RPL tests are failing with MSAN use-of-uninitialized-value in bitmap_intersect

versioning.rpl_mix 'mix'                 w54 [ fail ]

        Test ended at 2023-03-26 15:08:59

CURRENT_TEST: versioning.rpl_mix

mysqltest: At line 14: failed in 'select master_pos_wait('master-bin.000001', 1262, 300, '')': 2013: Lost connection to server during query

The result from queries just before the failure was:

include/master-slave.inc

[connection master]

CREATE TABLE t1 (pk INT PRIMARY KEY, i INT) WITH SYSTEM VERSIONING;

INSERT INTO t1 VALUES (1,10),(2,20);

UPDATE t1 SET i = 100;

SET BINLOG_FORMAT= ROW;

DELETE HISTORY FROM t1;

==269946==WARNING: MemorySanitizer: use-of-uninitialized-value

    #0 0x559672c1bf9c in bitmap_intersect /buildbot/amd64-ubuntu-2004-msan/build/mysys/my_bitmap.c:395:3

    #1 0x5596714a3ae7 in Rows_log_event::do_apply_event(rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/log_event_server.cc:5041:7

    #2 0x559671461bdf in Log_event::apply_event(rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/log_event.cc:3856:8

    #3 0x55966fd47473 in apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int) /buildbot/amd64-ubuntu-2004-msan/build/sql/slave.cc:3877:19

    #4 0x55966fd46639 in apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/slave.cc:4043:10

    #5 0x55966fd24f4f in exec_relay_log_event(THD*, Relay_log_info*, rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/slave.cc:4440:15

    #6 0x55966fd24f4f in handle_slave_sql /buildbot/amd64-ubuntu-2004-msan/build/sql/slave.cc:5627:9

    #7 0x559671a690aa in pfs_spawn_thread /buildbot/amd64-ubuntu-2004-msan/build/storage/perfschema/pfs.cc:2201:3

    #8 0x7fea39603608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477:8

    #9 0x7fea391b9292 in clone /build/glibc-eX1tMB/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

  Memory was marked as uninitialized

    #0 0x55966faf76ce in __msan_allocated_memory (/buildbot/amd64-ubuntu-2004-msan/build/sql/mariadbd+0x8396ce)

    #1 0x559672c4000b in my_malloc /buildbot/amd64-ubuntu-2004-msan/build/mysys/my_malloc.c:114:7

SUMMARY: MemorySanitizer: use-of-uninitialized-value /buildbot/amd64-ubuntu-2004-msan/build/mysys/my_bitmap.c:395:3 in bitmap_intersect

Exiting

230326 15:08:57 [ERROR] mysqld got signal 6 ;

This could be because you hit a bug. It is also possible that this binary

or one of the libraries it was linked against is corrupt, improperly built,

or misconfigured. This error can also be caused by malfunctioning hardware.

To report this bug, see https://mariadb.com/kb/en/reporting-bugs

We will try our best to scrape up some info that will hopefully help

diagnose the problem, but since we have already crashed, 

something is definitely wrong and this may fail.

Server version: 11.0.1-MariaDB-debug-log source revision: e599b8b45867cd24720a9ecd4ba28500f579c5a4

key_buffer_size=1048576

read_buffer_size=131072

max_used_connections=4

max_threads=153

thread_count=6

It is possible that mysqld could use up to 

key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63920 K  bytes of memory

Hope that's ok; if not, decrease some variables in the equation.

Thread pointer: 0x72b00017a018

Attempting backtrace. You can use the following information to find out

where mysqld died. If you see no messages after this, something went

terribly wrong...

stack_bottom = 0x7fea1460e0d8 thread_stack 0x49000

??:0(__interceptor_backtrace)[0x55966fb0e6b0]

??:0(my_print_stacktrace)[0x559672c5525c]

sql/signal_handler.cc:0(handle_fatal_signal)[0x559670e45388]

msan_interceptors.cpp.o:0(SignalHandler(int))[0x55966fb393f9]

sigaction.c:0(__restore_rt)[0x7fea3960f3c0]

??:0(gsignal)[0x7fea390dd18b]

??:0(abort)[0x7fea390bc859]

:0(__sanitizer::Abort())[0x55966fb58327]

:0(__sanitizer::Die())[0x55966fb56851]

??:0(__msan_warning_with_origin_noreturn)[0x55966faebd83]

