[MDEV-13135] Valgrind warnings (invalid write) in JOIN::save_query_plan - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 5.5(EOL), 10.0(EOL), 10.1(EOL), 10.2(EOL)
Fix Version/s: 5.5.58, 10.0.33, 10.1.29, 10.2.10
Component/s: Optimizer
Labels:
None

Sprint:
5.5.58

Description

CREATE TABLE t1 (a INT);

CREATE ALGORITHM=MERGE VIEW v1 AS SELECT a AS v_a FROM t1;

INSERT INTO t1 VALUES (1),(2);

CREATE TABLE t2 (b INT, KEY(b));

INSERT INTO t2 VALUES (3),(4);

SELECT * FROM t1 WHERE a NOT IN (

  SELECT b FROM t2 INNER JOIN v1 ON (b IN ( SELECT a FROM t1 ))

  WHERE v_a = b

);

5.5 ded614d7dbc930e373d1a69a0d2a7e4bf0a2c6d3
==5050== Invalid write of size 8
==5050== at 0x67166A: JOIN::save_query_plan(JOIN::Join_plan_state*) (sql_select.cc:23724)
==5050== by 0x6719BB: JOIN::reoptimize(Item, unsigned long long, JOIN::Join_plan_state) (sql_select.cc:23827)
==5050== by 0x751A8B: JOIN::choose_subquery_plan(unsigned long long) (opt_subselect.cc:5627)
==5050== by 0x640ED2: make_join_statistics(JOIN, List<TABLE_LIST>&, Item, st_dynamic_array*) (sql_select.cc:3835)
==5050== by 0x637ACC: JOIN::optimize() (sql_select.cc:1235)
==5050== by 0x5FBF08: st_select_lex::optimize_unflattened_subqueries(bool) (sql_lex.cc:3550)
==5050== by 0x7507EF: JOIN::optimize_unflattened_subqueries() (opt_subselect.cc:5092)
==5050== by 0x639584: JOIN::optimize() (sql_select.cc:1671)
==5050== by 0x63E57E: mysql_select(THD, Item*, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:3089)
==5050== by 0x634CB7: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:319)
==5050== by 0x60D3C2: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:4686)
==5050== by 0x606735: mysql_execute_command(THD*) (sql_parse.cc:2234)
==5050== by 0x60FFAB: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:5931)
==5050== by 0x603CC4: dispatch_command(enum_server_command, THD, char, unsigned int) (sql_parse.cc:1079)
==5050== by 0x602E7E: do_command(THD*) (sql_parse.cc:793)
==5050== by 0x70ABE2: do_handle_one_connection(THD*) (sql_connect.cc:1268)
==5050== Address 0xa93bd38 is 0 bytes after a block of size 1,128 alloc'd
==5050== at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==5050== by 0xCD7BBB: my_malloc (my_malloc.c:41)
==5050== by 0xCC8DCF: my_multi_malloc (mulalloc.c:51)
==5050== by 0x752858: JOIN::Join_plan_state::Join_plan_state(unsigned int) (sql_select.h:902)
==5050== by 0x7518BA: JOIN::choose_subquery_plan(unsigned long long) (opt_subselect.cc:5549)
==5050== by 0x640ED2: make_join_statistics(JOIN, List<TABLE_LIST>&, Item, st_dynamic_array*) (sql_select.cc:3835)
==5050== by 0x637ACC: JOIN::optimize() (sql_select.cc:1235)
==5050== by 0x5FBF08: st_select_lex::optimize_unflattened_subqueries(bool) (sql_lex.cc:3550)
==5050== by 0x7507EF: JOIN::optimize_unflattened_subqueries() (opt_subselect.cc:5092)
==5050== by 0x639584: JOIN::optimize() (sql_select.cc:1671)
==5050== by 0x63E57E: mysql_select(THD, Item*, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:3089)
==5050== by 0x634CB7: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:319)
==5050== by 0x60D3C2: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:4686)
==5050== by 0x606735: mysql_execute_command(THD*) (sql_parse.cc:2234)
==5050== by 0x60FFAB: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:5931)
