[MDEV-19303] Valgrind warnings about uninitialised values in dtuple_validate or mi_rrnd or ma_rrnd upon UPDATE/DELETE .. ORDER BY from sequence - Jira

Details

Type: Bug
Status: Open (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL), 11.4, 11.6(EOL)
Fix Version/s: 10.5, 10.6, 10.11, 11.4
Component/s: Sequences
Labels:
- valgrind
Environment:
gcc (Debian 4.9.2-10) 4.9.2 valgrind-3.12.0.SVN

Description

Remember to run with --valgrind.

CREATE SEQUENCE s ENGINE=MyISAM;

DELETE IGNORE FROM s ORDER BY cache_size;

# Cleanup

DROP SEQUENCE s;

10.3 765ae6e8
==25702== Thread 6:
==25702== Conditional jump or move depends on uninitialised value(s)
==25702== at 0x123E5F4: mi_rrnd (mi_rrnd.c:40)
==25702== by 0x1201E01: ha_myisam::rnd_pos(unsigned char, unsigned char) (ha_myisam.cc:1975)
==25702== by 0x128F699: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==25702== by 0xAD4339: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2846)
==25702== by 0xC5A42E: rr_from_pointers(READ_RECORD*) (records.cc:547)
==25702== by 0x728E64: READ_RECORD::read_record() (records.h:73)
==25702== by 0xC7870D: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:730)
==25702== by 0x7C8591: mysql_execute_command(THD*) (sql_parse.cc:4927)
==25702== by 0x7D273E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8091)
==25702== by 0x7BF8C5: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==25702== by 0x7BE2AF: do_command(THD*) (sql_parse.cc:1403)
==25702== by 0x92CBF0: do_handle_one_connection(CONNECT*) (sql_connect.cc:1402)
==25702== by 0x92C974: handle_one_connection (sql_connect.cc:1308)
==25702== by 0xD2438E: pfs_spawn_thread (pfs.cc:1862)
==25702== by 0x4E3F493: start_thread (pthread_create.c:333)
==25702== by 0x6EB893E: clone (clone.S:97)
==25702== Conditional jump or move depends on uninitialised value(s)
==25702== at 0x1245367: _mi_read_rnd_static_record (mi_statrec.c:250)
==25702== by 0x123E6DE: mi_rrnd (mi_rrnd.c:59)
==25702== by 0x1201E01: ha_myisam::rnd_pos(unsigned char, unsigned char) (ha_myisam.cc:1975)
==25702== by 0x128F699: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==25702== by 0xAD4339: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2846)
==25702== by 0xC5A42E: rr_from_pointers(READ_RECORD*) (records.cc:547)
==25702== by 0x728E64: READ_RECORD::read_record() (records.h:73)
==25702== by 0xC7870D: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:730)
==25702== by 0x7C8591: mysql_execute_command(THD*) (sql_parse.cc:4927)
==25702== by 0x7D273E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8091)
==25702== by 0x7BF8C5: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==25702== by 0x7BE2AF: do_command(THD*) (sql_parse.cc:1403)
==25702== by 0x92CBF0: do_handle_one_connection(CONNECT*) (sql_connect.cc:1402)
==25702== by 0x92C974: handle_one_connection (sql_connect.cc:1308)
==25702== by 0xD2438E: pfs_spawn_thread (pfs.cc:1862)
==25702== by 0x4E3F493: start_thread (pthread_create.c:333)

--source include/have_innodb.inc

CREATE SEQUENCE s ENGINE=InnoDB;

DELETE IGNORE FROM s ORDER BY cache_size;

# Cleanup

DROP SEQUENCE s;

