Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
5.5(EOL), 10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5
-
Debian GNU/Linux unstable, clang 8.0.1
Description
MemorySanitizer is a compile-time instrumentation layer in clang but not GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
No patches are necessary since 10.5 94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157 (see the commit message for instructions); cmake -DWITH_MSAN=ON is supposed to work ‘out of the box’.
This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems.
How to instrumented libraries
These instructions are for clang-10. The script build-msan2.sh
was developed to resolve MDEV-22083 a.k.a. MDEV-26758.
mkdir /tmp/build
|
cd /tmp/build
|
mkdir "$HOME/msan-libs"
|
CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh
|
Note: to use different clang (tested with clang-8, clang-9, clang-11, clang-13), just replace 10 with the major version of the compiler above.
For clang-15, the procedure is a little different:
mkdir /tmp/build
|
cd /tmp/build
|
mkdir "$HOME/msan-libs"
|
CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh
|
How to build MariaDB Server 10.5 or later with the instrumented libraries
cd /mariadb/10.5 |
mkdir build |
cd build |
cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \
|
-DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ |
-DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ |
-DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \
|
-DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \
|
-DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \
|
-DWITH_SAFEMALLOC=OFF \
|
-DWITH_{ZLIB,SSL,PCRE}=bundled \
|
-DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \
|
-DWITH_MSAN=ON \
|
-G Ninja ..
|
ninja
|
Note: -march=native -mtune=native is optional since the second fix of MDEV-20386
How to build with minimal cmake arguments
cd /mariadb/10.5 |
mkdir build |
cd build |
cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-19 -DCMAKE_C_FLAGS='-O2 -march=native' \ |
-DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native' \ |
-DSECURITY_HARDENED=OFF \
|
-DPLUGIN_{CONNECT,SPIDER}=NO \
|
-DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \
|
-DWITH_{ZLIB,SSL,PCRE}=bundled \
|
-DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \
|
-DWITH_MSAN=ON -G Ninja ..
|
cmake --build .
|
cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo is implied. OK, this is almost minimal. I wanted to save the trouble of building numerous compression libraries with -fsanitize=memory. Connect and Spider are disabled due to test failures that were not investigated yet. MDEV-34921 was tested in this way.
Note the -DSECURITY_HARDENED=OFF; it is enabled by default and seems to break operations like memcpy() with RelWithDebInfo but not Debug.
How to run tests
cd mysql-test
|
LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st
|
LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file
|
Note: It may be wise to omit MSAN_OPTIONS=abort_on_error=1 except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages.
Note: The llvm-symbolizer in clang 14 or later will refuse to load if LD_LIBRARY_PATH includes an MSAN-instrumented libgmp.so. To get nice resolved stack traces, you must point the environment variable MSAN_SYMBOLIZER_PATH to a script like the following. The script name had better start with llvm-symbolizer- in order to avoid a warning:
#!/bin/sh
|
unset LD_LIBRARY_PATH
|
exec llvm-symbolizer-15 "$@"
|
The MSAN_OPTIONS=poison_in_dtor=0 (to work around MDEV-30936, MDEV-30942) is an old option that was enabled by default in clang 15.
Attachments
Issue Links
- blocks
-
-
- Closed
-
- includes
-
-
- Open
-
-
MDBF-136 MSAN - create instrumented libcrack
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- is blocked by
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Open
-
-
-
- Closed
-
-
-
- Open
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Open
-
-
-
- Open
-
-
-
- Open
-
-
-
- Closed
-
-
-
- Open
-
-
-
- In Review
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
(1 includes, 5 is blocked by, 21 relates to)
Activity
| Field | Original Value | New Value |
|---|---|---|
| Link |
This issue relates to |
| Link |
This issue relates to |
| Link |
This issue relates to |
| Link |
This issue includes |
| Link |
This issue includes |
On my system, the C library function getservbyname() invokes the implementation _nss_files_getservbyname_r() in libnss_files.so.2. I tried to compile an instrumented GNU libc, but it appears to depend on the GNU C Compiler, and GCC 9.2.1 is missing support for -fsanitize=memory (MemorySanitizer). After I bypassed the "compiler is too old" check (clang-8 identifies it as some old _GNUC_), the build would fail due to missing support for __attribute__((constructor)).
It looks like we will need some hack to work around the getservbyname() problem. I used the following:
diff --git a/libmysqld/libmysql.c b/libmysqld/libmysql.c
|
index 13f7f074d80..f1c0f9a0b79 100644
|
--- a/libmysqld/libmysql.c
|
+++ b/libmysqld/libmysql.c
|
@@ -153,7 +153,7 @@ int STDCALL mysql_server_init(int argc __attribute__((unused)),
|
line options.
|
*/
|
|
-#if MYSQL_PORT_DEFAULT == 0
|
+#if 0 /* MYSQL_PORT_DEFAULT == 0 */
|
if ((serv_ptr= getservbyname("mysql", "tcp")))
|
mysql_port= (uint) ntohs((ushort) serv_ptr->s_port);
|
#endif
|
diff --git a/sql/mysqld.cc b/sql/mysqld.cc
|
index 33e15b1db07..02d6b3948a3 100644
|
--- a/sql/mysqld.cc
|
+++ b/sql/mysqld.cc
|
@@ -2418,7 +2418,7 @@ static void set_ports()
|
line options.
|
*/
|
|
-#if MYSQL_PORT_DEFAULT == 0
|
+#if 0 // MYSQL_PORT_DEFAULT == 0
|
struct servent *serv_ptr;
|
if ((serv_ptr= getservbyname("mysql", "tcp")))
|
SYSVAR_AUTOSIZE(mysqld_port, ntohs((u_short) serv_ptr->s_port));
|
diff --git a/libmariadb/libmariadb/mariadb_lib.c b/libmariadb/libmariadb/mariadb_lib.c
|
index d43b68c..fb6236f 100644
|
--- a/libmariadb/libmariadb/mariadb_lib.c
|
+++ b/libmariadb/libmariadb/mariadb_lib.c
|
@@ -3539,12 +3539,16 @@ static void mysql_once_init()
|
}
|
if (!mysql_port)
|
{
|
+#if 0
|
struct servent *serv_ptr;
|
+#endif
|
char *env;
|
|
mysql_port = MARIADB_PORT;
|
+#if 0
|
if ((serv_ptr = getservbyname("mysql", "tcp")))
|
mysql_port = (uint)ntohs((ushort)serv_ptr->s_port);
|
+#endif
|
if ((env = getenv("MYSQL_TCP_PORT")))
|
mysql_port =(uint)atoi(env);
|
} |
The change for libmysql.c is needed for --suite=mariabackup.
-DWITH_PCRE=bundled appears to introduce a problem:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
CURRENT_TEST: main.1st
|
|
|
Could not execute 'check-testcase' before testcase 'main.1st' (res: 77):
|
mysqltest: Logging to '/dev/shm/10.2m/mysql-test/var/tmp/check-mysqld_1.log'.
|
mysqltest: Results saved in '/dev/shm/10.2m/mysql-test/var/tmp/check-mysqld_1.result'.
|
mysqltest: Connecting to server localhost:16000 (socket /dev/shm/10.2m/mysql-test/var/tmp/mysqld.1.sock) as 'root', connection 'default', attempt 0 ...
|
mysqltest: ... Connected.
|
mysqltest: Start processing test commands from './include/check-testcase.test' ...
|
mysqltest: At line 87: Regex error: No match
|
|
|
mysqltest got signal 7
|
read_command_buf (0x731000000008): cat_file
|
conn->name (0x701000009f78): ==13460==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x635a27 in safe_print_str /mariadb/10.2o/mysys/stacktrace.c:96:3
|
#1 0x635a27 in my_safe_print_str /mariadb/10.2o/mysys/stacktrace.c:156
|
#2 0x5204dc in dump_backtrace() /mariadb/10.2o/client/mysqltest.cc:9055:5
|
#3 0x5201a2 in signal_handler(int) /mariadb/10.2o/client/mysqltest.cc:9079:3
|
#4 0x484ca8 in SignalHandler(int) (/dev/shm/10.2m/client/mysqltest+0x484ca8)
|
#5 0x7f728dd2172f (/lib/x86_64-linux-gnu/libpthread.so.0+0x1272f)
|
#6 0x7f728d6f273b (/lib/x86_64-linux-gnu/libc.so.6+0xd473b)
|
#7 0x7f728d6fc480 in regfree (/lib/x86_64-linux-gnu/libc.so.6+0xde480)
|
#8 0x46ed60 in regfree (/dev/shm/10.2m/client/mysqltest+0x46ed60)
|
#9 0x4be28c in free_re() /mariadb/10.2o/client/mysqltest.cc:8928:3
|
#10 0x4be28c in free_used_memory() /mariadb/10.2o/client/mysqltest.cc:1534
|
#11 0x4c0179 in cleanup_and_exit(int) /mariadb/10.2o/client/mysqltest.cc:1546:3
|
#12 0x4bf7d1 in really_die(char const*) /mariadb/10.2o/client/mysqltest.cc
|
#13 0x4bb82e in die(char const*, ...) /mariadb/10.2o/client/mysqltest.cc:1629:3
|
#14 0x51d946 in reg_replace(char**, int*, char*, char*, char*, int) /mariadb/10.2o/client/mysqltest.cc
|
#15 0x4cc143 in multi_reg_replace(st_replace_regex*, char*) /mariadb/10.2o/client/mysqltest.cc:10303:10
|
#16 0x4c20a9 in replace_dynstr_append_mem(st_dynamic_string*, char const*, unsigned long) /mariadb/10.2o/client/mysqltest.cc:11188:10
|
#17 0x4c1c74 in cat_file(st_dynamic_string*, char const*) /mariadb/10.2o/client/mysqltest.cc:1815:5
|
#18 0x4db174 in do_cat_file(st_command*) /mariadb/10.2o/client/mysqltest.cc:4399:10
|
#19 0x50dd82 in main /mariadb/10.2o/client/mysqltest.cc:9505:24
|
#20 0x7f728d64209a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
|
#21 0x438ae9 in _start (/dev/shm/10.2m/client/mysqltest+0x438ae9)
|
|
|
Uninitialized value was created by a heap deallocation
|
#0 0x43ee19 in free (/dev/shm/10.2m/client/mysqltest+0x43ee19)
|
#1 0x6266c4 in my_free /mariadb/10.2o/mysys/my_malloc.c:218:5
|
I retried -DWITH_PCRE=system, and no further work-arounds are necessary for ./mtr main.1st to pass (only the getservbyname() workaround). The system-installed library is libpcre3, version 2:8.39-12+b1.
The following workarounds are needed for (among others) --suite=binlog_encryption to pass:
diff --git a/client/mysqltest.cc b/client/mysqltest.cc
|
index 60a203ccedd..13b20407685 100644
|
--- a/client/mysqltest.cc
|
+++ b/client/mysqltest.cc
|
@@ -10189,6 +10189,7 @@ struct st_replace_regex* init_replace_regex(char* expr)
|
}
|
|
|
+__attribute__((no_sanitize("memory"))) // for var_get()
|
void append_replace_regex(char* expr, char *expr_end, struct st_replace_regex* res,
|
char **buf_p)
|
{
|
@@ -10382,6 +10383,7 @@ void free_replace_regex()
|
string - the string to perform substitutions in
|
icase - flag, if set to 1 the match is case insensitive
|
*/
|
+__attribute__((no_sanitize("memory")))
|
int reg_replace(char** buf_p, int* buf_len_p, char *pattern,
|
char *replace, char *string, int icase)
|
{ |
For Galera tests to work, we would need an instrumented libgalera_smm.so. Due to the lack of instrumentation, the test wsrep_info.plugin would fail inside verify() called by wsrep_load().
The tests main.func_regexp main.func_regexp_pcre main.ctype_utf8 and many others will fail because of uninstrumented libpcre3. Also many tests that add suppressions will fail:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
CURRENT_TEST: encryption.innodb-force-corrupt
|
mysqltest: At line 11: query 'call mtr.add_suppression("InnoDB: Encrypted page \\[page id: space=\\d+, page number=[36]\\] in file .*test.t[123]\\.ibd looks corrupted; key_version=3221342974")' failed: 2013: Lost connection to MySQL server during query
|
Due to the largish amount of noise caused by uninstrumented libpcre and libgnutls, it is challenging to find genuine errors. Here could be one:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
CURRENT_TEST: sys_vars.innodb_max_dirty_pages_pct_basic
|
mysqltest: At line 95: query 'SET @@global.innodb_max_dirty_pages_pct = @global_start_value - 2' failed: 2013: Lost connection to MySQL server during query
|
…
|
==28406==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x3494d3f in dtoa /mariadb/10.2o/strings/dtoa.c:2227:7
|
#1 0x348b16e in my_fcvt /mariadb/10.2o/strings/dtoa.c:96:8
|
#2 0x34a9e04 in process_dbl_arg /mariadb/10.2o/strings/my_vsnprintf.c:246:10
|
#3 0x34a9e04 in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:638
|
#4 0x919029 in push_warning_printf(THD*, Sql_condition::enum_warning_level, unsigned int, char const*, ...) /mariadb/10.2o/sql/sql_error.cc:797:3
|
#5 0x1cd10fb in innodb_max_dirty_pages_pct_update(THD*, st_mysql_sys_var*, void*, void const*) /mariadb/10.2o/storage/innobase/handler/ha_innodb.cc:17478:3
|
Apparently the in_val inside the function is initialized (it had successfully been subjected to comparison), but something along the call stack could be lacking instrumentation.
