[MDEV-5518] Valgrind warnings " Syscall param write(buf) points to uninitialised byte(s)" on SELECT with joins, TEMPTABLE view or SELECT SQ without derived_merge - Jira

Details

Type: Bug
Status: Stalled (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 5.3.12, 5.5.34, 5.5.38, 10.0.7, 10.4(EOL), 10.5, 10.6, 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL), 11.3(EOL), 11.4
Fix Version/s: 10.5, 10.6, 10.11
Component/s: Server
Labels:

Description

Important note, please read before running

In the MTR test case below, the SELECT is run with 'send'. It means that the SELECT is sent to server, and the test will end right after that, without waiting till SELECT is finished. It is not necessary to produce the valgrind warning, no race condition or concurrency is required. But the SELECT takes forever to be executed with valgrind (hours, at least – I have never seen it finish), so without 'send' the MTR test case will hang, which might be confusing (although if you look into the server error log, the valgrind warning will already be there).
If you need to debug the test case, or run it without MTR, just remove 'send'.

Test case:

--source include/have_innodb.inc

CREATE TABLE city (

  id INT,

  i1 INT,

  i2 INT,

  country_code VARCHAR(3),

  name VARCHAR(35),

  PRIMARY KEY (id),

  INDEX (country_code,name)

) ENGINE=InnoDB;

INSERT INTO city VALUES (3890,19,19,'USA','Glendale'),(3962,13,13,'USA','Grand Prairie'),

(3908,18,18,'USA','Henderson'),(3867,23,23,'USA','Hialeah'),(3947,14,14,'USA','Hollywood'),

(3838,37,37,'USA','Honolulu'),(3796,195,195,'USA','Houston'),(3893,19,19,'USA','Huntington Beach'),

(3920,16,16,'USA','Huntsville'),(3995,11,11,'USA','Independence'),(3804,79,79,'USA','Indianapolis'),

(3997,11,11,'USA','Inglewood'),(3940,14,14,'USA','Irvine'),(3892,19,19,'USA','Irving'),

(3901,18,18,'USA','Jackson'),(3806,74,74,'USA','Jacksonville'),(3864,24,24,'USA','Jersey City'),

(4014,11,11,'USA','Joliet'),(3828,44,44,'USA','Kansas City'),(3936,15,15,'USA','Kansas City'),

(4062,9,9,'USA','Kenosha'),(3910,17,17,'USA','Knoxville'),(4000,11,11,'USA','Lafayette'),

(3811,60,60,'USA','Milwaukee'),(3837,38,38,'USA','Minneapolis'),(4041,10,10,'USA','Mission Viejo'),

(3884,20,20,'USA','Mobile'),(3894,19,19,'USA','Modesto'),(3879,20,20,'USA','Montgomery'),

(3942,14,14,'USA','Moreno Valley'),(3959,13,13,'USA','Naperville'),(3814,57,57,'USA','Nashville-Davidson'),

(4044,9,9,'USA','New Bedford'),(3971,12,12,'USA','New Haven'),(3823,48,48,'USA','New Orleans'),

(3793,801,801,'USA','New York'),(3855,27,27,'USA','Newark'),(3905,18,18,'USA','Newport News'),

(3865,23,23,'USA','Norfolk'),(4046,9,9,'USA','Norman'),(3990,12,12,'USA','North Las Vegas'),

(4022,10,10,'USA','Norwalk'),(3833,40,40,'USA','Oakland'),(3918,16,16,'USA','Oceanside'),

(4064,9,9,'USA','Odessa'),(3821,51,51,'USA','Oklahoma City'),(3836,39,39,'USA','Omaha'),

(3921,16,16,'USA','Ontario'),(3958,13,13,'USA','Orange'),(3897,19,19,'USA','Orlando'),

(3933,15,15,'USA','Overland Park'),(3915,17,17,'USA','Oxnard'),(3986,12,12,'USA','Palmdale'),

(3967,12,12,'USA','Paradise'),(3943,14,14,'USA','Pasadena'),(3953,13,13,'USA','Pasadena'),

(3932,15,15,'USA','Paterson'),(3951,14,14,'USA','Pembroke Pines'),(3996,11,11,'USA','Peoria'),

(4007,11,11,'USA','Peoria'),(3797,152,152,'USA','Philadelphia'),(3798,132,132,'USA','Phoenix'),

(3844,33,33,'USA','Pittsburgh'),(3870,22,22,'USA','Plano'),(3930,15,15,'USA','Pomona'),

(3820,53,53,'USA','Portland'),(4035,10,10,'USA','Portsmouth'),(3912,17,17,'USA','Providence'),

(4016,11,11,'USA','Provo'),(4029,10,10,'USA','Pueblo'),(3854,28,28,'USA','Raleigh'),

(3961,13,13,'USA','Rancho Cucamonga'),(3904,18,18,'USA','Reno'),(3887,20,20,'USA','Richmond'),

(4047,9,9,'USA','Richmond'),(3859,26,26,'USA','Riverside'),(4050,9,9,'USA','Roanoke'),

(3871,22,22,'USA','Rochester'),(3929,15,15,'USA','Rockford'),(3832,41,41,'USA','Sacramento'),

(3841,35,35,'USA','Saint Louis'),(3851,29,29,'USA','Saint Paul'),(3860,25,25,'USA','Saint Petersburg'),

(3952,14,14,'USA','Salem'),(3927,15,15,'USA','Salinas'),(3903,18,18,'USA','Salt Lake City'),

(3801,114,114,'USA','San Antonio'),(3900,19,19,'USA','San Bernardino'),(4034,10,10,'USA','San Buenaventura'),

(3799,122,122,'USA','San Diego'),(3805,78,78,'USA','San Francisco'),(3803,89,89,'USA','San Jose'),

(4056,9,9,'USA','San Mateo'),(4030,10,10,'USA','Sandy'),(3843,34,34,'USA','Santa Ana'),

(4025,10,10,'USA','Santa Clara'),(3926,15,15,'USA','Santa Clarita'),(4060,9,9,'USA','Santa Monica'),

(3934,15,15,'USA','Santa Rosa'),(3956,13,13,'USA','Savannah'),(3878,20,20,'USA','Scottsdale'),

(3816,56,56,'USA','Seattle'),(3880,20,20,'USA','Shreveport'),(3999,11,11,'USA','Simi Valley'),

(3970,12,12,'USA','Sioux Falls'),(4008,11,11,'USA','South Bend'),(3889,20,20,'USA','Spokane'),

(3924,15,15,'USA','Springfield'),(3925,15,15,'USA','Springfield'),(3998,11,11,'USA','Springfield'),

(3983,12,12,'USA','Stamford'),(3969,12,12,'USA','Sterling Heights'),(3862,24,24,'USA','Stockton'),

(3955,13,13,'USA','Sunnyvale'),(4043,10,10,'USA','Sunrise Manor'),(3935,15,15,'USA','Syracuse'),

(3891,19,19,'USA','Tacoma'),(3928,15,15,'USA','Tallahassee'),(3849,30,30,'USA','Tampa'),

(3919,16,16,'USA','Tempe'),(3984,12,12,'USA','Thousand Oaks'),(3848,31,31,'USA','Toledo'),

(3972,12,12,'USA','Topeka'),(3949,14,14,'USA','Torrance'),(3822,49,49,'USA','Tucson'),

(3835,39,39,'USA','Tulsa'),(3985,12,12,'USA','Vallejo'),(3939,14,14,'USA','Vancouver'),

(3830,43,43,'USA','Virginia Beach'),(4057,9,9,'USA','Visalia'),(3993,11,11,'USA','Waco'),

(3948,14,14,'USA','Warren'),(3813,57,57,'USA','Washington'),(4010,11,11,'USA','Waterbury'),

