[MDEV-26919] binlog.binlog_truncate_active_log fails in bb with valgrind, Conditional jump or move depends on uninitialised value Created: 2021-10-27  Updated: 2021-12-28  Resolved: 2021-12-23

Status: Closed
Project: MariaDB Server
Component/s: Tests
Affects Version/s: 10.6, 10.7
Fix Version/s: 10.6.6, 10.7.2

Type: Bug Priority: Major
Reporter: Alice Sherepa Assignee: Brandon Nesterenko
Resolution: Fixed Votes: 0
Labels: None


 Description   

https://buildbot.mariadb.org/#/builders/192/builds/5860/steps/6/logs/stdio

binlog.binlog_truncate_active_log 'innodb,stmt' w1 [ fail ]  Found warnings/errors in server log file!
 
        Test ended at 2021-10-26 12:31:12
 
line
 
==140548== Thread 27:
 
==140548== Conditional jump or move depends on uninitialised value(s)
 
==140548==    at 0xFCFB0C: Gtid_log_event::Gtid_log_event(THD*, unsigned long long, unsigned int, bool, unsigned short, bool, unsigned long long, bool, bool) (log_event_server.cc:3299)
 
==140548==    by 0xF9CACC: MYSQL_BIN_LOG::write_gtid_event(THD*, bool, bool, unsigned long long, bool, bool) (log.cc:6287)
 
==140548==    by 0xFA3675: MYSQL_BIN_LOG::write_transaction_or_stmt(MYSQL_BIN_LOG::group_commit_entry*, unsigned long long) (log.cc:8526)
 
==140548==    by 0xFA2626: MYSQL_BIN_LOG::trx_group_commit_leader(MYSQL_BIN_LOG::group_commit_entry*) (log.cc:8276)
 
==140548==    by 0xFA1D18: MYSQL_BIN_LOG::write_transaction_to_binlog_events(MYSQL_BIN_LOG::group_commit_entry*) (log.cc:8070)
 
==140548==    by 0xFA0D36: MYSQL_BIN_LOG::write_transaction_to_binlog(THD*, binlog_cache_mngr*, Log_event*, bool, bool, bool, bool) (log.cc:7667)
 
==140548==    by 0xF8EAA7: binlog_flush_cache(THD*, binlog_cache_mngr*, Log_event*, bool, bool, bool, bool) (log.cc:1796)
 
==140548==    by 0xF8FC80: binlog_commit_flush_xa_prepare(THD*, bool, binlog_cache_mngr*) (log.cc:2118)
 
==140548==    by 0xF900B7: binlog_commit(THD*, bool, bool) (log.cc:2191)
 
==140548==    by 0xF8F7B2: binlog_prepare(handlerton*, THD*, bool) (log.cc:2014)
 
==140548== ---- Print suppression ? --- [Return/N/n/Y/y/C/c] ---- $ valgrind --tool=memcheck --show-reachable=yes --leak-check=yes --num-callers=16 --quiet --suppressions=/buildbot/amd64-ubuntu-1804-valgrind/build/mysql-test/valgrind.supp --leak-check=summary --gen-suppressions=yes --num-callers=10 /buildbot/amd64-ubuntu-1804-valgrind/build/sql/mariadbd --defaults-group-suffix=.1 --defaults-file=/buildbot/amd64-ubuntu-1804-valgrind/build/mysql-test/var/1/my.cnf --log-output=file --innodb --innodb-cmpmem --innodb-cmp-per-index --innodb-trx --innodb-locks --innodb-lock-waits --innodb-metrics --innodb-buffer-pool-stats --innodb-buffer-page --innodb-buffer-page-lru --innodb-sys-columns --innodb-sys-fields --innodb-sys-foreign --innodb-sys-foreign-cols --innodb-sys-indexes --innodb-sys-tables --innodb-sys-virtual --log-bin=master-bin --binlog-format=statement --rpl-semi-sync-slave-enabled=1 --sync-binlog=1 --core-file --loose-debug-sync-timeout=300 --loose-gdb --loose-wait-for-pos-timeout=1500
 
==141374== Thread 27:
 
==141374== Conditional jump or move depends on uninitialised value(s)
 
