Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-27569

Valgrind/MSAN errors in ha_partition::swap_blobs

    XMLWordPrintable

Details

    Description

      --source include/have_partition.inc
       
      CREATE TABLE t (a int, b text, key (a)) PARTITION BY key (a) partitions 2;
      INSERT INTO t VALUES (1,'foo'),(2,'bar');
      ANALYZE TABLE t PERSISTENT FOR ALL;
       
      # Cleanup
      DROP TABLE t;
      

      10.4 valgrind 5172f132bf

      ==1990600== Conditional jump or move depends on uninitialised value(s)
      ==1990600==    at 0xFC1844: ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool) (ha_partition.cc:6874)
      ==1990600==    by 0xFC42E7: ha_partition::handle_ordered_index_scan(unsigned char*, bool) (ha_partition.cc:7702)
      ==1990600==    by 0xFBE280: ha_partition::common_first_last(unsigned char*) (ha_partition.cc:5814)
      ==1990600==    by 0xFBE0DF: ha_partition::index_first(unsigned char*) (ha_partition.cc:5758)
      ==1990600==    by 0xC95AEA: handler::ha_index_first(unsigned char*) (handler.cc:3028)
      ==1990600==    by 0xA17811: collect_statistics_for_index(THD*, TABLE*, unsigned int) (sql_statistics.cc:2555)
      ==1990600==    by 0xA17FC7: collect_statistics_for_table(THD*, TABLE*) (sql_statistics.cc:2740)
      ==1990600==    by 0xAED0B9: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) (sql_admin.cc:923)
      ==1990600==    by 0xAEEC98: Sql_cmd_analyze_table::execute(THD*) (sql_admin.cc:1368)
      ==1990600==    by 0x9515D7: mysql_execute_command(THD*) (sql_parse.cc:6192)
      ==1990600==    by 0x9568E3: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7995)
      ==1990600==    by 0x942C0C: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857)
      ==1990600==    by 0x941499: do_command(THD*) (sql_parse.cc:1373)
      ==1990600==    by 0xAD64C4: do_handle_one_connection(CONNECT*) (sql_connect.cc:1420)
      ==1990600==    by 0xAD616C: handle_one_connection (sql_connect.cc:1316)
      ==1990600==    by 0x10153B0: pfs_spawn_thread (pfs.cc:1869)
      ==1990600== Conditional jump or move depends on uninitialised value(s)
      ==1990600==    at 0xFCF8C9: Field_blob::cached(bool*) (field.h:4067)
      ==1990600==    by 0xFC18C2: ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool) (ha_partition.cc:6892)
      ==1990600==    by 0xFC42E7: ha_partition::handle_ordered_index_scan(unsigned char*, bool) (ha_partition.cc:7702)
      ==1990600==    by 0xFBE280: ha_partition::common_first_last(unsigned char*) (ha_partition.cc:5814)
      ==1990600==    by 0xFBE0DF: ha_partition::index_first(unsigned char*) (ha_partition.cc:5758)
      ==1990600==    by 0xC95AEA: handler::ha_index_first(unsigned char*) (handler.cc:3028)
      ==1990600==    by 0xA17811: collect_statistics_for_index(THD*, TABLE*, unsigned int) (sql_statistics.cc:2555)
      ==1990600==    by 0xA17FC7: collect_statistics_for_table(THD*, TABLE*) (sql_statistics.cc:2740)
      ==1990600==    by 0xAED0B9: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) (sql_admin.cc:923)
      ==1990600==    by 0xAEEC98: Sql_cmd_analyze_table::execute(THD*) (sql_admin.cc:1368)
      ==1990600==    by 0x9515D7: mysql_execute_command(THD*) (sql_parse.cc:6192)
      ==1990600==    by 0x9568E3: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7995)
      ==1990600==    by 0x942C0C: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857)