10.3 765ae6e8
==25926== Thread 27:
==25926== Uninitialised byte(s) found during client check request
==25926== at 0x1023053: dtuple_validate(dtuple_t const*) (data0data.cc:261)
==25926== by 0xE1E84D: page_cur_search_with_match_bytes(buf_block_t const, dict_index_t const, dtuple_t const, page_cur_mode_t, unsigned long, unsigned long, unsigned long, unsigned long, page_cur_t) (page0cur.cc:599)
==25926== by 0xFAFF11: btr_cur_search_to_nth_level_func(dict_index_t, unsigned long, dtuple_t const, page_cur_mode_t, unsigned long, btr_cur_t, rw_lock_t, char const, unsigned int, mtr_t, unsigned long) (btr0cur.cc:1841)
==25926== by 0xEDC446: btr_pcur_open_with_no_init_func(dict_index_t, dtuple_t const, page_cur_mode_t, unsigned long, btr_pcur_t, rw_lock_t, char const, unsigned int, mtr_t) (btr0pcur.ic:527)
==25926== by 0xEE842D: row_search_mvcc(unsigned char, page_cur_mode_t, row_prebuilt_t, unsigned long, unsigned long) (row0sel.cc:4602)
==25926== by 0xD48B82: ha_innobase::index_read(unsigned char, unsigned char const, unsigned int, ha_rkey_function) (ha_innodb.cc:9332)
==25926== by 0xD49CFC: ha_innobase::rnd_pos(unsigned char, unsigned char) (ha_innodb.cc:9834)
==25926== by 0x128F699: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==25926== by 0xAD4339: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2846)
==25926== by 0xC5A42E: rr_from_pointers(READ_RECORD*) (records.cc:547)
==25926== by 0x728E64: READ_RECORD::read_record() (records.h:73)
==25926== by 0xC7870D: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:730)
==25926== by 0x7C8591: mysql_execute_command(THD*) (sql_parse.cc:4927)
==25926== by 0x7D273E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8091)
==25926== by 0x7BF8C5: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==25926== by 0x7BE2AF: do_command(THD*) (sql_parse.cc:1403)
==25926== Address 0x19c1e0d8 is 8 bytes inside a block of size 16 alloc'd
==25926== at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
==25926== by 0x12C0E31: my_malloc (my_malloc.c:101)
==25926== by 0xAC92C7: save_index(Sort_param, unsigned int, SORT_INFO) (filesort.cc:1288)
==25926== by 0xAC62C1: filesort(THD, TABLE, Filesort, Filesort_tracker, JOIN*, unsigned long long) (filesort.cc:283)
==25926== by 0xC77E30: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:636)
==25926== by 0x7C8591: mysql_execute_command(THD*) (sql_parse.cc:4927)
==25926== by 0x7D273E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8091)
==25926== by 0x7BF8C5: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==25926== by 0x7BE2AF: do_command(THD*) (sql_parse.cc:1403)
==25926== by 0x92CBF0: do_handle_one_connection(CONNECT*) (sql_connect.cc:1402)
==25926== by 0x92C974: handle_one_connection (sql_connect.cc:1308)
==25926== by 0xD2438E: pfs_spawn_thread (pfs.cc:1862)
==25926== by 0x4E3F493: start_thread (pthread_create.c:333)
==25926== by 0x6EB893E: clone (clone.S:97)
==25926== Conditional jump or move depends on uninitialised value(s)
==25926== at 0xE5657E: cmp_dtuple_rec_with_match_bytes(dtuple_t const, unsigned char const, dict_index_t const, unsigned long const, unsigned long, unsigned long) (rem0cmp.cc:916)
==25926== by 0xE1EEE0: page_cur_search_with_match_bytes(buf_block_t const, dict_index_t const, dtuple_t const, page_cur_mode_t, unsigned long, unsigned long, unsigned long, unsigned long, page_cur_t) (page0cur.cc:749)
==25926== by 0xFAFF11: btr_cur_search_to_nth_level_func(dict_index_t, unsigned long, dtuple_t const, page_cur_mode_t, unsigned long, btr_cur_t, rw_lock_t, char const, unsigned int, mtr_t, unsigned long) (btr0cur.cc:1841)
==25926== by 0xEDC446: btr_pcur_open_with_no_init_func(dict_index_t, dtuple_t const, page_cur_mode_t, unsigned long, btr_pcur_t, rw_lock_t, char const, unsigned int, mtr_t) (btr0pcur.ic:527)
==25926== by 0xEE842D: row_search_mvcc(unsigned char, page_cur_mode_t, row_prebuilt_t, unsigned long, unsigned long) (row0sel.cc:4602)
==25926== by 0xD48B82: ha_innobase::index_read(unsigned char, unsigned char const, unsigned int, ha_rkey_function) (ha_innodb.cc:9332)
==25926== by 0xD49CFC: ha_innobase::rnd_pos(unsigned char, unsigned char) (ha_innodb.cc:9834)
==25926== by 0x128F699: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==25926== by 0xAD4339: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2846)
==25926== by 0xC5A42E: rr_from_pointers(READ_RECORD*) (records.cc:547)
==25926== by 0x728E64: READ_RECORD::read_record() (records.h:73)
==25926== by 0xC7870D: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:730)
==25926== by 0x7C8591: mysql_execute_command(THD*) (sql_parse.cc:4927)
==25926== by 0x7D273E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8091)
==25926== by 0x7BF8C5: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==25926== by 0x7BE2AF: do_command(THD*) (sql_parse.cc:1403)
==25926== Conditional jump or move depends on uninitialised value(s)
==25926== at 0xE56591: cmp_dtuple_rec_with_match_bytes(dtuple_t const, unsigned char const, dict_index_t const, unsigned long const, unsigned long, unsigned long) (rem0cmp.cc:919)
==25926== by 0xE1EEE0: page_cur_search_with_match_bytes(buf_block_t const, dict_index_t const, dtuple_t const, page_cur_mode_t, unsigned long, unsigned long, unsigned long, unsigned long, page_cur_t) (page0cur.cc:749)
==25926== by 0xFAFF11: btr_cur_search_to_nth_level_func(dict_index_t, unsigned long, dtuple_t const, page_cur_mode_t, unsigned long, btr_cur_t, rw_lock_t, char const, unsigned int, mtr_t, unsigned long) (btr0cur.cc:1841)
==25926== by 0xEDC446: btr_pcur_open_with_no_init_func(dict_index_t, dtuple_t const, page_cur_mode_t, unsigned long, btr_pcur_t, rw_lock_t, char const, unsigned int, mtr_t) (btr0pcur.ic:527)
==25926== by 0xEE842D: row_search_mvcc(unsigned char, page_cur_mode_t, row_prebuilt_t, unsigned long, unsigned long) (row0sel.cc:4602)
==25926== by 0xD48B82: ha_innobase::index_read(unsigned char, unsigned char const, unsigned int, ha_rkey_function) (ha_innodb.cc:9332)
==25926== by 0xD49CFC: ha_innobase::rnd_pos(unsigned char, unsigned char) (ha_innodb.cc:9834)
==25926== by 0x128F699: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==25926== by 0xAD4339: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2846)
==25926== by 0xC5A42E: rr_from_pointers(READ_RECORD*) (records.cc:547)
==25926== by 0x728E64: READ_RECORD::read_record() (records.h:73)
==25926== by 0xC7870D: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:730)
==25926== by 0x7C8591: mysql_execute_command(THD*) (sql_parse.cc:4927)
==25926== by 0x7D273E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8091)
==25926== by 0x7BF8C5: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==25926== by 0x7BE2AF: do_command(THD*) (sql_parse.cc:1403)

Aria additionally produces an unexpected error, so it needs to be masked in order to get Valgrind errors:

CREATE SEQUENCE s ENGINE=Aria;

