIIjQBpT9T1NNGpPU9qZNNTQ2o0ZNMNRpo HMARgmIBgEwTRkNDAJgjEwkkEGgjJinkaTJo1T9U8KZNRtJp6nqfqgDTyiiLpnAa5t1oiMILV2av B4shnRWr+SLRC6IDNEpMdLcgHD98z1OYgvuLd2qWavGZUpP2382n6eWr5x0IRkQMbHXZZ8NXcXnm P6y9a/ldqbY2Nhz7aHyRZW5opNSkcz58ZRKmPRJu60iTtctOw6N3vG9Mvr86a/Lwiq/DfXJvK8JF DIeEfEzjbBSOIcOL/3akwmBu5hYPma1TuMo6po1MM0hfsg1ZznaxWINBCmMgd6wlcIJQmVyUUhA6 UlJMSY/8TDoT4zSB8jcWUJjZJ1dbK2eeQpzErg6quLPFap2VLJko7g4oINRccoyjnSWsLlmGxo4W AQklTGzDTe2RfBooqeWOJTfVW6RKgggU4Q4MApCSatBJv6FfNCgtinntRH2b1Z63FhgdADxDQRy/ wfZYLUhuK1ZS/FUQ1E4UoceckxuU9Gd9plVNGEmUCtoleUoluXqwCV9Vk6VRBc87V7RN6E5rEU0g 3ICgoFuHwGK26EZRHGLFAik5AFkpipCGrjiZtDxH1lRIrqrqpkeb1IrRZFxBmqil51qQkfqwp0fT 4bzv7WqsoOBGa8qjAfbutEbS0e22sjiiDvOyBFw2/RAqKRt2uYpx8grd0i9QUbJBfwjHrNUbxJct MNbAC8xmRobTEQ/uoWuR8fzKLO5wthzNJLuMi7ZObZ3UiLhYuIcBxaUDsJJ1LiNMHmT8ePe5XF32 LjNaLieQi+zZtYuofGCI9FYaQ3DUzWOv1w8CI4swMZzIKUysdQxCBlNZQ3LrLKH3YV1iNuBKAct3 3X0Nq4wfm6goI9z4FgG5XjT4rwOpkR20lVRT3JDRXHQ1jHEpKYlDS5R0GqJykmB2vKRAgZ5IhkRp IluUNBhEPULzhZbE1ThMk5pSMK7hCCJjcJs7xjmdDQ+Qj112YlhvrxEQiWXkNpCJeMUnBobq5yqm fB5FhNBOGQq2K56yrWeYVusxaKgqY4Gde0uiDRMGJyvA/IvwgqrHj3SpfU5ook5EHIarmFoq2P1n dZ4hhJb5tt+hYpSWH4rz7Wkd9RLsPoBnyMbYM+PDSoS+Q4U2Z2V/0D2AfYPEoi4uygWHxKeQZogo H1D7BYUqmv7AkHvOJeIx3rauSYmpI+HqoLEZ4lVnNH5wij8C1GYa9h3GcgONGYtHcn6dIg1TlIcB KWyKnF9zGD94TIVXCWZZ06RHf51M9CbcC+jBSOKWgwnfMwuogcnP4yU8gM4+04lAhMmR/L9Nhz4o HtWc/0XJTE5wiHI6GD/uh24kVcCGnuO+pX7m//s8y+bJwLUWw4mB9D6wLCNA61ZLFthORq4rx6yK HMJcFUgMIzNELMhj3EUuWEQdTG5Nltkk4RA/Ovcow9PNU4l3CxFiMpIlGKETIqQxssHexTMMf1u8 EUQ6hhZD0XUlwOZTcQG28FvMenOdZ1loQkwAFxuCwbKVXyiTIiUgBhbhx5di4WiisLw7i4qyzXmZ HlEoLAmIxxDPPyCDG1iYghhccPwRE56HXrlJvfvVdwmooxta34ONqMiwDOXcB1IwRBky5JgJ2nLR kb4cHzS0eMqm5gcPKzfbQPcTi1HZMJld+wy9OxSlvQSr7INhwF2Ome9cuxqZTHxOxQdCA6QyIUlF oWWi4L915LFH4li3vW5jl1CI1C8Z67NDGxNjaiDQS3qUjbiMXV2E9CMGtMDwJJLao8i3PVYHLim/ JOk1QDECAkyEe5ptYPqGwZJjXSdxI6UDFq5d5yNm04eCUCVw+nP0CiYzQXTCkTriJoznYW2dz563 Mycw16HPWor6xIk5mZcD30MTBPJ8yYMTGRFsXSsGmSBY9Y+xWI/Eb2Ll7nuDJ2FRSdD5HY0LDzuX d+7DejmOIo4G4RuwEQ2N4o8gnFBwPQelX3gjgYm5YiTC6HW+9bFOkmVBP0e/Z5If0IVqLiHjbvZk BzGvXUJywKFCcDlAxNZKXopymgKlKQ/7b6YTM5mLRsGxzZnGkuQwoLIssWOE4aUT2DnfUqlNpN9t puM0xXWLzKakTFlG2NA0QoUDR7KYeF+K+rHqZKRsM3KlK5t7MEEaIpJteAg0f9jBla5CTRXrtKjL di6BK4XpQSi54yVdE9rHETdQalM9GwdYghmu9yZDJXKIQrq8V2IXlCJmOfGlVkBV1TFy+JgI3GRS JVqQeIQXyLi4sGZ2Q0mJQYEC7O+4kgo7jg92SipEySCqz9cD0x8HhR4SnNmj3AwZp9n6q1TGeZKG pKspEyHWL0XkiYDL81nSEPXKBpjQ6wUlTWb61q9l9Q2Czkk3rWWmXI7hZyq0liNXaaLzwWLbb/U1 JkQMwzG4VRUlndsvFACEx5EOZPbk2BgQobEipmnOUyFJrmZJc01Wa9YpEsiRpIVpSeSbnAFjejLT yLwJpDj82ZhJOH/BU7dslPeW0lShgyxIgTrwHIcWSLnolu5HQgoqg5GRL8AK1+zJhsElDHMHCsRC yfSdAMOygyR7bL2CiYIuKeQPjmOorFmoka6i5zSQsNJlW9g3iMIYsEDNQyhxLRe0R6jjb3iIjwNC yqzDXj2eh5FwMMMarsI3gUEiutBZ81wNRHqTFNJeHmY1UmSyPtn/8XckU4UJDeU+/WA= --===============1731705926560757591==--