[#MDEV-20377] Make WITH_MSAN more usable

[MDEV-20377] Make WITH_MSAN more usable Created: 2019-08-19 Updated: 2023-09-22 Resolved: 2020-07-01
Status:	Closed
Project:	MariaDB Server
Component/s:	Tests
Affects Version/s:	5.5, 10.1, 10.2, 10.3, 10.4, 10.5
Fix Version/s:	10.2.33, 10.3.24, 10.4.14, 10.5.5

Type:

Bug

Priority:

Major

Reporter:

Marko Mäkelä

Assignee:

Marko Mäkelä

Resolution:

Fixed

Votes:

Labels:

Sanity_Checking, valgrind

Environment:

Debian GNU/Linux unstable, clang 8.0.1

Attachments:

10.5-msan.patch

build-msan.sh

build-msan15.sh

build-msan16.sh

build-msan2.sh

Issue Links:

Blocks
blocks	~~MDEV-30936~~	clang 15.0.7 -fsanitize=memory fails ...	Closed
is blocked by	~~MDEV-22688~~	MSAN use-of-uninitialized-value in RE...	Closed
is blocked by	~~MDEV-22689~~	MSAN use-of-uninitialized-value in de...	Closed
is blocked by	~~MDEV-22690~~	MSAN use-of-uninitialized-value in op...	Closed
is blocked by	~~MDEV-22691~~	MSAN use-of-uninitialized-value in te...	Closed
is blocked by	~~MDEV-22692~~	MSAN use-of-uninitialized-value in pa...	Closed
PartOf
includes	~~MDBF-136~~	MSAN - create instrumented libcrack	Closed
includes	~~MDEV-20386~~	Replace inline asm with compiler-buil...	Closed
includes	~~MDEV-20388~~	Allegedly uninitialized values left b...	Closed
includes	~~MDEV-22059~~	MSAN report at replicate_ignore_table...	Closed
Relates
relates to	~~CONC-483~~	Workaround for MSAN bug needed	Closed
relates to	~~MDEV-20309~~	InnoDB encryption accesses memory out...	Closed
relates to	~~MDEV-22070~~	MSAN use-of-uninitialized-value in en...	Closed
relates to	~~MDEV-22071~~	MSAN use-of-uninitialized-value in bu...	Closed
relates to	MDEV-22072	MSAN use-of-uninitialized-value in wf...	Open
relates to	~~MDEV-22073~~	MSAN use-of-uninitialized-value in co...	Closed
relates to	MDEV-22244	Field::error_generated_column_functio...	Open
relates to	~~MDEV-24514~~	WITH_MSAN is disabling WOLFSSL_AESNI ...	Closed
relates to	~~MDEV-26758~~	Make libmariadb run under MSAN	Closed
relates to	MDEV-27964	The function ENCRYPT() causes SIGSEGV...	Open
relates to	MDEV-30942	MSAN_OPTIONS=poison_in_dtor=1 causes ...	Open
relates to	MDEV-31790	Extremely slow tests rpl.rpl_non_dire...	Open
relates to	~~MDEV-14024~~	PCRE2	Closed
relates to	MDEV-20310	valgrind bugs found in 10.5	Open
relates to	~~MDEV-20383~~	Use of uninitialized value in Datafil...	Closed
relates to	~~MDEV-22060~~	MSAN use-of-uninitialized-value in ma...	Closed
relates to	~~MDEV-24841~~	Build error with MSAN use-of-uninitia...	Closed

Description

MemorySanitizer is a compile-time instrumentation layer in clang and GCC. Together with AddressSanitizer mostly makes the run-time instrumentation of Valgrind redundant. It is a little more tricky to set up, because running with uninstrumented libraries will lead into false positives.

No patches are necessary since 10.5 94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157 (see the commit message for instructions); cmake -DWITH_MSAN=ON is supposed to work ‘out of the box’.

This task will be kept open until all tests pass and MemorySanitizer can be enabled on CI systems.

How to instrumented libraries

These instructions are for clang-10. The script build-msan2.sh was developed to resolve ~~MDEV-22083~~ a.k.a. ~~MDEV-26758~~.

mkdir /tmp/build

cd /tmp/build

mkdir "$HOME/msan-libs"

CLANG=10 MSAN_LIBDIR="$HOME/msan-libs" build-msan.sh

Note: to use different clang (tested with clang-8, clang-9, clang-11, clang-13), just replace 10 with the major version of the compiler above.

For clang-15, the procedure is a little different:

mkdir /tmp/build

cd /tmp/build

mkdir "$HOME/msan-libs"

CLANG=15 MSAN_LIBDIR="$HOME/msan-libs" build-msan15.sh

How to build MariaDB Server 10.5 or later with the instrumented libraries

cd /mariadb/10.5

mkdir build

cd build

cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \

-DCMAKE_C_FLAGS='-O2 -Wno-unused-command-line-argument -fdebug-macro' \

-DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -Wno-unused-command-line-argument -fdebug-macro'  \

-DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \

-DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \

-DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \

-DWITH_{ZLIB,SSL,PCRE}=bundled \

-DHAVE_LIBAIO_H=0 -DCMAKE_DISABLE_FIND_PACKAGE_{URING,LIBAIO}=1 \

-DWITH_MSAN=ON \

-G Ninja ..

ninja

Note: -march=native -mtune=native is optional since the second fix of ~~MDEV-20386~~

How to run tests

cd mysql-test

LD_LIBRARY_PATH="$HOME"/msan-libs ./mtr main.1st

LD_LIBRARY_PATH="$HOME"/msan-libs MSAN_OPTIONS=abort_on_error=1:poison_in_dtor=1 ./mtr --big-test --parallel=auto --force --retry=0

Note: It may be wise to omit MSAN_OPTIONS=abort_on_error=1 except when running code in a debugger. On some occasions, it may cause truncation of the diagnostic messages.

Note: The llvm-symbolizer in clang 14 or later will refuse to load if LD_LIBRARY_PATH includes an MSAN-instrumented libgmp.so. To get nice resolved stack traces, you must point the environment variable MSAN_SYMBOLIZER_PATH to a script like the following:

#!/bin/sh

unset LD_LIBRARY_PATH

exec llvm-symbolizer-15 "$@"

The poison_in_dtor=1 (~~MDEV-30936~~, MDEV-30942) is an old option that was enabled by default in clang 15.

Comments

Comment by Marko Mäkelä [ 2019-08-19 ]

I have now pushed WITH_MSAN to 10.2. At least the following issues will have to be resolved for this to be useful for mysql-test-run:

~~MDEV-20388~~ Allegedly uninitialized values left by MyCTX_nopad
~~MDEV-20386~~ Replace inline asm with compiler-builtin intrinsic functions
~~MDEV-20309~~ InnoDB encryption accesses memory outside of allocated block
the bogus-looking errors for getservbyname() (see the work-around patch above); possibly needs an instrumented library
the errors for regular expression operations in mysqltest.cc; possibly needs -DWITH_PCRE=bundled

Comment by Marko Mäkelä [ 2019-08-26 ]

On my system, the C library function getservbyname() invokes the implementation _nss_files_getservbyname_r() in libnss_files.so.2. I tried to compile an instrumented GNU libc, but it appears to depend on the GNU C Compiler, and GCC 9.2.1 is missing support for -fsanitize=memory (MemorySanitizer). After I bypassed the "compiler is too old" check (clang-8 identifies it as some old _GNUC_), the build would fail due to missing support for __attribute__((constructor)).

It looks like we will need some hack to work around the getservbyname() problem. I used the following:

diff --git a/libmysqld/libmysql.c b/libmysqld/libmysql.c

index 13f7f074d80..f1c0f9a0b79 100644

--- a/libmysqld/libmysql.c

+++ b/libmysqld/libmysql.c

@@ -153,7 +153,7 @@ int STDCALL mysql_server_init(int argc __attribute__((unused)),

         line options.

*/

-#if MYSQL_PORT_DEFAULT == 0

+#if 0 /* MYSQL_PORT_DEFAULT == 0 */

       if ((serv_ptr= getservbyname("mysql", "tcp")))

         mysql_port= (uint) ntohs((ushort) serv_ptr->s_port);

 #endif

diff --git a/sql/mysqld.cc b/sql/mysqld.cc

index 33e15b1db07..02d6b3948a3 100644

--- a/sql/mysqld.cc

+++ b/sql/mysqld.cc

@@ -2418,7 +2418,7 @@ static void set_ports()

       line options.

*/

-#if MYSQL_PORT_DEFAULT == 0

+#if 0 // MYSQL_PORT_DEFAULT == 0

     struct  servent *serv_ptr;

     if ((serv_ptr= getservbyname("mysql", "tcp")))

       SYSVAR_AUTOSIZE(mysqld_port, ntohs((u_short) serv_ptr->s_port));

diff --git a/libmariadb/libmariadb/mariadb_lib.c b/libmariadb/libmariadb/mariadb_lib.c

index d43b68c..fb6236f 100644

--- a/libmariadb/libmariadb/mariadb_lib.c

+++ b/libmariadb/libmariadb/mariadb_lib.c

@@ -3539,12 +3539,16 @@ static void mysql_once_init()

   if (!mysql_port)

+#if 0

     struct servent *serv_ptr;

+#endif

     char *env;

     mysql_port = MARIADB_PORT;

+#if 0

     if ((serv_ptr = getservbyname("mysql", "tcp")))

       mysql_port = (uint)ntohs((ushort)serv_ptr->s_port);

+#endif

     if ((env = getenv("MYSQL_TCP_PORT")))

       mysql_port =(uint)atoi(env);

The change for libmysql.c is needed for --suite=mariabackup.

