Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-20311

row_ins_step accesses unitialized memory

    Details

      Description

      mtr --valgrind versioning.foreign

      ==16223== Conditional jump or move depends on uninitialised value(s)
      ==16223== at 0x10E27C8: row_ins_step(que_thr_t*) (row0ins.cc:3868)
      ==16223== by 0x110421E: row_update_vers_insert(que_thr_t*, upd_node_t*) (row0mysql.cc:2175)
      ==16223== by 0x1104392: row_update_cascade_for_mysql(que_thr_t*, upd_node_t*, dict_table_t*) (row0mysql.cc:2230)
      ==16223== by 0x10DCB11: row_ins_foreign_check_on_constraint(que_thr_t*, dict_foreign_t*, btr_pcur_t*, dtuple_t*, mtr_t*) (row0ins.cc:1440)
      ==16223== by 0x10DD85C: row_ins_check_foreign_constraint(unsigned long, dict_foreign_t*, dict_table_t*, dtuple_t*, que_thr_t*) (row0ins.cc:1826)
      ==16223== by 0x114C766: row_upd_check_references_constraints(upd_node_t*, btr_pcur_t*, dict_table_t*, dict_index_t*, unsigned long*, que_thr_t*, mtr_t*) (row0upd.cc:296)
      ==16223== by 0x115179A: row_upd_sec_index_entry(upd_node_t*, que_thr_t*) (row0upd.cc:2494)
      ==16223== by 0x1151A3F: row_upd_sec_step(upd_node_t*, que_thr_t*) (row0upd.cc:2543)
      ==16223== by 0x1154157: row_upd(upd_node_t*, que_thr_t*) (row0upd.cc:3319)
      ==16223== by 0x11544BE: row_upd_step(que_thr_t*) (row0upd.cc:3434)
      ==16223== by 0x11037B7: row_update_for_mysql(row_prebuilt_t*) (row0mysql.cc:1888)
      ==16223== by 0xF8DB94: ha_innobase::update_row(unsigned char const*, unsigned char const*) (ha_innodb.cc:8732)
      ==16223== by 0xBB35BA: handler::ha_update_row(unsigned char const*, unsigned char const*) (handler.cc:6679)
      ==16223== by 0x99B958: mysql_update(THD*, TABLE_LIST*, List<Item>&, List<Item>&, Item*, unsigned int, st_order*, unsigned long long, bool, unsigned long long*, unsigned long long*) (sql_update.cc:1045)
      ==16223== by 0x88C1C1: mysql_execute_command(THD*) (sql_parse.cc:4329)
      ==16223== by 0x8984BD: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7868)

      The above tests also shows some memory leaks that should be fixed. Here follows one of them:

      ==411== 264 bytes in 1 blocks are indirectly lost in loss record 10 of 22
      ==411== at 0x4C2E01F: malloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
      ==411== by 0x10599DC: mem_heap_create_block_func(mem_block_info_t*, unsigned long, char const*, unsigned int, unsigned long) (mem0mem.cc:269)
      ==411== by 0x10D5E98: mem_heap_create_func(unsigned long, char const*, unsigned int, unsigned long) (mem0mem.ic:388)
      ==411== by 0x10D95E7: ins_node_create(unsigned long, dict_table_t*, mem_block_info_t*) (row0ins.cc:90)
      ==411== by 0x1104123: row_update_vers_insert(que_thr_t*, upd_node_t*) (row0mysql.cc:2157)
      ==411== by 0x110438E: row_update_cascade_for_mysql(que_thr_t*, upd_node_t*, dict_table_t*) (row0mysql.cc:2230)
      ==411== by 0x10DCB0D: row_ins_foreign_check_on_constraint(que_thr_t*, dict_foreign_t*, btr_pcur_t*, dtuple_t*, mtr_t*) (row0ins.cc:1440)
      ==411== by 0x10DD858: row_ins_check_foreign_constraint(unsigned long, dict_foreign_t*, dict_table_t*, dtuple_t*, que_thr_t*) (row0ins.cc:1826)
      ==411== by 0x114C762: row_upd_check_references_constraints(upd_node_t*, btr_pcur_t*, dict_table_t*, dict_index_t*, unsigned long*, que_thr_t*, mtr_t*) (row0upd.cc:296)
      ==411== by 0x1151796: row_upd_sec_index_entry(upd_node_t*, que_thr_t*) (row0upd.cc:2494)
      ==411== by 0x1151A3B: row_upd_sec_step(upd_node_t*, que_thr_t*) (row0upd.cc:2543)
      ==411== by 0x1154153: row_upd(upd_node_t*, que_thr_t*) (row0upd.cc:3319)
      ==411== by 0x11544BA: row_upd_step(que_thr_t*) (row0upd.cc:3434)
      ==411== by 0x11037B3: row_update_for_mysql(row_prebuilt_t*) (row0mysql.cc:1888)
      ==411== by 0xF8DB90: ha_innobase::update_row(unsigned char const*, unsigned char const*) (ha_innodb.cc:8732)
      ==411== by 0xBB35BA: handler::ha_update_row(unsigned char const*, unsigned char const*) (handler.cc:6679)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                midenok Aleksey Midenkov
                Reporter:
                monty Michael Widenius
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: