[MDEV-18947] my_pwrite / pagecache_fwrite: Syscall param pwrite64(buf) points to uninitialised byte(s) Created: 2019-03-16  Updated: 2023-04-27

Status: Open
Project: MariaDB Server
Component/s: Storage Engine - Aria
Affects Version/s: 10.2, 10.3, 10.4
Fix Version/s: 10.4

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Michael Widenius
Resolution: Unresolved Votes: 0
Labels: valgrind

Issue Links:
Relates
relates to MDEV-15256 Crash in flush_cached_blocks Confirmed

 Description    

CREATE TABLE t1 (a BIT(4), b BLOB) ENGINE=Aria;
 
INSERT INTO t1 VALUES (b'0','foo'),(b'1','bar');
 
REPLACE t1 SELECT * FROM t1;
 
 
 
# Cleanup
 
DROP TABLE t1;

10.2 e63f6216 Valgrind

 
==6213== Thread 6:
 
==6213== Syscall param pwrite64(buf) points to uninitialised byte(s)
 
==6213==    at 0x4E48963: ??? (syscall-template.S:84)
 
==6213==    by 0x10F9F6A: my_pwrite (my_pread.c:157)
 
==6213==    by 0xB8558C: pagecache_fwrite (ma_pagecache.c:670)
 
==6213==    by 0xB8EE16: flush_cached_blocks (ma_pagecache.c:4420)
 
==6213==    by 0xB8F7B8: flush_pagecache_blocks_int (ma_pagecache.c:4716)
 
==6213==    by 0xB8FBD5: flush_pagecache_blocks_with_filter (ma_pagecache.c:4833)
 
==6213==    by 0xBC288A: _ma_once_end_block_record (ma_blockrec.c:451)
 
==6213==    by 0xBEA1D8: maria_close (ma_close.c:107)
 
==6213==    by 0xB60C13: ha_maria::close() (ha_maria.cc:1274)
 
==6213==    by 0x952354: handler::ha_close() (handler.cc:2615)
 
==6213==    by 0xB6506D: ha_maria::drop_table(char const*) (ha_maria.cc:2687)
 
==6213==    by 0x956E31: handler::ha_drop_table(char const*) (handler.cc:4427)
 
==6213==    by 0x732FF9: free_tmp_table(THD*, TABLE*) (sql_select.cc:18071)
 
==6213==    by 0x724AAF: JOIN::cleanup(bool) (sql_select.cc:12285)
 
==6213==    by 0x7246B2: JOIN::join_free() (sql_select.cc:12178)
 
==6213==    by 0x733C87: do_select(JOIN*, Procedure*) (sql_select.cc:18348)
 
==6213==  Address 0xbe1305a is 26 bytes inside a block of size 8,011,784 alloc'd
 
==6213==    at 0x4C2BBAF: malloc (vg_replace_malloc.c:299)
 
==6213==    by 0x10F7AC0: my_malloc (my_malloc.c:101)
 
==6213==    by 0x1122B58: my_large_malloc (my_largepage.c:64)
 
==6213==    by 0xB85A4B: init_pagecache (ma_pagecache.c:830)
 
==6213==    by 0xB67138: ha_maria_init(void*) (ha_maria.cc:3583)
 
==6213==    by 0x94D5F9: ha_initialize_handlerton(st_plugin_int*) (handler.cc:521)
 
==6213==    by 0x6DC065: plugin_initialize(st_mem_root*, st_plugin_int*, int*, char**, bool) (sql_plugin.cc:1416)
 
==6213==    by 0x6DCC4D: plugin_init(int*, char**, int) (sql_plugin.cc:1698)
 
==6213==    by 0x5E122E: init_server_components() (mysqld.cc:5313)
 
==6213==    by 0x5E2304: mysqld_main(int, char**) (mysqld.cc:5907)
 
==6213==    by 0x5D6ADF: main (main.cc:25)

Not reproducible on 10.1.
Generated at Thu Feb 08 08:47:56 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.