-DWITH_PCRE=bundled appears to introduce a problem:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f
CURRENT_TEST: main.1st

Could not execute 'check-testcase' before testcase 'main.1st' (res: 77):
mysqltest: Logging to '/dev/shm/10.2m/mysql-test/var/tmp/check-mysqld_1.log'.
mysqltest: Results saved in '/dev/shm/10.2m/mysql-test/var/tmp/check-mysqld_1.result'.
mysqltest: Connecting to server localhost:16000 (socket /dev/shm/10.2m/mysql-test/var/tmp/mysqld.1.sock) as 'root', connection 'default', attempt 0 ...
mysqltest: ... Connected.
mysqltest: Start processing test commands from './include/check-testcase.test' ...
mysqltest: At line 87: Regex error: No match

mysqltest got signal 7
read_command_buf (0x731000000008): cat_file
conn->name (0x701000009f78): ==13460==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x635a27 in safe_print_str /mariadb/10.2o/mysys/stacktrace.c:96:3
#1 0x635a27 in my_safe_print_str /mariadb/10.2o/mysys/stacktrace.c:156
#2 0x5204dc in dump_backtrace() /mariadb/10.2o/client/mysqltest.cc:9055:5
#3 0x5201a2 in signal_handler(int) /mariadb/10.2o/client/mysqltest.cc:9079:3
#4 0x484ca8 in SignalHandler(int) (/dev/shm/10.2m/client/mysqltest+0x484ca8)
#5 0x7f728dd2172f (/lib/x86_64-linux-gnu/libpthread.so.0+0x1272f)
#6 0x7f728d6f273b (/lib/x86_64-linux-gnu/libc.so.6+0xd473b)
#7 0x7f728d6fc480 in regfree (/lib/x86_64-linux-gnu/libc.so.6+0xde480)
#8 0x46ed60 in regfree (/dev/shm/10.2m/client/mysqltest+0x46ed60)
#9 0x4be28c in free_re() /mariadb/10.2o/client/mysqltest.cc:8928:3
#10 0x4be28c in free_used_memory() /mariadb/10.2o/client/mysqltest.cc:1534
#11 0x4c0179 in cleanup_and_exit(int) /mariadb/10.2o/client/mysqltest.cc:1546:3
#12 0x4bf7d1 in really_die(char const*) /mariadb/10.2o/client/mysqltest.cc
#13 0x4bb82e in die(char const*, ...) /mariadb/10.2o/client/mysqltest.cc:1629:3
#14 0x51d946 in reg_replace(char*, int, char, char, char*, int) /mariadb/10.2o/client/mysqltest.cc
#15 0x4cc143 in multi_reg_replace(st_replace_regex, char) /mariadb/10.2o/client/mysqltest.cc:10303:10
#16 0x4c20a9 in replace_dynstr_append_mem(st_dynamic_string, char const, unsigned long) /mariadb/10.2o/client/mysqltest.cc:11188:10
#17 0x4c1c74 in cat_file(st_dynamic_string, char const) /mariadb/10.2o/client/mysqltest.cc:1815:5
#18 0x4db174 in do_cat_file(st_command*) /mariadb/10.2o/client/mysqltest.cc:4399:10
#19 0x50dd82 in main /mariadb/10.2o/client/mysqltest.cc:9505:24
#20 0x7f728d64209a in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2409a)
#21 0x438ae9 in _start (/dev/shm/10.2m/client/mysqltest+0x438ae9)

Uninitialized value was created by a heap deallocation
#0 0x43ee19 in free (/dev/shm/10.2m/client/mysqltest+0x43ee19)
#1 0x6266c4 in my_free /mariadb/10.2o/mysys/my_malloc.c:218:5

I retried -DWITH_PCRE=system, and no further work-arounds are necessary for ./mtr main.1st to pass (only the getservbyname() workaround). The system-installed library is libpcre3, version 2:8.39-12+b1.

The following workarounds are needed for (among others) --suite=binlog_encryption to pass:

diff --git a/client/mysqltest.cc b/client/mysqltest.cc

index 60a203ccedd..13b20407685 100644

--- a/client/mysqltest.cc

+++ b/client/mysqltest.cc

@@ -10189,6 +10189,7 @@ struct st_replace_regex* init_replace_regex(char* expr)

+__attribute__((no_sanitize("memory"))) // for var_get()

 void append_replace_regex(char* expr, char *expr_end, struct st_replace_regex* res,

                           char **buf_p)

@@ -10382,6 +10383,7 @@ void free_replace_regex()

   string - the string to perform substitutions in

   icase - flag, if set to 1 the match is case insensitive

*/

+__attribute__((no_sanitize("memory")))

 int reg_replace(char** buf_p, int* buf_len_p, char *pattern,

                 char *replace, char *string, int icase)

For Galera tests to work, we would need an instrumented libgalera_smm.so. Due to the lack of instrumentation, the test wsrep_info.plugin would fail inside verify() called by wsrep_load().

The tests main.func_regexp main.func_regexp_pcre main.ctype_utf8 and many others will fail because of uninstrumented libpcre3. Also many tests that add suppressions will fail:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f

CURRENT_TEST: encryption.innodb-force-corrupt

mysqltest: At line 11: query 'call mtr.add_suppression("InnoDB: Encrypted page \\[page id: space=\\d+, page number=[36]\\] in file .*test.t[123]\\.ibd looks corrupted; key_version=3221342974")' failed: 2013: Lost connection to MySQL server during query

Due to the largish amount of noise caused by uninstrumented libpcre and libgnutls, it is challenging to find genuine errors. Here could be one:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f
CURRENT_TEST: sys_vars.innodb_max_dirty_pages_pct_basic
mysqltest: At line 95: query 'SET @@global.innodb_max_dirty_pages_pct = @global_start_value - 2' failed: 2013: Lost connection to MySQL server during query
…
==28406==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x3494d3f in dtoa /mariadb/10.2o/strings/dtoa.c:2227:7
#1 0x348b16e in my_fcvt /mariadb/10.2o/strings/dtoa.c:96:8
#2 0x34a9e04 in process_dbl_arg /mariadb/10.2o/strings/my_vsnprintf.c:246:10
#3 0x34a9e04 in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:638
#4 0x919029 in push_warning_printf(THD, Sql_condition::enum_warning_level, unsigned int, char const, ...) /mariadb/10.2o/sql/sql_error.cc:797:3
#5 0x1cd10fb in innodb_max_dirty_pages_pct_update(THD, st_mysql_sys_var, void, void const) /mariadb/10.2o/storage/innobase/handler/ha_innodb.cc:17478:3

Apparently the in_val inside the function is initialized (it had successfully been subjected to comparison), but something along the call stack could be lacking instrumentation.

Here is another, related-looking failure:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f
CURRENT_TEST: main.plugin_innodb
…
==30165==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x3494d3f in dtoa /mariadb/10.2o/strings/dtoa.c:2227:7
#1 0x348b16e in my_fcvt /mariadb/10.2o/strings/dtoa.c:96:8
#2 0x34a9e04 in process_dbl_arg /mariadb/10.2o/strings/my_vsnprintf.c:246:10
#3 0x34a9e04 in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:638
#4 0x34afc93 in my_vsnprintf /mariadb/10.2o/strings/my_vsnprintf.c:704:10
#5 0x34afc93 in my_snprintf /mariadb/10.2o/strings/my_vsnprintf.c:713
#6 0x7ff4b7586409 in show_func_example(THD, st_mysql_show_var, char*) /mariadb/10.2o/storage/example/ha_example.cc:1074:3
#7 0xc5ed55 in show_status_array(THD, char const, st_mysql_show_var, enum_var_type, system_status_var, char const, TABLE, bool, Item*) /mariadb/10.2o/sql/sql_show.cc:3554:7
#8 0xc5ee7e in show_status_array(THD, char const, st_mysql_show_var, enum_var_type, system_status_var, char const, TABLE, bool, Item*) /mariadb/10.2o/sql/sql_show.cc:3560:7
#9 0xc6091b in fill_status(THD, TABLE_LIST, Item*) /mariadb/10.2o/sql/sql_show.cc:7557:8
#10 0xc698c5 in get_schema_tables_result(JOIN*, enum_schema_table_state) /mariadb/10.2o/sql/sql_show.cc:8431:11
#11 0xb437ea in JOIN::exec_inner() /mariadb/10.2o/sql/sql_select.cc:3591:7
#12 0xb413b3 in JOIN::exec() /mariadb/10.2o/sql/sql_select.cc:3422:3
#13 0xab6d0b in mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /mariadb/10.2o/sql/sql_select.cc:3822:9
#14 0xab5d58 in handle_select(THD, LEX, select_result*, unsigned long) /mariadb/10.2o/sql/sql_select.cc:365:10
#15 0x9fb160 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.2o/sql/sql_parse.cc:6226:12
#16 0x9d3a1d in execute_show_status(THD, TABLE_LIST) /mariadb/10.2o/sql/sql_parse.cc:6259:10
#17 0x9d3a1d in mysql_execute_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:3456
#18 0x9c51b0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:7760:18
#19 0x9b41a5 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:1831:7
#20 0x9be26d in do_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:1385:17
#21 0xee57b4 in do_handle_one_connection(CONNECT*) /mariadb/10.2o/sql/sql_connect.cc:1336:11
#22 0xee4bf9 in handle_one_connection /mariadb/10.2o/sql/sql_connect.cc:1241:3
#23 0x2fa6408 in pfs_spawn_thread /mariadb/10.2o/storage/perfschema/pfs.cc:1862:3
#24 0x7ff4bf110fa2 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7fa2)
#25 0x7ff4be8ee4ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce)

Uninitialized value was created by an allocation of 'buf' in the stack frame of function '_db_return_'
#0 0x335dd10 in _db_return_ /mariadb/10.2o/dbug/dbug.c:1174

And another, which might be related:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f
CURRENT_TEST: main.subselect_no_semijoin

