Bug #58069 | LOAD DATA INFILE: valgrind reports invalid memory reads and writes with utf8 | ||
---|---|---|---|
Submitted: | 9 Nov 2010 7:20 | Modified: | 3 May 2011 0:46 |
Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: General | Severity: | S1 (Critical) |
Version: | 5.0.92,5.1.53, 5.1.54, 5.5.8 | OS: | Linux (FC13 x64) |
Assigned to: | CPU Architecture: | Any | |
Tags: | GIGO, LOAD DATA INFILE, regression, utf8, valgrind |
[9 Nov 2010 7:20]
Shane Bester
[9 Nov 2010 7:21]
MySQL Verification Team
data.bin file
Attachment: data.bin (application/octet-stream, text), 43.34 KiB.
[9 Nov 2010 8:25]
Valeriy Kravchuk
Not repeatable for me with current mysql-5.1 tree from bzr, so looks like a recent regression.
[9 Nov 2010 8:45]
MySQL Verification Team
humble apologies for confusion. this is repeatable on 5.1.52 but only when build like this: ./BUILD/compile-pentium-valgrind-max
[9 Nov 2010 9:43]
Valeriy Kravchuk
Verified as described in the last comment (using -valgrind build) with current mysql-5.1 tree on 32-bit Ubuntu: ... ==26204== 1312 errors in context 2 of 9: ==26204== Invalid write of size 4 ==26204== at 0x83FAA4B: READ_INFO::read_field() (sql_load.cc:1328) ==26204== by 0x83F9263: read_sep_field(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, String&, unsigned long, bool) (sql_load.cc:872) ==26204== by 0x83F7FA8: mysql_load(THD*, sql_exchange*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) (sql_load.cc:442) ==26204== by 0x8291242: mysql_execute_command(THD*) (sql_parse.cc:3524) ==26204== by 0x8298EE1: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6051) ==26204== by 0x828AD28: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1260) ==26204== by 0x8289E30: do_command(THD*) (sql_parse.cc:888) ==26204== by 0x8287FD1: handle_one_connection (sql_connect.cc:1136) ==26204== by 0x404196D: start_thread (pthread_create.c:300) ==26204== by 0x4196A4D: clone (clone.S:130) ==26204== Address 0x5cb5a00 is 0 bytes after a block of size 24 alloc'd ==26204== at 0x4024F20: malloc (vg_replace_malloc.c:236) ==26204== by 0x85E0D24: my_malloc (my_malloc.c:35) ==26204== by 0x85E1A18: alloc_root (my_alloc.c:166) ==26204== by 0x821C568: sql_alloc(unsigned int) (thr_malloc.cc:69) ==26204== by 0x83FA1A0: READ_INFO::READ_INFO(int, unsigned int, charset_info_st*, String&, String&, String&, String&, int, bool, bool) (sql_load.cc:1106) ==26204== by 0x83F7C1E: mysql_load(THD*, sql_exchange*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) (sql_load.cc:382) ==26204== by 0x8291242: mysql_execute_command(THD*) (sql_parse.cc:3524) ==26204== by 0x8298EE1: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6051) ==26204== by 0x828AD28: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1260) ==26204== by 0x8289E30: do_command(THD*) (sql_parse.cc:888) ==26204== by 0x8287FD1: handle_one_connection (sql_connect.cc:1136) ==26204== by 0x404196D: start_thread (pthread_create.c:300) ==26204== --26204-- --26204-- used_suppression: 27 dl-hack3-cond-1 ==26204== ==26204== ERROR SUMMARY: 2631 errors from 9 contexts (suppressed: 27 from 10) ...
[3 May 2011 0:46]
Paul DuBois
Noted in 5.1.58, 5.5.13, 5.6.3 changelogs. For LOAD DATA INFILE, multibyte character sequences could be pushed onto a stack too small to accommodate them. CHANGESET - http://lists.mysql.com/commits/135499