(4017,11,11,'USA','West Covina'),(4004,11,11,'USA','West Valley City'),(4033,10,10,'USA','Westminster'),

(3842,34,34,'USA','Wichita'),(4018,10,10,'USA','Wichita Falls'),(3888,20,20,'USA','Yonkers');

CREATE TABLE country (

  code VARCHAR(3),

  name VARCHAR(52),

  PRIMARY KEY (code)

) ENGINE=InnoDB;

INSERT INTO country VALUES ('USA','United States'),('CAN','Canada');

CREATE ALGORITHM=TEMPTABLE VIEW v AS SELECT c1.* FROM city c1, city c2;

send SELECT * FROM city, country, v;

==4487== Thread 20:

==4487== Syscall param write(buf) points to uninitialised byte(s)

==4487==    at 0x58BD12D: ??? (syscall-template.S:82)

==4487==    by 0xB6F04B: my_write (my_write.c:51)

==4487==    by 0xB75778: my_b_flush_io_cache (mf_iocache.c:1758)

==4487==    by 0xB74F70: _my_b_write (mf_iocache.c:1514)

==4487==    by 0xA4324B: _ma_write_static_record (ma_statrec.c:50)

==4487==    by 0xA45D0B: maria_write (ma_write.c:285)

==4487==    by 0x9A835A: ha_maria::write_row(unsigned char*) (ha_maria.cc:1171)

==4487==    by 0x5D0A8C: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:3823)

==4487==    by 0x74EBFA: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15666)

==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)

==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)

==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)

==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)

==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)

==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)

==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)

==4487==  Address 0x2323e4b8 is 72 bytes inside a block of size 131,116 alloc'd

==4487==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)

==4487==    by 0xB7912E: _mymalloc (safemalloc.c:140)

==4487==    by 0xB7307D: init_io_cache (mf_iocache.c:244)

==4487==    by 0x9D8109: maria_extra (ma_extra.c:145)

==4487==    by 0x9AB16A: ha_maria::start_bulk_insert(unsigned long long) (ha_maria.cc:2087)

==4487==    by 0x762A05: handler::ha_start_bulk_insert(unsigned long long) (handler.h:1779)

==4487==    by 0x74EBDF: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15655)

==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)

==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)

==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)

==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)

==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)

==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)

==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)

==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)

==4487==    by 0x74FA23: do_select(JOIN*, List<Item>*, st_table*, Procedure*) (sql_select.cc:15926)

==4487== Syscall param write(buf) points to uninitialised byte(s)

==4487==    at 0x58BD12D: ??? (syscall-template.S:82)

==4487==    by 0xB6F04B: my_write (my_write.c:51)

==4487==    by 0xB75778: my_b_flush_io_cache (mf_iocache.c:1758)

==4487==    by 0xB75A1A: end_io_cache (mf_iocache.c:1831)

==4487==    by 0x9D819A: maria_extra (ma_extra.c:164)

==4487==    by 0x9AB45D: ha_maria::end_bulk_insert() (ha_maria.cc:2175)

==4487==    by 0x762A38: handler::ha_end_bulk_insert() (handler.h:1784)

==4487==    by 0x74EC9C: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15676)

==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)

==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)

==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)

==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)

==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)

==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)

==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)

==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)

==4487==  Address 0x2323e4a7 is 55 bytes inside a block of size 131,116 alloc'd

==4487==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)

==4487==    by 0xB7912E: _mymalloc (safemalloc.c:140)

==4487==    by 0xB7307D: init_io_cache (mf_iocache.c:244)

==4487==    by 0x9D8109: maria_extra (ma_extra.c:145)

==4487==    by 0x9AB16A: ha_maria::start_bulk_insert(unsigned long long) (ha_maria.cc:2087)

==4487==    by 0x762A05: handler::ha_start_bulk_insert(unsigned long long) (handler.h:1779)

==4487==    by 0x74EBDF: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15655)

==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)

==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)

==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)

==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)

==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)

==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)

==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)

==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)

==4487==    by 0x74FA23: do_select(JOIN*, List<Item>*, st_table*, Procedure*) (sql_select.cc:15926)

==4487== Syscall param pwrite64(buf) points to uninitialised byte(s)

==4487==    at 0x58BDA43: ??? (syscall-template.S:82)

==4487==    by 0xB6EDB7: my_pwrite (my_pread.c:155)

==4487==    by 0x9D2186: _ma_nommap_pwrite (ma_dynrec.c:227)

==4487==    by 0xA43399: _ma_write_static_record (ma_statrec.c:64)

==4487==    by 0xA45D0B: maria_write (ma_write.c:285)

==4487==    by 0x9A835A: ha_maria::write_row(unsigned char*) (ha_maria.cc:1171)

==4487==    by 0x5D0A8C: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:3823)

==4487==    by 0x74ECD1: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15679)

==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)

==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)

==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)

==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)

==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)

==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)

==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)

==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)

==4487==  Address 0x22efc664 is 100 bytes inside a block of size 1,000 alloc'd

==4487==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)

==4487==    by 0xB7912E: _mymalloc (safemalloc.c:140)

==4487==    by 0xB787FE: alloc_root (my_alloc.c:218)

==4487==    by 0x74C2F4: create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char*, bool) (sql_select.cc:14709)

==4487==    by 0x8AF2AF: select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool) (sql_union.cc:149)

==4487==    by 0x8B3126: mysql_derived_prepare(THD*, st_lex*, TABLE_LIST*) (sql_derived.cc:675)

==4487==    by 0x8B2573: mysql_handle_single_derived(st_lex*, TABLE_LIST*, unsigned int) (sql_derived.cc:185)

==4487==    by 0x724860: TABLE_LIST::handle_derived(st_lex*, unsigned int) (table.cc:5924)

==4487==    by 0x58978D: st_select_lex::handle_derived(st_lex*, unsigned int) (sql_lex.cc:3209)

==4487==    by 0x72689B: JOIN::prepare(Item***, TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) (sql_select.cc:581)

==4487==    by 0x72F5EE: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2989)

==4487==    by 0x726104: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:288)

==4487==    by 0x6B4DEB: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5172)

==4487==    by 0x6ABF87: mysql_execute_command(THD*) (sql_parse.cc:2305)

==4487==    by 0x6B7752: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6173)

==4487==    by 0x6A9767: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1243)

revision-id: sanja@askmonty.org-20131218135951-agw2htf09w418t91

revno: 3737

branch-nick: 5.3

BUILD/compile-pentium-debug-max-no-ndb (also reproducible with BUILD/compile-pentium-valgrind-max-no-ndb)

Attachments

Issue Links

links to

Bug #73819 Valgrind warnings " Syscall param write(buf) points to uninitialised byte(s)"

Activity

Ascending order - Click to sort in descending order

Sergei Golubchik added a comment - 2014-07-29 13:57

elenst, I failed to repeat the issue in the current 5.5 tree. Want to try again or to close it?

Sergei Golubchik added a comment - 2014-07-29 13:57 elenst , I failed to repeat the issue in the current 5.5 tree. Want to try again or to close it?

Elena Stepanova added a comment - 2014-08-04 17:21

Still reproducible on the current 5.5 tree:

revision-id: sergii@pisem.net-20140803113854-ku86z409wqigl8s6

revno: 4264

branch-nick: 5.5-mdev5518

Built as: cmake . -DCMAKE_BUILD_TYPE=Debug && make -j3

Elena Stepanova added a comment - 2014-08-04 17:21 Still reproducible on the current 5.5 tree: revision-id: sergii@pisem.net-20140803113854-ku86z409wqigl8s6 revno: 4264 branch-nick: 5.5-mdev5518 Built as: cmake . -DCMAKE_BUILD_TYPE=Debug && make -j3

Sergei Golubchik added a comment - 2014-09-05 20:16

This is upstream issue, caused by this changeset. Reported as Bug#73819

Sergei Golubchik added a comment - 2014-09-05 20:16 This is upstream issue, caused by this changeset . Reported as Bug#73819

Elena Stepanova added a comment - 2014-11-09 16:59

Seems to have disappeared between 5.5.38 and 5.5.39, need to re-check.