/dev/shm/10.2m/client/mysqltest: Error on delete of '/dev/shm/10.2m/mysql-test/var/6/tmp/subselect.out.file.1' (Errcode: 2 "No such file or directory")
mysqltest: At line 27: query 'explain format=json
SELECT ( SELECT b FROM t2 WHERE b = a OR EXISTS ( SELECT c FROM t3 WHERE c = b ) ) FROM t1' failed: 2013: Lost connection to MySQL server during query
…
# End of 10.2 tests
#
# MDEV-19714: JOIN::pseudo_bits_cond is not visible in EXPLAIN FORMAT=JSON
#
CREATE TABLE t1 ( a INT );
INSERT INTO t1 VALUES (1),(5);
CREATE TABLE t2 ( b INT ) ENGINE=MyISAM;
INSERT INTO t2 VALUES (1);
CREATE TABLE t3 ( c INT );
INSERT INTO t3 VALUES (4),(5);
SET @tmp19714=@@optimizer_switch;
SET optimizer_switch='subquery_cache=off';
explain format=json
SELECT ( SELECT b FROM t2 WHERE b = a OR EXISTS ( SELECT c FROM t3 WHERE c = b ) ) FROM t1;
…
==29984==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x3494d3f in dtoa /mariadb/10.2o/strings/dtoa.c:2227:7
#1 0x34967dd in my_gcvt /mariadb/10.2o/strings/dtoa.c:225:8
#2 0x34a9efe in process_dbl_arg /mariadb/10.2o/strings/my_vsnprintf.c:248:10
#3 0x34a9efe in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:638
#4 0x34afc93 in my_vsnprintf /mariadb/10.2o/strings/my_vsnprintf.c:704:10
#5 0x34afc93 in my_snprintf /mariadb/10.2o/strings/my_vsnprintf.c:713
#6 0x1051873 in Json_writer::add_double(double) /mariadb/10.2o/sql/my_json_writer.cc:164:3
#7 0xf95548 in Explain_table_access::print_explain_json(Explain_query, Json_writer, bool) /mariadb/10.2o/sql/sql_explain.cc:1639:36
#8 0xf92ce3 in Explain_basic_join::print_explain_json_interns(Explain_query, Json_writer, bool) /mariadb/10.2o/sql/sql_explain.cc:1014:19
#9 0xf91278 in Explain_select::print_explain_json(Explain_query, Json_writer, bool) /mariadb/10.2o/sql/sql_explain.cc:913:25
#10 0xf7ed07 in Explain_query::print_explain_json(select_result_sink*, bool) /mariadb/10.2o/sql/sql_explain.cc:224:11
#11 0x9fa931 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.2o/sql/sql_parse.cc:6177:25
#12 0x9d175b in mysql_execute_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:3533:12
#13 0x9c51b0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:7760:18
#14 0x9b41a5 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.2o/sql/sql_parse.cc:1831:7
#15 0x9be26d in do_command(THD*) /mariadb/10.2o/sql/sql_parse.cc:1385:17
#16 0xee57b4 in do_handle_one_connection(CONNECT*) /mariadb/10.2o/sql/sql_connect.cc:1336:11
#17 0xee4bf9 in handle_one_connection /mariadb/10.2o/sql/sql_connect.cc:1241:3
#18 0x2fa6408 in pfs_spawn_thread /mariadb/10.2o/storage/perfschema/pfs.cc:1862:3
#19 0x7fae617edfa2 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7fa2)
#20 0x7fae60fcb4ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce)

Uninitialized value was created by an allocation of 'print_arr.i' in the stack frame of function 'my_vsnprintf_ex'
#0 0x34a8ad0 in my_vsnprintf_ex /mariadb/10.2o/strings/my_vsnprintf.c:559

The following InnoDB tests fail due to lack of instrumentated libraries. I think that it is probably simplest to just skip or ignore these during MSAN runs, or to build without these libraries being present:

innodb.innodb-page_compression_lz4
innodb.innodb-page_compression_lzma
innodb.innodb-page_compression_lzo
innodb.innodb-page_compression_bzip2
innodb.innodb-page_compression_snappy

Here is the complete list of failed tests, after applying the workarounds mentioned in this comment:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f

Failing test(s): wsrep_info.plugin perfschema.hostcache_ipv6_ssl main.ctype_utf8mb4_innodb main.ctype_utf8 main.ctype_utf8mb4 encryption.corrupted_during_recovery main.mysql_client_test main.mysql_client_test_nonblock encryption.innodb-force-corrupt innodb.corrupted_during_recovery innodb.innodb-page_compression_lz4 innodb.innodb-page_compression_lzma innodb.innodb-page_compression_lzo innodb.innodb-page_compression_bzip2 innodb.innodb-page_compression_snappy innodb.leaf_page_corrupted_during_recovery sys_vars.innodb_max_dirty_pages_pct_basic sys_vars.innodb_max_dirty_pages_pct_lwm_basic main.range main.userstat maria.maria-recovery2 main.ssl_7937 main.mysql_client_test_comp main.statistics main.range_mrr_icp main.cte_recursive main.ssl_8k_key main.ssl_timeout-9836 main-test_sql_discovery.plugin innodb.ibuf_not_empty main.analyze_format_json main.ctype_utf8mb4_heap main.ctype_utf8mb4_myisam main.not_embedded_server main.openssl_1 main.plugin main.ssl main.explain_json main.ssl_ca main.func_regexp main.ssl_cipher main.subselect_cache main.func_regexp_pcre main.ssl_compress main.ssl_connect main.ssl_timeout main.analyze_stmt_orderby main.func_test parts.partition_debug main.derived_cond_pushdown main.win perfschema.hostcache_ipv4_ssl main.derived_view innodb.innodb_force_recovery main.explain_json_innodb plugins.auth_ed25519 main.win_empty_over main.innodb_ext_key main.subselect_no_semijoin innodb_gis.rtree_concurrent_srch main.ssl-big rpl.rpl_stop_slave main.mysql_upgrade_ssl main.explain_json_format_partitions main.plugin_innodb

The test main.sum_distinct-big is very close to the 900-second timeout limit, so we should probably use a larger limit in order to avoid bogus timeout failures. It passed on single-threaded rerun:

10.2 9de2e60d7491fcf3cd1f20a4be715ef0bedc316f
main.sum_distinct-big 'innodb' [ pass ] 864232

Summary:

MemorySanitizer appears to only be available in clang, not in gcc.
It looks like we must avoid invoking the GNU libc implementation of getservbyname(), because the library apparently cannot be built with MemorySanitizer instrumentation; maybe we should simply skip the calls in MemorySanitizer-instrumented builds?
The -DWITH_PCRE=bundled should be updated, so that both ASAN and MSAN are happy with it.
There might be errors in mysqltest.cc, but because of the above, it is hard to tell if they are caused by the uninstrumented libpcre3.
We should try to repeat the test with instrumented libtasn1 and libgnutls.
We should specify a longer test case timeout than the default 900 seconds (15 minutes).
There could be an error in dtoa() or along its call stack (see the stack traces in this comment).

Comment by Eugene Kosov (Inactive) [ 2019-08-28 ]

getservbyname() will get an interceptor someday https://github.com/google/sanitizers/issues/1138

Comment by Marko Mäkelä [ 2019-09-17 ]

In include/my_valgrind.h, we should tie MEM_UNDEFINED() and MEM_CHECK_DEFINED() to MemorySanitizer, so that even more bugs can be caught. (For example, InnoDB would be able to inform MemorySanitizer that the unused part of a VARCHAR buffer will be uninitialized.)

kevg, maybe you can submit a patch for that?

Comment by Marko Mäkelä [ 2019-12-23 ]

Now that ~~MDEV-14024~~ PCRE2 is finally present in the 10.5 branch, I tried the following:

cd /mariadb

sudo apt install libc++-9-dev libc++abi-9-dev

apt source libc++-9-dev

cd llvm-toolchain-9-9.0.1

mkdir libc++msan; cd libc++msan

cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-9 -DCMAKE_CXX_COMPILER=clang++-9

make -j$(nproc)

cd /mariadb/10.5

git checkout 7e10e80b8faab51139588a985a684df960ab81b9

mkdir build

cd build

cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-9 \

-DCMAKE_C_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \

-DCMAKE_CXX_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro -stdlib=libc++' \

-DCMAKE_EXPORT_COMPILE_COMMANDS=ON -DCONC_WITH_{UNITTEST,SSL}=OFF \

-DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug -DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \

-DWITH_{ZLIB,SSL,PCRE}=bundled

-DWITH_MSAN=ON ..

make -j$(nproc)

LD_LIBRARY_PATH=/mariadb/llvm-toolchain-9-9.0.1/libc++msan/lib ./mtr main.1st

The following patches are still necessary to work around trouble:

diff --git a/sql/mysqld.cc b/sql/mysqld.cc

index b7f7615636b..59bb1081350 100644

--- a/sql/mysqld.cc

+++ b/sql/mysqld.cc

@@ -2158,7 +2158,7 @@ static void set_ports()

       line options.

*/

-#if MYSQL_PORT_DEFAULT == 0

+#if 0 // MYSQL_PORT_DEFAULT == 0

     struct  servent *serv_ptr;

     if ((serv_ptr= getservbyname("mysql", "tcp")))

       SYSVAR_AUTOSIZE(mysqld_port, ntohs((u_short) serv_ptr->s_port));

diff --git a/tpool/aio_linux.cc b/tpool/aio_linux.cc

index 24bc04c75ba..0d657bbe05d 100644

--- a/tpool/aio_linux.cc

+++ b/tpool/aio_linux.cc

@@ -45,6 +45,7 @@ class aio_linux : public aio

   std::thread m_getevent_thread;

   static void getevent_thread_routine(aio_linux* aio)

+  __attribute__((no_sanitize("memory")))

     for (;;)

diff --git a/storage/innobase/ut/ut0crc32.cc b/storage/innobase/ut/ut0crc32.cc

index 4a6447c1dcf..4bb62c61b5c 100644

--- a/storage/innobase/ut/ut0crc32.cc

+++ b/storage/innobase/ut/ut0crc32.cc

@@ -2,7 +2,7 @@

 Copyright (c) 2009, 2010 Facebook, Inc. All Rights Reserved.

