Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.1.1
-
None
-
None
Description
Filing based on discussion with monty.
This is a different problem than MDEV-6575.
The errors look like this:
==2976== Conditional jump or move depends on uninitialised value(s)
|
==2976== at 0x5381F0: st_join_table::save_explain_data(Explain_table_access*, unsigned long long, bool, st_join_table*) (sql_show.h:205)
|
==2976== by 0x539E10: JOIN::save_explain_data_intern(Explain_query*, bool, bool, bool, char const*) (sql_select.cc:23789)
|
==2976== by 0x540745: JOIN::optimize() (sql_select.cc:1046)
|
==2976== by 0x540882: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:3306)
|
==2976== by 0x543CC3: handle_select(THD*, LEX*, select_result*, unsigned long) (sql_select.cc:372)
|
==2976== by 0x4EB8C4: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5729)
|
==2976== by 0x4F248F: mysql_execute_command(THD*) (sql_parse.cc:2809)
|
==2976== by 0x4FA71C: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:7011)
|
==2976== by 0x4FD811: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1469)
|
==2976== by 0x4FDDA1: do_command(THD*) (sql_parse.cc:1092)
|
==2976== by 0x5B2351: do_handle_one_connection(THD*) (sql_connect.cc:1394)
|
==2976== by 0x5B2505: handle_one_connection (sql_connect.cc:1305)
|
==2976== by 0x827102: pfs_spawn_thread (pfs.cc:1860)
|
==2976== by 0x60E0E99: start_thread (pthread_create.c:308)
|
==2976== by 0x69E63FC: clone (clone.S:112)
|
minimal testcase:
create table t1 (a int);
|
insert into t1 values (1), (2), (3), (4);
|
show columns from t1;
|
drop table t1;
|
Attachments
Activity
static bool optimize_for_get_all_tables(THD *thd, TABLE_LIST *tables, COND *cond)
there is this code:
/*
|
this branch processes SHOW FIELDS, SHOW INDEXES commands.
|
see sql_parse.cc, prepare_schema_table() function where
|
this values are initialized
|
*/
|
if (lsel && lsel->table_list.first)
|
{
|
/* These do not need to have a query plan */
|
goto end;
|
}
|
lookup_field_vals is never set.
Maybe, we should not attempt to save explain data structures for SHOW FIELDS and SHOW INDEXES commands.
If I take the testcase and replace
insert into t1 values (1), (2), (3), (4);with its more verbose form
select * from information_schema.columns where table_schema='test' and table_name='t1';then the error goes away. Maybe, SHOW COLUMNS takes some shortcuts and doesn't set the value?
I've rang SHOW COLUMNS under gdb and attempted to catch writes to the data that save_explain_data() does invalid read from. No success...