Elena Stepanova added a comment - 2014-11-09 16:59 Seems to have disappeared between 5.5.38 and 5.5.39, need to re-check.

Elena Stepanova added a comment - 2024-01-07 22:22

Still (or again) reproducible on all existing versions. On 10.5+ also reproducible with MSAN, send is not required with MSAN.

10.4 valgrind 64f44b22d9a3dab3d4c0b77addbcbdafde57b466
==1292668== Thread 27:
==1292668== Conditional jump or move depends on uninitialised value(s)
==1292668== at 0x128AFA6: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58)
==1292668== by 0x128CFA9: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220)
==1292668== by 0x128D2EF: rec_set_n_fields_old(unsigned char*, unsigned long) (rem0rec.inl:431)
==1292668== by 0x1292637: rec_convert_dtuple_to_rec_old(unsigned char, dtuple_t const, unsigned long) (rem0rec.cc:1425)
==1292668== by 0x1292E8D: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1776)
==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2803)
==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3289)
==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3415)
==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3584)
==1292668== by 0x12CF181: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3721)
==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864)
==1292668== by 0x12812E4: que_thr_step(que_thr_t*) (que0que.cc:945)
==1292668== by 0x12816E9: que_run_threads_low(que_thr_t*) (que0que.cc:1028)
==1292668== by 0x1281983: que_run_threads(que_thr_t*) (que0que.cc:1068)
==1292668== Conditional jump or move depends on uninitialised value(s)
==1292668== at 0x128AF08: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41)
==1292668== by 0x128C9C0: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178)
==1292668== by 0x128D4F9: rec_set_info_bits_old(unsigned char*, unsigned long) (rem0rec.inl:575)
==1292668== by 0x129265A: rec_convert_dtuple_to_rec_old(unsigned char, dtuple_t const, unsigned long) (rem0rec.cc:1428)
==1292668== by 0x1292E8D: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1776)
==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2803)
==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3289)
==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3415)
==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3584)
==1292668== by 0x12CF181: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3721)
==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864)
==1292668== by 0x12812E4: que_thr_step(que_thr_t*) (que0que.cc:945)
==1292668== by 0x12816E9: que_run_threads_low(que_thr_t*) (que0que.cc:1028)
==1292668== by 0x1281983: que_run_threads(que_thr_t*) (que0que.cc:1068)
==1292668== Conditional jump or move depends on uninitialised value(s)
==1292668== at 0x128AFA6: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58)
==1292668== by 0x128CFA9: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220)
==1292668== by 0x128D636: rec_set_heap_no_new(unsigned char*, unsigned long) (rem0rec.inl:764)
==1292668== by 0x129C0B6: void rec_convert_dtuple_to_rec_comp<false, false>(unsigned char, dict_index_t const, dfield_t const*, unsigned long, rec_comp_status_t, bool) (rem0rec.cc:1562)
==1292668== by 0x1292B85: rec_convert_dtuple_to_rec_new(unsigned char, dict_index_t const, dtuple_t const*) (rem0rec.cc:1742)
==1292668== by 0x1292E70: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1774)
==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2803)
==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3289)
==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3415)
==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3584)
==1292668== by 0x12CF181: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3721)
==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864)
==1292668== by 0x12F80C8: row_insert_for_mysql(unsigned char const, row_prebuilt_t, ins_mode_t) (row0mysql.cc:1395)
==1292668== by 0x112967D: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171)
==1292668== Conditional jump or move depends on uninitialised value(s)
==1292668== at 0x128AF08: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41)
==1292668== by 0x128C9C0: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178)
==1292668== by 0x128D52C: rec_set_info_bits_new(unsigned char*, unsigned long) (rem0rec.inl:587)
==1292668== by 0x1292BA2: rec_convert_dtuple_to_rec_new(unsigned char, dict_index_t const, dtuple_t const*) (rem0rec.cc:1747)
==1292668== by 0x1292E70: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1774)
==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2803)
==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3289)
==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3415)
==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3584)
==1292668== by 0x12CF181: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3721)
==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864)
==1292668== by 0x12F80C8: row_insert_for_mysql(unsigned char const, row_prebuilt_t, ins_mode_t) (row0mysql.cc:1395)
==1292668== by 0x112967D: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171)
==1292668== by 0xD16A2B: handler::ha_write_row(unsigned char const*) (handler.cc:6860)
^ Found warnings in /mnt8t/bld/10.4-valgrind/mysql-test/var/log/mysqld.1.err
ok

- saving '/mnt8t/bld/10.4-valgrind/mysql-test/var/log/bug.t2-innodb/' to '/mnt8t/bld/10.4-valgrind/mysql-test/var/log/bug.t2-innodb/'
***Warnings generated in error logs during shutdown after running tests: bug.t2