??:0(bitmap_intersect)[0x559672c1bf9d]

sql/log_event_server.cc:5042(Rows_log_event::do_apply_event(rpl_group_info*))[0x5596714a3ae8]

sql/log_event.cc:3856(Log_event::apply_event(rpl_group_info*))[0x559671461be0]

sql/slave.cc:3877(apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int))[0x55966fd47474]

sql/slave.cc:4043(apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*))[0x55966fd4663a]

??:0(handle_slave_sql)[0x55966fd24f50]

perfschema/pfs.cc:2203(pfs_spawn_thread)[0x559671a690ab]

nptl/pthread_create.c:478(start_thread)[0x7fea39603609]

??:0(clone)[0x7fea391b9293]

[Revision hash: e599b8b45867cd24720a9ecd4ba28500f579c5a4]

rpl.rpl_xa_gtid_pos_auto_engine 'innodb,row' w35 [ fail ]  Found warnings/errors in server log file!

        Test ended at 2023-03-26 15:03:15

line

==46690== Thread 25:

==46690== Conditional jump or move depends on uninitialised value(s)

==46690==    at 0x196EE8E: bitmap_intersect (my_bitmap.c:394)

==46690==    by 0x10E02E0: Rows_log_event::do_apply_event(rpl_group_info*) (log_event_server.cc:5041)

==46690==    by 0x10CACC9: Log_event::apply_event(rpl_group_info*) (log_event.cc:3856)

==46690==    by 0xA3E941: apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int) (slave.cc:3877)

==46690==    by 0xA3EDD2: apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*) (slave.cc:4043)

==46690==    by 0xA3FB60: exec_relay_log_event(THD*, Relay_log_info*, rpl_group_info*) (slave.cc:4440)

==46690==    by 0xA4348A: handle_slave_sql (slave.cc:5627)

==46690==    by 0x12430F6: pfs_spawn_thread (pfs.cc:2201)

==46690==    by 0x515FB42: start_thread (pthread_create.c:442)

==46690==    by 0x51F0BB3: clone (clone.S:100)

==46690== ---- Print suppression ? --- [Return/N/n/Y/y/C/c] ---- ==46690== Conditional jump or move depends on uninitialised value(s)

==46690==    at 0x196EED5: bitmap_intersect (my_bitmap.c:395)

==46690==    by 0x10E02E0: Rows_log_event::do_apply_event(rpl_group_info*) (log_event_server.cc:5041)

==46690==    by 0x10CACC9: Log_event::apply_event(rpl_group_info*) (log_event.cc:3856)

==46690==    by 0xA3E941: apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int) (slave.cc:3877)

==46690==    by 0xA3EDD2: apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*) (slave.cc:4043)

==46690==    by 0xA3FB60: exec_relay_log_event(THD*, Relay_log_info*, rpl_group_info*) (slave.cc:4440)

==46690==    by 0xA4348A: handle_slave_sql (slave.cc:5627)

==46690==    by 0x12430F6: pfs_spawn_thread (pfs.cc:2201)

==46690==    by 0x515FB42: start_thread (pthread_create.c:442)

==46690==    by 0x51F0BB3: clone (clone.S:100)

==46690== Conditional jump or move depends on uninitialised value(s)

==46690==    at 0x196EEDD: bitmap_intersect (my_bitmap.c:398)

==46690==    by 0x10E02E0: Rows_log_event::do_apply_event(rpl_group_info*) (log_event_server.cc:5041)

==46690==    by 0x10CACC9: Log_event::apply_event(rpl_group_info*) (log_event.cc:3856)

==46690==    by 0xA3E941: apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int) (slave.cc:3877)

==46690==    by 0xA3EDD2: apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*) (slave.cc:4043)

==46690==    by 0xA3FB60: exec_relay_log_event(THD*, Relay_log_info*, rpl_group_info*) (slave.cc:4440)

==46690==    by 0xA4348A: handle_slave_sql (slave.cc:5627)

==46690==    by 0x12430F6: pfs_spawn_thread (pfs.cc:2201)

==46690==    by 0x515FB42: start_thread (pthread_create.c:442)

==46690==    by 0x51F0BB3: clone (clone.S:100)

==46690== Conditional jump or move depends on uninitialised value(s)

==46690==    at 0x196EF2C: bitmap_intersect (my_bitmap.c:402)

==46690==    by 0x10E02E0: Rows_log_event::do_apply_event(rpl_group_info*) (log_event_server.cc:5041)

