Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24053

MSAN use-of-uninitialized-value in tpool::simulated_aio::simulated_aio_callback()

    XMLWordPrintable

    Details

      Description

      A change in MDEV-23855 introduced a regression for MemorySanitizer: the doublewrite buffer would write uninitialized data to the file.

      I did not find out why exactly that commit introduced the failure, but the fix is simple:

      diff --git a/storage/innobase/buf/buf0dblwr.cc b/storage/innobase/buf/buf0dblwr.cc
      index a8ae3e2782a..c14634ae229 100644
      --- a/storage/innobase/buf/buf0dblwr.cc
      +++ b/storage/innobase/buf/buf0dblwr.cc
      @@ -736,7 +736,8 @@ void buf_dblwr_t::add_to_batch(const IORequest &request, size_t size)
         encryption and/or page compression */
         void *frame= buf_page_get_frame(request.bpage);
       
      -  memcpy_aligned<OS_FILE_LOG_BLOCK_SIZE>(p, frame, size);
      +  memcpy_aligned<256>(p, frame, size); /* fil_page_compress() guarantee */
      +  memset_aligned<256>(p + size, 0, srv_page_size - size);
         ut_ad(!request.bpage->zip_size() || request.bpage->zip_size() == size);
         ut_ad(active_slot->reserved == active_slot->first_free);
         ut_ad(active_slot->reserved < buf_size);
      

      This is also correcting the alignment assertion. fil_page_compress() for page_compressed pages is only guaranteeing 256-byte alignment, not 512 bytes. For ROW_FORMAT=COMPRESSED pages, the minimum alignment is 1024 bytes.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              marko Marko Mäkelä
              Reporter:
              marko Marko Mäkelä
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Git Integration