Here is another, related-looking failure:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
CURRENT_TEST: main.plugin_innodb
|
…
|
==30165==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x3494d3f in dtoa /mariadb/10.2o/strings/dtoa.c:2227:7
|
#1 0x348b16e in my_fcvt /mariadb/10.2o/strings/dtoa.c:96:8
|
#2 0x34a9e04 in process_dbl_arg /mariadb/10.2o/strings/my_vsnprintf.c:246:10
|
#3 0x34a9e04 in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:638
|
#4 0x34afc93 in my_vsnprintf /mariadb/10.2o/strings/my_vsnprintf.c:704:10
|
#5 0x34afc93 in my_snprintf /mariadb/10.2o/strings/my_vsnprintf.c:713
|
#6 0x7ff4b7586409 in show_func_example(THD*, st_mysql_show_var*, char*) /mariadb/10.2o/storage/example/ha_example.cc:1074:3
|
#7 0xc5ed55 in show_status_array(THD*, char const*, st_mysql_show_var*, enum_var_type, system_status_var*, char const*, TABLE*, bool, Item*) /mariadb/10.2o/sql/sql_show.cc:3554:7
|
#8 0xc5ee7e in show_status_array(THD*, char const*, st_mysql_show_var*, enum_var_type, system_status_var*, char const*, TABLE*, bool, Item*) /mariadb/10.2o/sql/sql_show.cc:3560:7
|
#9 0xc6091b in fill_status(THD*, TABLE_LIST*, Item*) /mariadb/10.2o/sql/sql_show.cc:7557:8
|
#10 0xc698c5 in get_schema_tables_result(JOIN*, enum_schema_table_state) /mariadb/10.2o/sql/sql_show.cc:8431:11
|
#11 0xb437ea in JOIN::exec_inner() /mariadb/10.2o/sql/sql_select.cc:3591:7
|
#12 0xb413b3 in JOIN::exec() /mariadb/10.2o/sql/sql_select.cc:3422:3
|
#13 0xab6d0b in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /mariadb/10.2o/sql/sql_select.cc:3822:9
|
#14 0xab5d58 in handle_select(THD*, LEX*, select_result*, unsigned long) /mariadb/10.2o/sql/sql_select.cc:365:10
|
#15 0x9fb160 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.2o/sql/sql_parse.cc:6226:12
|
#16 0x9d3a1d in execute_show_status(THD*, TABLE_LIST*) /mariadb/10.2o/sql/sql_parse.cc:6259:10
|
#17 0x9d3a1d in mysql_execute_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:3456
|
#18 0x9c51b0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:7760:18
|
#19 0x9b41a5 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:1831:7
|
#20 0x9be26d in do_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:1385:17
|
#21 0xee57b4 in do_handle_one_connection(CONNECT*) /mariadb/10.2o/sql/sql_connect.cc:1336:11
|
#22 0xee4bf9 in handle_one_connection /mariadb/10.2o/sql/sql_connect.cc:1241:3
|
#23 0x2fa6408 in pfs_spawn_thread /mariadb/10.2o/storage/perfschema/pfs.cc:1862:3
|
#24 0x7ff4bf110fa2 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7fa2)
|
#25 0x7ff4be8ee4ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce)
|
|
|
Uninitialized value was created by an allocation of 'buf' in the stack frame of function '_db_return_'
|
#0 0x335dd10 in _db_return_ /mariadb/10.2o/dbug/dbug.c:1174
|
And another, which might be related:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
CURRENT_TEST: main.subselect_no_semijoin
|
|
|
/dev/shm/10.2m/client/mysqltest: Error on delete of '/dev/shm/10.2m/mysql-test/var/6/tmp/subselect.out.file.1' (Errcode: 2 "No such file or directory")
|
mysqltest: At line 27: query 'explain format=json
|
SELECT ( SELECT b FROM t2 WHERE b = a OR EXISTS ( SELECT c FROM t3 WHERE c = b ) ) FROM t1' failed: 2013: Lost connection to MySQL server during query
|
…
|
# End of 10.2 tests
|
#
|
# MDEV-19714: JOIN::pseudo_bits_cond is not visible in EXPLAIN FORMAT=JSON
|
#
|
CREATE TABLE t1 ( a INT );
|
INSERT INTO t1 VALUES (1),(5);
|
CREATE TABLE t2 ( b INT ) ENGINE=MyISAM;
|
INSERT INTO t2 VALUES (1);
|
CREATE TABLE t3 ( c INT );
|
INSERT INTO t3 VALUES (4),(5);
|
SET @tmp19714=@@optimizer_switch;
|
SET optimizer_switch='subquery_cache=off';
|
explain format=json
|
SELECT ( SELECT b FROM t2 WHERE b = a OR EXISTS ( SELECT c FROM t3 WHERE c = b ) ) FROM t1;
|
…
|
==29984==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x3494d3f in dtoa /mariadb/10.2o/strings/dtoa.c:2227:7
|
#1 0x34967dd in my_gcvt /mariadb/10.2o/strings/dtoa.c:225:8
|
#2 0x34a9efe in process_dbl_arg /mariadb/10.2o/strings/my_vsnprintf.c:248:10
|
#3 0x34a9efe in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:638
|
#4 0x34afc93 in my_vsnprintf /mariadb/10.2o/strings/my_vsnprintf.c:704:10
|
#5 0x34afc93 in my_snprintf /mariadb/10.2o/strings/my_vsnprintf.c:713
|
#6 0x1051873 in Json_writer::add_double(double) /mariadb/10.2o/sql/my_json_writer.cc:164:3
|
#7 0xf95548 in Explain_table_access::print_explain_json(Explain_query*, Json_writer*, bool) /mariadb/10.2o/sql/sql_explain.cc:1639:36
|
#8 0xf92ce3 in Explain_basic_join::print_explain_json_interns(Explain_query*, Json_writer*, bool) /mariadb/10.2o/sql/sql_explain.cc:1014:19
|
#9 0xf91278 in Explain_select::print_explain_json(Explain_query*, Json_writer*, bool) /mariadb/10.2o/sql/sql_explain.cc:913:25
|
#10 0xf7ed07 in Explain_query::print_explain_json(select_result_sink*, bool) /mariadb/10.2o/sql/sql_explain.cc:224:11
|
#11 0x9fa931 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.2o/sql/sql_parse.cc:6177:25
|
#12 0x9d175b in mysql_execute_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:3533:12
|
#13 0x9c51b0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:7760:18
|
#14 0x9b41a5 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:1831:7
|
#15 0x9be26d in do_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:1385:17
|
#16 0xee57b4 in do_handle_one_connection(CONNECT*) /mariadb/10.2o/sql/sql_connect.cc:1336:11
|
#17 0xee4bf9 in handle_one_connection /mariadb/10.2o/sql/sql_connect.cc:1241:3
|
#18 0x2fa6408 in pfs_spawn_thread /mariadb/10.2o/storage/perfschema/pfs.cc:1862:3
|
#19 0x7fae617edfa2 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7fa2)
|
#20 0x7fae60fcb4ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce)
|
|
|
Uninitialized value was created by an allocation of 'print_arr.i' in the stack frame of function 'my_vsnprintf_ex'
|
#0 0x34a8ad0 in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:559
|
The following InnoDB tests fail due to lack of instrumentated libraries. I think that it is probably simplest to just skip or ignore these during MSAN runs, or to build without these libraries being present:
- innodb.innodb-page_compression_lz4
- innodb.innodb-page_compression_lzma
- innodb.innodb-page_compression_lzo
- innodb.innodb-page_compression_bzip2
- innodb.innodb-page_compression_snappy
Here is the complete list of failed tests, after applying the workarounds mentioned in this comment:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
Failing test(s): wsrep_info.plugin perfschema.hostcache_ipv6_ssl main.ctype_utf8mb4_innodb main.ctype_utf8 main.ctype_utf8mb4 encryption.corrupted_during_recovery main.mysql_client_test main.mysql_client_test_nonblock encryption.innodb-force-corrupt innodb.corrupted_during_recovery innodb.innodb-page_compression_lz4 innodb.innodb-page_compression_lzma innodb.innodb-page_compression_lzo innodb.innodb-page_compression_bzip2 innodb.innodb-page_compression_snappy innodb.leaf_page_corrupted_during_recovery sys_vars.innodb_max_dirty_pages_pct_basic sys_vars.innodb_max_dirty_pages_pct_lwm_basic main.range main.userstat maria.maria-recovery2 main.ssl_7937 main.mysql_client_test_comp main.statistics main.range_mrr_icp main.cte_recursive main.ssl_8k_key main.ssl_timeout-9836 main-test_sql_discovery.plugin innodb.ibuf_not_empty main.analyze_format_json main.ctype_utf8mb4_heap main.ctype_utf8mb4_myisam main.not_embedded_server main.openssl_1 main.plugin main.ssl main.explain_json main.ssl_ca main.func_regexp main.ssl_cipher main.subselect_cache main.func_regexp_pcre main.ssl_compress main.ssl_connect main.ssl_timeout main.analyze_stmt_orderby main.func_test parts.partition_debug main.derived_cond_pushdown main.win perfschema.hostcache_ipv4_ssl main.derived_view innodb.innodb_force_recovery main.explain_json_innodb plugins.auth_ed25519 main.win_empty_over main.innodb_ext_key main.subselect_no_semijoin innodb_gis.rtree_concurrent_srch main.ssl-big rpl.rpl_stop_slave main.mysql_upgrade_ssl main.explain_json_format_partitions main.plugin_innodb
|
The test main.sum_distinct-big is very close to the 900-second timeout limit, so we should probably use a larger limit in order to avoid bogus timeout failures. It passed on single-threaded rerun:
|
10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f |
main.sum_distinct-big 'innodb' [ pass ] 864232
|
Summary:
- MemorySanitizer appears to only be available in clang, not in gcc.
- It looks like we must avoid invoking the GNU libc implementation of getservbyname(), because the library apparently cannot be built with MemorySanitizer instrumentation; maybe we should simply skip the calls in MemorySanitizer-instrumented builds?
- The -DWITH_PCRE=bundled should be updated, so that both ASAN and MSAN are happy with it.
- There might be errors in mysqltest.cc, but because of the above, it is hard to tell if they are caused by the uninstrumented libpcre3.
- We should try to repeat the test with instrumented libtasn1 and libgnutls.
- We should specify a longer test case timeout than the default 900 seconds (15 minutes).
- There could be an error in dtoa() or along its call stack (see the stack traces in this comment).
| Link |
This issue relates to |
getservbyname() will get an interceptor someday https://github.com/google/sanitizers/issues/1138
In include/my_valgrind.h, we should tie MEM_UNDEFINED() and MEM_CHECK_DEFINED() to MemorySanitizer, so that even more bugs can be caught. (For example, InnoDB would be able to inform MemorySanitizer that the unused part of a VARCHAR buffer will be uninitialized.)
kevg, maybe you can submit a patch for that?