 Copyright (c) 2011, 2015, Oracle and/or its affiliates. All Rights Reserved.

-Copyright (c) 2016, 2018, MariaDB Corporation.

+Copyright (c) 2016, 2019, MariaDB Corporation.

 This program is free software; you can redistribute it and/or modify it under

 the terms of the GNU General Public License as published by the Free Software

@@ -220,11 +220,7 @@ ut_crc32_8_hw(

 #ifdef _MSC_VER

 	*crc = _mm_crc32_u8(*crc, (*data)[0]);

 #else

-	asm("crc32b %1, %0"

-	    /* output operands */

-	    : "+r" (*crc)

-	    /* input operands */

-	    : "rm" ((*data)[0]));

+	*crc = __builtin_ia32_crc32qi(*crc, (*data)[0]);

 #endif

 	(*data)++;

@@ -241,8 +237,8 @@ ut_crc32_64_low_hw(

 	uint32_t	crc,

 	uint64_t	data)

-	uint64_t	crc_64bit = crc;

 #ifdef _MSC_VER

+	uint64_t	crc_64bit = crc;

 #ifdef _M_X64

 	crc_64bit = _mm_crc32_u64(crc_64bit, data);

 #elif defined(_M_IX86)

@@ -251,15 +247,10 @@ ut_crc32_64_low_hw(

 #else

 #error Not Supported processors type.

 #endif

+	return(static_cast<uint32_t>(crc_64bit));

 #else

-	asm("crc32q %1, %0"

-	    /* output operands */

-	    : "+r" (crc_64bit)

-	    /* input operands */

-	    : "rm" (data));

+	return static_cast<uint32_t>(__builtin_ia32_crc32di(crc, data));

 #endif

-	return(static_cast<uint32_t>(crc_64bit));

 /** Calculate CRC32 over 64-bit byte string using a hardware/CPU instruction.

diff --git a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c

--- a/extra/wolfssl/wolfssl/wolfcrypt/src/random.c

+++ b/extra/wolfssl/wolfssl/wolfcrypt/src/random.c

@@ -1286,6 +1286,7 @@ int wc_FreeNetRandom(void)

     /* return 0 on success */

     static WC_INLINE int IntelRDseed64(word64* seed)

+    __attribute__((no_sanitize("memory")))

         unsigned char ok;

diff --git a/libmariadb/libmariadb/mariadb_lib.c b/libmariadb/libmariadb/mariadb_lib.c

--- a/libmariadb/libmariadb/mariadb_lib.c

+++ b/libmariadb/libmariadb/mariadb_lib.c

@@ -3572,12 +3572,9 @@ static void mysql_once_init()

   if (!mysql_port)

-    struct servent *serv_ptr;

     char *env;

     mysql_port = MARIADB_PORT;

-    if ((serv_ptr = getservbyname("mysql", "tcp")))

-      mysql_port = (uint)ntohs((ushort)serv_ptr->s_port);

     if ((env = getenv("MYSQL_TCP_PORT")))

       mysql_port =(uint)atoi(env);

To get better diagnostics, we should also try to do something like the following (and map UNIV_MEM_VALID() to __msan_unpoison() and UNIV_MEM_ASSERT_RW_LOW() to MEM_CHECK_ADDRESSABLE()):

diff --git a/include/my_valgrind.h b/include/my_valgrind.h

index 08ad3f46b96..da76d9ced56 100644

--- a/include/my_valgrind.h

+++ b/include/my_valgrind.h

@@ -46,6 +46,13 @@

 # define MEM_CHECK_ADDRESSABLE(a,len) ((void) 0)

 # define MEM_CHECK_DEFINED(a,len) ((void) 0)

 # define REDZONE_SIZE 8

+#elif 0 /* __has_feature(memory_sanitizer) */

+# include <sanitizer/msan_interface.h>

+# define MEM_UNDEFINED(a,len) __msan_poison(a,len)

+# define MEM_NOACCESS(a,len) ((void) 0)

+# define MEM_CHECK_ADDRESSABLE(a,len) ((void) 0)

+# define MEM_CHECK_DEFINED(a,len) __msan_check_mem_is_initialized(a,len)

+# define REDZONE_SIZE 0

 #else

 # define MEM_UNDEFINED(a,len) ((void) (a), (void) (len))

 # define MEM_NOACCESS(a,len) ((void) 0)

Various InnoDB tests are now failing mostly due to dict_acquire_mdl_shared<false>() (~~MDEV-16678~~).

Comment by Marko Mäkelä [ 2020-01-23 ]

10.5-msan.patch is my current set of work-arounds for 10.5 0e25a8b4a6a01e3c09407f2f697983dacbcb5cdb. Some WolfSSL work-around is missing, because basically anything that uses encryption appears to trigger false positives.

Comment by Marko Mäkelä [ 2020-01-23 ]

Tests affected by ~~MDEV-21360~~ will fail without the following work-around of undefined behaviour:

diff --git a/strings/dtoa.c b/strings/dtoa.c

index e31b7e92d7c..b8806185894 100644

--- a/strings/dtoa.c

+++ b/strings/dtoa.c

@@ -2168,6 +2168,7 @@ static int quorem(Bigint *b, Bigint *S)

 static char *dtoa(double dd, int mode, int ndigits, int *decpt, int *sign,

                   char **rve, char *buf, size_t buf_size)

+  __attribute__((no_sanitize("memory")))

/*

     Arguments ndigits, decpt, sign are similar to those

Comment by Marko Mäkelä [ 2020-01-24 ]

Any tests that use encryption (WolfSSL) seem to fail. The work-around to do_crypt() that I mentioned in ~~MDEV-20309~~ does not seem to help. Maybe more recent versions of WolfSSL include more inline assembler code that should be replaced with intrinsic functions, to make them MSAN-friendly?

Comment by Elena Stepanova [ 2020-01-24 ]

In ASAN buildbot builder we use lsan supressions for some failures we can't do much about. I see here that MSAN doesn't support suppressions, but it mentions a blacklist which is applied at compile time. I don't understand from that text whether it's about compilation of the tool/library itself or the code which is tested. In the latter case, maybe it can be used?

They claim the lack of suppression support is a design choice, but we know well how such "design choices" happen. One thing that can be concluded from this claim is that it's not going to change any time soon.

Comment by Marko Mäkelä [ 2020-01-24 ]

As far as I understand, there exist 2 kinds of compile-time suppressions for -fsanitize=memory, with appropriate decoration to hide them when not building WITH_MSAN:

Add __attribute__((no_sanitize("memory"))) to affected functions.
Add explicit __msan_unpoison(ptr, size) calls for memory regions that we really know should be initialized.

I think that we should primarily try to fix the code instead of adding such suppressions:

Replace inline assembler with equivalent intrinsic functions, which can be instrumented.
Fix undefined behaviour, also to please WITH_UBSAN and to avoid dangerous optimizations anywhere.

Comment by Marko Mäkelä [ 2020-03-27 ]

Build an instrumented C++ runtime library with `clang-10`

sudo apt install libc++-10-dev libc++abi-10-dev

cd /mariadb

apt source libc++-10-dev

cd llvm-toolchain-10-10.0.0

mkdir libc++msan

cd libc++msan

cmake ../libcxx -DCMAKE_BUILD_TYPE=Release -DLLVM_USE_SANITIZER=Memory -DCMAKE_C_COMPILER=clang-10 -DCMAKE_CXX_COMPILER=clang++-10

make -j$(nproc)

Build 10.5 with the instrumented libraries, and run it

cd /mariadb/10.5

mkdir build

cd build

cmake -DCMAKE_{C_COMPILER=clang,CXX_COMPILER=clang++}-10 \

-DCMAKE_C_FLAGS='-O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro' \

-DCMAKE_CXX_FLAGS='-stdlib=libc++ -O2 -march=native -mtune=native -Wno-unused-command-line-argument -fdebug-macro'  \

-DWITH_EMBEDDED_SERVER=OFF -DWITH_UNIT_TESTS=OFF -DCMAKE_BUILD_TYPE=Debug \

-DWITH_INNODB_{BZIP2,LZ4,LZMA,LZO,SNAPPY}=OFF \

-DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,CONNECT,SPIDER}=NO -DWITH_SAFEMALLOC=OFF \

-DWITH_{ZLIB,SSL,PCRE}=bundled \

-DHAVE_LIBAIO_H=0 \

-DWITH_MSAN=ON \

-G Ninja ..

ninja

cd mysql-test

LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib ./mtr main.1st

LD_LIBRARY_PATH=/mariadb/llvm-toolchain-10-10.0.0/libc++msan/lib MSAN_OPTIONS=abort_on_error=1 ./mtr --big-test --parallel=auto --force --retry=0

No patches are necessary since 10.5 94d0bb4dbeb28a94d1f87fdd55f4297ff3df0157 (see the commit message for instructions).
FIXME: Remove the workaround from Json_writer::add_double()
and debug some EXPLAIN FORMAT=JSON tests to find out where
the uninitialized value comes from.

