[MDEV-22072] MSAN use-of-uninitialized-value in wf_incremental_finalize Created: 2020-03-28  Updated: 2021-07-05

Status: Open
Project: MariaDB Server
Component/s: mariabackup
Affects Version/s: 10.5
Fix Version/s: 10.5

Type: Bug Priority: Major
Reporter: Marko Mäkelä Assignee: Marko Mäkelä
Resolution: Unresolved Votes: 0
Labels: MSAN

Issue Links:
Relates
relates to MDEV-20377 Make WITH_MSAN more usable Closed

 Description   

Multiple mariabackup tests fail with MSAN due to incremental backup seemingly writing data to the output that it did not read:

10.5 6be56dd1c8a37eb98f4b7bc1507ca5991a2a1f61

 
CURRENT_TEST: mariabackup.incremental_encrypted
 
mysqltest: At line 28: exec of '/dev/shm/10.5m/extra/mariabackup/mariabackup --defaults-file=/dev/shm/10.5m/mysql-test/var/33/my.cnf   --backup --target-dir=/dev/shm/10.5m/mysql-test/var/33/tmp/backup_inc1 --incremental-basedir=/dev/shm/10.5m/mysql-test/var/33/tmp/backup 2>&1' failed, error: 34304, status: 134, errno: 11
 
[01] 2020-03-28 21:38:26 Copying ibdata1 to /dev/shm/10.5m/mysql-test/var/33/tmp/backup_inc1/ibdata1.delta
 
Uninitialized bytes in __interceptor_write at offset 28 inside [0x7f38f8ee7000, 196608)
 
==1445932==WARNING: MemorySanitizer: use-of-uninitialized-value
 
    #0 0x56077d4ce3e5 in my_write /mariadb/10.5m/mysys/my_write.c:49:19
 
    #1 0x560779e30da1 in local_write(ds_file_t*, unsigned char const*, unsigned long) /mariadb/10.5m/extra/mariabackup/ds_local.cc:216:7
 
    #2 0x560779e2b140 in ds_write /mariadb/10.5m/extra/mariabackup/datasink.cc:112:9
 
    #3 0x560779e3fbc7 in wf_incremental_finalize(xb_write_filt_ctxt_t*, ds_file_t*) /mariadb/10.5m/extra/mariabackup/write_filt.cc:175:6
 
    #4 0x560779dd4d9a in xtrabackup_copy_datafile(fil_node_t*, unsigned int, char const*, unsigned long long) /mariadb/10.5m/extra/mariabackup/xtrabackup.cc:2551:10
 
    #5 0x560779df19a6 in data_copy_thread_func(void*) /mariadb/10.5m/extra/mariabackup/xtrabackup.cc:2866:6
 
    #6 0x7f390dd7df26 in start_thread /build/glibc-WZtAaN/glibc-2.30/nptl/pthread_create.c:479:8
 
    #7 0x7f390d85c2ee in clone /build/glibc-WZtAaN/glibc-2.30/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
 
 
 
  Memory was marked as uninitialized
 
    #0 0x560779d5411e in __msan_allocated_memory (/dev/shm/10.5m/extra/mariabackup/mariadb-backup+0x70b11e)
 
    #1 0x56077c8d3332 in os_mem_alloc_large(unsigned long*) /mariadb/10.5m/storage/innobase/os/os0proc.cc

It is true that os_mem_alloc_large() is allocating zero-initialized memory, but we intentionally mark the memory uninitialized, so that misuse of the InnoDB buffer pool can be caught. It seems that the incremental backup could be writing more data than is strictly necessary.
Generated at Thu Feb 08 09:11:59 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.