[#MDEV-27565] Valgrind/MSAN errors in my_b_encr_write / Log_event

Run with --mysqld=--encrypt-tmp-files=1 --mysqld=--file-key-management-filename=`pwd`/std_data/keys.txt --mysqld=--plugin-load-add=file_key_management

--source include/have_binlog_format_row.inc

# Only one is needed at a time:

# binlog_stmt_cache_size with MyISAM, binlog_cache_size with InnoDB

SET GLOBAL binlog_stmt_cache_size= 4096, binlog_cache_size= 4096;

CREATE TABLE t1 (col_varchar VARCHAR(5000));

INSERT INTO t1 VALUES ('a'),('b');

INSERT INTO t1 VALUES (REPEAT('a',5000)),(REPEAT('b',5000));

# Cleanup

SET GLOBAL binlog_stmt_cache_size= DEFAULT, binlog_cache_size= DEFAULT;

DROP TABLE t1;

10.4 5172f132b Valgrind
==1999012== Conditional jump or move depends on uninitialised value(s)
==1999012== at 0x15A0B60: my_seek (my_seek.c:53)
==1999012== by 0xB52225: inline_mysql_file_seek (mysql_file.h:1285)
==1999012== by 0xB52B29: my_b_encr_write(st_io_cache, unsigned char const, unsigned long) (mf_iocache_encr.cc:162)
==1999012== by 0x1578377: my_b_flush_io_cache (mf_iocache.c:1957)
==1999012== by 0x1575BD0: _my_b_write (mf_iocache.c:604)
==1999012== by 0x1574036: my_b_write (my_sys.h:549)
==1999012== by 0x1577DEA: my_b_safe_write (mf_iocache.c:1853)
==1999012== by 0xDDF0E0: Log_event_writer::write_internal(unsigned char const*, unsigned long) (log_event.cc:1601)
==1999012== by 0xDDF324: Log_event_writer::encrypt_and_write(unsigned char const*, unsigned long) (log_event.cc:1647)
==1999012== by 0xDDF686: Log_event_writer::write_data(unsigned char const*, unsigned long) (log_event.cc:1699)
==1999012== by 0xDFE882: Log_event::write_data(unsigned char const*, unsigned long) (log_event.h:1380)
==1999012== by 0xDF6A67: Rows_log_event::write_data_body() (log_event.cc:11979)
==1999012== by 0x848926: Log_event::write() (log_event.h:1391)
==1999012== by 0xDD70A8: Log_event_writer::write(Log_event*) (log_event.h:5245)
==1999012== by 0xDC7D20: MYSQL_BIN_LOG::flush_and_set_pending_rows_event(THD, Rows_log_event, bool) (log.cc:5984)
==1999012== by 0x8DD420: THD::binlog_flush_pending_rows_event(bool, bool) (sql_class.cc:6926)
==1999012== Syscall param lseek(offset) contains uninitialised byte(s)
==1999012== at 0x4D58647: lseek (lseek64.c:36)
==1999012== by 0x15A0C07: my_seek (my_seek.c:62)
==1999012== by 0xB52225: inline_mysql_file_seek (mysql_file.h:1285)
==1999012== by 0xB52B29: my_b_encr_write(st_io_cache, unsigned char const, unsigned long) (mf_iocache_encr.cc:162)
==1999012== by 0x1578377: my_b_flush_io_cache (mf_iocache.c:1957)
==1999012== by 0x1575BD0: _my_b_write (mf_iocache.c:604)
==1999012== by 0x1574036: my_b_write (my_sys.h:549)
==1999012== by 0x1577DEA: my_b_safe_write (mf_iocache.c:1853)
==1999012== by 0xDDF0E0: Log_event_writer::write_internal(unsigned char const*, unsigned long) (log_event.cc:1601)
==1999012== by 0xDDF324: Log_event_writer::encrypt_and_write(unsigned char const*, unsigned long) (log_event.cc:1647)
==1999012== by 0xDDF686: Log_event_writer::write_data(unsigned char const*, unsigned long) (log_event.cc:1699)
==1999012== by 0xDFE882: Log_event::write_data(unsigned char const*, unsigned long) (log_event.h:1380)
==1999012== by 0xDF6A67: Rows_log_event::write_data_body() (log_event.cc:11979)
==1999012== by 0x848926: Log_event::write() (log_event.h:1391)
==1999012== by 0xDD70A8: Log_event_writer::write(Log_event*) (log_event.h:5245)
==1999012== by 0xDC7D20: MYSQL_BIN_LOG::flush_and_set_pending_rows_event(THD, Rows_log_event, bool) (log.cc:5984)
==1999012== Conditional jump or move depends on uninitialised value(s)
==1999012== at 0x15A0CAA: my_seek (my_seek.c:72)
==1999012== by 0xB52225: inline_mysql_file_seek (mysql_file.h:1285)
==1999012== by 0xB52B29: my_b_encr_write(st_io_cache, unsigned char const, unsigned long) (mf_iocache_encr.cc:162)
==1999012== by 0x1578377: my_b_flush_io_cache (mf_iocache.c:1957)
==1999012== by 0x1575BD0: _my_b_write (mf_iocache.c:604)
==1999012== by 0x1574036: my_b_write (my_sys.h:549)
==1999012== by 0x1577DEA: my_b_safe_write (mf_iocache.c:1853)
==1999012== by 0xDDF0E0: Log_event_writer::write_internal(unsigned char const*, unsigned long) (log_event.cc:1601)
==1999012== by 0xDDF324: Log_event_writer::encrypt_and_write(unsigned char const*, unsigned long) (log_event.cc:1647)
==1999012== by 0xDDF686: Log_event_writer::write_data(unsigned char const*, unsigned long) (log_event.cc:1699)
==1999012== by 0xDFE882: Log_event::write_data(unsigned char const*, unsigned long) (log_event.h:1380)
==1999012== by 0xDF6A67: Rows_log_event::write_data_body() (log_event.cc:11979)
==1999012== by 0x848926: Log_event::write() (log_event.h:1391)
==1999012== by 0xDD70A8: Log_event_writer::write(Log_event*) (log_event.h:5245)
==1999012== by 0xDC7D20: MYSQL_BIN_LOG::flush_and_set_pending_rows_event(THD, Rows_log_event, bool) (log.cc:5984)
==1999012== by 0x8DD420: THD::binlog_flush_pending_rows_event(bool, bool) (sql_class.cc:6926)