--error ER_GET_ERRNO

DELETE FROM s ORDER BY cache_size;

# Cleanup

DROP SEQUENCE s;

10.4 d18ef804
ERROR HY000: Got error 175 "File too short; Expected more data in file" from storage engine Aria
...
==5883== Thread 6:
==5883== Conditional jump or move depends on uninitialised value(s)
==5883== at 0x126FB91: maria_rrnd (ma_rrnd.c:36)
==5883== by 0x1214E27: ha_maria::rnd_pos(unsigned char, unsigned char) (ha_maria.cc:2552)
==5883== by 0x13CC983: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==5883== by 0xBE3B5F: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2841)
==5883== by 0xD76FE0: rr_from_pointers(READ_RECORD*) (records.cc:547)
==5883== by 0x7EB208: READ_RECORD::read_record() (records.h:73)
==5883== by 0xD958C6: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:804)
==5883== by 0x89A778: mysql_execute_command(THD*) (sql_parse.cc:4977)
==5883== by 0x8A58FA: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8149)
==5883== by 0x890E85: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1828)
==5883== by 0x88F645: do_command(THD*) (sql_parse.cc:1361)
==5883== by 0xA0D0BA: do_handle_one_connection(CONNECT*) (sql_connect.cc:1398)
==5883== by 0xA0CE1E: handle_one_connection (sql_connect.cc:1301)
==5883== by 0x1393800: pfs_spawn_thread (pfs.cc:1862)
==5883== by 0x4E3F4A3: start_thread (pthread_create.c:456)
==5883== by 0x6937D0E: clone (clone.S:97)
==5883== Conditional jump or move depends on uninitialised value(s)
==5883== at 0x1271377: _ma_read_static_record (ma_statrec.c:175)
==5883== by 0x126FC42: maria_rrnd (ma_rrnd.c:44)
==5883== by 0x1214E27: ha_maria::rnd_pos(unsigned char, unsigned char) (ha_maria.cc:2552)
==5883== by 0x13CC983: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==5883== by 0xBE3B5F: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2841)
==5883== by 0xD76FE0: rr_from_pointers(READ_RECORD*) (records.cc:547)
==5883== by 0x7EB208: READ_RECORD::read_record() (records.h:73)
==5883== by 0xD958C6: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:804)
==5883== by 0x89A778: mysql_execute_command(THD*) (sql_parse.cc:4977)
==5883== by 0x8A58FA: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8149)
==5883== by 0x890E85: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1828)
==5883== by 0x88F645: do_command(THD*) (sql_parse.cc:1361)
==5883== by 0xA0D0BA: do_handle_one_connection(CONNECT*) (sql_connect.cc:1398)
==5883== by 0xA0CE1E: handle_one_connection (sql_connect.cc:1301)
==5883== by 0x1393800: pfs_spawn_thread (pfs.cc:1862)
==5883== by 0x4E3F4A3: start_thread (pthread_create.c:456)
==5883== Syscall param pread64(offset) contains uninitialised byte(s)
==5883== at 0x4E48923: ??? (syscall-template.S:84)
==5883== by 0x1400867: my_pread (my_pread.c:66)
==5883== by 0x11FFFBB: inline_mysql_file_pread (mysql_file.h:1206)
==5883== by 0x12004B1: _ma_nommap_pread (ma_dynrec.c:162)
==5883== by 0x12713F1: _ma_read_static_record (ma_statrec.c:183)
==5883== by 0x126FC42: maria_rrnd (ma_rrnd.c:44)
==5883== by 0x1214E27: ha_maria::rnd_pos(unsigned char, unsigned char) (ha_maria.cc:2552)
==5883== by 0x13CC983: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==5883== by 0xBE3B5F: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2841)
==5883== by 0xD76FE0: rr_from_pointers(READ_RECORD*) (records.cc:547)
==5883== by 0x7EB208: READ_RECORD::read_record() (records.h:73)
==5883== by 0xD958C6: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:804)
==5883== by 0x89A778: mysql_execute_command(THD*) (sql_parse.cc:4977)
==5883== by 0x8A58FA: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8149)
==5883== by 0x890E85: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1828)
==5883== by 0x88F645: do_command(THD*) (sql_parse.cc:1361)

Attachments

Issue Links

relates to

MDEV-19320 Sequence gets corrupted and produces ER_KEY_NOT_FOUND (Can't find record) after ALTER .. ORDER BY

Closed

Activity

Descending order - Click to sort in ascending order

Elena Stepanova added a comment - 2023-10-12 19:43

Starting from 11.0, there is an additional valgrind error upon the same test case (and the only error in MSAN):