      ==1990600==    by 0x941499: do_command(THD*) (sql_parse.cc:1373)
      ==1990600==    by 0xAD64C4: do_handle_one_connection(CONNECT*) (sql_connect.cc:1420)
      ==1990600==    by 0xAD616C: handle_one_connection (sql_connect.cc:1316)
      ==1990600== Conditional jump or move depends on uninitialised value(s)
      ==1990600==    at 0xFC1844: ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool) (ha_partition.cc:6874)
      ==1990600==    by 0xFC4851: ha_partition::return_top_record(unsigned char*) (ha_partition.cc:7802)
      ==1990600==    by 0xFC46E8: ha_partition::handle_ordered_index_scan(unsigned char*, bool) (ha_partition.cc:7770)
      ==1990600==    by 0xFBE280: ha_partition::common_first_last(unsigned char*) (ha_partition.cc:5814)
      ==1990600==    by 0xFBE0DF: ha_partition::index_first(unsigned char*) (ha_partition.cc:5758)
      ==1990600==    by 0xC95AEA: handler::ha_index_first(unsigned char*) (handler.cc:3028)
      ==1990600==    by 0xA17811: collect_statistics_for_index(THD*, TABLE*, unsigned int) (sql_statistics.cc:2555)
      ==1990600==    by 0xA17FC7: collect_statistics_for_table(THD*, TABLE*) (sql_statistics.cc:2740)
      ==1990600==    by 0xAED0B9: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) (sql_admin.cc:923)
      ==1990600==    by 0xAEEC98: Sql_cmd_analyze_table::execute(THD*) (sql_admin.cc:1368)
      ==1990600==    by 0x9515D7: mysql_execute_command(THD*) (sql_parse.cc:6192)
      ==1990600==    by 0x9568E3: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7995)
      ==1990600==    by 0x942C0C: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857)
      ==1990600==    by 0x941499: do_command(THD*) (sql_parse.cc:1373)
      ==1990600==    by 0xAD64C4: do_handle_one_connection(CONNECT*) (sql_connect.cc:1420)
      ==1990600==    by 0xAD616C: handle_one_connection (sql_connect.cc:1316)
      ==1990600== Conditional jump or move depends on uninitialised value(s)
      ==1990600==    at 0xFC1844: ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool) (ha_partition.cc:6874)
      ==1990600==    by 0xFC4851: ha_partition::return_top_record(unsigned char*) (ha_partition.cc:7802)
      ==1990600==    by 0xFC5B41: ha_partition::handle_ordered_next(unsigned char*, bool) (ha_partition.cc:8095)
      ==1990600==    by 0xFBE65D: ha_partition::index_next(unsigned char*) (ha_partition.cc:5906)
      ==1990600==    by 0xC953FD: handler::ha_index_next(unsigned char*) (handler.cc:2987)
      ==1990600==    by 0xA1786B: collect_statistics_for_index(THD*, TABLE*, unsigned int) (sql_statistics.cc:2565)
      ==1990600==    by 0xA17FC7: collect_statistics_for_table(THD*, TABLE*) (sql_statistics.cc:2740)
      ==1990600==    by 0xAED0B9: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) (sql_admin.cc:923)
      ==1990600==    by 0xAEEC98: Sql_cmd_analyze_table::execute(THD*) (sql_admin.cc:1368)
      ==1990600==    by 0x9515D7: mysql_execute_command(THD*) (sql_parse.cc:6192)
      ==1990600==    by 0x9568E3: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7995)
      ==1990600==    by 0x942C0C: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1857)
      ==1990600==    by 0x941499: do_command(THD*) (sql_parse.cc:1373)
      ==1990600==    by 0xAD64C4: do_handle_one_connection(CONNECT*) (sql_connect.cc:1420)
      ==1990600==    by 0xAD616C: handle_one_connection (sql_connect.cc:1316)
      ==1990600==    by 0x10153B0: pfs_spawn_thread (pfs.cc:1869)
      