==141374==    at 0xFCFB0C: Gtid_log_event::Gtid_log_event(THD*, unsigned long long, unsigned int, bool, unsigned short, bool, unsigned long long, bool, bool) (log_event_server.cc:3299)
 
==141374==    by 0xF9CACC: MYSQL_BIN_LOG::write_gtid_event(THD*, bool, bool, unsigned long long, bool, bool) (log.cc:6287)
 
==141374==    by 0xFA3675: MYSQL_BIN_LOG::write_transaction_or_stmt(MYSQL_BIN_LOG::group_commit_entry*, unsigned long long) (log.cc:8526)
 
==141374==    by 0xFA2626: MYSQL_BIN_LOG::trx_group_commit_leader(MYSQL_BIN_LOG::group_commit_entry*) (log.cc:8276)
 
==141374==    by 0xFA1D18: MYSQL_BIN_LOG::write_transaction_to_binlog_events(MYSQL_BIN_LOG::group_commit_entry*) (log.cc:8070)
 
==141374==    by 0xFA0D36: MYSQL_BIN_LOG::write_transaction_to_binlog(THD*, binlog_cache_mngr*, Log_event*, bool, bool, bool, bool) (log.cc:7667)
 
==141374==    by 0xF8EAA7: binlog_flush_cache(THD*, binlog_cache_mngr*, Log_event*, bool, bool, bool, bool) (log.cc:1796)
 
==141374==    by 0xF8FC80: binlog_commit_flush_xa_prepare(THD*, bool, binlog_cache_mngr*) (log.cc:2118)
 
==141374==    by 0xF900B7: binlog_commit(THD*, bool, bool) (log.cc:2191)
 
==141374==    by 0xF8F7B2: binlog_prepare(handlerton*, THD*, bool) (log.cc:2014)
 
==141374== ---- Print suppression ? --- [Return/N/n/Y/y/C/c] ---- $ valgrind --tool=memcheck --show-reachable=yes --leak-check=yes --num-callers=16 --quiet --suppressions=/buildbot/amd64-ubuntu-1804-valgrind/build/mysql-test/valgrind.supp --leak-check=summary --gen-suppressions=yes --num-callers=10 /buildbot/amd64-ubuntu-1804-valgrind/build/sql/mariadbd --defaults-group-suffix=.1 --defaults-file=/buildbot/amd64-ubuntu-1804-valgrind/build/mysql-test/var/1/my.cnf --log-output=file --innodb --innodb-cmpmem --innodb-cmp-per-index --innodb-trx --innodb-locks --innodb-lock-waits --innodb-metrics --innodb-buffer-pool-stats --innodb-buffer-page --innodb-buffer-page-lru --innodb-sys-columns --innodb-sys-fields --innodb-sys-foreign --innodb-sys-foreign-cols --innodb-sys-indexes --innodb-sys-tables --innodb-sys-virtual --log-bin=master-bin --binlog-format=statement --rpl-semi-sync-slave-enabled=1 --sync-binlog=1 --core-file --loose-debug-sync-timeout=300 --loose-gdb --loose-wait-for-pos-timeout=1500
 
^ Found warnings in /buildbot/amd64-ubuntu-1804-valgrind/build/mysql-test/var/1/log/mysqld.1.err



 Comments   
Comment by Brandon Nesterenko [ 2021-12-21 ]

Hi Andrei!

My analysis:
When writing an XA based event to the binary log, an assert was always referencing thd->lex->xa_opt. This variable, however, is only set when using XA START, XA END, and XA COMMIT. When an XA PREPARE statement is being processed, it is not guaranteed that the xa_opt variable will be set (e.g. if existing within a stored procedure). This caused valgrind to complain about accessing an uninitialized variable.

GH 0f5324a

BB bb-10.5-MDEV-26919

A few things to note:
1) The test binlog.binlog_truncate_active_log only exists in 10.6+; however, the issue also effects 10.5, so I put the fix in 10.5 as well.
2) I manually verified this test succeeds with the fix on the equivalently set-up buildbot machine where the test originally failed (the patch itself does not include an additional test)

Comment by Andrei Elkin [ 2021-12-22 ]

Thanks, the refinement covers both the assert idea and the valgrind concern.

Generated at Thu Feb 08 09:48:57 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.