Now that MDEV-14024 PCRE2 is finally present in the 10.5 branch, I tried the following:
cd /mariadb
|
sudo apt install libc++-9-dev libc++abi-9-dev
|
apt source libc++-9-dev
|
cd llvm-toolchain-9-9.0.1
|
mkdir libc++msan; cd libc++msan
|
cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-9 -DCMAKE_CXX_COMPILER=clang++-9
|
make -j$(nproc)
|
cd /mariadb/10.5
|
git checkout 7e10e80b8faab51139588a985a684df960ab81b9
|
mkdir build
|
cd build
|
cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-9 \
|
-DCMAKE_C_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \
|
-DCMAKE_CXX_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro -stdlib=libc++' \
|
-DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCONC_WITH_{UNITTEST,SSL}=OFF \
|
-DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \
|
-DWITH_{ZLIB,SSL,PCRE}=bundled
|
-DWITH_MSAN=ON ..
|
make -j$(nproc)
|
LD_LIBRARY_PATH=/mariadb/llvm-toolchain-9-9.0.1/libc++msan/lib ./mtr main.1st
|
The following patches are still necessary to work around trouble:
diff --git a/sql/mysqld.cc b/sql/mysqld.cc
|
index b7f7615636b..59bb1081350 100644
|
--- a/sql/mysqld.cc
|
+++ b/sql/mysqld.cc
|
@@ -2158,7 +2158,7 @@ static void set_ports()
|
line options.
|
*/
|
|
-#if MYSQL_PORT_DEFAULT == 0
|
+#if 0 // MYSQL_PORT_DEFAULT == 0
|
struct servent *serv_ptr;
|
if ((serv_ptr= getservbyname("mysql", "tcp")))
|
SYSVAR_AUTOSIZE(mysqld_port, ntohs((u_short) serv_ptr->s_port));
|
diff --git a/tpool/aio_linux.cc b/tpool/aio_linux.cc
|
index 24bc04c75ba..0d657bbe05d 100644
|
--- a/tpool/aio_linux.cc
|
+++ b/tpool/aio_linux.cc
|
@@ -45,6 +45,7 @@ class aio_linux : public aio
|
std::thread m_getevent_thread;
|
|
static void getevent_thread_routine(aio_linux* aio)
|
+ __attribute__((no_sanitize("memory")))
|
{
|
for (;;)
|
{
|
diff --git a/storage/innobase/ut/ut0crc32.cc b/storage/innobase/ut/ut0crc32.cc
|
index 4a6447c1dcf..4bb62c61b5c 100644
|
--- a/storage/innobase/ut/ut0crc32.cc
|
+++ b/storage/innobase/ut/ut0crc32.cc
|
@@ -2,7 +2,7 @@
|
|
Copyright (c) 2009, 2010 Facebook, Inc. All Rights Reserved.
|
Copyright (c) 2011, 2015, Oracle and/or its affiliates. All Rights Reserved.
|
-Copyright (c) 2016, 2018, MariaDB Corporation.
|
+Copyright (c) 2016, 2019, MariaDB Corporation.
|
|
This program is free software; you can redistribute it and/or modify it under
|
the terms of the GNU General Public License as published by the Free Software
|
@@ -220,11 +220,7 @@ ut_crc32_8_hw(
|
#ifdef _MSC_VER
|
*crc = _mm_crc32_u8(*crc, (*data)[0]);
|
#else
|
- asm("crc32b %1, %0"
|
- /* output operands */
|
- : "+r" (*crc)
|
- /* input operands */
|
- : "rm" ((*data)[0]));
|
+ *crc = __builtin_ia32_crc32qi(*crc, (*data)[0]);
|
#endif
|
|
(*data)++;
|
@@ -241,8 +237,8 @@ ut_crc32_64_low_hw(
|
uint32_t crc,
|
uint64_t data)
|
{
|
- uint64_t crc_64bit = crc;
|
#ifdef _MSC_VER
|
+ uint64_t crc_64bit = crc;
|
#ifdef _M_X64
|
crc_64bit = _mm_crc32_u64(crc_64bit, data);
|
#elif defined(_M_IX86)
|
@@ -251,15 +247,10 @@ ut_crc32_64_low_hw(
|
#else
|
#error Not Supported processors type.
|
#endif
|
+ return(static_cast<uint32_t>(crc_64bit));
|
#else
|
- asm("crc32q %1, %0"
|
- /* output operands */
|
- : "+r" (crc_64bit)
|
- /* input operands */
|
- : "rm" (data));
|
+ return static_cast<uint32_t>(__builtin_ia32_crc32di(crc, data));
|
#endif
|
-
|
- return(static_cast<uint32_t>(crc_64bit));
|
}
|
|
/** Calculate CRC32 over 64-bit byte string using a hardware/CPU instruction.
|
diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
|
--- a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
|
+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c
|
@@ -1286,6 +1286,7 @@ int wc_FreeNetRandom(void)
|
|
/* return 0 on success */
|
static WC_INLINE int IntelRDseed64(word64* seed)
|
+ __attribute__((no_sanitize("memory")))
|
{
|
unsigned char ok;
|
|
diff --git a/libmariadb/libmariadb/mariadb_lib.c b/libmariadb/libmariadb/mariadb_lib.c
|
--- a/libmariadb/libmariadb/mariadb_lib.c
|
+++ b/libmariadb/libmariadb/mariadb_lib.c
|
@@ -3572,12 +3572,9 @@ static void mysql_once_init()
|
}
|
if (!mysql_port)
|
{
|
- struct servent *serv_ptr;
|
char *env;
|
|
mysql_port = MARIADB_PORT;
|
- if ((serv_ptr = getservbyname("mysql", "tcp")))
|
- mysql_port = (uint)ntohs((ushort)serv_ptr->s_port);
|
if ((env = getenv("MYSQL_TCP_PORT")))
|
mysql_port =(uint)atoi(env);
|
} |
To get better diagnostics, we should also try to do something like the following (and map UNIV_MEM_VALID() to __msan_unpoison() and UNIV_MEM_ASSERT_RW_LOW() to MEM_CHECK_ADDRESSABLE()):
diff --git a/include/my_valgrind.h b/include/my_valgrind.h
|
index 08ad3f46b96..da76d9ced56 100644
|
--- a/include/my_valgrind.h
|
+++ b/include/my_valgrind.h
|
@@ -46,6 +46,13 @@
|
# define MEM_CHECK_ADDRESSABLE(a,len) ((void) 0)
|
# define MEM_CHECK_DEFINED(a,len) ((void) 0)
|
# define REDZONE_SIZE 8
|
+#elif 0 /* __has_feature(memory_sanitizer) */
|
+# include <sanitizer/msan_interface.h>
|
+# define MEM_UNDEFINED(a,len) __msan_poison(a,len)
|
+# define MEM_NOACCESS(a,len) ((void) 0)
|
+# define MEM_CHECK_ADDRESSABLE(a,len) ((void) 0)
|
+# define MEM_CHECK_DEFINED(a,len) __msan_check_mem_is_initialized(a,len)
|
+# define REDZONE_SIZE 0
|
#else
|
# define MEM_UNDEFINED(a,len) ((void) (a), (void) (len))
|
# define MEM_NOACCESS(a,len) ((void) 0) |
Various InnoDB tests are now failing mostly due to dict_acquire_mdl_shared<false>() (MDEV-16678).
| Attachment | 10.5-msan.patch [ 50302 ] |
10.5-msan.patch is my current set of work-arounds for 10.5 0e25a8b4a6a01e3c09407f2f697983dacbcb5cdb. Some WolfSSL work-around is missing, because basically anything that uses encryption appears to trigger false positives.
Tests affected by MDEV-21360 will fail without the following work-around of undefined behaviour:
diff --git a/strings/dtoa.c b/strings/dtoa.c
|
index e31b7e92d7c..b8806185894 100644
|
--- a/strings/dtoa.c
|
+++ b/strings/dtoa.c
|
@@ -2168,6 +2168,7 @@ static int quorem(Bigint *b, Bigint *S)
|
|
static char *dtoa(double dd, int mode, int ndigits, int *decpt, int *sign,
|
char **rve, char *buf, size_t buf_size)
|
+ __attribute__((no_sanitize("memory")))
|
{
|
/*
|
Arguments ndigits, decpt, sign are similar to those |
| Fix Version/s | 10.5 [ 23123 ] |
| Link | This issue blocks MENT-314 [ MENT-314 ] |
| Link | This issue relates to MENT-210 [ MENT-210 ] |
Any tests that use encryption (WolfSSL) seem to fail. The work-around to do_crypt() that I mentioned in MDEV-20309 does not seem to help. Maybe more recent versions of WolfSSL include more inline assembler code that should be replaced with intrinsic functions, to make them MSAN-friendly?
In ASAN buildbot builder we use lsan supressions for some failures we can't do much about. I see here that MSAN doesn't support suppressions, but it mentions a blacklist which is applied at compile time. I don't understand from that text whether it's about compilation of the tool/library itself or the code which is tested. In the latter case, maybe it can be used?
They claim the lack of suppression support is a design choice, but we know well how such "design choices" happen. One thing that can be concluded from this claim is that it's not going to change any time soon.
As far as I understand, there exist 2 kinds of compile-time suppressions for -fsanitize=memory, with appropriate decoration to hide them when not building WITH_MSAN:
- Add __attribute__((no_sanitize("memory"))) to affected functions.
- Add explicit __msan_unpoison(ptr, size) calls for memory regions that we really know should be initialized.
I think that we should primarily try to fix the code instead of adding such suppressions:
- Replace inline assembler with equivalent intrinsic functions, which can be instrumented.
- Fix undefined behaviour, also to please WITH_UBSAN and to avoid dangerous optimizations anywhere.
Build an instrumented C++ runtime library with clang-10
sudo apt install libc++-10-dev libc++abi-10-dev
|
cd /mariadb
|
apt source libc++-10-dev
|
cd llvm-toolchain-10-10.0.0
|
mkdir libc++msan
|
cd libc++msan
|
cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10
|
make -j$(nproc)
|
Build 10.5 with the instrumented libraries, and run it
cd /mariadb/10.5 |
mkdir build |
cd build |
cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \
|
-DCMAKE_C_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \ |
-DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \ |
-DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \
|
-DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \
|
-DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \
|
-DWITH_{ZLIB,SSL,PCRE}=bundled \
|
-DHAVE_LIBAIO_H=0 \
|
-DWITH_MSAN=ON \
|
-G Ninja ..
|
ninja
|
cd mysql-test |
LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st |
LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 |
No patches are necessary since 10.5 94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157 (see the commit message for instructions).
FIXME: Remove the workaround from Json_writer::add_double()
and debug some EXPLAIN FORMAT=JSON tests to find out where
the uninitialized value comes from.
Tests failing due to uninstrumented GNUTLS (MDEV-22083)
(Workaround: replace some client libraries with non-MSAN ones?)