      Reproducible on 10.2+, with at least MyISAM and InnoDB.

      10.7 64ea3eab8 MSAN

      ==29827==WARNING: MemorySanitizer: use-of-uninitialized-value
          #0 0x55d61f674646 in ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool) /home/jenkins/10.7/sql/ha_partition.cc:7018:9
          #1 0x55d61f65f41c in ha_partition::handle_ordered_index_scan(unsigned char*, bool) /home/jenkins/10.7/sql/ha_partition.cc:7840:9
          #2 0x55d61f6616be in ha_partition::common_first_last(unsigned char*) /home/jenkins/10.7/sql/ha_partition.cc:5959:10
          #3 0x55d61f6616be in ha_partition::index_first(unsigned char*) /home/jenkins/10.7/sql/ha_partition.cc:5903:3
          #4 0x55d61ea31cd0 in handler::ha_index_first(unsigned char*) /home/jenkins/10.7/sql/handler.cc:3544:3
          #5 0x55d61e05a434 in collect_statistics_for_index(THD*, TABLE*, unsigned int) /home/jenkins/10.7/sql/sql_statistics.cc:2546:20
          #6 0x55d61e05a434 in collect_statistics_for_table(THD*, TABLE*) /home/jenkins/10.7/sql/sql_statistics.cc:2731:16
          #7 0x55d61e39e022 in mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, st_mysql_const_lex_string const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) /home/jenkins/10.7/sql/sql_admin.cc:986:15
          #8 0x55d61e3a18c7 in Sql_cmd_analyze_table::execute(THD*) /home/jenkins/10.7/sql/sql_admin.cc:1459:8
          #9 0x55d61dceed24 in mysql_execute_command(THD*, bool) /home/jenkins/10.7/sql/sql_parse.cc:5988:26
          #10 0x55d61dcd72f7 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /home/jenkins/10.7/sql/sql_parse.cc:8027:18
          #11 0x55d61dccb47d in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /home/jenkins/10.7/sql/sql_parse.cc:1894:7
          #12 0x55d61dcd970c in do_command(THD*, bool) /home/jenkins/10.7/sql/sql_parse.cc:1402:17
          #13 0x55d61e34b346 in do_handle_one_connection(CONNECT*, bool) /home/jenkins/10.7/sql/sql_connect.cc:1418:11
          #14 0x55d61e34a895 in handle_one_connection /home/jenkins/10.7/sql/sql_connect.cc:1312:5
          #15 0x55d61f6a53fa in pfs_spawn_thread /home/jenkins/10.7/storage/perfschema/pfs.cc:2201:3
          #16 0x7f50448bb608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477:8
          #17 0x7f50445c0292 in clone /build/glibc-eX1tMB/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
       
        Uninitialized value was stored to memory at
          #0 0x55d620897565 in _mi_put_key_in_record /home/jenkins/10.7/storage/myisam/mi_key.c:355:31
       
        Memory was marked as uninitialized
          #0 0x55d61d6c20be in __msan_allocated_memory (/home/jenkins/10.7/sql/mariadbd+0x7380be)
          #1 0x55d620a37910 in my_malloc /home/jenkins/10.7/mysys/my_malloc.c:113:7
       
      SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/jenkins/10.7/sql/ha_partition.cc:7018:9 in ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool)
      

      Or upon SELECT

      --source include/have_innodb.inc
      --source include/have_sequence.inc
      --source include/have_partition.inc
       
      CREATE TABLE t (id INT, a INT, b TEXT, KEY(a), PRIMARY KEY (id)) ENGINE=InnoDB PARTITION BY HASH(id) PARTITIONS 2;
      INSERT INTO t (id,a) SELECT seq, seq%10 FROM seq_1_to_20;
      SELECT * FROM t WHERE id >= 1900 OR a IN (2,4) LIMIT 1;
       