11.2 872ed5342 MSAN
==2835297==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5614675297c2 in Sort_costs::compute_fastest_sort() /data/src/11.2-msan/sql/filesort_utils.cc:194:9
#1 0x5614675297c2 in Sort_costs::compute_sort_costs(Sort_param*, unsigned long long, unsigned long, bool) /data/src/11.2-msan/sql/filesort_utils.cc:312:3
#2 0x561467531095 in filesort(THD, TABLE, Filesort, Filesort_tracker, JOIN*, unsigned long long) /data/src/11.2-msan/sql/filesort.cc:290:9
#3 0x5614665c610b in Sql_cmd_delete::delete_from_single_table(THD*) /data/src/11.2-msan/sql/sql_delete.cc:656:24
#4 0x5614665d9ee9 in Sql_cmd_delete::execute_inner(THD*) /data/src/11.2-msan/sql/sql_delete.cc:1797:28
#5 0x561466a1a7b8 in Sql_cmd_dml::execute(THD*) /data/src/11.2-msan/sql/sql_select.cc:33407:9
#6 0x561466748d94 in mysql_execute_command(THD*, bool) /data/src/11.2-msan/sql/sql_parse.cc:4404:27
#7 0x56146672f78a in mysql_parse(THD, char, unsigned int, Parser_state*) /data/src/11.2-msan/sql/sql_parse.cc:7810:18
#8 0x561466723cd7 in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /data/src/11.2-msan/sql/sql_parse.cc:1893:7
#9 0x561466731b80 in do_command(THD*, bool) /data/src/11.2-msan/sql/sql_parse.cc:1406:17
#10 0x561466de9adf in do_handle_one_connection(CONNECT*, bool) /data/src/11.2-msan/sql/sql_connect.cc:1445:11
#11 0x561466de90b5 in handle_one_connection /data/src/11.2-msan/sql/sql_connect.cc:1347:5
#12 0x5614681f9aba in pfs_spawn_thread /data/src/11.2-msan/storage/perfschema/pfs.cc:2201:3
#13 0x7fd53420cfd3 in start_thread nptl/./nptl/pthread_create.c:442:8
#14 0x7fd53428d5bb in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Uninitialized value was stored to memory at
#0 0x561467529462 in Sort_costs::compute_merge_sort_costs(Sort_param*, unsigned long long, unsigned long, bool) /data/src/11.2-msan/sql/filesort_utils.cc:276:38

Memory was marked as uninitialized
#0 0x5614661179ce in __msan_allocated_memory (/mnt8t/src/11.2-msan/sql/mariadbd+0x7c49ce)
#1 0x5614675790b2 in handler::ha_open(TABLE, char const, int, unsigned int, st_mem_root, List<String>) /data/src/11.2-msan/sql/handler.cc:3550:20

SUMMARY: MemorySanitizer: use-of-uninitialized-value /data/src/11.2-msan/sql/filesort_utils.cc:194:9 in Sort_costs::compute_fastest_sort()

11.0 5e2d08b5 Valgrind
==2835019== Thread 6:
==2835019== Conditional jump or move depends on uninitialised value(s)
==2835019== at 0xF0D25E: Sort_costs::compute_fastest_sort() (filesort_utils.cc:194)
==2835019== by 0xF0D65B: Sort_costs::compute_sort_costs(Sort_param*, unsigned long long, unsigned long, bool) (filesort_utils.cc:312)
==2835019== by 0xF0F60B: filesort(THD, TABLE, Filesort, Filesort_tracker, JOIN*, unsigned long long) (filesort.cc:290)
==2835019== by 0xAB5DCD: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:685)
==2835019== by 0xB225DB: mysql_execute_command(THD*, bool) (sql_parse.cc:4827)
==2835019== by 0xB2D311: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:8030)
==2835019== by 0xB18D9E: dispatch_command(enum_server_command, THD, char, unsigned int, bool) (sql_parse.cc:1894)
==2835019== by 0xB176F7: do_command(THD*, bool) (sql_parse.cc:1407)
==2835019== by 0xD1448F: do_handle_one_connection(CONNECT*, bool) (sql_connect.cc:1416)
==2835019== by 0xD14204: handle_one_connection (sql_connect.cc:1318)
==2835019== by 0x124ADED: pfs_spawn_thread (pfs.cc:2201)
==2835019== by 0x522EFD3: start_thread (pthread_create.c:442)
==2835019== by 0x52AE81F: clone (clone.S:100)
==2835019== Conditional jump or move depends on uninitialised value(s)
==2835019== at 0x17DE92F: _mi_read_rnd_static_record (mi_statrec.c:250)
==2835019== by 0x17D79C9: mi_rrnd (mi_rrnd.c:59)
==2835019== by 0x179972B: ha_myisam::rnd_pos(unsigned char, unsigned char) (ha_myisam.cc:2097)
==2835019== by 0x12D79BE: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==2835019== by 0xF2677A: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:3651)
==2835019== by 0x9D9772: rr_from_pointers(READ_RECORD*) (records.cc:610)
==2835019== by 0x9C3408: READ_RECORD::read_record() (records.h:81)
==2835019== by 0xAB6A6E: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:822)
==2835019== by 0xB225DB: mysql_execute_command(THD*, bool) (sql_parse.cc:4827)
==2835019== by 0xB2D311: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:8030)
==2835019== by 0xB18D9E: dispatch_command(enum_server_command, THD, char, unsigned int, bool) (sql_parse.cc:1894)
==2835019== by 0xB176F7: do_command(THD*, bool) (sql_parse.cc:1407)
==2835019== by 0xD1448F: do_handle_one_connection(CONNECT*, bool) (sql_connect.cc:1416)
==2835019== by 0xD14204: handle_one_connection (sql_connect.cc:1318)
==2835019== by 0x124ADED: pfs_spawn_thread (pfs.cc:2201)
==2835019== by 0x522EFD3: start_thread (pthread_create.c:442)
==2835019== Syscall param pread64(offset) contains uninitialised byte(s)
==2835019== at 0x529C1A7: __libc_pread64 (pread64.c:25)
==2835019== by 0x529C1A7: pread (pread64.c:23)
==2835019== by 0x183A7AF: my_pread (my_pread.c:66)
==2835019== by 0x17B7842: inline_mysql_file_pread (mysql_file.h:1196)
==2835019== by 0x17B7FA7: mi_nommap_pread (mi_dynrec.c:202)
==2835019== by 0x17DE695: _mi_read_static_record (mi_statrec.c:178)
==2835019== by 0x17DEA18: _mi_read_rnd_static_record (mi_statrec.c:263)
==2835019== by 0x17D79C9: mi_rrnd (mi_rrnd.c:59)
==2835019== by 0x179972B: ha_myisam::rnd_pos(unsigned char, unsigned char) (ha_myisam.cc:2097)
==2835019== by 0x12D79BE: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==2835019== by 0xF2677A: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:3651)
==2835019== by 0x9D9772: rr_from_pointers(READ_RECORD*) (records.cc:610)
==2835019== by 0x9C3408: READ_RECORD::read_record() (records.h:81)
==2835019== by 0xAB6A6E: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:822)
==2835019== by 0xB225DB: mysql_execute_command(THD*, bool) (sql_parse.cc:4827)
==2835019== by 0xB2D311: mysql_parse(THD, char, unsigned int, Parser_state*) (sql_parse.cc:8030)
==2835019== by 0xB18D9E: dispatch_command(enum_server_command, THD, char, unsigned int, bool) (sql_parse.cc:1894)

