Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
5.5, 10.0, 10.1, 10.2, 10.3, 10.4, 10.5
Description
The test main.loadxml fails with the following:
|
10.5 d8ea11a33fba12331c98c04ff44c815a662faccb |
CURRENT_TEST: main.loadxml
|
mysqltest: At line 16: query 'load xml infile '../../std_data/loadxml.dat' into table t1
|
rows identified by '<row>'' failed: 2013: Lost connection to MySQL server during query
|
…
|
Version: '10.5.4-MariaDB-debug-log' socket: '/dev/shm/10.5-msan/mysql-test/var/tmp/2/mysqld.1.sock' port: 16000 Source distribution
|
Uninitialized bytes in MemcmpInterceptorCommon at offset 4 inside [0x70a00000b058, 5)
|
==401652==WARNING: MemorySanitizer: use-of-uninitialized-value
|
#0 0x55767f9b2f7c in bcmp (/dev/shm/10.5-msan/sql/mariadbd+0x70cf7c)
|
#1 0x55767fee18e1 in READ_INFO::read_xml(THD*) /mariadb/10.5m/sql/sql_load.cc:2032:11
|
#2 0x55767fec2974 in read_xml_field(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, String&, unsigned long, bool) /mariadb/10.5m/sql/sql_load.cc:1227:19
|
#3 0x55767fec2974 in mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) /mariadb/10.5m/sql/sql_load.cc:669:14
|
#4 0x55767ff1e7dd in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5001:10
|
#5 0x55767ff012f5 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7991:18
|
#6 0x55767fef1c79 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1874:7
|
#7 0x55767ff031ba in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1355:17
|
#8 0x55768051f2be in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1411:11
|
#9 0x55768051eaa4 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1313:5
|
#10 0x5576819c92c7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
|
#11 0x7fd8ba1bef26 in start_thread nptl/pthread_create.c:479:8
|
#12 0x7fd8b9c9d31e in clone misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Memory was marked as uninitialized
|
#0 0x55767f9af28e in __msan_allocated_memory (/dev/shm/10.5-msan/sql/mariadbd+0x70928e)
|
#1 0x55768306b237 in my_malloc /mariadb/10.5m/mysys/my_malloc.c:111:7
|
The code in question is as follows:
case '=': /* attribute name end - read the value */ |
//check for tag field and attribute name |
if(!memcmp(tag.c_ptr_safe(), STRING_WITH_LEN("field")) && |
!memcmp(attribute.c_ptr_safe(), STRING_WITH_LEN("name"))) |
If the memory pointed to by the first argument of memcmp() is not fully initialized, MemorySanitizer will throw a warning. The entire buffer to memcmp() must be initialized. Valgrind is sloppier here; it could only be able to complain if the first bytes were "fiel" or "nam" and the very last byte were uninitialized.
Attachments
Issue Links
- blocks
-
-
- Closed
-