main.flush_ssl
|
main.mysql_client_test
|
main.mysql_client_test_comp
|
main.mysql_client_test_nonblock
|
main.mysql_upgrade_ssl
|
main.openssl_1
|
main.ssl
|
main.ssl-big
|
main.ssl_7937
|
main.ssl_8k_key
|
main.ssl_ca
|
main.ssl_cipher
|
main.ssl_compress
|
main.ssl_connect
|
main.ssl_timeout
|
main.ssl_timeout-9836
|
main.tls_version
|
main.tls_version1
|
main.userstat
|
perfschema.connection_type_notwin
|
perfschema.hostcache_ipv4_ssl
|
perfschema.hostcache_ipv6_ssl
|
plugins.auth_ed25519
|
plugins.multiauth
|
Possibly genuine failures caught by MemorySanitizer
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: perfschema.transaction_nested_events
|
mysqltest: At line 50: query 'SET @con1_thread_id= $con1_thread_id' failed: 1064: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 1
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: gcol.gcol_ins_upd_myisam
|
mysqltest: In included file "./suite/gcol/inc/gcol_ins_upd.inc":
|
included from /mariadb/10.5m/mysql-test/suite/gcol/t/gcol_ins_upd_myisam.test at line 40:
|
At line 491: query 'CREATE TABLE t (
|
a BLOB GENERATED ALWAYS AS ('') VIRTUAL,
|
b TIMESTAMP(4) GENERATED ALWAYS AS ('') VIRTUAL,
|
KEY (a(183),b)
|
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
|
…
|
==2534796==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x55bba587f452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
|
#1 0x55bba587f452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
|
#2 0x55bba587fa20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
|
#3 0x55bba5209635 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
|
#4 0x55bba521908c in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
|
#5 0x55bba5a01f89 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/handler.cc:5358:7
|
#6 0x55bba50f09ec in create_table_impl(THD*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const*, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
|
#7 0x55bba50edc0a in mysql_create_table_no_lock(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
|
#8 0x55bba50f2ab8 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /mariadb/10.5m/sql/sql_table.cc:5315:7
|
#9 0x55bba51469de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
|
#10 0x55bba4d6a039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
|
#11 0x55bba4d574c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#12 0x55bba4d4b8b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#13 0x55bba4d5928c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#14 0x55bba535bf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#15 0x55bba535b4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#16 0x55bba67cc1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#17 0x7f91ac7daf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#18 0x7f91ac2b42ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
|
#0 0x55bba587eaf0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: vcol.vcol_sql_mode
|
mysqltest: At line 148: query 'CREATE TABLE t1 (a CHAR(5), v VARCHAR(5) AS (RPAD(a,4,' ')) VIRTUAL, KEY(v))' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
|
…
|
==2534810==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x562d223d8452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
|
#1 0x562d223d8452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
|
#2 0x562d223d8a20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
|
#3 0x562d21d62635 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
|
#4 0x562d21d7208c in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
|
#5 0x562d2255af89 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/handler.cc:5358:7
|
#6 0x562d21c499ec in create_table_impl(THD*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const*, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
|
#7 0x562d21c46c0a in mysql_create_table_no_lock(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
|
#8 0x562d21c4bab8 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /mariadb/10.5m/sql/sql_table.cc:5315:7
|
#9 0x562d21c9f9de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
|
#10 0x562d218c3039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
|
#11 0x562d218b04c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#12 0x562d218a48b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#13 0x562d218b228c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#14 0x562d21eb4f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#15 0x562d21eb44e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#16 0x562d233251e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#17 0x7f1af3f0df26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#18 0x7f1af39e72ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
|
#0 0x562d223d7af0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: vcol.vcol_sql_mode_datetime
|
mysqltest: At line 67: query 'CREATE TABLE t1 (
|
t DATETIME(4),
|
d DATETIME,
|
v DATETIME(3) AS ('2001-01-01 10:20:30.1234') VIRTUAL,
|
KEY(v,d)
|
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
|
==2534813==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x557714701452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
|
#1 0x557714701452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
|
#2 0x557714701a20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
|
#3 0x55771408b635 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
|
#4 0x55771409b08c in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
|
#5 0x557714883f89 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/handler.cc:5358:7
|
#6 0x557713f729ec in create_table_impl(THD*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const*, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
|
#7 0x557713f6fc0a in mysql_create_table_no_lock(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
|
#8 0x557713f74ab8 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /mariadb/10.5m/sql/sql_table.cc:5315:7
|
#9 0x557713fc89de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
|
#10 0x557713bec039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
|
#11 0x557713bd94c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#12 0x557713bcd8b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#13 0x557713bdb28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#14 0x5577141ddf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#15 0x5577141dd4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#16 0x55771564e1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#17 0x7feb3233ef26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#18 0x7feb31e182ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
|
#0 0x557714700af0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: vcol.vcol_sql_mode_time
|
mysqltest: At line 67: query 'CREATE TABLE t1 (
|
t TIME(4),
|
d TIME,
|
v TIME(3) AS ('2001-01-01 10:20:30.1234') VIRTUAL,
|
KEY(v,d)
|
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
|
…
|
==2534817==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x564a3b8e0452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
|
#1 0x564a3b8e0452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
|
#2 0x564a3b8e0a20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
|
#3 0x564a3b26a635 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
|
#4 0x564a3b27a08c in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
|
#5 0x564a3ba62f89 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/handler.cc:5358:7
|
#6 0x564a3b1519ec in create_table_impl(THD*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const*, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
|
#7 0x564a3b14ec0a in mysql_create_table_no_lock(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
|
#8 0x564a3b153ab8 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /mariadb/10.5m/sql/sql_table.cc:5315:7
|
#9 0x564a3b1a79de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
|
#10 0x564a3adcb039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
|
#11 0x564a3adb84c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#12 0x564a3adac8b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#13 0x564a3adba28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#14 0x564a3b3bcf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#15 0x564a3b3bc4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#16 0x564a3c82d1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#17 0x7f8d50222f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#18 0x7f8d4fcfc2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
|
#0 0x564a3b8dfaf0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: vcol.vcol_sql_mode_timestamp
|
mysqltest: At line 67: query 'CREATE TABLE t1 (
|
t TIMESTAMP(4),
|
d DATETIME,
|
v TIMESTAMP(3) AS ('2001-01-01 10:20:30.1234') VIRTUAL,
|
KEY(v,d)
|
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
|
…
|
==2534819==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x55f6cdc2d452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
|
#1 0x55f6cdc2d452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
|
#2 0x55f6cdc2da20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
|
#3 0x55f6cd5b7635 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
|
#4 0x55f6cd5c708c in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
|
#5 0x55f6cddaff89 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/handler.cc:5358:7
|
#6 0x55f6cd49e9ec in create_table_impl(THD*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const*, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
|
#7 0x55f6cd49bc0a in mysql_create_table_no_lock(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
|
#8 0x55f6cd4a0ab8 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /mariadb/10.5m/sql/sql_table.cc:5315:7
|
#9 0x55f6cd4f49de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
|
#10 0x55f6cd118039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
|
#11 0x55f6cd1054c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#12 0x55f6cd0f98b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#13 0x55f6cd10728c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#14 0x55f6cd709f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#15 0x55f6cd7094e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#16 0x55f6ceb7a1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#17 0x7f1c9332ff26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#18 0x7f1c92e092ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
|
#0 0x55f6cdc2caf0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: main.opt_trace_index_merge_innodb
|
mysqltest: At line 35: query 'explain select * from t1 where pk1 != 0 and key1 = 1' failed: 2013: Lost connection to MySQL server during query
|
…
|
==2534795==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x561d8a810491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
|
#1 0x561d8a8215f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
|
#2 0x561d8a8215f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
|
#3 0x561d8a8275b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
|
#4 0x561d8a8275b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
|
#5 0x561d87de3209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
|
#6 0x561d889bd34a in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
|
#7 0x561d889bd34a in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
|
#8 0x561d889bd34a in ror_intersect_add(ROR_INTERSECT_INFO*, st_ror_scan_info*, Json_writer_object*, bool) /mariadb/10.5m/sql/opt_range.cc:6860:18
|
#9 0x561d8894d312 in get_best_ror_intersect(PARAM const*, SEL_TREE*, double, bool*) /mariadb/10.5m/sql/opt_range.cc:7056:10
|
#10 0x561d8892e0e0 in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /mariadb/10.5m/sql/opt_range.cc:2918:24
|
#11 0x561d877963b3 in get_quick_record_count(THD*, SQL_SELECT*, TABLE*, Bitmap<64u> const*, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:4708:9
|
#12 0x561d877963b3 in make_join_statistics(JOIN*, List<TABLE_LIST>&, st_dynamic_array*) /mariadb/10.5m/sql/sql_select.cc:5433:20
|
#13 0x561d877791ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
|
#14 0x561d8775babc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
|
#15 0x561d8773c875 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /mariadb/10.5m/sql/sql_select.cc:4650:19
|
#16 0x561d87888bfd in mysql_explain_union(THD*, st_select_lex_unit*, select_result*) /mariadb/10.5m/sql/sql_select.cc:27182:10
|
#17 0x561d87674272 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.5m/sql/sql_parse.cc:6107:12
|
#18 0x561d876532a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
|
#19 0x561d876404c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#20 0x561d876348b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#21 0x561d8764228c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#22 0x561d87c44f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#23 0x561d87c444e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#24 0x561d890b51e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#25 0x7eff33cfcf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#26 0x7eff337d62ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'path2' in the stack frame of function '_ZL32btr_estimate_n_rows_in_range_lowP12dict_index_tP9btr_pos_tS2_j'
|
#0 0x561d89e147d0 in btr_estimate_n_rows_in_range_low(dict_index_t*, btr_pos_t*, btr_pos_t*, unsigned int) /mariadb/10.5m/storage/innobase/btr/btr0cur.cc:6155
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
main.query_cache_innodb 'innodb' w17 [ fail ]
|
Test ended at 2020-03-27 13:08:14
|
|
|
CURRENT_TEST: main.query_cache_innodb
|
mysqltest: At line 43: query 'select * from `t2$ї`' failed: 2013: Lost connection to MySQL server during query
|
Uninitialized bytes in MemcmpInterceptorCommon at offset 16 inside [0x7fd86874df00, 20)
|
==2534781==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x5643550aaa2c in bcmp (/dev/shm/10.5ms/sql/mariadbd+0x6dea2c)
|
#1 0x564357fe712b in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t*, THD*, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:892:10
|
#2 0x564357f93e40 in dict_table_open_on_id(unsigned long, bool, dict_table_op_t, THD*, MDL_ticket**) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:947:12
|
#3 0x5643579a120b in row_purge_parse_undo_rec(purge_node_t*, unsigned char*, que_thr_t*, bool*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:933:16
|
#4 0x5643579a120b in row_purge(purge_node_t*, unsigned char*, que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1107:10
|
#5 0x5643579a120b in row_purge_step(que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1159:3
|
#6 0x564357771370 in que_thr_step(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1038:9
|
#7 0x564357771370 in que_run_threads_low(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1100:14
|
#8 0x564357771370 in que_run_threads(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1140:2
|
#9 0x564357ac4043 in srv_task_execute() /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2055:3
|
#10 0x564357ac4043 in purge_worker_callback(void*) /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2205:10
|
#11 0x564358355413 in tpool::task_group::execute(tpool::task*) /mariadb/10.5m/tpool/task_group.cc:55:9
|
#12 0x564358348d72 in tpool::thread_pool_generic::worker_main(tpool::worker_data*) /mariadb/10.5m/tpool/tpool_generic.cc:518:11
|
#13 0x5643583527bc in decltype(*(std::__1::forward<tpool::thread_pool_generic*>(fp0)).*fp(std::__1::forward<tpool::worker_data*>(fp1))) std::__1::__invoke<void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*, void>(void (tpool::thread_pool_generic::*&&)(tpool::worker_data*), tpool::thread_pool_generic*&&, tpool::worker_data*&&) /usr/lib/llvm-10/bin/../include/c++/v1/type_traits:3480:1
|
#14 0x5643583527bc in void std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*, 2ul, 3ul>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*>&, std::__1::__tuple_indices<2ul, 3ul>) /usr/lib/llvm-10/bin/../include/c++/v1/thread:273:5
|
#15 0x5643583527bc in void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*> >(void*) /usr/lib/llvm-10/bin/../include/c++/v1/thread:284:5
|
#16 0x7fd88272bf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#17 0x7fd8822052ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'db_buf' in the stack frame of function '_Z23dict_acquire_mdl_sharedILb0EEP12dict_table_tS1_P3THDPP10MDL_ticket15dict_table_op_t'
|
#0 0x564357fe6200 in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t*, THD*, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:790
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: maria.maria-recovery2
|
mysqltest: At line 70: query 'delete from t1 where b="b"' failed: 2013: Lost connection to MySQL server during query
|
…
|
SQL_SELECT::test_quick_select: enter: keys_to_use: 18446744073709551615 prev_tables: 0 const_tables: 0
|
SQL_SELECT::test_quick_select: info: records: 3
|
SQL_SELECT::test_quick_select: info: ==2536175==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x555eb4ba0491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
|
#1 0x555eb4bb15f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
|
#2 0x555eb4bb15f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
|
#3 0x555eb4a8bf67 in DbugVfprintf /mariadb/10.5m/dbug/dbug.c:1332:10
|