Elena Stepanova added a comment - 2023-10-12 19:43 Starting from 11.0, there is an additional valgrind error upon the same test case (and the only error in MSAN): 11.2 872ed5342 MSAN ==2835297==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x5614675297c2 in Sort_costs::compute_fastest_sort() /data/src/11.2-msan/sql/filesort_utils.cc:194:9 #1 0x5614675297c2 in Sort_costs::compute_sort_costs(Sort_param*, unsigned long long, unsigned long, bool) /data/src/11.2-msan/sql/filesort_utils.cc:312:3 #2 0x561467531095 in filesort(THD*, TABLE*, Filesort*, Filesort_tracker*, JOIN*, unsigned long long) /data/src/11.2-msan/sql/filesort.cc:290:9 #3 0x5614665c610b in Sql_cmd_delete::delete_from_single_table(THD*) /data/src/11.2-msan/sql/sql_delete.cc:656:24 #4 0x5614665d9ee9 in Sql_cmd_delete::execute_inner(THD*) /data/src/11.2-msan/sql/sql_delete.cc:1797:28 #5 0x561466a1a7b8 in Sql_cmd_dml::execute(THD*) /data/src/11.2-msan/sql/sql_select.cc:33407:9 #6 0x561466748d94 in mysql_execute_command(THD*, bool) /data/src/11.2-msan/sql/sql_parse.cc:4404:27 #7 0x56146672f78a in mysql_parse(THD*, char*, unsigned int, Parser_state*) /data/src/11.2-msan/sql/sql_parse.cc:7810:18 #8 0x561466723cd7 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /data/src/11.2-msan/sql/sql_parse.cc:1893:7 #9 0x561466731b80 in do_command(THD*, bool) /data/src/11.2-msan/sql/sql_parse.cc:1406:17 #10 0x561466de9adf in do_handle_one_connection(CONNECT*, bool) /data/src/11.2-msan/sql/sql_connect.cc:1445:11 #11 0x561466de90b5 in handle_one_connection /data/src/11.2-msan/sql/sql_connect.cc:1347:5 #12 0x5614681f9aba in pfs_spawn_thread /data/src/11.2-msan/storage/perfschema/pfs.cc:2201:3 #13 0x7fd53420cfd3 in start_thread nptl/./nptl/pthread_create.c:442:8 #14 0x7fd53428d5bb in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 Uninitialized value was stored to memory at #0 0x561467529462 in Sort_costs::compute_merge_sort_costs(Sort_param*, unsigned long long, unsigned long, bool) /data/src/11.2-msan/sql/filesort_utils.cc:276:38 Memory was marked as uninitialized #0 0x5614661179ce in __msan_allocated_memory (/mnt8t/src/11.2-msan/sql/mariadbd+0x7c49ce) #1 0x5614675790b2 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /data/src/11.2-msan/sql/handler.cc:3550:20 SUMMARY: MemorySanitizer: use-of-uninitialized-value /data/src/11.2-msan/sql/filesort_utils.cc:194:9 in Sort_costs::compute_fastest_sort() 11.0 5e2d08b5 Valgrind ==2835019== Thread 6: ==2835019== Conditional jump or move depends on uninitialised value(s) ==2835019== at 0xF0D25E: Sort_costs::compute_fastest_sort() (filesort_utils.cc:194) ==2835019== by 0xF0D65B: Sort_costs::compute_sort_costs(Sort_param*, unsigned long long, unsigned long, bool) (filesort_utils.cc:312) ==2835019== by 0xF0F60B: filesort(THD*, TABLE*, Filesort*, Filesort_tracker*, JOIN*, unsigned long long) (filesort.cc:290) ==2835019== by 0xAB5DCD: mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:685) ==2835019== by 0xB225DB: mysql_execute_command(THD*, bool) (sql_parse.cc:4827) ==2835019== by 0xB2D311: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:8030) ==2835019== by 0xB18D9E: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) (sql_parse.cc:1894) ==2835019== by 0xB176F7: do_command(THD*, bool) (sql_parse.cc:1407) ==2835019== by 0xD1448F: do_handle_one_connection(CONNECT*, bool) (sql_connect.cc:1416) ==2835019== by 0xD14204: handle_one_connection (sql_connect.cc:1318) ==2835019== by 0x124ADED: pfs_spawn_thread (pfs.cc:2201) ==2835019== by 0x522EFD3: start_thread (pthread_create.c:442) ==2835019== by 0x52AE81F: clone (clone.S:100) ==2835019== Conditional jump or move depends on uninitialised value(s) ==2835019== at 0x17DE92F: _mi_read_rnd_static_record (mi_statrec.c:250) ==2835019== by 0x17D79C9: mi_rrnd (mi_rrnd.c:59) ==2835019== by 0x179972B: ha_myisam::rnd_pos(unsigned char*, unsigned char*) (ha_myisam.cc:2097) ==2835019== by 0x12D79BE: ha_sequence::rnd_pos(unsigned char*, unsigned char*) (ha_sequence.h:121) ==2835019== by 0xF2677A: handler::ha_rnd_pos(unsigned char*, unsigned char*) (handler.cc:3651) ==2835019== by 0x9D9772: rr_from_pointers(READ_RECORD*) (records.cc:610) ==2835019== by 0x9C3408: READ_RECORD::read_record() (records.h:81) ==2835019== by 0xAB6A6E: mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:822) ==2835019== by 0xB225DB: mysql_execute_command(THD*, bool) (sql_parse.cc:4827) ==2835019== by 0xB2D311: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:8030) ==2835019== by 0xB18D9E: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) (sql_parse.cc:1894) ==2835019== by 0xB176F7: do_command(THD*, bool) (sql_parse.cc:1407) ==2835019== by 0xD1448F: do_handle_one_connection(CONNECT*, bool) (sql_connect.cc:1416) ==2835019== by 0xD14204: handle_one_connection (sql_connect.cc:1318) ==2835019== by 0x124ADED: pfs_spawn_thread (pfs.cc:2201) ==2835019== by 0x522EFD3: start_thread (pthread_create.c:442) ==2835019== Syscall param pread64(offset) contains uninitialised byte(s) ==2835019== at 0x529C1A7: __libc_pread64 (pread64.c:25) ==2835019== by 0x529C1A7: pread (pread64.c:23) ==2835019== by 0x183A7AF: my_pread (my_pread.c:66) ==2835019== by 0x17B7842: inline_mysql_file_pread (mysql_file.h:1196) ==2835019== by 0x17B7FA7: mi_nommap_pread (mi_dynrec.c:202) ==2835019== by 0x17DE695: _mi_read_static_record (mi_statrec.c:178) ==2835019== by 0x17DEA18: _mi_read_rnd_static_record (mi_statrec.c:263) ==2835019== by 0x17D79C9: mi_rrnd (mi_rrnd.c:59) ==2835019== by 0x179972B: ha_myisam::rnd_pos(unsigned char*, unsigned char*) (ha_myisam.cc:2097) ==2835019== by 0x12D79BE: ha_sequence::rnd_pos(unsigned char*, unsigned char*) (ha_sequence.h:121) ==2835019== by 0xF2677A: handler::ha_rnd_pos(unsigned char*, unsigned char*) (handler.cc:3651) ==2835019== by 0x9D9772: rr_from_pointers(READ_RECORD*) (records.cc:610) ==2835019== by 0x9C3408: READ_RECORD::read_record() (records.h:81) ==2835019== by 0xAB6A6E: mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:822) ==2835019== by 0xB225DB: mysql_execute_command(THD*, bool) (sql_parse.cc:4827) ==2835019== by 0xB2D311: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:8030) ==2835019== by 0xB18D9E: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) (sql_parse.cc:1894)