==46690==    by 0x10CACC9: Log_event::apply_event(rpl_group_info*) (log_event.cc:3856)

==46690==    by 0xA3E941: apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int) (slave.cc:3877)

==46690==    by 0xA3EDD2: apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*) (slave.cc:4043)

==46690==    by 0xA3FB60: exec_relay_log_event(THD*, Relay_log_info*, rpl_group_info*) (slave.cc:4440)

==46690==    by 0xA4348A: handle_slave_sql (slave.cc:5627)

==46690==    by 0x12430F6: pfs_spawn_thread (pfs.cc:2201)

==46690==    by 0x515FB42: start_thread (pthread_create.c:442)

==46690==    by 0x51F0BB3: clone (clone.S:100)

[Revision hash: 5fe6ba34a6e09c887164b436d7226263bc8c41a0]

binlog.binlog_old_versions 'mix'         w16 [ fail ]

        Test ended at 2022-11-29 19:58:37

CURRENT_TEST: binlog.binlog_old_versions

ERROR 2026 (HY000) at line 87: TLS/SSL error: The TLS connection was non-properly terminated.

mysqltest: At line 30: exec of '/buildbot/amd64-ubuntu-2004-msan/build/client//mariadb-binlog --defaults-file=/buildbot/amd64-ubuntu-2004-msan/build/mysql-test/var/16/my.cnf --local-load=/buildbot/amd64-ubuntu-2004-msan/build/mysql-test/var/tmp/16 --local-load=/buildbot/amd64-ubuntu-2004-msan/build/mysql-test/var/16/tmp/ suite/binlog/std_data/ver_trunk_row_v2.001 | /buildbot/amd64-ubuntu-2004-msan/build/client//mariadb --defaults-file=/buildbot/amd64-ubuntu-2004-msan/build/mysql-test/var/16/my.cnf --local-infile=1' failed, error: 256, status: 1, errno: 2

Output from before failure:

==== Read binlog with v2 row events ====

The result from queries just before the failure was:

==== Read binlog with v2 row events ====

Server [mysqld.1 - pid: 91099, winpid: 91099, exit: 256] failed during test run

Server log from this test:

----------SERVER LOG START-----------

==91120==WARNING: MemorySanitizer: use-of-uninitialized-value

    #0 0x563ca8bba94c in bitmap_intersect /buildbot/amd64-ubuntu-2004-msan/build/mysys/my_bitmap.c:395:3

    #1 0x563ca738ca35 in Rows_log_event::do_apply_event(rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/log_event_server.cc:6051:7

    #2 0x563ca733b8ff in Log_event::apply_event(rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/log_event.cc:4179:8

    #3 0x563ca659f2b4 in save_restore_context_apply_event(Log_event*, rpl_group_info*) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_binlog.cc:187:16

    #4 0x563ca65a0079 in mysql_client_binlog_statement(THD*) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_binlog.cc:427:14

    #5 0x563ca6003ba9 in mysql_execute_command(THD*, bool) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_parse.cc:5911:5

    #6 0x563ca5fe0416 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_parse.cc:7996:18

    #7 0x563ca5fd5484 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_parse.cc:1894:7

    #8 0x563ca5fe1f83 in do_command(THD*, bool) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_parse.cc:1407:17

    #9 0x563ca663bb61 in do_handle_one_connection(CONNECT*, bool) /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_connect.cc:1415:11

    #10 0x563ca663b167 in handle_one_connection /buildbot/amd64-ubuntu-2004-msan/build/sql/sql_connect.cc:1317:5

    #11 0x563ca796a9da in pfs_spawn_thread /buildbot/amd64-ubuntu-2004-msan/build/storage/perfschema/pfs.cc:2201:3

    #12 0x7f7eb0c5b608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477:8

    #13 0x7f7eb0811292 in clone /build/glibc-eX1tMB/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

  Memory was marked as uninitialized

    #0 0x563ca5a0b0ce in __msan_allocated_memory (/buildbot/amd64-ubuntu-2004-msan/build/sql/mariadbd+0x83f0ce)

    #1 0x563ca8bde74b in my_malloc /buildbot/amd64-ubuntu-2004-msan/build/mysys/my_malloc.c:113:7

SUMMARY: MemorySanitizer: use-of-uninitialized-value /buildbot/amd64-ubuntu-2004-msan/build/mysys/my_bitmap.c:395:3 in bitmap_intersect