==1292668== Uninitialised byte(s) found during client check request
==1292668== at 0xFD229D: my_b_write (my_sys.h:526)
==1292668== by 0xFD2559: _ma_write_static_record (ma_statrec.c:50)
==1292668== by 0xFF600F: maria_write (ma_write.c:284)
==1292668== by 0xF69120: ha_maria::write_row(unsigned char const*) (ha_maria.cc:1258)
==1292668== by 0xA3A2BD: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:6849)
==1292668== by 0xA199C9: create_internal_tmp_table_from_heap(THD, TABLE, st_maria_columndef, st_maria_columndef, int, bool, bool) (sql_select.cc:20108)
==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165)
==1292668== by 0xA1EDEE: end_send(JOIN, st_join_table, bool) (sql_select.cc:22118)
==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528)
==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420)
==1292668== by 0xB8DEDB: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2173)
==1292668== by 0xA1B616: sub_select_cache(JOIN, st_join_table, bool) (sql_select.cc:20685)
==1292668== by 0xA1B8B9: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20867)
==1292668== by 0xA1AE72: do_select(JOIN, Procedure) (sql_select.cc:20445)
==1292668== by 0x9EDFD2: JOIN::exec_inner() (sql_select.cc:4625)
==1292668== by 0x9ED0A3: JOIN::exec() (sql_select.cc:4407)
==1292668== Address 0x17dc268a is 122 bytes inside a block of size 224 alloc'd
==1292668== at 0x48407B4: malloc (vg_replace_malloc.c:381)
==1292668== by 0x16743ED: my_malloc (my_malloc.c:101)
==1292668== by 0x1663E6F: alloc_root (my_alloc.c:190)
==1292668== by 0xA16466: create_tmp_table(THD, TMP_TABLE_PARAM, List<Item>&, st_order, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const, bool, bool) (sql_select.cc:19066)
==1292668== by 0xAB0E71: select_unit::create_result_table(THD, List<Item>, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) (sql_union.cc:393)
==1292668== by 0x93603B: mysql_derived_prepare(THD, LEX, TABLE_LIST*) (sql_derived.cc:853)
==1292668== by 0x934552: mysql_handle_single_derived(LEX, TABLE_LIST, unsigned int) (sql_derived.cc:200)
==1292668== by 0xAE9FFB: TABLE_LIST::handle_derived(LEX*, unsigned int) (table.cc:9090)
==1292668== by 0x951140: LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) (sql_lex.h:4455)
==1292668== by 0x95E083: st_select_lex::handle_derived(LEX*, unsigned int) (sql_lex.cc:4417)
==1292668== by 0x9E0BA5: JOIN::prepare(TABLE_LIST, unsigned int, Item, unsigned int, st_order, bool, st_order, Item, st_order, st_select_lex, st_select_lex_unit) (sql_select.cc:1243)
==1292668== by 0x9EE719: mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:4809)
==1292668== by 0x9DD4A4: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:442)
==1292668== by 0x99DCE0: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:6523)
==1292668== by 0x99402D: mysql_execute_command(THD*) (sql_parse.cc:3980)
==1292668== by 0x9A1EA2: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8062)
==1292668== Syscall param write(buf) points to uninitialised byte(s)
==1292668== at 0x4DEF17F: __libc_write (write.c:26)
==1292668== by 0x4DEF17F: write (write.c:24)
==1292668== by 0x167B92E: my_write (my_write.c:49)
==1292668== by 0x1649F19: inline_mysql_file_write (mysql_file.h:1180)
==1292668== by 0x164D85E: _my_b_cache_write (mf_iocache.c:1758)
==1292668== by 0x164E2F0: my_b_flush_io_cache (mf_iocache.c:1957)
==1292668== by 0x164B955: _my_b_write (mf_iocache.c:604)
==1292668== by 0xFD231A: my_b_write (my_sys.h:536)
==1292668== by 0xFD2559: _ma_write_static_record (ma_statrec.c:50)
==1292668== by 0xFF600F: maria_write (ma_write.c:284)
==1292668== by 0xF69120: ha_maria::write_row(unsigned char const*) (ha_maria.cc:1258)
==1292668== by 0xA3A2BD: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:6849)
==1292668== by 0xA199C9: create_internal_tmp_table_from_heap(THD, TABLE, st_maria_columndef, st_maria_columndef, int, bool, bool) (sql_select.cc:20108)
==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165)
==1292668== by 0xA1EDEE: end_send(JOIN, st_join_table, bool) (sql_select.cc:22118)
==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528)
==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420)
==1292668== Address 0x17f023b2 is 34 bytes inside a block of size 131,080 alloc'd
==1292668== at 0x48407B4: malloc (vg_replace_malloc.c:381)
==1292668== by 0x16743ED: my_malloc (my_malloc.c:101)
==1292668== by 0x164AB60: init_io_cache (mf_iocache.c:247)
==1292668== by 0xFBEFDD: maria_extra (ma_extra.c:142)
==1292668== by 0xF6BE53: ha_maria::start_bulk_insert(unsigned long long, unsigned int) (ha_maria.cc:2123)
==1292668== by 0x9507F2: handler::ha_start_bulk_insert(unsigned long long, unsigned int) (handler.h:3284)
==1292668== by 0xA199AE: create_internal_tmp_table_from_heap(THD, TABLE, st_maria_columndef, st_maria_columndef, int, bool, bool) (sql_select.cc:20097)
==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165)
==1292668== by 0xA1EDEE: end_send(JOIN, st_join_table, bool) (sql_select.cc:22118)
==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528)
==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420)
==1292668== by 0xB8DEDB: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2173)
==1292668== by 0xA1B616: sub_select_cache(JOIN, st_join_table, bool) (sql_select.cc:20685)
==1292668== by 0xA1B8B9: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20867)
==1292668== by 0xA1AE72: do_select(JOIN, Procedure) (sql_select.cc:20445)
==1292668== by 0x9EDFD2: JOIN::exec_inner() (sql_select.cc:4625)
==1292668== Syscall param pwrite64(buf) points to uninitialised byte(s)
==1292668== at 0x4DED2B7: __libc_pwrite64 (pwrite64.c:25)
==1292668== by 0x4DED2B7: pwrite (pwrite64.c:23)
==1292668== by 0x167693D: my_pwrite (my_pread.c:159)
==1292668== by 0xF586B8: _ma_nommap_pwrite (ma_dynrec.c:219)
==1292668== by 0xFD2640: _ma_write_static_record (ma_statrec.c:64)
==1292668== by 0xFF600F: maria_write (ma_write.c:284)
==1292668== by 0xF69120: ha_maria::write_row(unsigned char const*) (ha_maria.cc:1258)
==1292668== by 0xA3A2BD: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:6849)
==1292668== by 0xA19AA9: create_internal_tmp_table_from_heap(THD, TABLE, st_maria_columndef, st_maria_columndef, int, bool, bool) (sql_select.cc:20118)
==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165)
==1292668== by 0xA1EDEE: end_send(JOIN, st_join_table, bool) (sql_select.cc:22118)
==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528)
==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420)
==1292668== by 0xB8DEDB: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2173)
==1292668== by 0xA1B616: sub_select_cache(JOIN, st_join_table, bool) (sql_select.cc:20685)
==1292668== by 0xA1B8B9: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20867)
==1292668== by 0xA1AE72: do_select(JOIN, Procedure) (sql_select.cc:20445)
==1292668== Address 0x17dc2654 is 68 bytes inside a block of size 224 alloc'd
==1292668== at 0x48407B4: malloc (vg_replace_malloc.c:381)
==1292668== by 0x16743ED: my_malloc (my_malloc.c:101)
==1292668== by 0x1663E6F: alloc_root (my_alloc.c:190)
==1292668== by 0xA16466: create_tmp_table(THD, TMP_TABLE_PARAM, List<Item>&, st_order, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const, bool, bool) (sql_select.cc:19066)
==1292668== by 0xAB0E71: select_unit::create_result_table(THD, List<Item>, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) (sql_union.cc:393)
==1292668== by 0x93603B: mysql_derived_prepare(THD, LEX, TABLE_LIST*) (sql_derived.cc:853)
==1292668== by 0x934552: mysql_handle_single_derived(LEX, TABLE_LIST, unsigned int) (sql_derived.cc:200)
==1292668== by 0xAE9FFB: TABLE_LIST::handle_derived(LEX*, unsigned int) (table.cc:9090)
==1292668== by 0x951140: LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) (sql_lex.h:4455)
==1292668== by 0x95E083: st_select_lex::handle_derived(LEX*, unsigned int) (sql_lex.cc:4417)
==1292668== by 0x9E0BA5: JOIN::prepare(TABLE_LIST, unsigned int, Item, unsigned int, st_order, bool, st_order, Item, st_order, st_select_lex, st_select_lex_unit) (sql_select.cc:1243)
==1292668== by 0x9EE719: mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:4809)
==1292668== by 0x9DD4A4: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:442)
==1292668== by 0x99DCE0: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:6523)
==1292668== by 0x99402D: mysql_execute_command(THD*) (sql_parse.cc:3980)
==1292668== by 0x9A1EA2: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8062)