Elena Stepanova added a comment - 2023-07-02 19:56 - edited

The situation has become even more confusing with time.
The basic scenario is the same:

create sequence s;

delete from s order by `increment`;

drop sequence s;

It causes different effects, depending on the build, engine, and luck.

On a valgrind build with valgrind and MyISAM or Aria DELETE fails ER_ILLEGAL_HA (Storage engine doesn't have this option), and the test further fails with similar valgrind warnings as initially reported:

10.4 e146940a
==1597233== Thread 6:
==1597233== Conditional jump or move depends on uninitialised value(s)
==1597233== at 0x160E32A: _mi_read_rnd_static_record (mi_statrec.c:250)
==1597233== by 0x1607436: mi_rrnd (mi_rrnd.c:59)
==1597233== by 0x15C8D35: ha_myisam::rnd_pos(unsigned char, unsigned char) (ha_myisam.cc:2088)
==1597233== by 0x10B1F58: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==1597233== by 0xCF9E2A: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2920)
==1597233== by 0xEB8D99: rr_from_pointers(READ_RECORD*) (records.cc:551)
==1597233== by 0x8CD724: READ_RECORD::read_record() (records.h:70)
==1597233== by 0xEDB3DC: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:794)
==1597233== by 0x98A98C: mysql_execute_command(THD*) (sql_parse.cc:4815)
==1597233== by 0x995736: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8008)
==1597233== by 0x980FBF: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==1597233== by 0x97F826: do_command(THD*) (sql_parse.cc:1378)
==1597233== by 0xB2732B: do_handle_one_connection(CONNECT*) (sql_connect.cc:1420)
==1597233== by 0xB27093: handle_one_connection (sql_connect.cc:1324)
==1597233== by 0x109D6A5: pfs_spawn_thread (pfs.cc:1869)
==1597233== by 0x4D7DFD3: start_thread (pthread_create.c:442)
==1597233== Syscall param pread64(offset) contains uninitialised byte(s)
==1597233== at 0x4DEB1A7: __libc_pread64 (pread64.c:25)
==1597233== by 0x4DEB1A7: pread (pread64.c:23)
==1597233== by 0x1669760: my_pread (my_pread.c:66)
==1597233== by 0x15E6DA6: inline_mysql_file_pread (mysql_file.h:1213)
==1597233== by 0x15E7541: mi_nommap_pread (mi_dynrec.c:202)
==1597233== by 0x160E090: _mi_read_static_record (mi_statrec.c:178)
==1597233== by 0x160E413: _mi_read_rnd_static_record (mi_statrec.c:263)
==1597233== by 0x1607436: mi_rrnd (mi_rrnd.c:59)
==1597233== by 0x15C8D35: ha_myisam::rnd_pos(unsigned char, unsigned char) (ha_myisam.cc:2088)
==1597233== by 0x10B1F58: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==1597233== by 0xCF9E2A: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2920)
==1597233== by 0xEB8D99: rr_from_pointers(READ_RECORD*) (records.cc:551)
==1597233== by 0x8CD724: READ_RECORD::read_record() (records.h:70)
==1597233== by 0xEDB3DC: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:794)
==1597233== by 0x98A98C: mysql_execute_command(THD*) (sql_parse.cc:4815)
==1597233== by 0x995736: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8008)
==1597233== by 0x980FBF: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)