#4 0x555eb4a8bf67 in _db_doprnt_ /mariadb/10.5m/dbug/dbug.c:1316:3
|
#5 0x555eb2cb8cfe in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /mariadb/10.5m/sql/opt_range.cc:2691:3
|
#6 0x555eb2e000a3 in SQL_SELECT::check_quick(THD*, bool, unsigned long long) /mariadb/10.5m/sql/opt_range.h:1654:12
|
#7 0x555eb2e000a3 in mysql_delete(THD*, TABLE_LIST*, Item*, SQL_I_List<st_order>*, unsigned long long, unsigned long long, select_result*) /mariadb/10.5m/sql/sql_delete.cc:500:26
|
#8 0x555eb19f6bc6 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:4749:11
|
#9 0x555eb19d04c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#10 0x555eb19c48b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#11 0x555eb19d228c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#12 0x555eb1fd4f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#13 0x555eb1fd44e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#14 0x555eb34451e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#15 0x7f2ef5861f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#16 0x7f2ef533b2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'buf' in the stack frame of function 'my_fcvt'
|
#0 0x555eb4b9c320 in my_fcvt /mariadb/10.5m/strings/dtoa.c:90
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: sys_vars.replicate_ignore_table_grant
|
mysqltest: In included file "./suite/sys_vars/inc/sysvar_global_grant.inc":
|
included from /mariadb/10.5m/mysql-test/suite/sys_vars/t/replicate_ignore_table_grant.test at line 10:
|
At line 29: query 'SET GLOBAL $var=$value' failed: 2013: Lost connection to MySQL server during query
|
…
|
==2534804==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x555a8deddec2 in Rpl_filter::set_ignore_table(char const*) /mariadb/10.5m/sql/rpl_filter.cc:377:7
|
#1 0x555a8e9a2b82 in Sys_var_rpl_filter::set_filter_value(char const*, Master_info*) /mariadb/10.5m/sql/sys_vars.cc:5245:25
|
#2 0x555a8e9a25e5 in Sys_var_rpl_filter::global_update(THD*, set_var*) /mariadb/10.5m/sql/sys_vars.cc:5218:15
|
#3 0x555a8def1f9b in sys_var::update(THD*, set_var*) /mariadb/10.5m/sql/set_var.cc:207:12
|
#4 0x555a8defa003 in set_var::update(THD*) /mariadb/10.5m/sql/set_var.cc:859:23
|
#5 0x555a8def8993 in sql_set_variables(THD*, List<set_var_base>*, bool) /mariadb/10.5m/sql/set_var.cc:746:20
|
#6 0x555a8e3438f0 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:4976:9
|
#7 0x555a8e32b4c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#8 0x555a8e31f8b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#9 0x555a8e32d28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#10 0x555a8e92ff0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#11 0x555a8e92f4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#12 0x555a8fda01e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#13 0x7f6e8e862f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#14 0x7f6e8e33c2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by a heap allocation
|
#0 0x555a8de5e759 in operator new(unsigned long) (/dev/shm/10.5ms/sql/mariadbd+0x747759)
|
#1 0x555a8dea2f95 in create_rpl_filter(char const*, unsigned long) /mariadb/10.5m/sql/keycaches.cc:203:11
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: main.opt_trace
|
mysqltest: At line 23: query 'select * from v1' failed: 2013: Lost connection to MySQL server during query
|
…
|
==2534807==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x55e75ddbf491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
|
#1 0x55e75ddd05f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
|
#2 0x55e75ddd05f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
|
#3 0x55e75ddd65b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
|
#4 0x55e75ddd65b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
|
#5 0x55e75b392209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
|
#6 0x55e75adafb01 in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
|
#7 0x55e75adafb01 in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
|
#8 0x55e75adafb01 in best_access_path(JOIN*, st_join_table*, unsigned long long, st_position const*, unsigned int, bool, double, st_position*, st_position*) /mariadb/10.5m/sql/sql_select.cc:8044:23
|
#9 0x55e75ae589fb in best_extension_by_limited_search(JOIN*, unsigned long long, unsigned int, double, double, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:9533:7
|
#10 0x55e75adb72cc in greedy_search(JOIN*, unsigned long long, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:8738:9
|
#11 0x55e75adb72cc in choose_plan(JOIN*, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:8303:9
|
#12 0x55e75ad471be in make_join_statistics(JOIN*, List<TABLE_LIST>&, st_dynamic_array*) /mariadb/10.5m/sql/sql_select.cc:5550:11
|
#13 0x55e75ad281ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
|
#14 0x55e75ad0aabc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
|
#15 0x55e75aceb875 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /mariadb/10.5m/sql/sql_select.cc:4650:19
|
#16 0x55e75aceaf48 in handle_select(THD*, LEX*, select_result*, unsigned long) /mariadb/10.5m/sql/sql_select.cc:417:10
|
#17 0x55e75ac23dd2 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.5m/sql/sql_parse.cc:6168:12
|
#18 0x55e75ac022a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
|
#19 0x55e75abef4c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#20 0x55e75abe38b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#21 0x55e75abf128c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#22 0x55e75b1f3f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#23 0x55e75b1f34e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#24 0x55e75c6641e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#25 0x7fde0e7f7f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#26 0x7fde0e2d12ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'stack' in the stack frame of function 'my_qsort2'
|
#0 0x55e75db96be0 in my_qsort2 /mariadb/10.5m/mysys/mf_qsort.c:100
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: main.opt_trace_index_merge
|
mysqltest: At line 17: query 'explain select * from t1 where a=1 or b=1' failed: 2013: Lost connection to MySQL server during query
|
…
|
==2534800==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x5576d953f576 in my_gcvt /mariadb/10.5m/strings/dtoa.c:267:31
|
#1 0x5576d95505f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
|
#2 0x5576d95505f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
|
#3 0x5576d95565b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
|
#4 0x5576d95565b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
|
#5 0x5576d6b12209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
|
#6 0x5576d7681ad1 in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
|
#7 0x5576d7681ad1 in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
|
#8 0x5576d7681ad1 in get_best_disjunct_quick(PARAM*, SEL_IMERGE*, double) /mariadb/10.5m/sql/opt_range.cc:5123:15
|
#9 0x5576d765f373 in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /mariadb/10.5m/sql/opt_range.cc:2966:25
|
#10 0x5576d64c53b3 in get_quick_record_count(THD*, SQL_SELECT*, TABLE*, Bitmap<64u> const*, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:4708:9
|
#11 0x5576d64c53b3 in make_join_statistics(JOIN*, List<TABLE_LIST>&, st_dynamic_array*) /mariadb/10.5m/sql/sql_select.cc:5433:20
|
#12 0x5576d64a81ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
|
#13 0x5576d648aabc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
|
#14 0x5576d646b875 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /mariadb/10.5m/sql/sql_select.cc:4650:19
|
#15 0x5576d65b7bfd in mysql_explain_union(THD*, st_select_lex_unit*, select_result*) /mariadb/10.5m/sql/sql_select.cc:27182:10
|
#16 0x5576d63a3272 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.5m/sql/sql_parse.cc:6107:12
|
#17 0x5576d63822a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
|
#18 0x5576d636f4c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#19 0x5576d63638b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#20 0x5576d637128c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#21 0x5576d6973f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#22 0x5576d69734e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#23 0x5576d7de41e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#24 0x7f7de495cf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#25 0x7f7de44362ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'seq.i' in the stack frame of function '_ZL20get_key_scans_paramsP5PARAMP8SEL_TREEbbd'
|
#0 0x5576d7674c40 in get_key_scans_params(PARAM*, SEL_TREE*, bool, bool, double) /mariadb/10.5m/sql/opt_range.cc:7350
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: main.opt_trace_security
|
mysqltest: At line 33: query 'select * from db1.t1' failed: 2013: Lost connection to MySQL server during query
|
…
|
==2534801==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x562cf8099491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
|
#1 0x562cf80aa5f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
|
#2 0x562cf80aa5f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
|
#3 0x562cf80b05b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
|
#4 0x562cf80b05b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
|
#5 0x562cf566c209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
|
#6 0x562cf5089b01 in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
|
#7 0x562cf5089b01 in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
|
#8 0x562cf5089b01 in best_access_path(JOIN*, st_join_table*, unsigned long long, st_position const*, unsigned int, bool, double, st_position*, st_position*) /mariadb/10.5m/sql/sql_select.cc:8044:23
|
#9 0x562cf51329fb in best_extension_by_limited_search(JOIN*, unsigned long long, unsigned int, double, double, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:9533:7
|
#10 0x562cf50912cc in greedy_search(JOIN*, unsigned long long, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:8738:9
|
#11 0x562cf50912cc in choose_plan(JOIN*, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:8303:9
|
#12 0x562cf50211be in make_join_statistics(JOIN*, List<TABLE_LIST>&, st_dynamic_array*) /mariadb/10.5m/sql/sql_select.cc:5550:11
|
#13 0x562cf50021ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
|
#14 0x562cf4fe4abc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
|
#15 0x562cf4fc5875 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /mariadb/10.5m/sql/sql_select.cc:4650:19
|
#16 0x562cf4fc4f48 in handle_select(THD*, LEX*, select_result*, unsigned long) /mariadb/10.5m/sql/sql_select.cc:417:10
|
#17 0x562cf4efddd2 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.5m/sql/sql_parse.cc:6168:12
|
#18 0x562cf4edc2a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
|
#19 0x562cf4ec94c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#20 0x562cf4ebd8b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#21 0x562cf4ecb28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#22 0x562cf54cdf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#23 0x562cf54cd4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#24 0x562cf693e1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#25 0x7ff22f6cbf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#26 0x7ff22f1a52ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'stack' in the stack frame of function 'my_qsort2'
|
#0 0x562cf7e70be0 in my_qsort2 /mariadb/10.5m/mysys/mf_qsort.c:100
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: main.opt_trace_ucs2
|
mysqltest: At line 8: query 'explain format=json select * from t1 force index(col1) where col1 >='a'' failed: 2013: Lost connection to MySQL server during query
|
…
|
==2534814==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x557169a48491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
|
#1 0x557169a595f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
|
#2 0x557169a595f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
|
#3 0x557169a5f5b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
|
#4 0x557169a5f5b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
|
#5 0x55716701b209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
|
#6 0x557167b9225d in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
|
#7 0x557167b9225d in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
|
#8 0x557167b9225d in calculate_cond_selectivity_for_table(THD*, TABLE*, Item**) /mariadb/10.5m/sql/opt_range.cc:3360:33
|
#9 0x5571669ceb59 in make_join_statistics(JOIN*, List<TABLE_LIST>&, st_dynamic_array*) /mariadb/10.5m/sql/sql_select.cc:5455:13
|
#10 0x5571669b11ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
|
#11 0x557166993abc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
|
#12 0x557166974875 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /mariadb/10.5m/sql/sql_select.cc:4650:19
|
#13 0x557166ac0bfd in mysql_explain_union(THD*, st_select_lex_unit*, select_result*) /mariadb/10.5m/sql/sql_select.cc:27182:10
|
#14 0x5571668ac272 in execute_sqlcom_select(THD*, TABLE_LIST*) /mariadb/10.5m/sql/sql_parse.cc:6107:12
|
#15 0x55716688b2a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
|
#16 0x5571668784c0 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
|
#17 0x55716686c8b1 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
|
#18 0x55716687a28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
|
#19 0x557166e7cf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
|
#20 0x557166e7c4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
|
#21 0x5571682ed1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#22 0x7f8dd74c8f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#23 0x7f8dd6fa22ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'stat_tables' in the stack frame of function '_Z26read_statistics_for_tablesP3THDP10TABLE_LIST'
|
#0 0x557166ba5b00 in read_statistics_for_tables(THD*, TABLE_LIST*) /mariadb/10.5m/sql/sql_statistics.cc:3291
|
|
10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e |
CURRENT_TEST: innodb_fts.innodb_fts_misc
|
mysqltest: At line 902: query 'ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b)' failed: 2013: Lost connection to MySQL server during query
|
…
|
Uninitialized bytes in MemcmpInterceptorCommon at offset 14 inside [0x7fce48869f00, 17)
|
==2536284==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x558021dffa2c in bcmp (/dev/shm/10.5ms/sql/mariadbd+0x6dea2c)
|
#1 0x558024d3c12b in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t*, THD*, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:892:10
|
#2 0x558024ce8e40 in dict_table_open_on_id(unsigned long, bool, dict_table_op_t, THD*, MDL_ticket**) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:947:12
|
#3 0x5580246f620b in row_purge_parse_undo_rec(purge_node_t*, unsigned char*, que_thr_t*, bool*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:933:16
|
#4 0x5580246f620b in row_purge(purge_node_t*, unsigned char*, que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1107:10
|
#5 0x5580246f620b in row_purge_step(que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1159:3
|
#6 0x5580244c6370 in que_thr_step(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1038:9
|
#7 0x5580244c6370 in que_run_threads_low(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1100:14
|
#8 0x5580244c6370 in que_run_threads(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1140:2
|
#9 0x558024819043 in srv_task_execute() /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2055:3
|
#10 0x558024819043 in purge_worker_callback(void*) /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2205:10
|
#11 0x5580250aa413 in tpool::task_group::execute(tpool::task*) /mariadb/10.5m/tpool/task_group.cc:55:9
|
#12 0x55802509dd72 in tpool::thread_pool_generic::worker_main(tpool::worker_data*) /mariadb/10.5m/tpool/tpool_generic.cc:518:11
|
#13 0x5580250a77bc in decltype(*(std::__1::forward<tpool::thread_pool_generic*>(fp0)).*fp(std::__1::forward<tpool::worker_data*>(fp1))) std::__1::__invoke<void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*, void>(void (tpool::thread_pool_generic::*&&)(tpool::worker_data*), tpool::thread_pool_generic*&&, tpool::worker_data*&&) /usr/lib/llvm-10/bin/../include/c++/v1/type_traits:3480:1
|
#14 0x5580250a77bc in void std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*, 2ul, 3ul>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*>&, std::__1::__tuple_indices<2ul, 3ul>) /usr/lib/llvm-10/bin/../include/c++/v1/thread:273:5
|
#15 0x5580250a77bc in void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::*)(tpool::worker_data*), tpool::thread_pool_generic*, tpool::worker_data*> >(void*) /usr/lib/llvm-10/bin/../include/c++/v1/thread:284:5
|
#16 0x7fce54cf8f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
|
#17 0x7fce547d22ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Uninitialized value was created by an allocation of 'db_buf' in the stack frame of function '_Z23dict_acquire_mdl_sharedILb0EEP12dict_table_tS1_P3THDPP10MDL_ticket15dict_table_op_t'
|
#0 0x558024d3b200 in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t*, THD*, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:790
|
| Link |
This issue includes |
| Link |
This issue relates to |
The test failures main.query_cache_innodb and innodb_fts.innodb_fts_misc were fixed in MDEV-22060.