10.5 MSAN f98d2ef5b4ab633d74fb245a8b6520fe86514de0
Uninitialized bytes in __msan_check_mem_is_initialized at offset 26 inside [0x70f000007c30, 53)
==1306825==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x555bbcf4968b in my_b_write /data/bld/10.5-msan/include/my_sys.h:499:3
#1 0x555bbcf4968b in _ma_write_static_record /data/bld/10.5-msan/storage/maria/ma_statrec.c:50:11
#2 0x555bbcfc6971 in maria_write /data/bld/10.5-msan/storage/maria/ma_write.c:284:9
#3 0x555bbcdd2a6f in ha_maria::write_row(unsigned char const*) /data/bld/10.5-msan/storage/maria/ha_maria.cc:1264:10
#4 0x555bbb9a5a8a in handler::ha_write_tmp_row(unsigned char*) /data/bld/10.5-msan/sql/sql_class.h:7271:3
#5 0x555bbb8fdaf2 in create_internal_tmp_table_from_heap(THD, TABLE, st_maria_columndef, st_maria_columndef, int, bool, bool) /data/bld/10.5-msan/sql/sql_select.cc:20391:32
#6 0x555bbbb59a79 in select_unit::write_record() /data/bld/10.5-msan/sql/sql_union.cc:432:12
#7 0x555bbbb59a79 in select_unit::send_data(List<Item>&) /data/bld/10.5-msan/sql/sql_union.cc:157:9
#8 0x555bbb8a95a8 in select_result_sink::send_data_with_check(List<Item>&, st_select_lex_unit*, unsigned long long) /data/bld/10.5-msan/sql/sql_class.h:5535:12
#9 0x555bbb8a95a8 in end_send(JOIN, st_join_table, bool) /data/bld/10.5-msan/sql/sql_select.cc:22422:11
#10 0x555bbbe1570e in JOIN_CACHE::generate_full_extensions(unsigned char*) /data/bld/10.5-msan/sql/sql_join_cache.cc:2534:11
#11 0x555bbbe14ba5 in JOIN_CACHE::join_matching_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2426:13
#12 0x555bbbe135b9 in JOIN_CACHE::join_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2177:9
#13 0x555bbb94b38f in sub_select_cache(JOIN, st_join_table, bool) /data/bld/10.5-msan/sql/sql_select.cc:20969:16
#14 0x555bbb94975a in sub_select(JOIN, st_join_table, bool) /data/bld/10.5-msan/sql/sql_select.cc:21151:7
#15 0x555bbb8c08ab in do_select(JOIN, Procedure) /data/bld/10.5-msan/sql/sql_select.cc:20729:14
#16 0x555bbb8c08ab in JOIN::exec_inner() /data/bld/10.5-msan/sql/sql_select.cc:4622:50
#17 0x555bbb8bc3f8 in JOIN::exec() /data/bld/10.5-msan/sql/sql_select.cc:4402:3
#18 0x555bbb824970 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /data/bld/10.5-msan/sql/sql_select.cc:4879:9
#19 0x555bbb5cecf2 in mysql_derived_fill(THD, LEX, TABLE_LIST*) /data/bld/10.5-msan/sql/sql_derived.cc:1268:10
#20 0x555bbb5d1457 in mysql_handle_single_derived(LEX, TABLE_LIST, unsigned int) /data/bld/10.5-msan/sql/sql_derived.cc:200:15
#21 0x555bbb906c49 in st_join_table::preread_init() /data/bld/10.5-msan/sql/sql_select.cc:13997:7
#22 0x555bbb8b5db1 in join_init_read_record(st_join_table*) /data/bld/10.5-msan/sql/sql_select.cc:22168:40
#23 0x555bbbe14331 in JOIN_CACHE::join_matching_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2355:7
#24 0x555bbbe135b9 in JOIN_CACHE::join_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2177:9
#25 0x555bbbe13397 in JOIN_CACHE::join_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2232:21
#26 0x555bbb94b38f in sub_select_cache(JOIN, st_join_table, bool) /data/bld/10.5-msan/sql/sql_select.cc:20969:16
#27 0x555bbb94975a in sub_select(JOIN, st_join_table, bool) /data/bld/10.5-msan/sql/sql_select.cc:21151:7
#28 0x555bbb8c08ab in do_select(JOIN, Procedure) /data/bld/10.5-msan/sql/sql_select.cc:20729:14
#29 0x555bbb8c08ab in JOIN::exec_inner() /data/bld/10.5-msan/sql/sql_select.cc:4622:50
#30 0x555bbb8bc3f8 in JOIN::exec() /data/bld/10.5-msan/sql/sql_select.cc:4402:3
#31 0x555bbb824970 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /data/bld/10.5-msan/sql/sql_select.cc:4879:9
#32 0x555bbb823386 in handle_select(THD, LEX, select_result*, unsigned long) /data/bld/10.5-msan/sql/sql_select.cc:450:10
#33 0x555bbb7581fe in execute_sqlcom_select(THD, TABLE_LIST) /data/bld/10.5-msan/sql/sql_parse.cc:6391:12
#34 0x555bbb73208a in mysql_execute_command(THD*) /data/bld/10.5-msan/sql/sql_parse.cc:4022:12
#35 0x555bbb7192d7 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/bld/10.5-msan/sql/sql_parse.cc:8170:18
#36 0x555bbb70c741 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/bld/10.5-msan/sql/sql_parse.cc:1891:7
#37 0x555bbb71b278 in do_command(THD*) /data/bld/10.5-msan/sql/sql_parse.cc:1375:17
#38 0x555bbbd2185f in do_handle_one_connection(CONNECT*, bool) /data/bld/10.5-msan/sql/sql_connect.cc:1415:11
#39 0x555bbbd20f55 in handle_one_connection /data/bld/10.5-msan/sql/sql_connect.cc:1317:5
#40 0x555bbd134aba in pfs_spawn_thread /data/bld/10.5-msan/storage/perfschema/pfs.cc:2201:3
#41 0x7fb469f0b043 in start_thread nptl/./nptl/pthread_create.c:442:8
#42 0x7fb469f8b61b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Uninitialized value was stored to memory at
#0 0x555bbb1f2149 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77d149)
#1 0x555bbd3c7192 in heap_scan /data/bld/10.5-msan/storage/heap/hp_scan.c:74:3

Uninitialized value was stored to memory at
#0 0x555bbb1f2149 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77d149)
#1 0x555bbd3c92af in heap_write /data/bld/10.5-msan/storage/heap/hp_write.c:56:3

Uninitialized value was stored to memory at
#0 0x555bbb1f2149 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77d149)
#1 0x555bbc3496b2 in field_conv_memcpy(Field, Field) /data/bld/10.5-msan/sql/field_conv.cc:881:5
#2 0x555bbc3496b2 in field_conv(Field, Field) /data/bld/10.5-msan/sql/field_conv.cc:911:10

Memory was marked as uninitialized
#0 0x555bbb1f88ee in __msan_allocated_memory (/mnt8t/bld/10.5-msan/sql/mariadbd+0x7838ee)
#1 0x555bbdb0b96e in row_sel_field_store_in_mysql_format_func(unsigned char, mysql_row_templ_t const, dict_index_t const, unsigned long, unsigned char const, unsigned long) /data/bld/10.5-msan/storage/innobase/row/row0sel.cc:2754:2

SUMMARY: MemorySanitizer: use-of-uninitialized-value /data/bld/10.5-msan/include/my_sys.h:499:3 in my_b_write

Upstream bug is closed as not reproducible on 5.7 (it was confirmed for 5.5).
I didn't check whether it is indeed not reproducible on 5.7.