Tests failing due to uninstrumented GNUTLS (MDEV-22083)

(Workaround: replace some client libraries with non-MSAN ones?)

main.flush_ssl

main.mysql_client_test

main.mysql_client_test_comp

main.mysql_client_test_nonblock

main.mysql_upgrade_ssl

main.openssl_1

main.ssl

main.ssl-big

main.ssl_7937

main.ssl_8k_key

main.ssl_ca

main.ssl_cipher

main.ssl_compress

main.ssl_connect

main.ssl_timeout

main.ssl_timeout-9836

main.tls_version

main.tls_version1

main.userstat

perfschema.connection_type_notwin

perfschema.hostcache_ipv4_ssl

perfschema.hostcache_ipv6_ssl

plugins.auth_ed25519

plugins.multiauth

Possibly genuine failures caught by MemorySanitizer

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e

CURRENT_TEST: perfschema.transaction_nested_events

mysqltest: At line 50: query 'SET @con1_thread_id= $con1_thread_id' failed: 1064: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '' at line 1

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: gcol.gcol_ins_upd_myisam
mysqltest: In included file "./suite/gcol/inc/gcol_ins_upd.inc":
included from /mariadb/10.5m/mysql-test/suite/gcol/t/gcol_ins_upd_myisam.test at line 40:
At line 491: query 'CREATE TABLE t (
a BLOB GENERATED ALWAYS AS ('') VIRTUAL,
b TIMESTAMP(4) GENERATED ALWAYS AS ('') VIRTUAL,
KEY (a(183),b)
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
…
==2534796==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55bba587f452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
#1 0x55bba587f452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
#2 0x55bba587fa20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
#3 0x55bba5209635 in parse_vcol_defs(THD, st_mem_root, TABLE, bool, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
#4 0x55bba521908c in open_table_from_share(THD, TABLE_SHARE, st_mysql_const_lex_string const, unsigned int, unsigned int, unsigned int, TABLE, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
#5 0x55bba5a01f89 in ha_create_table(THD, char const, char const, char const, HA_CREATE_INFO, st_mysql_const_unsigned_lex_string) /mariadb/10.5m/sql/handler.cc:5358:7
#6 0x55bba50f09ec in create_table_impl(THD, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const, DDL_options_st, HA_CREATE_INFO, Alter_info, int, bool, st_key, unsigned int, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
#7 0x55bba50edc0a in mysql_create_table_no_lock(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, Table_specification_st, Alter_info, bool, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
#8 0x55bba50f2ab8 in mysql_create_table(THD, TABLE_LIST, Table_specification_st, Alter_info) /mariadb/10.5m/sql/sql_table.cc:5315:7
#9 0x55bba51469de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
#10 0x55bba4d6a039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
#11 0x55bba4d574c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#12 0x55bba4d4b8b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#13 0x55bba4d5928c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#14 0x55bba535bf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#15 0x55bba535b4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#16 0x55bba67cc1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#17 0x7f91ac7daf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#18 0x7f91ac2b42ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
#0 0x55bba587eaf0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: vcol.vcol_sql_mode
mysqltest: At line 148: query 'CREATE TABLE t1 (a CHAR(5), v VARCHAR(5) AS (RPAD(a,4,' ')) VIRTUAL, KEY(v))' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
…
==2534810==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x562d223d8452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
#1 0x562d223d8452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
#2 0x562d223d8a20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
#3 0x562d21d62635 in parse_vcol_defs(THD, st_mem_root, TABLE, bool, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
#4 0x562d21d7208c in open_table_from_share(THD, TABLE_SHARE, st_mysql_const_lex_string const, unsigned int, unsigned int, unsigned int, TABLE, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
#5 0x562d2255af89 in ha_create_table(THD, char const, char const, char const, HA_CREATE_INFO, st_mysql_const_unsigned_lex_string) /mariadb/10.5m/sql/handler.cc:5358:7
#6 0x562d21c499ec in create_table_impl(THD, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const, DDL_options_st, HA_CREATE_INFO, Alter_info, int, bool, st_key, unsigned int, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
#7 0x562d21c46c0a in mysql_create_table_no_lock(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, Table_specification_st, Alter_info, bool, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
#8 0x562d21c4bab8 in mysql_create_table(THD, TABLE_LIST, Table_specification_st, Alter_info) /mariadb/10.5m/sql/sql_table.cc:5315:7
#9 0x562d21c9f9de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
#10 0x562d218c3039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
#11 0x562d218b04c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#12 0x562d218a48b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#13 0x562d218b228c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#14 0x562d21eb4f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#15 0x562d21eb44e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#16 0x562d233251e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#17 0x7f1af3f0df26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#18 0x7f1af39e72ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
#0 0x562d223d7af0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: vcol.vcol_sql_mode_datetime
mysqltest: At line 67: query 'CREATE TABLE t1 (
t DATETIME(4),
d DATETIME,
v DATETIME(3) AS ('2001-01-01 10:20:30.1234') VIRTUAL,
KEY(v,d)
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
==2534813==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x557714701452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
#1 0x557714701452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
#2 0x557714701a20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
#3 0x55771408b635 in parse_vcol_defs(THD, st_mem_root, TABLE, bool, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
#4 0x55771409b08c in open_table_from_share(THD, TABLE_SHARE, st_mysql_const_lex_string const, unsigned int, unsigned int, unsigned int, TABLE, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
#5 0x557714883f89 in ha_create_table(THD, char const, char const, char const, HA_CREATE_INFO, st_mysql_const_unsigned_lex_string) /mariadb/10.5m/sql/handler.cc:5358:7
#6 0x557713f729ec in create_table_impl(THD, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const, DDL_options_st, HA_CREATE_INFO, Alter_info, int, bool, st_key, unsigned int, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
#7 0x557713f6fc0a in mysql_create_table_no_lock(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, Table_specification_st, Alter_info, bool, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
#8 0x557713f74ab8 in mysql_create_table(THD, TABLE_LIST, Table_specification_st, Alter_info) /mariadb/10.5m/sql/sql_table.cc:5315:7
#9 0x557713fc89de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
#10 0x557713bec039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
#11 0x557713bd94c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#12 0x557713bcd8b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#13 0x557713bdb28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#14 0x5577141ddf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#15 0x5577141dd4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#16 0x55771564e1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#17 0x7feb3233ef26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#18 0x7feb31e182ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
#0 0x557714700af0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: vcol.vcol_sql_mode_time
mysqltest: At line 67: query 'CREATE TABLE t1 (
t TIME(4),
d TIME,
v TIME(3) AS ('2001-01-01 10:20:30.1234') VIRTUAL,
KEY(v,d)
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
…
==2534817==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x564a3b8e0452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
#1 0x564a3b8e0452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
#2 0x564a3b8e0a20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
#3 0x564a3b26a635 in parse_vcol_defs(THD, st_mem_root, TABLE, bool, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
#4 0x564a3b27a08c in open_table_from_share(THD, TABLE_SHARE, st_mysql_const_lex_string const, unsigned int, unsigned int, unsigned int, TABLE, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
#5 0x564a3ba62f89 in ha_create_table(THD, char const, char const, char const, HA_CREATE_INFO, st_mysql_const_unsigned_lex_string) /mariadb/10.5m/sql/handler.cc:5358:7
#6 0x564a3b1519ec in create_table_impl(THD, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const, DDL_options_st, HA_CREATE_INFO, Alter_info, int, bool, st_key, unsigned int, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
#7 0x564a3b14ec0a in mysql_create_table_no_lock(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, Table_specification_st, Alter_info, bool, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
#8 0x564a3b153ab8 in mysql_create_table(THD, TABLE_LIST, Table_specification_st, Alter_info) /mariadb/10.5m/sql/sql_table.cc:5315:7
#9 0x564a3b1a79de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
#10 0x564a3adcb039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
#11 0x564a3adb84c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#12 0x564a3adac8b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#13 0x564a3adba28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#14 0x564a3b3bcf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#15 0x564a3b3bc4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#16 0x564a3c82d1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#17 0x7f8d50222f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#18 0x7f8d4fcfc2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
#0 0x564a3b8dfaf0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: vcol.vcol_sql_mode_timestamp
mysqltest: At line 67: query 'CREATE TABLE t1 (
t TIMESTAMP(4),
d DATETIME,
v TIMESTAMP(3) AS ('2001-01-01 10:20:30.1234') VIRTUAL,
KEY(v,d)
)' failed with wrong errno 2013: 'Lost connection to MySQL server during query', instead of 1901...
…
==2534819==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55f6cdc2d452 in Binary_string::c_ptr() /mariadb/10.5m/sql/sql_string.h:606:9
#1 0x55f6cdc2d452 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1458:16
#2 0x55f6cdc2da20 in Field::check_vcol_sql_mode_dependency(THD*, vcol_init_mode) const /mariadb/10.5m/sql/field.cc:1481:7
#3 0x55f6cd5b7635 in parse_vcol_defs(THD, st_mem_root, TABLE, bool, vcol_init_mode) /mariadb/10.5m/sql/table.cc:1203:33
#4 0x55f6cd5c708c in open_table_from_share(THD, TABLE_SHARE, st_mysql_const_lex_string const, unsigned int, unsigned int, unsigned int, TABLE, bool, List<String>*) /mariadb/10.5m/sql/table.cc:3975:9
#5 0x55f6cddaff89 in ha_create_table(THD, char const, char const, char const, HA_CREATE_INFO, st_mysql_const_unsigned_lex_string) /mariadb/10.5m/sql/handler.cc:5358:7
#6 0x55f6cd49e9ec in create_table_impl(THD, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, char const, DDL_options_st, HA_CREATE_INFO, Alter_info, int, bool, st_key, unsigned int, st_mysql_const_unsigned_lex_string*) /mariadb/10.5m/sql/sql_table.cc:5139:11
#7 0x55f6cd49bc0a in mysql_create_table_no_lock(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, Table_specification_st, Alter_info, bool, int, TABLE_LIST*) /mariadb/10.5m/sql/sql_table.cc:5223:8
#8 0x55f6cd4a0ab8 in mysql_create_table(THD, TABLE_LIST, Table_specification_st, Alter_info) /mariadb/10.5m/sql/sql_table.cc:5315:7
#9 0x55f6cd4f49de in Sql_cmd_create_table_like::execute(THD*) /mariadb/10.5m/sql/sql_table.cc:11763:12
#10 0x55f6cd118039 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:5908:26
#11 0x55f6cd1054c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#12 0x55f6cd0f98b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#13 0x55f6cd10728c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#14 0x55f6cd709f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#15 0x55f6cd7094e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#16 0x55f6ceb7a1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#17 0x7f1c9332ff26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#18 0x7f1c92e092ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'tmp' in the stack frame of function '_ZNK5Field46error_generated_column_function_is_not_allowedEP3THDb'
#0 0x55f6cdc2caf0 in Field::error_generated_column_function_is_not_allowed(THD*, bool) const /mariadb/10.5m/sql/field.cc:1450