| Link |
This issue relates to |
| Link | This issue relates to MDEV-22072 [ MDEV-22072 ] |
| Link |
This issue relates to |
| Link |
This issue is blocked by |
| Link | This issue relates to MDEV-22244 [ MDEV-22244 ] |
| Fix Version/s | 10.5 [ 23123 ] |
Update:
|
10.5 23047d3ed42eacb5eaa5475a8fa4161550d01c52 |
Completed: Failed 55/5274 tests, 98.96% were successful.Failing test(s): rpl.rpl_row_end_of_statement_loss encryption.create_or_replace rpl.rpl_parallel_optimistic_xa_lsu_off binlog_encryption.encrypted_master encryption.innodb_encryption_discard_import rpl.rpl_non_direct_stm_mixing_engines rpl.rpl_mixed_mixing_engines wsrep_info.plugin perfschema.hostcache_ipv6_ssl main.userstat perfschema.transaction_nested_events main.mysql_client_test_nonblock main.mysql_client_test rpl.rpl_gtid_ignored main.mysql_upgrade_ssl main.opt_trace_index_merge_innodb maria.maria-recovery2 main.mysql_client_test_comp main.ssl_7937 plugins.multiauth main.ssl_8k_key main.ssl_timeout-9836 main.tls_version main.opt_trace_security main.opt_trace_ucs2 main.func_debug main.flush_ssl main.ssl main.myisampack main.ssl_ca main.ssl_cipher main.ssl_compress main.ssl_connect main.openssl_1 main.ssl_timeout main.opt_trace_index_merge perfschema.connection_type_notwin main.loadxml perfschema.hostcache_ipv4_ssl plugins.auth_ed25519 sys_vars.pseudo_slave_mode_basic sys_vars.replicate_do_table_grant type_inet.type_inet6 main.ssl-big innodb.innodb_bulk_create_index_debug main.opt_trace client.mariadb-conv-utf8 client.mariadb-conv-cp932 innodb.alter_large_dml
|
The test innodb.alter_large_dml apparently timed out. Many SSL tests failed due to MDEV-22083.
| Link |
This issue is blocked by |
| Link |
This issue is blocked by |
| Link |
This issue is blocked by |
| Link |
This issue is blocked by |
| Link |
This issue is blocked by |
To work around the lack of MSAN-instrumented libmariadb, I replaced the executables in the client directory with non-instrumented executables from the same source. I got the following test failures that seem to be related to code deficiencies:
- main.loadxml:
MDEV-22688MSAN use-of-uninitialized-value in READ_INFO::read_xml() - main.myisampack:
MDEV-22689MSAN use-of-uninitialized-value in decode_bytes() - main.opt_trace main.opt_trace_security main.opt_trace_ucs2 main.opt_trace_index_merge main.opt_trace_index_merge_innodb:
MDEV-22690MSAN use-of-uninitialized-value in optimizer_trace - maria.maria-recovery2:
MDEV-22691MSAN use-of-uninitialized-value in test maria.maria-recovery2 - Various tests after reverting a suppression:
MDEV-22692MSAN use-of-uninitialized-value in pagecache_fwrite()
Problems with the environment
The test wsrep_info.plugin would fail if a (necessarily uninstrumented) galera-4 library is installed.
The tests plugins.auth_ed25519 and plugins.multiauth fail with: Plugin client_ed25519 could not be loaded: …/var/plugins/client_ed25519.so: undefined symbol: __msan_origin_tls
|
10.5 d8ea11a33fba12331c98c04ff44c815a662faccb |
Failing test(s): main.mysql_client_test_nonblock main.mysql_client_test main.mysql_client_test_comp
|
These tests fail even if I replace the tests/mariadb-client-test with an uninstrumented one. With the uninstrumented client, each failure looks like this:
CURRENT_TEST: main.mysql_client_test_nonblock
|
mysqltest: At line 22: exec of '/dev/shm/10.5-msan/tests/mysql_client_test --defaults-file=/dev/shm/10.5-msan/mysql-test/var/1/my.cnf --testcase --vardir=/dev/shm/10.5-msan/mysql-test/var/1 --non-blocking-api --getopt-ll-test=25600M >> /dev/shm/10.5-msan/mysql-test/var/1/log/mysql_client_test.out.log 2>&1' failed, error: 256, status: 1, errno: 11
|
Before I replaced the client executables (client/* to work around the lack of MSAN instrumentation (MDEV-22083), the following 24 tests additionally failed:
|
10.5 d8ea11a33fba12331c98c04ff44c815a662faccb |
main.tls_version main.ssl_8k_key main.flush_ssl rpl.rpl_parallel_conflicts perfschema.hostcache_ipv6_ssl main.ssl_ca main.userstat perfschema.transaction_nested_events main.mysql_upgrade_ssl main.ssl_7937 main.openssl_1 main.ssl_connect main.ssl_timeout-9836 main.ssl main.ssl_cipher main.ssl-big main.ssl_compress perfschema.connection_type_notwin main.ssl_timeout perfschema.hostcache_ipv4_ssl innodb.innodb_bulk_create_index_debug
|
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
h2. Creating MSAN-instrumented libc++ {code:sh} cd /mariadb sudo apt source libc++-8-dev cd llvm-toolchain-8-8.0.1 mkdir libc++msan; cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-8 -DCMAKE_CXX_COMPILER=clang++-8 {code} h2. Introduce an option WITH_MSAN {code:diff} patch -p1<<'EOF' diff --git a/CMakeLists.txt b/CMakeLists.txt index 33b69a9a1e3..ed61853bbc5 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -236,6 +236,11 @@ IF (WITH_UBSAN) MY_CHECK_AND_SET_COMPILER_FLAG("-fsanitize=undefined -fno-sanitize=alignment -U_FORTIFY_SOURCE" DEBUG RELWITHDEBINFO) ENDIF() +OPTION(WITH_MSAN "Enable memory sanitizer" OFF) +IF (WITH_MSAN) + MY_CHECK_AND_SET_COMPILER_FLAG("-fsanitize=memory -U_FORTIFY_SOURCE" DEBUG RELWITHDEBINFO) +ENDIF() + IF(NOT WITH_TSAN) # enable security hardening features, like most distributions do # in our benchmarks that costs about ~1% of performance, depending on the load diff --git a/cmake/plugin.cmake b/cmake/plugin.cmake index 89dfdbb306b..3582f8ac005 100644 --- a/cmake/plugin.cmake +++ b/cmake/plugin.cmake @@ -223,7 +223,7 @@ MACRO(MYSQL_ADD_PLUGIN) ELSEIF(NOT CMAKE_SYSTEM_NAME STREQUAL "Linux") TARGET_LINK_LIBRARIES (${target} mysqld) ENDIF() - ELSEIF(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT WITH_ASAN AND NOT WITH_TSAN AND NOT WITH_UBSAN) + ELSEIF(CMAKE_SYSTEM_NAME STREQUAL "Linux" AND NOT WITH_ASAN AND NOT WITH_TSAN AND NOT WITH_UBSAN AND NOT WITH_MSAN) TARGET_LINK_LIBRARIES (${target} "-Wl,--no-undefined") ENDIF() diff --git a/libmariadb/libmariadb/CMakeLists.txt b/libmariadb/libmariadb/CMakeLists.txt index 9581461..8ba9c32 100644 --- a/libmariadb/libmariadb/CMakeLists.txt +++ b/libmariadb/libmariadb/CMakeLists.txt @@ -412,7 +412,7 @@ ENDIF() IF(CMAKE_SYSTEM_NAME MATCHES "Linux" OR CMAKE_SYSTEM_NAME MATCHES "GNU") - IF (NOT WITH_ASAN AND NOT WITH_TSAN) + IF (NOT WITH_ASAN AND NOT WITH_TSAN AND NOT WITH_MSAN) TARGET_LINK_LIBRARIES (libmariadb "-Wl,--no-undefined") ENDIF() SET_TARGET_PROPERTIES(libmariadb PROPERTIES LINK_FLAGS "${CC_BINARY_DIR}/libmariadb/mariadbclient.def") EOF {code} h2. Compile with libc++ (instead of libstdc++) and bundled libraries {code:sh} mkdir build; cd build cmake -DWITH_MSAN=ON -DWITH_SSL=bundled -DWITH_ZLIB=bundled -DCMAKE_CXX_FLAGS='-stdlib=libc++' .. make -j$(nproc) {code} h2. Run tests with the instrumented libc++ {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-8-8.0.1/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-8-8.0.1/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} h2. Problems found so far For some reason, {{getservbyname()}} claims that the buffer is uninitialized. Maybe we need an instrumented library? Workaround: comment out the calls: {code:diff} diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 695616f9269..f1df81c9095 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -2171,7 +2171,7 @@ static void set_ports() line options. */ -#if MYSQL_PORT_DEFAULT == 0 +#if 0 // MYSQL_PORT_DEFAULT == 0 struct servent *serv_ptr; if ((serv_ptr= getservbyname("mysql", "tcp"))) SYSVAR_AUTOSIZE(mysqld_port, ntohs((u_short) serv_ptr->s_port)); diff --git a/libmariadb/mariadb_lib.c b/libmariadb/mariadb_lib.c index d43b68c..fb6236f 100644 --- a/libmariadb/mariadb_lib.c +++ b/libmariadb/mariadb_lib.c @@ -3539,12 +3539,16 @@ static void mysql_once_init() } if (!mysql_port) { +#if 0 struct servent *serv_ptr; +#endif char *env; mysql_port = MARIADB_PORT; +#if 0 if ((serv_ptr = getservbyname("mysql", "tcp"))) mysql_port = (uint)ntohs((ushort)serv_ptr->s_port); +#endif if ((env = getenv("MYSQL_TCP_PORT"))) mysql_port =(uint)atoi(env); } {code} Inline assembler code leads to bogus claims about uninitialized memory. Compiler built-ins or intrinsic functions seem to work correctly. Alas, we will have to add some compile-time options to allow these instructions to be emitted. I used {{-march=native}} as a quick hack: {code:diff} diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c index 6b0d5dafc..817619d16 100644 --- a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c +++ b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c @@ -173,7 +173,7 @@ int wc_RNG_GenerateByte(WC_RNG* rng, byte* b) static int wc_GenerateRand_IntelRD(OS_Seed* os, byte* output, word32 sz); #endif -#ifdef USE_WINDOWS_API +#if 1 /*def USE_WINDOWS_API */ #include <immintrin.h> #endif /* USE_WINDOWS_API */ #endif @@ -1282,7 +1282,7 @@ int wc_FreeNetRandom(void) #ifdef HAVE_INTEL_RDSEED -#ifndef USE_WINDOWS_API +#if 0/*ndef USE_WINDOWS_API*/ /* return 0 on success */ static WC_INLINE int IntelRDseed64(word64* seed) @@ -1302,7 +1302,7 @@ int wc_FreeNetRandom(void) { int ok; - ok = _rdseed64_step(seed); + ok = _rdseed64_step((unsigned long long*) seed); return (ok) ? 