      # Cleanup
      DROP TABLE t;
      

      10.5 dd62a285b88958dae9b9f3e49fdd0c55f6eced72

      ==2734618==WARNING: MemorySanitizer: use-of-uninitialized-value
          #0 0x561c518131f1 in ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool) /data/bld/10.5-msan/sql/ha_partition.cc:7101:9
          #1 0x561c518030fd in ha_partition::handle_ordered_next(unsigned char*, bool) /data/bld/10.5-msan/sql/ha_partition.cc:8219:9
          #2 0x561c5180ed78 in ha_partition::multi_range_read_next(void**) /data/bld/10.5-msan/sql/ha_partition.cc:6788:14
          #3 0x561c51154e16 in QUICK_RANGE_SELECT::get_next() /data/bld/10.5-msan/sql/opt_range.cc:12682:5
          #4 0x561c5114f068 in read_keys_and_merge_scans(THD*, TABLE*, List<QUICK_RANGE_SELECT>, QUICK_RANGE_SELECT*, READ_RECORD*, bool, Bitmap<64u>*, Unique**) /data/bld/10.5-msan/sql/opt_range.cc:12230:32
          #5 0x561c5115108d in QUICK_INDEX_MERGE_SELECT::read_keys_and_merge() /data/bld/10.5-msan/sql/opt_range.cc:12299:11
          #6 0x561c510c6f84 in QUICK_INDEX_SORT_SELECT::reset() /data/bld/10.5-msan/sql/opt_range.cc:1400:21
          #7 0x561c4ffbf91b in join_init_read_record(st_join_table*) /data/bld/10.5-msan/sql/sql_select.cc:22158:64
          #8 0x561c50053ede in sub_select(JOIN*, st_join_table*, bool) /data/bld/10.5-msan/sql/sql_select.cc:21207:12
          #9 0x561c4ffca34e in do_select(JOIN*, Procedure*) /data/bld/10.5-msan/sql/sql_select.cc:20727:14
          #10 0x561c4ffca34e in JOIN::exec_inner() /data/bld/10.5-msan/sql/sql_select.cc:4622:50
          #11 0x561c4ffc6238 in JOIN::exec() /data/bld/10.5-msan/sql/sql_select.cc:4402:3
          #12 0x561c4ff2e7b0 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/bld/10.5-msan/sql/sql_select.cc:4879:9
          #13 0x561c4ff2d1c6 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/bld/10.5-msan/sql/sql_select.cc:450:10
          #14 0x561c4fe641ae in execute_sqlcom_select(THD*, TABLE_LIST*) /data/bld/10.5-msan/sql/sql_parse.cc:6343:12
          #15 0x561c4fe3e35a in mysql_execute_command(THD*) /data/bld/10.5-msan/sql/sql_parse.cc:4020:12
          #16 0x561c4fe25647 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/bld/10.5-msan/sql/sql_parse.cc:8121:18
          #17 0x561c4fe18bd2 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/bld/10.5-msan/sql/sql_parse.cc:1891:7
          #18 0x561c4fe275e8 in do_command(THD*) /data/bld/10.5-msan/sql/sql_parse.cc:1375:17
          #19 0x561c5042a34f in do_handle_one_connection(CONNECT*, bool) /data/bld/10.5-msan/sql/sql_connect.cc:1416:11
          #20 0x561c50429a45 in handle_one_connection /data/bld/10.5-msan/sql/sql_connect.cc:1318:5
          #21 0x561c51844a5a in pfs_spawn_thread /data/bld/10.5-msan/storage/perfschema/pfs.cc:2201:3
          #22 0x7f5129a18043 in start_thread nptl/./nptl/pthread_create.c:442:8
          #23 0x7f5129a9861b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
       
        Uninitialized value was stored to memory at
          #0 0x561c4f903f99 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x777f99)
          #1 0x561c51803044 in ha_partition::handle_ordered_next(unsigned char*, bool) /data/bld/10.5-msan/sql/ha_partition.cc:8215:7
       
        Uninitialized value was stored to memory at
          #0 0x561c4f903f99 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x777f99)
          #1 0x561c5223a0ba in row_sel_dequeue_cached_row_for_mysql(unsigned char*, row_prebuilt_t*) /data/bld/10.5-msan/storage/innobase/row/row0sel.cc:3800:3
       
        Uninitialized value was stored to memory at
          #0 0x561c52252f7c in row_sel_store_mysql_field(unsigned char*, row_prebuilt_t*, unsigned char const*, dict_index_t const*, unsigned short const*, unsigned long, mysql_row_templ_t const*) /data/bld/10.5-msan/storage/innobase/row/row0sel.cc:3056:4
       
        Memory was marked as uninitialized
          #0 0x561c4f90a73e in __msan_allocated_memory (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77e73e)
          #1 0x561c522184fe in row_sel_field_store_in_mysql_format_func(unsigned char*, mysql_row_templ_t const*, dict_index_t const*, unsigned long, unsigned char const*, unsigned long) /data/bld/10.5-msan/storage/innobase/row/row0sel.cc:2754:2
       
      SUMMARY: MemorySanitizer: use-of-uninitialized-value /data/bld/10.5-msan/sql/ha_partition.cc:7101:9 in ha_partition::swap_blobs(unsigned char*, Ordered_blob_storage**, bool)
      Exiting
      

      Attachments

        Issue Links

          Activity

            People

              psergei Sergei Petrunia
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.