with Aria
==1597574== Thread 6:
==1597574== Syscall param pread64(offset) contains uninitialised byte(s)
==1597574== at 0x4DEB1A7: __libc_pread64 (pread64.c:25)
==1597574== by 0x4DEB1A7: pread (pread64.c:23)
==1597574== by 0x1669760: my_pread (my_pread.c:66)
==1597574== by 0xF45CB6: inline_mysql_file_pread (mysql_file.h:1213)
==1597574== by 0xF461D0: _ma_nommap_pread (ma_dynrec.c:162)
==1597574== by 0xFC1930: _ma_read_static_record (ma_statrec.c:183)
==1597574== by 0xFC0099: maria_rrnd (ma_rrnd.c:44)
==1597574== by 0xF5B29F: ha_maria::rnd_pos(unsigned char, unsigned char) (ha_maria.cc:2521)
==1597574== by 0x10B1F58: ha_sequence::rnd_pos(unsigned char, unsigned char) (ha_sequence.h:121)
==1597574== by 0xCF9E2A: handler::ha_rnd_pos(unsigned char, unsigned char) (handler.cc:2920)
==1597574== by 0xEB8D99: rr_from_pointers(READ_RECORD*) (records.cc:551)
==1597574== by 0x8CD724: READ_RECORD::read_record() (records.h:70)
==1597574== by 0xEDB3DC: mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:794)
==1597574== by 0x98A98C: mysql_execute_command(THD*) (sql_parse.cc:4815)
==1597574== by 0x995736: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8008)
==1597574== by 0x980FBF: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==1597574== by 0x97F826: do_command(THD*) (sql_parse.cc:1378)

On a valgrind build with valgrind and InnoDB DELETE also fails ER_ILLEGAL_HA, and DROP hangs, or at least it doesn't end in several minutes.

On a debug/ASAN/UBSAN build with MyISAM or InnoDB DELETE always succeeds, no other errors occur. At least I haven't seen it fail even once in numerous attempts.

On a debug/ASAN/UBSAN build with Aria DELETE always fails with ER_GET_ERRNO (1030, Got error from storage engine, Got error 175 "File too short; Expected more data in file"). At least I haven't seen it fail once in numerous attempts.

create sequence s;

delete from s order by `increment`;

ERROR HY000: Got error 175 "File too short; Expected more data in file" from storage engine Aria

# 1030

drop sequence s;

On a non-debug, non-instrumented build with MyISAM DELETE succeeds the first time and fails the 2nd time with ER_ILLEGAL_HA

create sequence s;

delete from s order by `increment`;

drop sequence s;

bug.t2                                   [ pass ]      1

create sequence s;

delete from s order by `increment`;

bug.t2                                   [ 2 fail ]

        Test ended at 2023-07-02 22:50:02

CURRENT_TEST: bug.t2

mysqltest: At line 2: query 'delete from s order by `increment`' failed: 1031: Storage engine SEQUENCE of the table `test`.`s` doesn't have this option

On a non-debug, non-instrumented build with Aria DELETE fails interchangeably with ER_ILLEGAL_HA or ER_GET_ERRNO, but always fails.

On a non-debug, non-instrumented build with InnoDB DELETE fails sporadically with ER_ILLEGAL_HA or succeeds.

All results in this comment are from builds by gcc 12.2.0.