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: main.opt_trace_index_merge_innodb
mysqltest: At line 35: query 'explain select * from t1 where pk1 != 0 and key1 = 1' failed: 2013: Lost connection to MySQL server during query
…
==2534795==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x561d8a810491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
#1 0x561d8a8215f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
#2 0x561d8a8215f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
#3 0x561d8a8275b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
#4 0x561d8a8275b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
#5 0x561d87de3209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
#6 0x561d889bd34a in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
#7 0x561d889bd34a in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
#8 0x561d889bd34a in ror_intersect_add(ROR_INTERSECT_INFO, st_ror_scan_info, Json_writer_object*, bool) /mariadb/10.5m/sql/opt_range.cc:6860:18
#9 0x561d8894d312 in get_best_ror_intersect(PARAM const, SEL_TREE, double, bool*) /mariadb/10.5m/sql/opt_range.cc:7056:10
#10 0x561d8892e0e0 in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /mariadb/10.5m/sql/opt_range.cc:2918:24
#11 0x561d877963b3 in get_quick_record_count(THD, SQL_SELECT, TABLE, Bitmap<64u> const, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:4708:9
#12 0x561d877963b3 in make_join_statistics(JOIN, List<TABLE_LIST>&, st_dynamic_array) /mariadb/10.5m/sql/sql_select.cc:5433:20
#13 0x561d877791ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
#14 0x561d8775babc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
#15 0x561d8773c875 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /mariadb/10.5m/sql/sql_select.cc:4650:19
#16 0x561d87888bfd in mysql_explain_union(THD, st_select_lex_unit, select_result*) /mariadb/10.5m/sql/sql_select.cc:27182:10
#17 0x561d87674272 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.5m/sql/sql_parse.cc:6107:12
#18 0x561d876532a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
#19 0x561d876404c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#20 0x561d876348b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#21 0x561d8764228c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#22 0x561d87c44f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#23 0x561d87c444e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#24 0x561d890b51e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#25 0x7eff33cfcf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#26 0x7eff337d62ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'path2' in the stack frame of function '_ZL32btr_estimate_n_rows_in_range_lowP12dict_index_tP9btr_pos_tS2_j'
#0 0x561d89e147d0 in btr_estimate_n_rows_in_range_low(dict_index_t, btr_pos_t, btr_pos_t*, unsigned int) /mariadb/10.5m/storage/innobase/btr/btr0cur.cc:6155

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
main.query_cache_innodb 'innodb' w17 [ fail ]
Test ended at 2020-03-27 13:08:14

CURRENT_TEST: main.query_cache_innodb
mysqltest: At line 43: query 'select * from `t2$ї`' failed: 2013: Lost connection to MySQL server during query
Uninitialized bytes in MemcmpInterceptorCommon at offset 16 inside [0x7fd86874df00, 20)
==2534781==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5643550aaa2c in bcmp (/dev/shm/10.5ms/sql/mariadbd+0x6dea2c)
#1 0x564357fe712b in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t, THD, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:892:10
#2 0x564357f93e40 in dict_table_open_on_id(unsigned long, bool, dict_table_op_t, THD, MDL_ticket*) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:947:12
#3 0x5643579a120b in row_purge_parse_undo_rec(purge_node_t, unsigned char, que_thr_t, bool) /mariadb/10.5m/storage/innobase/row/row0purge.cc:933:16
#4 0x5643579a120b in row_purge(purge_node_t, unsigned char, que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1107:10
#5 0x5643579a120b in row_purge_step(que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1159:3
#6 0x564357771370 in que_thr_step(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1038:9
#7 0x564357771370 in que_run_threads_low(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1100:14
#8 0x564357771370 in que_run_threads(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1140:2
#9 0x564357ac4043 in srv_task_execute() /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2055:3
#10 0x564357ac4043 in purge_worker_callback(void*) /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2205:10
#11 0x564358355413 in tpool::task_group::execute(tpool::task*) /mariadb/10.5m/tpool/task_group.cc:55:9
#12 0x564358348d72 in tpool::thread_pool_generic::worker_main(tpool::worker_data*) /mariadb/10.5m/tpool/tpool_generic.cc:518:11
#13 0x5643583527bc in decltype((std::__1::forward<tpool::thread_pool_generic>(fp0)).fp(std::__1::forward<tpool::worker_data>(fp1))) std::__1::__invoke<void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data, void>(void (tpool::thread_pool_generic::&&)(tpool::worker_data), tpool::thread_pool_generic&&, tpool::worker_data&&) /usr/lib/llvm-10/bin/../include/c++/v1/type_traits:3480:1
#14 0x5643583527bc in void std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data, 2ul, 3ul>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data>&, std::__1::__tuple_indices<2ul, 3ul>) /usr/lib/llvm-10/bin/../include/c++/v1/thread:273:5
#15 0x5643583527bc in void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data> >(void*) /usr/lib/llvm-10/bin/../include/c++/v1/thread:284:5
#16 0x7fd88272bf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#17 0x7fd8822052ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'db_buf' in the stack frame of function '_Z23dict_acquire_mdl_sharedILb0EEP12dict_table_tS1_P3THDPP10MDL_ticket15dict_table_op_t'
#0 0x564357fe6200 in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t, THD, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:790

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: maria.maria-recovery2
mysqltest: At line 70: query 'delete from t1 where b="b"' failed: 2013: Lost connection to MySQL server during query
…
SQL_SELECT::test_quick_select: enter: keys_to_use: 18446744073709551615 prev_tables: 0 const_tables: 0
SQL_SELECT::test_quick_select: info: records: 3
SQL_SELECT::test_quick_select: info: ==2536175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x555eb4ba0491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
#1 0x555eb4bb15f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
#2 0x555eb4bb15f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
#3 0x555eb4a8bf67 in DbugVfprintf /mariadb/10.5m/dbug/dbug.c:1332:10
#4 0x555eb4a8bf67 in _db_doprnt_ /mariadb/10.5m/dbug/dbug.c:1316:3
#5 0x555eb2cb8cfe in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /mariadb/10.5m/sql/opt_range.cc:2691:3
#6 0x555eb2e000a3 in SQL_SELECT::check_quick(THD*, bool, unsigned long long) /mariadb/10.5m/sql/opt_range.h:1654:12
#7 0x555eb2e000a3 in mysql_delete(THD, TABLE_LIST, Item, SQL_I_List<st_order>, unsigned long long, unsigned long long, select_result*) /mariadb/10.5m/sql/sql_delete.cc:500:26
#8 0x555eb19f6bc6 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:4749:11
#9 0x555eb19d04c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#10 0x555eb19c48b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#11 0x555eb19d228c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#12 0x555eb1fd4f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#13 0x555eb1fd44e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#14 0x555eb34451e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#15 0x7f2ef5861f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#16 0x7f2ef533b2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'buf' in the stack frame of function 'my_fcvt'
#0 0x555eb4b9c320 in my_fcvt /mariadb/10.5m/strings/dtoa.c:90

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: sys_vars.replicate_ignore_table_grant
mysqltest: In included file "./suite/sys_vars/inc/sysvar_global_grant.inc":
included from /mariadb/10.5m/mysql-test/suite/sys_vars/t/replicate_ignore_table_grant.test at line 10:
At line 29: query 'SET GLOBAL $var=$value' failed: 2013: Lost connection to MySQL server during query
…
==2534804==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x555a8deddec2 in Rpl_filter::set_ignore_table(char const*) /mariadb/10.5m/sql/rpl_filter.cc:377:7
#1 0x555a8e9a2b82 in Sys_var_rpl_filter::set_filter_value(char const, Master_info) /mariadb/10.5m/sql/sys_vars.cc:5245:25
#2 0x555a8e9a25e5 in Sys_var_rpl_filter::global_update(THD, set_var) /mariadb/10.5m/sql/sys_vars.cc:5218:15
#3 0x555a8def1f9b in sys_var::update(THD, set_var) /mariadb/10.5m/sql/set_var.cc:207:12
#4 0x555a8defa003 in set_var::update(THD*) /mariadb/10.5m/sql/set_var.cc:859:23
#5 0x555a8def8993 in sql_set_variables(THD, List<set_var_base>, bool) /mariadb/10.5m/sql/set_var.cc:746:20
#6 0x555a8e3438f0 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:4976:9
#7 0x555a8e32b4c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#8 0x555a8e31f8b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#9 0x555a8e32d28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#10 0x555a8e92ff0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#11 0x555a8e92f4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#12 0x555a8fda01e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#13 0x7f6e8e862f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#14 0x7f6e8e33c2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by a heap allocation
#0 0x555a8de5e759 in operator new(unsigned long) (/dev/shm/10.5ms/sql/mariadbd+0x747759)
#1 0x555a8dea2f95 in create_rpl_filter(char const*, unsigned long) /mariadb/10.5m/sql/keycaches.cc:203:11