Elena Stepanova added a comment - 2024-01-07 22:22 Still (or again) reproducible on all existing versions. On 10.5+ also reproducible with MSAN, send is not required with MSAN. 10.4 valgrind 64f44b22d9a3dab3d4c0b77addbcbdafde57b466 ==1292668== Thread 27: ==1292668== Conditional jump or move depends on uninitialised value(s) ==1292668== at 0x128AFA6: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58) ==1292668== by 0x128CFA9: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220) ==1292668== by 0x128D2EF: rec_set_n_fields_old(unsigned char*, unsigned long) (rem0rec.inl:431) ==1292668== by 0x1292637: rec_convert_dtuple_to_rec_old(unsigned char*, dtuple_t const*, unsigned long) (rem0rec.cc:1425) ==1292668== by 0x1292E8D: rec_convert_dtuple_to_rec(unsigned char*, dict_index_t const*, dtuple_t const*, unsigned long) (rem0rec.cc:1776) ==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t*, dtuple_t const*, dict_index_t*, unsigned short**, mem_block_info_t**, unsigned long, mtr_t*) (page0cur.inl:272) ==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t*, unsigned short**, mem_block_info_t**, dtuple_t*, unsigned char**, big_rec_t**, unsigned long, que_thr_t*, mtr_t*) (btr0cur.cc:3597) ==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t*, unsigned long, dtuple_t*, unsigned long, que_thr_t*) (row0ins.cc:2803) ==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t*, dtuple_t*, que_thr_t*, unsigned long) (row0ins.cc:3289) ==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t*, dtuple_t*, que_thr_t*) (row0ins.cc:3415) ==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t*, que_thr_t*) (row0ins.cc:3584) ==1292668== by 0x12CF181: row_ins(ins_node_t*, que_thr_t*) (row0ins.cc:3721) ==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864) ==1292668== by 0x12812E4: que_thr_step(que_thr_t*) (que0que.cc:945) ==1292668== by 0x12816E9: que_run_threads_low(que_thr_t*) (que0que.cc:1028) ==1292668== by 0x1281983: que_run_threads(que_thr_t*) (que0que.cc:1068) ==1292668== Conditional jump or move depends on uninitialised value(s) ==1292668== at 0x128AF08: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41) ==1292668== by 0x128C9C0: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178) ==1292668== by 0x128D4F9: rec_set_info_bits_old(unsigned char*, unsigned long) (rem0rec.inl:575) ==1292668== by 0x129265A: rec_convert_dtuple_to_rec_old(unsigned char*, dtuple_t const*, unsigned long) (rem0rec.cc:1428) ==1292668== by 0x1292E8D: rec_convert_dtuple_to_rec(unsigned char*, dict_index_t const*, dtuple_t const*, unsigned long) (rem0rec.cc:1776) ==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t*, dtuple_t const*, dict_index_t*, unsigned short**, mem_block_info_t**, unsigned long, mtr_t*) (page0cur.inl:272) ==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t*, unsigned short**, mem_block_info_t**, dtuple_t*, unsigned char**, big_rec_t**, unsigned long, que_thr_t*, mtr_t*) (btr0cur.cc:3597) ==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t*, unsigned long, dtuple_t*, unsigned long, que_thr_t*) (row0ins.cc:2803) ==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t*, dtuple_t*, que_thr_t*, unsigned long) (row0ins.cc:3289) ==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t*, dtuple_t*, que_thr_t*) (row0ins.cc:3415) ==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t*, que_thr_t*) (row0ins.cc:3584) ==1292668== by 0x12CF181: row_ins(ins_node_t*, que_thr_t*) (row0ins.cc:3721) ==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864) ==1292668== by 0x12812E4: que_thr_step(que_thr_t*) (que0que.cc:945) ==1292668== by 0x12816E9: que_run_threads_low(que_thr_t*) (que0que.cc:1028) ==1292668== by 0x1281983: que_run_threads(que_thr_t*) (que0que.cc:1068) ==1292668== Conditional jump or move depends on uninitialised value(s) ==1292668== at 0x128AFA6: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58) ==1292668== by 0x128CFA9: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220) ==1292668== by 0x128D636: rec_set_heap_no_new(unsigned char*, unsigned long) (rem0rec.inl:764) ==1292668== by 0x129C0B6: void rec_convert_dtuple_to_rec_comp<false, false>(unsigned char*, dict_index_t const*, dfield_t const*, unsigned long, rec_comp_status_t, bool) (rem0rec.cc:1562) ==1292668== by 0x1292B85: rec_convert_dtuple_to_rec_new(unsigned char*, dict_index_t const*, dtuple_t const*) (rem0rec.cc:1742) ==1292668== by 0x1292E70: rec_convert_dtuple_to_rec(unsigned char*, dict_index_t const*, dtuple_t const*, unsigned long) (rem0rec.cc:1774) ==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t*, dtuple_t const*, dict_index_t*, unsigned short**, mem_block_info_t**, unsigned long, mtr_t*) (page0cur.inl:272) ==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t*, unsigned short**, mem_block_info_t**, dtuple_t*, unsigned char**, big_rec_t**, unsigned long, que_thr_t*, mtr_t*) (btr0cur.cc:3597) ==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t*, unsigned long, dtuple_t*, unsigned long, que_thr_t*) (row0ins.cc:2803) ==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t*, dtuple_t*, que_thr_t*, unsigned long) (row0ins.cc:3289) ==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t*, dtuple_t*, que_thr_t*) (row0ins.cc:3415) ==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t*, que_thr_t*) (row0ins.cc:3584) ==1292668== by 0x12CF181: row_ins(ins_node_t*, que_thr_t*) (row0ins.cc:3721) ==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864) ==1292668== by 0x12F80C8: row_insert_for_mysql(unsigned char const*, row_prebuilt_t*, ins_mode_t) (row0mysql.cc:1395) ==1292668== by 0x112967D: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171) ==1292668== Conditional jump or move depends on uninitialised value(s) ==1292668== at 0x128AF08: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41) ==1292668== by 0x128C9C0: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178) ==1292668== by 0x128D52C: rec_set_info_bits_new(unsigned char*, unsigned long) (rem0rec.inl:587) ==1292668== by 0x1292BA2: rec_convert_dtuple_to_rec_new(unsigned char*, dict_index_t const*, dtuple_t const*) (rem0rec.cc:1747) ==1292668== by 0x1292E70: rec_convert_dtuple_to_rec(unsigned char*, dict_index_t const*, dtuple_t const*, unsigned long) (rem0rec.cc:1774) ==1292668== by 0x141C23E: page_cur_tuple_insert(page_cur_t*, dtuple_t const*, dict_index_t*, unsigned short**, mem_block_info_t**, unsigned long, mtr_t*) (page0cur.inl:272) ==1292668== by 0x142BA40: btr_cur_optimistic_insert(unsigned long, btr_cur_t*, unsigned short**, mem_block_info_t**, dtuple_t*, unsigned char**, big_rec_t**, unsigned long, que_thr_t*, mtr_t*) (btr0cur.cc:3597) ==1292668== by 0x12CC289: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t*, unsigned long, dtuple_t*, unsigned long, que_thr_t*) (row0ins.cc:2803) ==1292668== by 0x12CDDA9: row_ins_clust_index_entry(dict_index_t*, dtuple_t*, que_thr_t*, unsigned long) (row0ins.cc:3289) ==1292668== by 0x12CE344: row_ins_index_entry(dict_index_t*, dtuple_t*, que_thr_t*) (row0ins.cc:3415) ==1292668== by 0x12CEC89: row_ins_index_entry_step(ins_node_t*, que_thr_t*) (row0ins.cc:3584) ==1292668== by 0x12CF181: row_ins(ins_node_t*, que_thr_t*) (row0ins.cc:3721) ==1292668== by 0x12CFA14: row_ins_step(que_thr_t*) (row0ins.cc:3864) ==1292668== by 0x12F80C8: row_insert_for_mysql(unsigned char const*, row_prebuilt_t*, ins_mode_t) (row0mysql.cc:1395) ==1292668== by 