Elena Stepanova added a comment - 2023-07-02 19:56 - edited The situation has become even more confusing with time. The basic scenario is the same: create sequence s; delete from s order by `increment`; drop sequence s; It causes different effects, depending on the build, engine, and luck. On a valgrind build with valgrind and MyISAM or Aria DELETE fails ER_ILLEGAL_HA (Storage engine doesn't have this option), and the test further fails with similar valgrind warnings as initially reported: 10.4 e146940a ==1597233== Thread 6: ==1597233== Conditional jump or move depends on uninitialised value(s) ==1597233== at 0x160E32A: _mi_read_rnd_static_record (mi_statrec.c:250) ==1597233== by 0x1607436: mi_rrnd (mi_rrnd.c:59) ==1597233== by 0x15C8D35: ha_myisam::rnd_pos(unsigned char*, unsigned char*) (ha_myisam.cc:2088) ==1597233== by 0x10B1F58: ha_sequence::rnd_pos(unsigned char*, unsigned char*) (ha_sequence.h:121) ==1597233== by 0xCF9E2A: handler::ha_rnd_pos(unsigned char*, unsigned char*) (handler.cc:2920) ==1597233== by 0xEB8D99: rr_from_pointers(READ_RECORD*) (records.cc:551) ==1597233== by 0x8CD724: READ_RECORD::read_record() (records.h:70) ==1597233== by 0xEDB3DC: mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:794) ==1597233== by 0x98A98C: mysql_execute_command(THD*) (sql_parse.cc:4815) ==1597233== by 0x995736: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8008) ==1597233== by 0x980FBF: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857) ==1597233== by 0x97F826: do_command(THD*) (sql_parse.cc:1378) ==1597233== by 0xB2732B: do_handle_one_connection(CONNECT*) (sql_connect.cc:1420) ==1597233== by 0xB27093: handle_one_connection (sql_connect.cc:1324) ==1597233== by 0x109D6A5: pfs_spawn_thread (pfs.cc:1869) ==1597233== by 0x4D7DFD3: start_thread (pthread_create.c:442) ==1597233== Syscall param pread64(offset) contains uninitialised byte(s) ==1597233== at 0x4DEB1A7: __libc_pread64 (pread64.c:25) ==1597233== by 0x4DEB1A7: pread (pread64.c:23) ==1597233== by 0x1669760: my_pread (my_pread.c:66) ==1597233== by 0x15E6DA6: inline_mysql_file_pread (mysql_file.h:1213) ==1597233== by 0x15E7541: mi_nommap_pread (mi_dynrec.c:202) ==1597233== by 0x160E090: _mi_read_static_record (mi_statrec.c:178) ==1597233== by 0x160E413: _mi_read_rnd_static_record (mi_statrec.c:263) ==1597233== by 0x1607436: mi_rrnd (mi_rrnd.c:59) ==1597233== by 0x15C8D35: ha_myisam::rnd_pos(unsigned char*, unsigned char*) (ha_myisam.cc:2088) ==1597233== by 0x10B1F58: ha_sequence::rnd_pos(unsigned char*, unsigned char*) (ha_sequence.h:121) ==1597233== by 0xCF9E2A: handler::ha_rnd_pos(unsigned char*, unsigned char*) (handler.cc:2920) ==1597233== by 0xEB8D99: rr_from_pointers(READ_RECORD*) (records.cc:551) ==1597233== by 0x8CD724: READ_RECORD::read_record() (records.h:70) ==1597233== by 0xEDB3DC: mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:794) ==1597233== by 0x98A98C: mysql_execute_command(THD*) (sql_parse.cc:4815) ==1597233== by 0x995736: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8008) ==1597233== by 0x980FBF: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857) with Aria ==1597574== Thread 6: ==1597574== Syscall param pread64(offset) contains uninitialised byte(s) ==1597574== at 0x4DEB1A7: __libc_pread64 (pread64.c:25) ==1597574== by 0x4DEB1A7: pread (pread64.c:23) ==1597574== by 0x1669760: my_pread (my_pread.c:66) ==1597574== by 0xF45CB6: inline_mysql_file_pread (mysql_file.h:1213) ==1597574== by 0xF461D0: _ma_nommap_pread (ma_dynrec.c:162) ==1597574== by 0xFC1930: _ma_read_static_record (ma_statrec.c:183) ==1597574== by 0xFC0099: maria_rrnd (ma_rrnd.c:44) ==1597574== by 0xF5B29F: ha_maria::rnd_pos(unsigned char*, unsigned char*) (ha_maria.cc:2521) ==1597574== by 0x10B1F58: ha_sequence::rnd_pos(unsigned char*, unsigned char*) (ha_sequence.h:121) ==1597574== by 0xCF9E2A: handler::ha_rnd_pos(unsigned char*, unsigned char*) (handler.cc:2920) ==1597574== by 0xEB8D99: rr_from_pointers(READ_RECORD*) (records.cc:551) ==1597574== by 0x8CD724: READ_RECORD::read_record() (records.h:70) ==1597574== by 0xEDB3DC: mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) (sql_delete.cc:794) ==1597574== by 0x98A98C: mysql_execute_command(THD*) (sql_parse.cc:4815) ==1597574== by 0x995736: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8008) ==1597574== by 0x980FBF: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857) ==1597574== by 0x97F826: do_command(THD*) (sql_parse.cc:1378) On a valgrind build with valgrind and InnoDB DELETE also fails ER_ILLEGAL_HA , and DROP hangs, or at least it doesn't end in several minutes. On a debug/ASAN/UBSAN build with MyISAM or InnoDB DELETE always succeeds , no other errors occur. At least I haven't seen it fail even once in numerous attempts. On a debug/ASAN/UBSAN build with Aria DELETE always fails with ER_GET_ERRNO (1030, Got error from storage engine, Got error 175 "File too short; Expected more data in file"). At least I haven't seen it fail once in numerous attempts. create sequence s; delete from s order by `increment`; ERROR HY000: Got error 175 "File too short; Expected more data in file" from storage engine Aria # 1030 drop sequence s; On a non-debug, non-instrumented build with MyISAM DELETE succeeds the first time and fails the 2nd time with ER_ILLEGAL_HA create sequence s; delete from s order by `increment`; drop sequence s; bug.t2 [ pass ] 1 create sequence s; delete from s order by `increment`; bug.t2 [ 2 fail ] Test ended at 2023-07-02 22:50:02 CURRENT_TEST: bug.t2 mysqltest: At line 2: query 'delete from s order by `increment`' failed: 1031: Storage engine SEQUENCE of the table `test`.`s` doesn't have this option On a non-debug, non-instrumented build with Aria DELETE fails interchangeably with ER_ILLEGAL_HA or ER_GET_ERRNO , but always fails. On a non-debug, non-instrumented build with InnoDB DELETE fails sporadically with ER_ILLEGAL_HA or succeeds . All results in this comment are from builds by gcc 12.2.0.

Elena Stepanova added a comment - 2019-07-27 10:52

Things have changed a little bit, at least for Aria. The same test case doesn't produce error 175 "File too short; Expected more data in file" anymore, but instead

10.4 e9c1701e
DELETE FROM t1 ORDER BY cache_size;
ERROR HY000: Storage engine SEQUENCE of the table `test`.`t1` doesn't have this option

The valgrind errors are still in place.

Elena Stepanova added a comment - 2019-07-27 10:52 Things have changed a little bit, at least for Aria. The same test case doesn't produce error 175 "File too short; Expected more data in file" anymore, but instead 10.4 e9c1701e DELETE FROM t1 ORDER BY cache_size; ERROR HY000: Storage engine SEQUENCE of the table `test`.`t1` doesn't have this option The valgrind errors are still in place.

People

Assignee:: Oleksandr Byelkin

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-04-22 13:47

Updated:: 2024-11-22 17:09

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server