Bug #26361 Valgrind complains about invalid reads inside mysql_client_binlog_statement()
Submitted: 14 Feb 2007 10:08 Modified: 13 Feb 2008 21:43
Reporter: Rafal Somla Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Replication Severity:S3 (Non-critical)
Version:5.1.15 OS:Any
Assigned to: Andrei Elkin CPU Architecture:Any

[14 Feb 2007 10:08] Rafal Somla 
Description:
mysql_client_binlog_statement() is called when BINLOG ... statement is executed in server. When investigating BUG#20929, I created BINLOG statements for the commands 

RESET MASTER;
CREATE DATABASE mydb;
USE mydb;
CREATE TABLE t (a DATETIME);
INSERT INTO t VALUES(NOW()); # will later cause assert
DROP DATABASE mydb; # will later cause invalid free

listed there (using mysqlbinlog --base64-output). When executing these statements I get the following complaint from valgrind:

==12533== Invalid read of size 1
==12533==    at 0x855BA6C: base64_decode (base64.c:106)
==12533==    by 0x83CD521: mysql_client_binlog_statement(THD*) (sql_binlog.cc:80)
==12533==    by 0x823DD35: mysql_execute_command(THD*) (sql_parse.cc:5187)
==12533==    by 0x823FAAE: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:6105)
==12533==    by 0x8235399: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1858)
==12533==    by 0x8234BA8: do_command(THD*) (sql_parse.cc:1627)
==12533==    by 0x8233CC4: handle_one_connection (sql_parse.cc:1233)
==12533==    by 0x4043E50: pthread_start_thread (in /lib/libpthread-0.10.so)
==12533==    by 0x41CA8A9: clone (in /lib/libc-2.3.2.so)
==12533==  Address 0x54FCA5B is 131 bytes inside a block of size 362 free'd
==12533==    at 0x401C39E: free (vg_replace_malloc.c:233)
==12533==    by 0x854A49C: my_no_flags_free (my_malloc.c:60)
==12533==    by 0x854AEBC: free_root (my_alloc.c:348)
==12533==    by 0x82BFFF5: Query_log_event::exec_event(st_relay_log_info*, char const*, unsigned) (log_event.cc:2138)
==12533==    by 0x82BF5C9: Query_log_event::exec_event(st_relay_log_info*) (log_event.cc:1873)
==12533==    by 0x83CD6B1: mysql_client_binlog_statement(THD*) (sql_binlog.cc:167)
==12533==    by 0x823DD35: mysql_execute_command(THD*) (sql_parse.cc:5187)
==12533==    by 0x823FAAE: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:6105)
==12533==    by 0x8235399: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1858)
==12533==    by 0x8234BA8: do_command(THD*) (sql_parse.cc:1627)
==12533==    by 0x8233CC4: handle_one_connection (sql_parse.cc:1233)
==12533==    by 0x4043E50: pthread_start_thread (in /lib/libpthread-0.10.so)
==12533==    by 0x41CA8A9: clone (in /lib/libc-2.3.2.so)

How to repeat:
Start mysqld inside valgrind, connect to it and execute BINLOG commands from the attached binlog.sql file.
[14 Feb 2007 10:09] Rafal Somla 
File with BINLOG statements

Attachment: binlog.sql (application/octet-stream, text), 1.31 KiB.
[19 Feb 2007 10:03] Sveta Smirnova 
Thank you for the report.

Verified as described.
[22 Mar 2007 10:31] Guilhem Bichot 
sent to Rafal changes to mysqlbinlog_base64* (for testing the bugfix of BUG#26194) which he should push when he has fixed BUG#26361 (because I can't push them because they trigger BUG#26361).
[31 Mar 2007 23:55] Bugs System 
Pushed into 5.1.18-beta