0x112967D: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171) ==1292668== by 0xD16A2B: handler::ha_write_row(unsigned char const*) (handler.cc:6860) ^ Found warnings in /mnt8t/bld/10.4-valgrind/mysql-test/var/log/mysqld.1.err ok - saving '/mnt8t/bld/10.4-valgrind/mysql-test/var/log/bug.t2-innodb/' to '/mnt8t/bld/10.4-valgrind/mysql-test/var/log/bug.t2-innodb/' ***Warnings generated in error logs during shutdown after running tests: bug.t2 ==1292668== Uninitialised byte(s) found during client check request ==1292668== at 0xFD229D: my_b_write (my_sys.h:526) ==1292668== by 0xFD2559: _ma_write_static_record (ma_statrec.c:50) ==1292668== by 0xFF600F: maria_write (ma_write.c:284) ==1292668== by 0xF69120: ha_maria::write_row(unsigned char const*) (ha_maria.cc:1258) ==1292668== by 0xA3A2BD: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:6849) ==1292668== by 0xA199C9: create_internal_tmp_table_from_heap(THD*, TABLE*, st_maria_columndef*, st_maria_columndef**, int, bool, bool*) (sql_select.cc:20108) ==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165) ==1292668== by 0xA1EDEE: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:22118) ==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528) ==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420) ==1292668== by 0xB8DEDB: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2173) ==1292668== by 0xA1B616: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:20685) ==1292668== by 0xA1B8B9: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:20867) ==1292668== by 0xA1AE72: do_select(JOIN*, Procedure*) (sql_select.cc:20445) ==1292668== by 0x9EDFD2: JOIN::exec_inner() (sql_select.cc:4625) ==1292668== by 0x9ED0A3: JOIN::exec() (sql_select.cc:4407) ==1292668== Address 0x17dc268a is 122 bytes inside a block of size 224 alloc'd ==1292668== at 0x48407B4: malloc (vg_replace_malloc.c:381) ==1292668== by 0x16743ED: my_malloc (my_malloc.c:101) ==1292668== by 0x1663E6F: alloc_root (my_alloc.c:190) ==1292668== by 0xA16466: create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) (sql_select.cc:19066) ==1292668== by 0xAB0E71: select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) (sql_union.cc:393) ==1292668== by 0x93603B: mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) (sql_derived.cc:853) ==1292668== by 0x934552: mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) (sql_derived.cc:200) ==1292668== by 0xAE9FFB: TABLE_LIST::handle_derived(LEX*, unsigned int) (table.cc:9090) ==1292668== by 0x951140: LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) (sql_lex.h:4455) ==1292668== by 0x95E083: st_select_lex::handle_derived(LEX*, unsigned int) (sql_lex.cc:4417) ==1292668== by 0x9E0BA5: JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) (sql_select.cc:1243) ==1292668== by 0x9EE719: mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:4809) ==1292668== by 0x9DD4A4: handle_select(THD*, LEX*, select_result*, unsigned long) (sql_select.cc:442) ==1292668== by 0x99DCE0: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:6523) ==1292668== by 0x99402D: mysql_execute_command(THD*) (sql_parse.cc:3980) ==1292668== by 0x9A1EA2: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8062) ==1292668== Syscall param write(buf) points to uninitialised byte(s) ==1292668== at 0x4DEF17F: __libc_write (write.c:26) ==1292668== by 0x4DEF17F: write (write.c:24) ==1292668== by 0x167B92E: my_write (my_write.c:49) ==1292668== by 0x1649F19: inline_mysql_file_write (mysql_file.h:1180) ==1292668== by 0x164D85E: _my_b_cache_write (mf_iocache.c:1758) ==1292668== by 0x164E2F0: my_b_flush_io_cache (mf_iocache.c:1957) ==1292668== by 0x164B955: _my_b_write (mf_iocache.c:604) ==1292668== by 0xFD231A: my_b_write (my_sys.h:536) ==1292668== by 0xFD2559: _ma_write_static_record (ma_statrec.c:50) ==1292668== by 0xFF600F: maria_write (ma_write.c:284) ==1292668== by 0xF69120: ha_maria::write_row(unsigned char const*) (ha_maria.cc:1258) ==1292668== by 0xA3A2BD: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:6849) ==1292668== by 0xA199C9: create_internal_tmp_table_from_heap(THD*, TABLE*, st_maria_columndef*, st_maria_columndef**, int, bool, bool*) (sql_select.cc:20108) ==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165) ==1292668== by 0xA1EDEE: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:22118) ==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528) ==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420) ==1292668== Address 0x17f023b2 is 34 bytes inside a block of size 131,080 alloc'd ==1292668== at 0x48407B4: malloc (vg_replace_malloc.c:381) ==1292668== by 0x16743ED: my_malloc (my_malloc.c:101) ==1292668== by 0x164AB60: init_io_cache (mf_iocache.c:247) ==1292668== by 0xFBEFDD: maria_extra (ma_extra.c:142) ==1292668== by 0xF6BE53: ha_maria::start_bulk_insert(unsigned long long, unsigned int) (ha_maria.cc:2123) ==1292668== by 0x9507F2: handler::ha_start_bulk_insert(unsigned long long, unsigned int) (handler.h:3284) ==1292668== by 0xA199AE: create_internal_tmp_table_from_heap(THD*, TABLE*, st_maria_columndef*, st_maria_columndef**, int, bool, bool*) (sql_select.cc:20097) ==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165) ==1292668== by 0xA1EDEE: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:22118) ==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528) ==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420) ==1292668== by 0xB8DEDB: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2173) ==1292668== by 0xA1B616: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:20685) ==1292668== by 0xA1B8B9: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:20867) ==1292668== by 0xA1AE72: do_select(JOIN*, Procedure*) (sql_select.cc:20445) ==1292668== by 0x9EDFD2: JOIN::exec_inner() (sql_select.cc:4625) ==1292668== Syscall param pwrite64(buf) points to uninitialised byte(s) ==1292668== at 0x4DED2B7: __libc_pwrite64 (pwrite64.c:25) ==1292668== by 0x4DED2B7: pwrite (pwrite64.c:23) ==1292668== by 0x167693D: my_pwrite (my_pread.c:159) ==1292668== by 0xF586B8: _ma_nommap_pwrite (ma_dynrec.c:219) ==1292668== by 0xFD2640: _ma_write_static_record (ma_statrec.c:64) ==1292668== by 0xFF600F: maria_write (ma_write.c:284) ==1292668== by 0xF69120: ha_maria::write_row(unsigned char const*) (ha_maria.cc:1258) ==1292668== by 0xA3A2BD: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:6849) ==1292668== by 0xA19AA9: create_internal_tmp_table_from_heap(THD*, TABLE*, st_maria_columndef*, st_maria_columndef**, int, bool, bool*) (sql_select.cc:20118) ==1292668== by 0xAB02FE: select_unit::send_data(List<Item>&) (sql_union.cc:165) ==1292668== by 0xA1EDEE: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:22118) ==1292668== by 0xB8EA34: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2528) ==1292668== by 0xB8E6EE: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2420) ==1292668== by 0xB8DEDB: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2173) ==1292668== by 0xA1B616: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:20685) ==1292668== by 0xA1B8B9: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:20867) ==1292668== by 0xA1AE72: do_select(JOIN*, Procedure*) (sql_select.cc:20445) ==1292668== Address 0x17dc2654 is 68 bytes inside a block of size 224 alloc'd ==1292668== at 0x48407B4: malloc (vg_replace_malloc.c:381) ==1292668== by 0x16743ED: my_malloc (my_malloc.c:101) ==1292668== by 0x1663E6F: alloc_root (my_alloc.c:190) ==1292668== by 