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: main.opt_trace
mysqltest: At line 23: query 'select * from v1' failed: 2013: Lost connection to MySQL server during query
…
==2534807==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55e75ddbf491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
#1 0x55e75ddd05f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
#2 0x55e75ddd05f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
#3 0x55e75ddd65b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
#4 0x55e75ddd65b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
#5 0x55e75b392209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
#6 0x55e75adafb01 in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
#7 0x55e75adafb01 in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
#8 0x55e75adafb01 in best_access_path(JOIN, st_join_table, unsigned long long, st_position const, unsigned int, bool, double, st_position, st_position*) /mariadb/10.5m/sql/sql_select.cc:8044:23
#9 0x55e75ae589fb in best_extension_by_limited_search(JOIN*, unsigned long long, unsigned int, double, double, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:9533:7
#10 0x55e75adb72cc in greedy_search(JOIN*, unsigned long long, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:8738:9
#11 0x55e75adb72cc in choose_plan(JOIN*, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:8303:9
#12 0x55e75ad471be in make_join_statistics(JOIN, List<TABLE_LIST>&, st_dynamic_array) /mariadb/10.5m/sql/sql_select.cc:5550:11
#13 0x55e75ad281ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
#14 0x55e75ad0aabc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
#15 0x55e75aceb875 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /mariadb/10.5m/sql/sql_select.cc:4650:19
#16 0x55e75aceaf48 in handle_select(THD, LEX, select_result*, unsigned long) /mariadb/10.5m/sql/sql_select.cc:417:10
#17 0x55e75ac23dd2 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.5m/sql/sql_parse.cc:6168:12
#18 0x55e75ac022a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
#19 0x55e75abef4c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#20 0x55e75abe38b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#21 0x55e75abf128c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#22 0x55e75b1f3f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#23 0x55e75b1f34e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#24 0x55e75c6641e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#25 0x7fde0e7f7f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#26 0x7fde0e2d12ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'stack' in the stack frame of function 'my_qsort2'
#0 0x55e75db96be0 in my_qsort2 /mariadb/10.5m/mysys/mf_qsort.c:100

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: main.opt_trace_index_merge
mysqltest: At line 17: query 'explain select * from t1 where a=1 or b=1' failed: 2013: Lost connection to MySQL server during query
…
==2534800==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x5576d953f576 in my_gcvt /mariadb/10.5m/strings/dtoa.c:267:31
#1 0x5576d95505f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
#2 0x5576d95505f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
#3 0x5576d95565b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
#4 0x5576d95565b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
#5 0x5576d6b12209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
#6 0x5576d7681ad1 in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
#7 0x5576d7681ad1 in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
#8 0x5576d7681ad1 in get_best_disjunct_quick(PARAM, SEL_IMERGE, double) /mariadb/10.5m/sql/opt_range.cc:5123:15
#9 0x5576d765f373 in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /mariadb/10.5m/sql/opt_range.cc:2966:25
#10 0x5576d64c53b3 in get_quick_record_count(THD, SQL_SELECT, TABLE, Bitmap<64u> const, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:4708:9
#11 0x5576d64c53b3 in make_join_statistics(JOIN, List<TABLE_LIST>&, st_dynamic_array) /mariadb/10.5m/sql/sql_select.cc:5433:20
#12 0x5576d64a81ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
#13 0x5576d648aabc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
#14 0x5576d646b875 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /mariadb/10.5m/sql/sql_select.cc:4650:19
#15 0x5576d65b7bfd in mysql_explain_union(THD, st_select_lex_unit, select_result*) /mariadb/10.5m/sql/sql_select.cc:27182:10
#16 0x5576d63a3272 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.5m/sql/sql_parse.cc:6107:12
#17 0x5576d63822a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
#18 0x5576d636f4c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#19 0x5576d63638b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#20 0x5576d637128c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#21 0x5576d6973f0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#22 0x5576d69734e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#23 0x5576d7de41e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#24 0x7f7de495cf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#25 0x7f7de44362ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'seq.i' in the stack frame of function '_ZL20get_key_scans_paramsP5PARAMP8SEL_TREEbbd'
#0 0x5576d7674c40 in get_key_scans_params(PARAM, SEL_TREE, bool, bool, double) /mariadb/10.5m/sql/opt_range.cc:7350

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: main.opt_trace_security
mysqltest: At line 33: query 'select * from db1.t1' failed: 2013: Lost connection to MySQL server during query
…
==2534801==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x562cf8099491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
#1 0x562cf80aa5f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
#2 0x562cf80aa5f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
#3 0x562cf80b05b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
#4 0x562cf80b05b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
#5 0x562cf566c209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
#6 0x562cf5089b01 in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
#7 0x562cf5089b01 in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
#8 0x562cf5089b01 in best_access_path(JOIN, st_join_table, unsigned long long, st_position const, unsigned int, bool, double, st_position, st_position*) /mariadb/10.5m/sql/sql_select.cc:8044:23
#9 0x562cf51329fb in best_extension_by_limited_search(JOIN*, unsigned long long, unsigned int, double, double, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:9533:7
#10 0x562cf50912cc in greedy_search(JOIN*, unsigned long long, unsigned int, unsigned int, unsigned int) /mariadb/10.5m/sql/sql_select.cc:8738:9
#11 0x562cf50912cc in choose_plan(JOIN*, unsigned long long) /mariadb/10.5m/sql/sql_select.cc:8303:9
#12 0x562cf50211be in make_join_statistics(JOIN, List<TABLE_LIST>&, st_dynamic_array) /mariadb/10.5m/sql/sql_select.cc:5550:11
#13 0x562cf50021ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
#14 0x562cf4fe4abc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
#15 0x562cf4fc5875 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /mariadb/10.5m/sql/sql_select.cc:4650:19
#16 0x562cf4fc4f48 in handle_select(THD, LEX, select_result*, unsigned long) /mariadb/10.5m/sql/sql_select.cc:417:10
#17 0x562cf4efddd2 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.5m/sql/sql_parse.cc:6168:12
#18 0x562cf4edc2a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
#19 0x562cf4ec94c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#20 0x562cf4ebd8b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#21 0x562cf4ecb28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#22 0x562cf54cdf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#23 0x562cf54cd4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#24 0x562cf693e1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#25 0x7ff22f6cbf26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#26 0x7ff22f1a52ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'stack' in the stack frame of function 'my_qsort2'
#0 0x562cf7e70be0 in my_qsort2 /mariadb/10.5m/mysys/mf_qsort.c:100

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: main.opt_trace_ucs2
mysqltest: At line 8: query 'explain format=json select * from t1 force index(col1) where col1 >='a'' failed: 2013: Lost connection to MySQL server during query
…
==2534814==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x557169a48491 in my_gcvt /mariadb/10.5m/strings/dtoa.c:294:19
#1 0x557169a595f3 in process_dbl_arg /mariadb/10.5m/strings/my_vsnprintf.c:248:10
#2 0x557169a595f3 in my_vsnprintf_ex /mariadb/10.5m/strings/my_vsnprintf.c:638:11
#3 0x557169a5f5b3 in my_vsnprintf /mariadb/10.5m/strings/my_vsnprintf.c:704:10
#4 0x557169a5f5b3 in my_snprintf /mariadb/10.5m/strings/my_vsnprintf.c:713:11
#5 0x55716701b209 in Json_writer::add_double(double) /mariadb/10.5m/sql/my_json_writer.cc:185:15
#6 0x557167b9225d in Json_value_helper::add_double(double) /mariadb/10.5m/sql/my_json_writer.h:288:15
#7 0x557167b9225d in Json_writer_object::add(char const*, double) /mariadb/10.5m/sql/my_json_writer.h:406:15
#8 0x557167b9225d in calculate_cond_selectivity_for_table(THD, TABLE, Item**) /mariadb/10.5m/sql/opt_range.cc:3360:33
#9 0x5571669ceb59 in make_join_statistics(JOIN, List<TABLE_LIST>&, st_dynamic_array) /mariadb/10.5m/sql/sql_select.cc:5455:13
#10 0x5571669b11ba in JOIN::optimize_inner() /mariadb/10.5m/sql/sql_select.cc:2260:7
#11 0x557166993abc in JOIN::optimize() /mariadb/10.5m/sql/sql_select.cc:1606:10
#12 0x557166974875 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /mariadb/10.5m/sql/sql_select.cc:4650:19
#13 0x557166ac0bfd in mysql_explain_union(THD, st_select_lex_unit, select_result*) /mariadb/10.5m/sql/sql_select.cc:27182:10
#14 0x5571668ac272 in execute_sqlcom_select(THD, TABLE_LIST) /mariadb/10.5m/sql/sql_parse.cc:6107:12
#15 0x55716688b2a4 in mysql_execute_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:3901:12
#16 0x5571668784c0 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:7953:18
#17 0x55716686c8b1 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /mariadb/10.5m/sql/sql_parse.cc:1839:7
#18 0x55716687a28c in do_command(THD*) /mariadb/10.5m/sql/sql_parse.cc:1358:17
#19 0x557166e7cf0b in do_handle_one_connection(CONNECT*, bool) /mariadb/10.5m/sql/sql_connect.cc:1422:11
#20 0x557166e7c4e6 in handle_one_connection /mariadb/10.5m/sql/sql_connect.cc:1319:5
#21 0x5571682ed1e7 in pfs_spawn_thread /mariadb/10.5m/storage/perfschema/pfs.cc:2201:3
#22 0x7f8dd74c8f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#23 0x7f8dd6fa22ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'stat_tables' in the stack frame of function '_Z26read_statistics_for_tablesP3THDP10TABLE_LIST'
#0 0x557166ba5b00 in read_statistics_for_tables(THD, TABLE_LIST) /mariadb/10.5m/sql/sql_statistics.cc:3291