0 : -1; } diff --git a/storage/innobase/ut/ut0crc32.cc b/storage/innobase/ut/ut0crc32.cc index 4a6447c1dcf..58273e9058e 100644 --- a/storage/innobase/ut/ut0crc32.cc +++ b/storage/innobase/ut/ut0crc32.cc @@ -219,6 +219,8 @@ ut_crc32_8_hw( { #ifdef _MSC_VER *crc = _mm_crc32_u8(*crc, (*data)[0]); +#elif 1 + *crc = __builtin_ia32_crc32qi(*crc, (*data)[0]); #else asm("crc32b %1, %0" /* output operands */ @@ -251,6 +253,8 @@ ut_crc32_64_low_hw( #else #error Not Supported processors type. #endif +#elif 1 + crc_64bit = __builtin_ia32_crc32di(crc_64bit, data); #else asm("crc32q %1, %0" /* output operands */ {code} h2. Errors in {{mysqltest}}: {code:diff} diff --git a/mysql-test/lib/My/SafeProcess/safe_process.cc b/mysql-test/lib/My/SafeProcess/safe_process.cc index 9b544a25178..84003288dab 100644 --- a/mysql-test/lib/My/SafeProcess/safe_process.cc +++ b/mysql-test/lib/My/SafeProcess/safe_process.cc @@ -219,6 +219,7 @@ int main(int argc, char* const argv[] ) sigemptyset(&sa.sa_mask); sa_abort.sa_handler= handle_abort; + sa_abort.sa_flags= 0; sigemptyset(&sa_abort.sa_mask); /* Install signal handlers */ sigaction(SIGTERM, &sa,NULL); diff --git a/client/mysqltest.cc b/client/mysqltest.cc index 5f28bf422e1..0ba9cdc13c4 100644 --- a/client/mysqltest.cc +++ b/client/mysqltest.cc @@ -1687,6 +1687,7 @@ void abort_not_supported_test(const char *fmt, ...) cur_file->file_name, cur_file->lineno); char buff[DIE_BUFF_SIZE]; + buff[0] = '\0'; print_file_stack(buff, buff + sizeof(buff)); fprintf(stderr, "%s", buff); @@ -10363,6 +10364,7 @@ void free_replace_regex() string - the string to perform substitutions in icase - flag, if set to 1 the match is case insensitive */ +__attribute__((no_sanitize("memory"))) int reg_replace(char** buf_p, int* buf_len_p, char *pattern, char *replace, char *string, int icase) { {code} Note: the possible bug in {{reg_replace()}} should be investigated deeper, and not simply suppressed. h2. SSL-related problem {code:diff} diff --git a/mysys_ssl/my_crypt.cc b/mysys_ssl/my_crypt.cc index 02770644259..cb9e60e4dc7 100644 --- a/mysys_ssl/my_crypt.cc +++ b/mysys_ssl/my_crypt.cc @@ -94,6 +94,8 @@ class MyCTX } }; +#include <sanitizer/msan_interface.h> + class MyCTX_nopad : public MyCTX { public: @@ -143,6 +145,7 @@ class MyCTX_nopad : public MyCTX of this class too. */ uchar mask[MY_AES_BLOCK_SIZE]; + __msan_unpoison(mask, sizeof mask); uint mlen; int rc= my_aes_crypt(MY_AES_ECB, ENCRYPTION_FLAG_ENCRYPT | ENCRYPTION_FLAG_NOPAD, {code} The above is only a work-around. Without the above, the last 4 payload bytes in an encrypted InnoDB redo log block (at offset 512-8) would be claimed to uninitialized on {{pwrite64()}}. This needs to be investigated properly. h2. Some remaining problems (blocking further tests): {{innodb.innodb-page_compression_lz4}} alleges uninitialized value in buf_page_encrypt() when computing ut_crc32_8_hw(); maybe we simply need an instrumented liblz4, or should avoid linking with the uninstrumented library? This one occurs at least in {{innodb.innodb-wl5980-alter}} and {{innodb.innodb-alter}}: {noformat:title=10.5 da53fb6d7de906fd8bd73d5f244bac4d77b687aa} ==16796==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x4b9edc in var_get(char const*, char const**, char, char) /mariadb/10.5/client/mysqltest.cc:2498:12 #1 0x51b995 in append_replace_regex(char*, char*, st_replace_regex*, char**) /mariadb/10.5/client/mysqltest.cc:10205:17 #2 0x5139f2 in init_replace_regex(char*) /mariadb/10.5/client/mysqltest.cc:10163:3 #3 0x5139f2 in do_get_replace_regex(st_command*) /mariadb/10.5/client/mysqltest.cc:10324 #4 0x50f060 in main /mariadb/10.5/client/mysqltest.cc:9608:9 #5 0x7f8847a7409a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a) #6 0x438b19 in _start (/dev/shm/10.5/client/mysqltest+0x438b19) Uninitialized value was created by an allocation of 'v_end' in the stack frame of function '_Z20append_replace_regexPcS_P16st_replace_regexPS_' #0 0x51b630 in append_replace_regex(char*, char*, st_replace_regex*, char**) /mariadb/10.5/client/mysqltest.cc:10176 {noformat} {noformat:title=10.5 da53fb6d7de906fd8bd73d5f244bac4d77b687aa} CURRENT_TEST: innodb.innodb-replace-debug mysqltest: At line 13: query 'replace into t1 values (14, 25, 34)' failed: 2013: Lost connection to MySQL server during query … ha_commit_trans: info: is_real_trans: 1 rw_trans: 1 rw_ha_count: 1 MDL_context::acquire_lock: enter: ==20608==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x397a8df in dtoa /mariadb/10.5/strings/dtoa.c:2227:7 #1 0x3970d61 in my_fcvt /mariadb/10.5/strings/dtoa.c:96:8 #2 0x398f8bb in process_dbl_arg /mariadb/10.5/strings/my_vsnprintf.c:246:10 #3 0x398f8bb in my_vsnprintf_ex /mariadb/10.5/strings/my_vsnprintf.c:638 #4 0x385db9f in DbugVfprintf /mariadb/10.5/dbug/dbug.c:1329:10 #5 0x385db9f in _db_doprnt_ /mariadb/10.5/dbug/dbug.c:1309 #6 0x120342f in MDL_context::acquire_lock(MDL_request*, double) /mariadb/10.5/sql/mdl.cc:2242:3 #7 0x17d8de3 in ha_commit_trans(THD*, bool) /mariadb/10.5/sql/handler.cc:1470:24 #8 0x1228d0a in trans_commit_stmt(THD*) /mariadb/10.5/sql/transaction.cc:436:10 #9 0xc28e14 in mysql_execute_command(THD*) /mariadb/10.5/sql/sql_parse.cc:6134:7 #10 0xbfcce2 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5/sql/sql_parse.cc:7884:18 #11 0xbed4e5 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5/sql/sql_parse.cc:1842:7 #12 0xbfee52 in do_command(THD*) /mariadb/10.5/sql/sql_parse.cc:1359:17 #13 0x11cf88f in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5/sql/sql_connect.cc:1414:11 #14 0x11ce99c in handle_one_connection /mariadb/10.5/sql/sql_connect.cc:1309:5 #15 0x2533fd8 in pfs_spawn_thread /mariadb/10.5/storage/perfschema/pfs.cc:1862:3 #16 0x7ff07e856fa2 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7fa2) #17 0x7ff07de3e4ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce) Uninitialized value was created by an allocation of 'cvtbuf.i' in the stack frame of function '_db_doprnt_' #0 0x385d4d0 in _db_doprnt_ /mariadb/10.5/dbug/dbug.c:1288 {noformat} This one was reported by Valgrind on some (not all) platforms. Here it is for {{innodb.doublewrite}}: {noformat:title=10.5 da53fb6d7de906fd8bd73d5f244bac4d77b687aa} ==21866==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x3093dcc in buf_page_is_corrupted(bool, unsigned char const*, unsigned long) /mariadb/10.5/storage/innobase/buf/buf0buf.cc:1037:14 #1 0x338b7cb in Datafile::find_space_id() /mariadb/10.5/storage/innobase/fsp/fsp0file.cc:711:22 #2 0x3389af5 in Datafile::validate_for_recovery() /mariadb/10.5/storage/innobase/fsp/fsp0file.cc:461:9 #3 0x33123ed in fil_ibd_load(unsigned long, char const*, fil_space_t*&) /mariadb/10.5/storage/innobase/fil/fil0fil.cc:3746:15 {noformat} |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to build an instrumented C++ runtime library These instructions are for the currently latest compiler, {{clang-10}}. {code:sh} sudo apt install clang-10 clang++-10 libc++-10-dev libc++abi-10-dev cd /mariadb apt source libc++-10-dev cd llvm-toolchain-10-10.0.0 mkdir libc++msan cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10 make -j$(nproc) {code} Note: to use an older {{clang}} (I have successfully used {{clang-8}} and {{clang-9}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
| Summary | Enable MemorySanitizer | Make WITH_MSAN more usable |
We had WITH_MSAN almost working in 10.5 for quite some time now.
I ported the applicable parts of the MemorySanitizer instrumentation to 10.2. This includes replacing the InnoDB UNIV_MEM_ macros with the direct use of MEM_ macros that are defined in my_valgrind.h.
In 10.2, I did not get any test to pass under MemorySanitizer. Basically, everything failed due to the old PCRE library. In 10.5, it was updated in MDEV-14024.
| issue.field.resolutiondate | 2020-07-01 14:35:27.0 | 2020-07-01 14:35:27.911 |
| Fix Version/s | 10.2.33 [ 24307 ] | |
| Fix Version/s | 10.3.24 [ 24306 ] | |
| Fix Version/s | 10.4.14 [ 24305 ] | |
| Fix Version/s | 10.5.5 [ 24423 ] | |
| Fix Version/s | 10.2 [ 14601 ] | |
| Fix Version/s | 5.5 [ 15800 ] | |
| Fix Version/s | 10.1 [ 16100 ] | |
| Fix Version/s | 10.3 [ 22126 ] | |
| Fix Version/s | 10.4 [ 22408 ] | |
| Fix Version/s | 10.5 [ 23123 ] | |
| Resolution | Fixed [ 1 ] | |
| Status | Open [ 1 ] | Closed [ 6 ] |
| Link |
This issue is blocked by |
Some tests will fail WITH_MSAN until CONC-483 and MDEV-22083 have been addressed.
| Link |
This issue relates to |
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to build an instrumented C++ runtime library These instructions are for the currently latest compiler, {{clang-10}}. {code:sh} sudo apt install clang-10 clang++-10 libc++-10-dev libc++abi-10-dev cd /mariadb apt source libc++-10-dev cd llvm-toolchain-10-10.0.0 mkdir libc++msan cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10 make -j$(nproc) {code} Note: to use an older {{clang}} (I have successfully used {{clang-8}} and {{clang-9}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to build an instrumented C++ runtime library These instructions are for the currently latest compiler, {{clang-10}}. {code:sh} sudo apt install clang-10 clang++-10 libc++-10-dev libc++abi-10-dev cd /mariadb apt source libc++-10-dev cd llvm-toolchain-10-10.0.0 mkdir libc++msan cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10 make -j$(nproc) {code} Note: to use an older {{clang}} (I have successfully used {{clang-8}} and {{clang-9}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
| Link | This issue blocks TODO-2606 [ TODO-2606 ] |
| Link |
This issue relates to |
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to build an instrumented C++ runtime library These instructions are for the currently latest compiler, {{clang-10}}. {code:sh} sudo apt install clang-10 clang++-10 libc++-10-dev libc++abi-10-dev cd /mariadb apt source libc++-10-dev cd llvm-toolchain-10-10.0.0 mkdir libc++msan cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10 make -j$(nproc) {code} Note: to use an older {{clang}} (I have successfully used {{clang-8}} and {{clang-9}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to build an instrumented C++ runtime library These instructions are for {{clang-10}}. {code:sh} sudo apt install clang-10 clang++-10 libc++-10-dev libc++abi-10-dev cd /mariadb apt source libc++-10-dev cd llvm-toolchain-10-10.0.0 mkdir libc++msan cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10 make -j$(nproc) {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
| Attachment | build-msan.sh [ 59613 ] |
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to build an instrumented C++ runtime library These instructions are for {{clang-10}}. {code:sh} sudo apt install clang-10 clang++-10 libc++-10-dev libc++abi-10-dev cd /mariadb apt source libc++-10-dev cd llvm-toolchain-10-10.0.0 mkdir libc++msan cd libc++msan cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10 make -j$(nproc) {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
| Attachment | build-msan.sh [ 59614 ] |
| Attachment | build-msan.sh [ 59615 ] |
| Attachment | build-msan.sh [ 59614 ] |
| Attachment | build-msan.sh [ 59613 ] |
| Link |
This issue is duplicated by |
| Link |
This issue relates to |
| Link |
This issue is duplicated by |
| Workflow | MariaDB v3 [ 99008 ] | MariaDB v4 [ 156645 ] |
| Link | This issue relates to MDEV-27964 [ MDEV-27964 ] |
| Attachment | build-msan-1.sh [ 63753 ] |
| Attachment | build-msan-1.sh [ 63753 ] |
| Attachment | build-msan2.sh [ 63754 ] |
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
| Attachment | build-msan15.sh [ 67035 ] |
| Link |
This issue blocks |
| Link | This issue relates to MDEV-30942 [ MDEV-30942 ] |
| Attachment | build-msan15.sh [ 67035 ] |
| Attachment | build-msan15.sh [ 69172 ] |
The updated build-msan15.sh will replace the text file libc+.so with a symbolic link pointing to libc+.so.1.
