[MDEV-33665] main.pool_of_threads fails due to (spurious) uninitialized Item_func::not_null_tables_cache - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.5
Fix Version/s: 10.5.25, 10.11.8, 10.6.18, 11.0.6, 11.1.5, 11.2.4, 11.4.2
Component/s: Optimizer
Labels:
None

Description

This was found as part of ~~MDEV-33478~~. See ~~MDEV-33478~~ description for details.

This is fairly old code, why did new MSAN find it while valgrind didn't? It seems the cause was that the value was copied between Item objects but was not used.

If I add a printout:

diff --git a/sql/item_cmpfunc.cc b/sql/item_cmpfunc.cc

index f8fd28aebb5..7ec7a752875 100644

--- a/sql/item_cmpfunc.cc

+++ b/sql/item_cmpfunc.cc

@@ -5076,6 +5076,7 @@ Item_cond::fix_fields(THD *thd, Item **ref)

     with_flags|= item->with_flags;

   (void) eval_not_null_tables((void*) 0);

+  fprintf(stderr, "AAQ: not_null_tables_cache=%llx\n", not_null_tables_cache);

/*

     We have to set fixed as some other items will check it and fail if we

the attached testcase (extract from include/common-tests.inc) starts to fail under valgrind:

 ==23601== Thread 6:

==23601== Use of uninitialised value of size 8

==23601==    at 0x747F7E1: _itoa_word (_itoa.c:180)

==23601==    by 0x7482EDD: vfprintf (vfprintf.c:1642)

==23601==    by 0x748563F: buffered_vfprintf (vfprintf.c:2329)

==23601==    by 0x74826F5: vfprintf (vfprintf.c:1301)

==23601==    by 0x748BE13: fprintf (fprintf.c:32)

==23601==    by 0xE9C878: Item_cond::fix_fields(THD*, Item**) (item_cmpfunc.cc:5079)

==23601==    by 0xB18FC8: make_cond_for_table_from_pred(THD*, Item*, Item*, unsigned long long, unsigned long long, int, bool, bool, bool) (sql_select.cc:23938)

==23601==    by 0xB18CBC: make_cond_for_table(THD*, Item*, unsigned long long, unsigned long long, int, bool, bool) (sql_select.cc:23869)

==23601==    by 0xAFA17A: make_join_select(JOIN*, SQL_SELECT*, Item*) (sql_select.cc:12543)

==23601==    by 0xADC64D: JOIN::optimize_stage2() (sql_select.cc:2855)

==23601==    by 0xADB459: JOIN::optimize_inner() (sql_select.cc:2590)

==23601==    by 0xAD8A6D: JOIN::optimize() (sql_select.cc:1888)

==23601==    by 0xAE4A58: mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:5127)

==23601==    by 0xAD3452: handle_select(THD*, LEX*, select_result*, unsigned long) (sql_select.cc:559)

==23601==    by 0xA91440: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:6372)

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

_a1.test
89 kB
2024-03-13 11:21

Issue Links

is part of

MDEV-33478 Tests massively fail with clang-18 -fsanitize=memory

Closed

Activity

Transition	Time In Source Status	Execution Times

Sergei Petrunia made transition - 2024-03-13 12:03

Open

In Progress

1h 28m

Sergei Petrunia made transition - 2024-03-13 13:07

In Progress

In Review

1h 3m

Oleg Smirnov made transition - 2024-03-14 13:06

In Review

Stalled

23h 59m

Sergei Petrunia made transition - 2024-03-14 14:04

Stalled

Closed

57m 47s

People

Assignee:: Sergei Petrunia

Reporter:: Sergei Petrunia

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2024-03-13 10:35

Updated:: 2024-03-19 10:35

Resolved:: 2024-03-14 14:04

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server

Details

Description

Attachments

Attachments

Issue Links

Activity

People

Dates

Git Integration