==5050== by 0x603CC4: dispatch_command(enum_server_command, THD, char, unsigned int) (sql_parse.cc:1079)
==5050== Invalid read of size 8
==5050== at 0x6718C3: JOIN::restore_query_plan(JOIN::Join_plan_state*) (sql_select.cc:23772)
==5050== by 0x751D30: JOIN::choose_subquery_plan(unsigned long long) (opt_subselect.cc:5707)
==5050== by 0x640ED2: make_join_statistics(JOIN, List<TABLE_LIST>&, Item, st_dynamic_array*) (sql_select.cc:3835)
==5050== by 0x637ACC: JOIN::optimize() (sql_select.cc:1235)
==5050== by 0x5FBF08: st_select_lex::optimize_unflattened_subqueries(bool) (sql_lex.cc:3550)
==5050== by 0x7507EF: JOIN::optimize_unflattened_subqueries() (opt_subselect.cc:5092)
==5050== by 0x639584: JOIN::optimize() (sql_select.cc:1671)
==5050== by 0x63E57E: mysql_select(THD, Item*, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:3089)
==5050== by 0x634CB7: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:319)
==5050== by 0x60D3C2: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:4686)
==5050== by 0x606735: mysql_execute_command(THD*) (sql_parse.cc:2234)
==5050== by 0x60FFAB: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:5931)
==5050== by 0x603CC4: dispatch_command(enum_server_command, THD, char, unsigned int) (sql_parse.cc:1079)
==5050== by 0x602E7E: do_command(THD*) (sql_parse.cc:793)
==5050== by 0x70ABE2: do_handle_one_connection(THD*) (sql_connect.cc:1268)
==5050== by 0x70A96F: handle_one_connection (sql_connect.cc:1184)
==5050== Address 0xa93bd38 is 0 bytes after a block of size 1,128 alloc'd
==5050== at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==5050== by 0xCD7BBB: my_malloc (my_malloc.c:41)
==5050== by 0xCC8DCF: my_multi_malloc (mulalloc.c:51)
==5050== by 0x752858: JOIN::Join_plan_state::Join_plan_state(unsigned int) (sql_select.h:902)
==5050== by 0x7518BA: JOIN::choose_subquery_plan(unsigned long long) (opt_subselect.cc:5549)
==5050== by 0x640ED2: make_join_statistics(JOIN, List<TABLE_LIST>&, Item, st_dynamic_array*) (sql_select.cc:3835)
==5050== by 0x637ACC: JOIN::optimize() (sql_select.cc:1235)
==5050== by 0x5FBF08: st_select_lex::optimize_unflattened_subqueries(bool) (sql_lex.cc:3550)
==5050== by 0x7507EF: JOIN::optimize_unflattened_subqueries() (opt_subselect.cc:5092)
==5050== by 0x639584: JOIN::optimize() (sql_select.cc:1671)
==5050== by 0x63E57E: mysql_select(THD, Item*, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:3089)
==5050== by 0x634CB7: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:319)
==5050== by 0x60D3C2: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:4686)
==5050== by 0x606735: mysql_execute_command(THD*) (sql_parse.cc:2234)
==5050== by 0x60FFAB: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:5931)
==5050== by 0x603CC4: dispatch_command(enum_server_command, THD, char, unsigned int) (sql_parse.cc:1079)

Note: Better to use an actual valgrind build. When I run the test with --valgrind on a build built without valgrind, the memcheck seems to fall into an endless loop, it uses CPU, keeps producing new warnings and does not finish. With VALGRIND-enabled build, it's a normal routine.

Attachments

Activity

People

Assignee:: Igor Babaev

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2017-06-20 23:58

Updated:: 2017-12-01 18:40

Resolved:: 2017-10-13 19:18

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.