10.5 e8e755ea6 MSAN
==73354==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55bffc0c4318 in my_seek /home/jenkins/10.5/mysys/my_seek.c:72:7
#1 0x55bff99e0536 in inline_mysql_file_seek(char const*, unsigned int, int, unsigned long long, int, unsigned long) /home/jenkins/10.5/include/mysql/psi/mysql_file.h:1261:11
#2 0x55bff99e0536 in my_b_encr_write(st_io_cache, unsigned char const, unsigned long) /home/jenkins/10.5/sql/mf_iocache_encr.cc:162:10
#3 0x55bffc00fef4 in my_b_flush_io_cache /home/jenkins/10.5/mysys/mf_iocache.c:1727:18
#4 0x55bffc011528 in _my_b_write /home/jenkins/10.5/mysys/mf_iocache.c:559:7
#5 0x55bffc0167a0 in my_b_write /home/jenkins/10.5/include/my_sys.h:522:10
#6 0x55bffc0167a0 in my_b_safe_write /home/jenkins/10.5/mysys/mf_iocache.c:1623:10
#7 0x55bffa427e52 in Log_event_writer::write_internal(unsigned char const*, unsigned long) /home/jenkins/10.5/sql/log_event_server.cc:806:7
#8 0x55bffa429801 in Log_event_writer::write_data(unsigned char const*, unsigned long) /home/jenkins/10.5/sql/log_event_server.cc:909:3
#9 0x55bffa472c77 in Log_event::write_data(unsigned char const*, unsigned long) /home/jenkins/10.5/sql/log_event.h:1393:20
#10 0x55bffa472c77 in Rows_log_event::write_data_body() /home/jenkins/10.5/sql/log_event_server.cc:6000:15
#11 0x55bffa41fbe3 in Log_event::write() /home/jenkins/10.5/sql/log_event.h:1404:5
#12 0x55bffa3a1941 in Log_event_writer::write(Log_event*) /home/jenkins/10.5/sql/log_event.h:5748:16
#13 0x55bffa3a1941 in MYSQL_BIN_LOG::flush_and_set_pending_rows_event(THD, Rows_log_event, bool) /home/jenkins/10.5/sql/log.cc:6188:16
#14 0x55bff90dc247 in THD::binlog_flush_pending_rows_event(bool, bool) /home/jenkins/10.5/sql/sql_class.cc:7224:26
#15 0x55bff90ddda0 in THD::binlog_query(THD::enum_binlog_query_type, char const*, unsigned long, bool, bool, bool, int) /home/jenkins/10.5/sql/sql_class.cc:7509:9
#16 0x55bff913cdec in mysql_insert(THD, TABLE_LIST, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool, select_result*) /home/jenkins/10.5/sql/sql_insert.cc:1250:23
#17 0x55bff928aecb in mysql_execute_command(THD*) /home/jenkins/10.5/sql/sql_parse.cc:4624:10
#18 0x55bff925a938 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /home/jenkins/10.5/sql/sql_parse.cc:8100:18
#19 0x55bff924dbfc in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /home/jenkins/10.5/sql/sql_parse.cc:1891:7
#20 0x55bff925c8ac in do_command(THD*) /home/jenkins/10.5/sql/sql_parse.cc:1370:17
#21 0x55bff98508d9 in do_handle_one_connection(CONNECT*, bool) /home/jenkins/10.5/sql/sql_connect.cc:1418:11
#22 0x55bff984fff5 in handle_one_connection /home/jenkins/10.5/sql/sql_connect.cc:1312:5
#23 0x55bffac518ea in pfs_spawn_thread /home/jenkins/10.5/storage/perfschema/pfs.cc:2201:3
#24 0x7f7bc1ac8608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477:8
#25 0x7f7bc17cd292 in clone /build/glibc-eX1tMB/glibc-2.31/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Memory was marked as uninitialized
#0 0x55bff8d439ae in __msan_allocated_memory (/home/jenkins/10.5/sql/mariadbd+0x7159ae)
#1 0x55bffc0bb180 in my_malloc /home/jenkins/10.5/mysys/my_malloc.c:113:7

SUMMARY: MemorySanitizer: use-of-uninitialized-value /home/jenkins/10.5/mysys/my_seek.c:72:7 in my_seek

Reproducible on 10.2+, with at least MyISAM and InnoDB (see the comment in the test case).

[MDEV-27565] Valgrind/MSAN errors in my_b_encr_write / Log_event_writer with tmp file encryption Created: 2022-01-21 Updated: 2023-04-27
Status:	Open
Project:	MariaDB Server
Component/s:	Encryption, Replication
Affects Version/s:	10.2, 10.3, 10.4, 10.5, 10.6, 10.7, 10.8
Fix Version/s:	10.4, 10.5, 10.6

[MDEV-27565] Valgrind/MSAN errors in my_b_encr_write / Log_event_writer with tmp file encryption Created: 2022-01-21 Updated: 2023-04-27