10.5 53aabda6b5ac6af989a97a00ff97efda9ff8772e
CURRENT_TEST: innodb_fts.innodb_fts_misc
mysqltest: At line 902: query 'ALTER TABLE t1 ADD FULLTEXT INDEX idx (a,b)' failed: 2013: Lost connection to MySQL server during query
…
Uninitialized bytes in MemcmpInterceptorCommon at offset 14 inside [0x7fce48869f00, 17)
==2536284==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x558021dffa2c in bcmp (/dev/shm/10.5ms/sql/mariadbd+0x6dea2c)
#1 0x558024d3c12b in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t, THD, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:892:10
#2 0x558024ce8e40 in dict_table_open_on_id(unsigned long, bool, dict_table_op_t, THD, MDL_ticket*) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:947:12
#3 0x5580246f620b in row_purge_parse_undo_rec(purge_node_t, unsigned char, que_thr_t, bool) /mariadb/10.5m/storage/innobase/row/row0purge.cc:933:16
#4 0x5580246f620b in row_purge(purge_node_t, unsigned char, que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1107:10
#5 0x5580246f620b in row_purge_step(que_thr_t*) /mariadb/10.5m/storage/innobase/row/row0purge.cc:1159:3
#6 0x5580244c6370 in que_thr_step(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1038:9
#7 0x5580244c6370 in que_run_threads_low(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1100:14
#8 0x5580244c6370 in que_run_threads(que_thr_t*) /mariadb/10.5m/storage/innobase/que/que0que.cc:1140:2
#9 0x558024819043 in srv_task_execute() /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2055:3
#10 0x558024819043 in purge_worker_callback(void*) /mariadb/10.5m/storage/innobase/srv/srv0srv.cc:2205:10
#11 0x5580250aa413 in tpool::task_group::execute(tpool::task*) /mariadb/10.5m/tpool/task_group.cc:55:9
#12 0x55802509dd72 in tpool::thread_pool_generic::worker_main(tpool::worker_data*) /mariadb/10.5m/tpool/tpool_generic.cc:518:11
#13 0x5580250a77bc in decltype((std::__1::forward<tpool::thread_pool_generic>(fp0)).fp(std::__1::forward<tpool::worker_data>(fp1))) std::__1::__invoke<void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data, void>(void (tpool::thread_pool_generic::&&)(tpool::worker_data), tpool::thread_pool_generic&&, tpool::worker_data&&) /usr/lib/llvm-10/bin/../include/c++/v1/type_traits:3480:1
#14 0x5580250a77bc in void std::__1::__thread_execute<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data, 2ul, 3ul>(std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data>&, std::__1::__tuple_indices<2ul, 3ul>) /usr/lib/llvm-10/bin/../include/c++/v1/thread:273:5
#15 0x5580250a77bc in void* std::__1::__thread_proxy<std::__1::tuple<std::__1::unique_ptr<std::__1::__thread_struct, std::__1::default_delete<std::__1::__thread_struct> >, void (tpool::thread_pool_generic::)(tpool::worker_data), tpool::thread_pool_generic, tpool::worker_data> >(void*) /usr/lib/llvm-10/bin/../include/c++/v1/thread:284:5
#16 0x7fce54cf8f26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
#17 0x7fce547d22ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Uninitialized value was created by an allocation of 'db_buf' in the stack frame of function '_Z23dict_acquire_mdl_sharedILb0EEP12dict_table_tS1_P3THDPP10MDL_ticket15dict_table_op_t'
#0 0x558024d3b200 in dict_table_t* dict_acquire_mdl_shared<false>(dict_table_t, THD, MDL_ticket**, dict_table_op_t) /mariadb/10.5m/storage/innobase/dict/dict0dict.cc:790

Comment by Marko Mäkelä [ 2020-03-27 ]

The test failures main.query_cache_innodb and innodb_fts.innodb_fts_misc were fixed in ~~MDEV-22060~~.

Comment by Marko Mäkelä [ 2020-05-18 ]

Update:

10.5 23047d3ed42eacb5eaa5475a8fa4161550d01c52

Completed: Failed 55/5274 tests, 98.96% were successful.Failing test(s): rpl.rpl_row_end_of_statement_loss encryption.create_or_replace rpl.rpl_parallel_optimistic_xa_lsu_off binlog_encryption.encrypted_master encryption.innodb_encryption_discard_import rpl.rpl_non_direct_stm_mixing_engines rpl.rpl_mixed_mixing_engines wsrep_info.plugin perfschema.hostcache_ipv6_ssl main.userstat perfschema.transaction_nested_events main.mysql_client_test_nonblock main.mysql_client_test rpl.rpl_gtid_ignored main.mysql_upgrade_ssl main.opt_trace_index_merge_innodb maria.maria-recovery2 main.mysql_client_test_comp main.ssl_7937 plugins.multiauth main.ssl_8k_key main.ssl_timeout-9836 main.tls_version main.opt_trace_security main.opt_trace_ucs2 main.func_debug main.flush_ssl main.ssl main.myisampack main.ssl_ca main.ssl_cipher main.ssl_compress main.ssl_connect main.openssl_1 main.ssl_timeout main.opt_trace_index_merge perfschema.connection_type_notwin main.loadxml perfschema.hostcache_ipv4_ssl plugins.auth_ed25519 sys_vars.pseudo_slave_mode_basic sys_vars.replicate_do_table_grant type_inet.type_inet6 main.ssl-big innodb.innodb_bulk_create_index_debug main.opt_trace client.mariadb-conv-utf8 client.mariadb-conv-cp932 innodb.alter_large_dml

The test innodb.alter_large_dml apparently timed out. Many SSL tests failed due to ~~MDEV-22083~~.

Comment by Marko Mäkelä [ 2020-05-25 ]

To work around the lack of MSAN-instrumented libmariadb, I replaced the executables in the client directory with non-instrumented executables from the same source. I got the following test failures that seem to be related to code deficiencies:

main.loadxml: ~~MDEV-22688~~ MSAN use-of-uninitialized-value in READ_INFO::read_xml()
main.myisampack: ~~MDEV-22689~~ MSAN use-of-uninitialized-value in decode_bytes()
main.opt_trace main.opt_trace_security main.opt_trace_ucs2 main.opt_trace_index_merge main.opt_trace_index_merge_innodb: ~~MDEV-22690~~ MSAN use-of-uninitialized-value in optimizer_trace
maria.maria-recovery2: ~~MDEV-22691~~ MSAN use-of-uninitialized-value in test maria.maria-recovery2
Various tests after reverting a suppression: ~~MDEV-22692~~ MSAN use-of-uninitialized-value in pagecache_fwrite()

Problems with the environment

The test wsrep_info.plugin would fail if a (necessarily uninstrumented) galera-4 library is installed.

The tests plugins.auth_ed25519 and plugins.multiauth fail with: Plugin client_ed25519 could not be loaded: …/var/plugins/client_ed25519.so: undefined symbol: __msan_origin_tls

10.5 d8ea11a33fba12331c98c04ff44c815a662faccb
Failing test(s): main.mysql_client_test_nonblock main.mysql_client_test main.mysql_client_test_comp

These tests fail even if I replace the tests/mariadb-client-test with an uninstrumented one. With the uninstrumented client, each failure looks like this:

CURRENT_TEST: main.mysql_client_test_nonblock

mysqltest: At line 22: exec of '/dev/shm/10.5-msan/tests/mysql_client_test --defaults-file=/dev/shm/10.5-msan/mysql-test/var/1/my.cnf --testcase --vardir=/dev/shm/10.5-msan/mysql-test/var/1 --non-blocking-api --getopt-ll-test=25600M >> /dev/shm/10.5-msan/mysql-test/var/1/log/mysql_client_test.out.log 2>&1' failed, error: 256, status: 1, errno: 11

Before I replaced the client executables (client/* to work around the lack of MSAN instrumentation (~~MDEV-22083~~), the following 24 tests additionally failed:

10.5 d8ea11a33fba12331c98c04ff44c815a662faccb

main.tls_version main.ssl_8k_key main.flush_ssl rpl.rpl_parallel_conflicts perfschema.hostcache_ipv6_ssl main.ssl_ca main.userstat perfschema.transaction_nested_events main.mysql_upgrade_ssl main.ssl_7937 main.openssl_1 main.ssl_connect main.ssl_timeout-9836 main.ssl main.ssl_cipher main.ssl-big main.ssl_compress perfschema.connection_type_notwin main.ssl_timeout perfschema.hostcache_ipv4_ssl innodb.innodb_bulk_create_index_debug

Comment by Marko Mäkelä [ 2020-07-01 ]

We had WITH_MSAN almost working in 10.5 for quite some time now.

I ported the applicable parts of the MemorySanitizer instrumentation to 10.2. This includes replacing the InnoDB UNIV_MEM_ macros with the direct use of MEM_ macros that are defined in my_valgrind.h.

In 10.2, I did not get any test to pass under MemorySanitizer. Basically, everything failed due to the old PCRE library. In 10.5, it was updated in ~~MDEV-14024~~.

Comment by Marko Mäkelä [ 2020-08-21 ]

Some tests will fail WITH_MSAN until ~~CONC-483~~ and ~~MDEV-22083~~ have been addressed.

Comment by Marko Mäkelä [ 2023-03-28 ]

The updated build-msan15.sh will replace the text file libc+.so with a symbolic link pointing to libc+.so.1.

Starting with llvm-symbolizer-14, there is a dependency on libgmp. Therefore, if you make LD_LIBRARY_PATH point to something that includes an MSAN-instrumented libgmp (due to ~~MDEV-22083~~), you should also make MSAN_SYMBOLIZER_PATH point to a wrapper script like the following, in order to get resolved stack traces:

#!/bin/sh

unset LD_LIBRARY_PATH

exec llvm-symbolizer-15 "$@"

Comment by Marko Mäkelä [ 2023-09-22 ]

In clang-16 the libraries are not part of LLVM_ENABLE_PROJECTS, but LLVM_ENABLE_RUNTIMES. build-msan16.sh should do the trick.

Generated at Thu Feb 08 08:59:00 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.