Starting with llvm-symbolizer-14, there is a dependency on libgmp. Therefore, if you make LD_LIBRARY_PATH point to something that includes an MSAN-instrumented libgmp (due to MDEV-22083), you should also make MSAN_SYMBOLIZER_PATH point to a wrapper script like the following, in order to get resolved stack traces:
#!/bin/sh
|
unset LD_LIBRARY_PATH
|
exec llvm-symbolizer-15 "$@"
|
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{poison_in_dtor=1}} ( |
| Link | This issue relates to MDEV-31790 [ MDEV-31790 ] |
| Attachment | build-msan16.sh [ 72069 ] |
In clang-16 the libraries are not part of LLVM_ENABLE_PROJECTS, but LLVM_ENABLE_RUNTIMES. build-msan16.sh should do the trick.
build-msan16.sh works also for clang-17, which recently entered Debian Sid (unstable):
CLANG=17 ./build-msan16.sh
|
| Attachment | build-msan18.sh [ 73251 ] |
build-msan18.sh is almost like build-msan16.sh:
--- build-msan16.sh 2023-09-22 13:34:39.607121198 +0300
|
+++ build-msan18.sh 2024-03-08 08:34:21.091289335 +0200
|
@@ -1,6 +1,6 @@
|
#!/bin/sh
|
set -eux
|
-: ${CLANG=16}
|
+: ${CLANG=18}
|
: ${MSAN_LIBDIR=..}
|
: ${PARALLEL=$(nproc)}
|
|
@@ -22,7 +22,7 @@
|
mkdir -p ll-build
|
cd ll-build
|
cmake ../llvm-toolchain-$CLANG-$CLANG.*/runtimes -DCMAKE_BUILD_TYPE=Release \
|
- -DLLVM_ENABLE_RUNTIMES="libcxx;libcxxabi" \
|
+ -DLLVM_ENABLE_RUNTIMES="libcxx;libcxxabi;libunwind" \
|
-DCMAKE_C_COMPILER=clang-$CLANG \
|
-DCMAKE_CXX_COMPILER=clang++-$CLANG \
|
-DLLVM_USE_SANITIZER=MemoryWithOrigins |
I checked that it still catches MDEV-33478, just like anything after clang-15 does.
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{poison_in_dtor=1}} ( |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{poison_in_dtor=1}} ( Also make sure you have {{lldb}} installed in order to get meaningful stack traces. |
| Attachment | build-msan19.sh [ 73975 ] |
build-msan19.sh changed a little bit again:
--- build-msan18.sh 2024-03-08 08:34:21.091289335 +0200
|
+++ build-msan19.sh 2024-08-26 11:47:21.256980501 +0300
|
@@ -1,6 +1,6 @@
|
#!/bin/sh
|
set -eux
|
-: ${CLANG=18}
|
+: ${CLANG=19}
|
: ${MSAN_LIBDIR=..}
|
: ${PARALLEL=$(nproc)}
|
|
@@ -15,14 +15,17 @@
|
fi
|
|
sudo apt -o APT::Get::Assume-Yes=true install \
|
- clang-$CLANG libc++-$CLANG-dev libc++abi-$CLANG-dev automake
|
+ clang-$CLANG libc++-$CLANG-dev libc++abi-$CLANG-dev \
|
+ libclang-$CLANG-dev libllvmlibc-$CLANG-dev automake
|
apt -o APT::Get::Assume-Yes=true source \
|
- llvm-toolchain-$CLANG libgnutls28-dev libnettle8 libidn2 libgmp10
|
+ llvm-toolchain-$CLANG libgnutls28-dev libnettle8t64 libidn2 libgmp10
|
|
mkdir -p ll-build
|
cd ll-build
|
cmake ../llvm-toolchain-$CLANG-$CLANG.*/runtimes -DCMAKE_BUILD_TYPE=Release \
|
- -DLLVM_ENABLE_RUNTIMES="libcxx;libcxxabi;libunwind" \
|
+ -DLLVM_ENABLE_RUNTIMES="libc;libcxx;libcxxabi;libunwind" \
|
+ -DLLVM_INCLUDE_TESTS=OFF -DLLVM_INCLUDE_DOCS=OFF \
|
+ -DLLVM_ENABLE_SPHINX=OFF \
|
-DCMAKE_C_COMPILER=clang-$CLANG \
|
-DCMAKE_CXX_COMPILER=clang++-$CLANG \
|
-DLLVM_USE_SANITIZER=MemoryWithOrigins |
This will include https://reviews.llvm.org/D158943, which adds instrumentation for some recent ISO/IEC 9899:2023 compliant functions in GNU libc.
In the current Debian Sid, apt source libnettle8 would fetch Nettle 3.9, while libnettle8t64 includes Nettle 3.10, which the libgnutls would be built against.
Note: If Valgrind is installed, the configure script for Nettle 3.10 build may hit Valgrind bug 492255 (hang when trying to execute valgrind on an empty MemorySanitizer compiled program). You can send SIGKILL to the memcheck (or similar) process to work around that, or you can uninstall Valgrind before executing the build script.
| Attachment | build-msan19-1.sh [ 73976 ] |
| Attachment | build-msan19-1.sh [ 73976 ] |
| Attachment | build-msan19.sh [ 73975 ] |
| Attachment | build-msan19.sh [ 73977 ] |
The packaging for Ubuntu is a little different from Debian, at least for Ubuntu Noble (24.04). You have to install dpkg-dev and pkg-config and add deb-src to /etc/apt/sources.list.d/ubuntu.sources.
In https://apt.llvm.org/ you should note that the repository for stable Debian or Ubuntu release includes the name of the release, such as llvm-toolchain-noble-19 instead of llvm-toolchain-19, like it is for Debian Sid.
I would like to emphasize that gnutls needs pkg-config to find nettle-dev. With these tweaks, I was able to build MSAN instrumented libraries for Ubuntu.
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=1 ./mtr --big-test --parallel=auto --force --retry=0 {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{poison_in_dtor=1}} ( Also make sure you have {{lldb}} installed in order to get meaningful stack traces. |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
| Attachment | build-msan19.sh [ 73977 ] |
| Attachment | build-msan19.sh [ 74029 ] |
I had included an accidental change in build-msan19.sh. The file has now been replaced with the corrected one:
@@ -23,7 +23,7 @@
|
mkdir -p ll-build
|
cd ll-build
|
cmake ../llvm-toolchain-$CLANG-$CLANG.*/runtimes -DCMAKE_BUILD_TYPE=Release \
|
- -DLLVM_ENABLE_RUNTIMES="libc;libcxx;libcxxabi;libunwind" \
|
+ -DLLVM_ENABLE_RUNTIMES="libcxx;libcxxabi;libunwind" \
|
-DLLVM_INCLUDE_TESTS=OFF -DLLVM_INCLUDE_DOCS=OFF \
|
-DLLVM_ENABLE_SPHINX=OFF \
|
-DCMAKE_C_COMPILER=clang-$CLANG \ |
There is no need to build any instrumented libc, because clang should include "interceptors" for all functions for the system libc.so.
The following patch is necessary for avoiding a bogus-looking stack overflow when building with CMAKE_BUILD_TYPE=RelWithDebInfo:
diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc
|
index 4d28c0e843c..0a0b8e78b71 100644
|
--- a/sql/sql_insert.cc
|
+++ b/sql/sql_insert.cc
|
@@ -3512,7 +3512,6 @@ pthread_handler_t handle_delayed_insert(void *arg)
|
DBUG_LEAVE;
|
}
|
my_thread_end();
|
- pthread_exit(0);
|
|
return 0;
|
} |
That code seems to be redundant.
Edit: MDEV-34921 will cover this and a few other small fixes.
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang *but not* GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to build with minimal {{cmake}} arguments {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-19 -DCMAKE_C_FLAGS='-O2 -march=native' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native' \ -DSECURITY_HARDENED=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON -G Ninja .. cmake --build . {code} {{cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo}} is implied. OK, this is almost minimal. I wanted to save the trouble of building numerous compression libraries with {{-fsanitize=memory}}, or building some storage engines. Note the {{-DSECURITY_HARDENED=OFF}}; it is enabled by default and seems to break operations like {{memcpy()}} with {{RelWithDebInfo}} but not {{Default}}. h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
| Link |
This issue relates to |
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang *but not* GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to build with minimal {{cmake}} arguments {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-19 -DCMAKE_C_FLAGS='-O2 -march=native' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native' \ -DSECURITY_HARDENED=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON -G Ninja .. cmake --build . {code} {{cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo}} is implied. OK, this is almost minimal. I wanted to save the trouble of building numerous compression libraries with {{-fsanitize=memory}}, or building some storage engines. Note the {{-DSECURITY_HARDENED=OFF}}; it is enabled by default and seems to break operations like {{memcpy()}} with {{RelWithDebInfo}} but not {{Default}}. h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang *but not* GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to build with minimal {{cmake}} arguments {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-19 -DCMAKE_C_FLAGS='-O2 -march=native' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native' \ -DSECURITY_HARDENED=OFF \ -DPLUGIN_{CONNECT,SPIDER}=NO \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON -G Ninja .. cmake --build . {code} {{cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo}} is implied. OK, this is almost minimal. I wanted to save the trouble of building numerous compression libraries with {{-fsanitize=memory}}, and some tests for Connect and all tests for Spider would fail. Note the {{-DSECURITY_HARDENED=OFF}}; it is enabled by default and seems to break operations like {{memcpy()}} with {{RelWithDebInfo}} but not {{Default}}. h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
| Description |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang *but not* GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to build with minimal {{cmake}} arguments {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-19 -DCMAKE_C_FLAGS='-O2 -march=native' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native' \ -DSECURITY_HARDENED=OFF \ -DPLUGIN_{CONNECT,SPIDER}=NO \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON -G Ninja .. cmake --build . {code} {{cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo}} is implied. OK, this is almost minimal. I wanted to save the trouble of building numerous compression libraries with {{-fsanitize=memory}}, and some tests for Connect and all tests for Spider would fail. Note the {{-DSECURITY_HARDENED=OFF}}; it is enabled by default and seems to break operations like {{memcpy()}} with {{RelWithDebInfo}} but not {{Default}}. h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
[MemorySanitizer|https://github.com/google/sanitizers/wiki/MemorySanitizerLibcxxHowTo] is a compile-time instrumentation layer in clang *but not* GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.
*No patches are necessary* since 10.5 [94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157|https://github.com/MariaDB/server/commit/94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157] (see the commit message for instructions); {{cmake -DWITH_MSAN=ON}} is supposed to work ‘out of the box’. This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems. h2. How to instrumented libraries These instructions are for {{clang-10}}. The script [^build-msan2.sh] was developed to resolve {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh {code} Note: to use different {{clang}} (tested with {{clang-8}}, {{clang-9}}, {{clang-11}}, {{clang-13}}), just replace {{10}} with the major version of the compiler above. For {{clang-15}}, the procedure is a little different: {code:sh} mkdir /tmp/build cd /tmp/build mkdir "$HOME/msan-libs" CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh {code} h2. How to build MariaDB Server 10.5 or later with the instrumented libraries {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \ -DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro' \ -DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \ -DWITH_DBUG_TRACE=OFF -DWITH_SAFEMALLOC=OFF \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DWITH_SAFEMALLOC=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON \ -G Ninja .. ninja {code} Note: {{-march=native -mtune=native}} is optional since [the second fix|https://github.com/MariaDB/server/commit/31e6c96b0449761dc15f548c28ded671d1b7219b] of h2. How to build with minimal {{cmake}} arguments {code:bash} cd /mariadb/10.5 mkdir build cd build cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-19 -DCMAKE_C_FLAGS='-O2 -march=native' \ -DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native' \ -DSECURITY_HARDENED=OFF \ -DPLUGIN_{CONNECT,SPIDER}=NO \ -DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \ -DWITH_{ZLIB,SSL,PCRE}=bundled \ -DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \ -DWITH_MSAN=ON -G Ninja .. cmake --build . {code} {{cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo}} is implied. OK, this is almost minimal. I wanted to save the trouble of building numerous compression libraries with {{-fsanitize=memory}}. Connect and Spider are disabled due to test failures that were not investigated yet. Note the {{-DSECURITY_HARDENED=OFF}}; it is enabled by default and seems to break operations like {{memcpy()}} with {{RelWithDebInfo}} but not {{Debug}}. h2. How to run tests {code:sh} cd mysql-test LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=0 ./mtr --big-test --parallel=auto --force --retry=0 --skip-stack-trace --skip-core-file {code} Note: It may be wise to omit {{MSAN_OPTIONS=abort_on_error=1}} except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages. Note: The {{llvm-symbolizer}} in clang 14 or later will refuse to load if {{LD_LIBRARY_PATH}} includes an MSAN-instrumented {{libgmp.so}}. To get nice resolved stack traces, you must point the environment variable {{MSAN_SYMBOLIZER_PATH}} to a script like the following. The script name had better start with {{llvm-symbolizer-}} in order to avoid a warning: {code:sh} #!/bin/sh unset LD_LIBRARY_PATH exec llvm-symbolizer-15 "$@" {code} The {{MSAN_OPTIONS=poison_in_dtor=0}} (to work around |
| Link | This issue relates to MDEV-34933 [ MDEV-34933 ] |
| Link |
This issue relates to |
| Link | This issue relates to MDEV-36482 [ MDEV-36482 ] |
I have now pushed WITH_MSAN to 10.2. At least the following issues will have to be resolved for this to be useful for mysql-test-run:
MDEV-20388Allegedly uninitialized values left by MyCTX_nopadMDEV-20386Replace inline asm with compiler-builtin intrinsic functionsMDEV-20309InnoDB encryption accesses memory outside of allocated block