0xA16466: create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) (sql_select.cc:19066) ==1292668== by 0xAB0E71: select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) (sql_union.cc:393) ==1292668== by 0x93603B: mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) (sql_derived.cc:853) ==1292668== by 0x934552: mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) (sql_derived.cc:200) ==1292668== by 0xAE9FFB: TABLE_LIST::handle_derived(LEX*, unsigned int) (table.cc:9090) ==1292668== by 0x951140: LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) (sql_lex.h:4455) ==1292668== by 0x95E083: st_select_lex::handle_derived(LEX*, unsigned int) (sql_lex.cc:4417) ==1292668== by 0x9E0BA5: JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) (sql_select.cc:1243) ==1292668== by 0x9EE719: mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:4809) ==1292668== by 0x9DD4A4: handle_select(THD*, LEX*, select_result*, unsigned long) (sql_select.cc:442) ==1292668== by 0x99DCE0: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:6523) ==1292668== by 0x99402D: mysql_execute_command(THD*) (sql_parse.cc:3980) ==1292668== by 0x9A1EA2: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8062) 10.5 MSAN f98d2ef5b4ab633d74fb245a8b6520fe86514de0 Uninitialized bytes in __msan_check_mem_is_initialized at offset 26 inside [0x70f000007c30, 53) ==1306825==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x555bbcf4968b in my_b_write /data/bld/10.5-msan/include/my_sys.h:499:3 #1 0x555bbcf4968b in _ma_write_static_record /data/bld/10.5-msan/storage/maria/ma_statrec.c:50:11 #2 0x555bbcfc6971 in maria_write /data/bld/10.5-msan/storage/maria/ma_write.c:284:9 #3 0x555bbcdd2a6f in ha_maria::write_row(unsigned char const*) /data/bld/10.5-msan/storage/maria/ha_maria.cc:1264:10 #4 0x555bbb9a5a8a in handler::ha_write_tmp_row(unsigned char*) /data/bld/10.5-msan/sql/sql_class.h:7271:3 #5 0x555bbb8fdaf2 in create_internal_tmp_table_from_heap(THD*, TABLE*, st_maria_columndef*, st_maria_columndef**, int, bool, bool*) /data/bld/10.5-msan/sql/sql_select.cc:20391:32 #6 0x555bbbb59a79 in select_unit::write_record() /data/bld/10.5-msan/sql/sql_union.cc:432:12 #7 0x555bbbb59a79 in select_unit::send_data(List<Item>&) /data/bld/10.5-msan/sql/sql_union.cc:157:9 #8 0x555bbb8a95a8 in select_result_sink::send_data_with_check(List<Item>&, st_select_lex_unit*, unsigned long long) /data/bld/10.5-msan/sql/sql_class.h:5535:12 #9 0x555bbb8a95a8 in end_send(JOIN*, st_join_table*, bool) /data/bld/10.5-msan/sql/sql_select.cc:22422:11 #10 0x555bbbe1570e in JOIN_CACHE::generate_full_extensions(unsigned char*) /data/bld/10.5-msan/sql/sql_join_cache.cc:2534:11 #11 0x555bbbe14ba5 in JOIN_CACHE::join_matching_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2426:13 #12 0x555bbbe135b9 in JOIN_CACHE::join_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2177:9 #13 0x555bbb94b38f in sub_select_cache(JOIN*, st_join_table*, bool) /data/bld/10.5-msan/sql/sql_select.cc:20969:16 #14 0x555bbb94975a in sub_select(JOIN*, st_join_table*, bool) /data/bld/10.5-msan/sql/sql_select.cc:21151:7 #15 0x555bbb8c08ab in do_select(JOIN*, Procedure*) /data/bld/10.5-msan/sql/sql_select.cc:20729:14 #16 0x555bbb8c08ab in JOIN::exec_inner() /data/bld/10.5-msan/sql/sql_select.cc:4622:50 #17 0x555bbb8bc3f8 in JOIN::exec() /data/bld/10.5-msan/sql/sql_select.cc:4402:3 #18 0x555bbb824970 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/bld/10.5-msan/sql/sql_select.cc:4879:9 #19 0x555bbb5cecf2 in mysql_derived_fill(THD*, LEX*, TABLE_LIST*) /data/bld/10.5-msan/sql/sql_derived.cc:1268:10 #20 0x555bbb5d1457 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/bld/10.5-msan/sql/sql_derived.cc:200:15 #21 0x555bbb906c49 in st_join_table::preread_init() /data/bld/10.5-msan/sql/sql_select.cc:13997:7 #22 0x555bbb8b5db1 in join_init_read_record(st_join_table*) /data/bld/10.5-msan/sql/sql_select.cc:22168:40 #23 0x555bbbe14331 in JOIN_CACHE::join_matching_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2355:7 #24 0x555bbbe135b9 in JOIN_CACHE::join_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2177:9 #25 0x555bbbe13397 in JOIN_CACHE::join_records(bool) /data/bld/10.5-msan/sql/sql_join_cache.cc:2232:21 #26 0x555bbb94b38f in sub_select_cache(JOIN*, st_join_table*, bool) /data/bld/10.5-msan/sql/sql_select.cc:20969:16 #27 0x555bbb94975a in sub_select(JOIN*, st_join_table*, bool) /data/bld/10.5-msan/sql/sql_select.cc:21151:7 #28 0x555bbb8c08ab in do_select(JOIN*, Procedure*) /data/bld/10.5-msan/sql/sql_select.cc:20729:14 #29 0x555bbb8c08ab in JOIN::exec_inner() /data/bld/10.5-msan/sql/sql_select.cc:4622:50 #30 0x555bbb8bc3f8 in JOIN::exec() /data/bld/10.5-msan/sql/sql_select.cc:4402:3 #31 0x555bbb824970 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/bld/10.5-msan/sql/sql_select.cc:4879:9 #32 0x555bbb823386 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/bld/10.5-msan/sql/sql_select.cc:450:10 #33 0x555bbb7581fe in execute_sqlcom_select(THD*, TABLE_LIST*) /data/bld/10.5-msan/sql/sql_parse.cc:6391:12 #34 0x555bbb73208a in mysql_execute_command(THD*) /data/bld/10.5-msan/sql/sql_parse.cc:4022:12 #35 0x555bbb7192d7 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/bld/10.5-msan/sql/sql_parse.cc:8170:18 #36 0x555bbb70c741 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/bld/10.5-msan/sql/sql_parse.cc:1891:7 #37 0x555bbb71b278 in do_command(THD*) /data/bld/10.5-msan/sql/sql_parse.cc:1375:17 #38 0x555bbbd2185f in do_handle_one_connection(CONNECT*, bool) /data/bld/10.5-msan/sql/sql_connect.cc:1415:11 #39 0x555bbbd20f55 in handle_one_connection /data/bld/10.5-msan/sql/sql_connect.cc:1317:5 #40 0x555bbd134aba in pfs_spawn_thread /data/bld/10.5-msan/storage/perfschema/pfs.cc:2201:3 #41 0x7fb469f0b043 in start_thread nptl/./nptl/pthread_create.c:442:8 #42 0x7fb469f8b61b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81 Uninitialized value was stored to memory at #0 0x555bbb1f2149 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77d149) #1 0x555bbd3c7192 in heap_scan /data/bld/10.5-msan/storage/heap/hp_scan.c:74:3 Uninitialized value was stored to memory at #0 0x555bbb1f2149 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77d149) #1 0x555bbd3c92af in heap_write /data/bld/10.5-msan/storage/heap/hp_write.c:56:3 Uninitialized value was stored to memory at #0 0x555bbb1f2149 in __msan_memcpy (/mnt8t/bld/10.5-msan/sql/mariadbd+0x77d149) #1 0x555bbc3496b2 in field_conv_memcpy(Field*, Field*) /data/bld/10.5-msan/sql/field_conv.cc:881:5 #2 0x555bbc3496b2 in field_conv(Field*, Field*) /data/bld/10.5-msan/sql/field_conv.cc:911:10 Memory was marked as uninitialized #0 0x555bbb1f88ee in __msan_allocated_memory (/mnt8t/bld/10.5-msan/sql/mariadbd+0x7838ee) #1 0x555bbdb0b96e in row_sel_field_store_in_mysql_format_func(unsigned char*, mysql_row_templ_t const*, dict_index_t const*, unsigned long, unsigned char const*, unsigned long) /data/bld/10.5-msan/storage/innobase/row/row0sel.cc:2754:2 SUMMARY: MemorySanitizer: use-of-uninitialized-value /data/bld/10.5-msan/include/my_sys.h:499:3 in my_b_write Upstream bug is closed as not reproducible on 5.7 (it was confirmed for 5.5). I didn't check whether it is indeed not reproducible on 5.7.

People

Assignee:: Oleksandr Byelkin

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2014-01-10 20:52

Updated:: 2024-11-22 17:11

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server