MariaDB

problems with savepoints and tokudb with 5.5

Bug #1023404 reported by rich prohaska on 2012-07-11

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	MariaDB	Fix Committed	High	Sergei Golubchik	MariaDB 5.5

Bug Description

We observed a problem with savepoints in Mariadb 5.5.25. The problem at the SQL layer is that a "rollback to savepoint" statement would get an error after the savepoint was created. The problem was caused by the savepoint name in the savepoint stack getting overwritten by the handlerton savepoint_set method.

We believe that the handler savepoint_offset initialization is WRONG. The ha_initialize_handlerton function executes the savepoint initialization twice, which breaks the contract spec'ed in the handler.h file.

Suppose that savepoint_alloc_size = 0, and hton->savepoint_offset = 32.
After the first savepoint init code is executed at line 504, savepoint_alloc_size = 32 and hton->savepoint_offset = 0.
After the second savepoint int code is executed at line 530, savepoint_alloc_size = 32 and hton->savepoint_offset = 32.
So, the handlerton's savepoint is outside of the memory allocated for the savepoint state.

Our fix is here: lp:~prohaska7/maria/5.5-savepoint-offset-fix

Related branches

lp:~maria-captains/maria/5.5-serg

Elena Stepanova (elenst) on 2012-07-11

Changed in maria:
assignee:	nobody → Kristian Nielsen (knielsen)
milestone:	none → 5.5
assignee:	Kristian Nielsen (knielsen) → Sergei (sergii)

Revision history for this message

Sergei Golubchik (sergii) wrote on 2012-07-11:

Thanks! It must be a result of a merge - the initialization code was moved down in mysql-5.5, and when merging it into mariadb bzr decided to keep both copies for some reason. Sorry for this!

Changed in maria:
status:	New → Confirmed
importance:	Undecided → High

Sergei Golubchik (sergii) on 2012-07-11

Changed in maria:
status:	Confirmed → Fix Committed

Revision history for this message

rich prohaska (prohaska7) wrote on 2012-07-11: Re: [Bug 1023404] Re: problems with savepoints and tokudb with 5.5

Hello,
Thanks for verifying the problem. I see that the 5.5 branch is fixed.
I dont understand when changes would be made on the maria trunk,
since the bug exists there as well.
Rich Prohaska

On Wed, Jul 11, 2012 at 10:14 AM, Sergei <email address hidden> wrote:
> Thanks! It must be a result of a merge - the initialization code was
> moved down in mysql-5.5, and when merging it into mariadb bzr decided to
> keep both copies for some reason. Sorry for this!
>
> ** Changed in: maria
> Status: New => Confirmed
>
> ** Changed in: maria
> Importance: Undecided => High
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1023404
>
> Title:
> problems with savepoints and tokudb with 5.5
>
> Status in Maria:
> Confirmed
>
> Bug description:
> We observed a problem with savepoints in Mariadb 5.5.25. The problem
> at the SQL layer is that a "rollback to savepoint" statement would get
> an error after the savepoint was created. The problem was caused by
> the savepoint name in the savepoint stack getting overwritten by the
> handlerton savepoint_set method.
>
> We believe that the handler savepoint_offset initialization is WRONG.
> The ha_initialize_handlerton function executes the savepoint
> initialization twice, which breaks the contract spec'ed in the
> handler.h file.
>
> Suppose that savepoint_alloc_size = 0, and hton->savepoint_offset = 32.
> After the first savepoint init code is executed at line 504, savepoint_alloc_size = 32 and hton->savepoint_offset = 0.
> After the second savepoint int code is executed at line 530, savepoint_alloc_size = 32 and hton->savepoint_offset = 32.
> So, the handlerton's savepoint is outside of the memory allocated for the savepoint state.
>
> Our fix is here: lp:~prohaska7/maria/5.5-savepoint-offset-fix
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/maria/+bug/1023404/+subscriptions

Hello,
Thanks for verifying the problem.  I see that the 5.5 branch is fixed.
 I dont understand when changes would be made on the maria trunk,
since the bug exists there as well.
Rich Prohaska

On Wed, Jul 11, 2012 at 10:14 AM, Sergei <1023404@bugs.launchpad.net> wrote:
> Thanks! It must be a result of a merge - the initialization code was
> moved down in mysql-5.5, and when merging it into mariadb bzr decided to
> keep both copies for some reason. Sorry for this!
>
> ** Changed in: maria
>        Status: New => Confirmed
>
> ** Changed in: maria
>    Importance: Undecided => High
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1023404
>
> Title:
>   problems with savepoints and tokudb with 5.5
>
> Status in Maria:
>   Confirmed
>
> Bug description:
>   We observed a problem with savepoints in Mariadb 5.5.25.  The problem
>   at the SQL layer is that a "rollback to savepoint" statement would get
>   an error after the savepoint was created.  The problem was caused by
>   the savepoint name in the savepoint stack getting overwritten by the
>   handlerton savepoint_set method.
>
>   We believe that the handler savepoint_offset initialization is WRONG.
>   The ha_initialize_handlerton function executes the savepoint
>   initialization twice, which breaks the contract spec'ed in the
>   handler.h file.
>
>   Suppose that savepoint_alloc_size = 0, and hton->savepoint_offset = 32.
>   After the first savepoint init code is executed at line 504,  savepoint_alloc_size = 32 and hton->savepoint_offset = 0.
>   After the second savepoint int code is executed at line 530, savepoint_alloc_size = 32 and hton->savepoint_offset = 32.
>   So, the handlerton's savepoint is outside of the memory allocated for the savepoint state.
>
>   Our fix is here:   lp:~prohaska7/maria/5.5-savepoint-offset-fix
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/maria/+bug/1023404/+subscriptions

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.