|
Re: Memory corruption in test_quick_select() in maria-5.1-wl21
Valgrind warnings:
==19248== Invalid write of size 1
==19248== at 0x40081BD: memmove (mc_replace_strmem.c:629)
==19248== by 0x838021D: get_best_index_intersect(PARAM*, SEL_TREE*, double) (opt_range.cc:5351)
==19248== by 0x837BB8E: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool) (opt_range.cc:3067)
==19248== by 0x82E7B1A: get_quick_record_count(THD*, SQL_SELECT*, st_table*, Bitmap<64u> const*, unsigned long long) (sql_select.cc:2600)
==19248== by 0x82E98D8: make_join_statistics(JOIN*, TABLE_LIST*, Item*, st_dynamic_array*) (sql_select.cc:3037)
==19248== by 0x82E2066: JOIN::optimize() (sql_select.cc:1029)
==19248== by 0x82E7842: mysql_select(THD*, Item**, TABLE_LIST, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2538)
==19248== by 0x82DFF48: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:280)
==19248== by 0x8286DD9: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5166)
==19248== by 0x827D735: mysql_execute_command(THD*) (sql_parse.cc:2340)
==19248== by 0x8288E45: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6092)
==19248== by 0x827B221: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1269)
==19248== by 0x827A47E: do_command(THD*) (sql_parse.cc:895)
==19248== by 0x827748F: handle_one_connection (sql_connect.cc:1138)
==19248== by 0x821918: start_thread (in /lib/libpthread-2.12.1.so)
==19248== by 0x76ACCD: clone (in /lib/libc-2.12.1.so)
==19248== Address 0x52d26b7 is 3 bytes after a block of size 20 alloc'd
==19248== at 0x4005BDC: malloc (vg_replace_malloc.c:195)
==19248== by 0x87164F3: my_malloc (my_malloc.c:38)
==19248== by 0x87170F6: alloc_root (my_alloc.c:165)
==19248== by 0x837F54A: prepare_search_best_index_intersect(PARAM*, SEL_TREE*, st_common_index_intersection_info*, st_partial_index_intersection_info*, double) (opt_range.cc:4995)
==19248== by 0x838015A: get_best_index_intersect(PARAM*, SEL_TREE*, double) (opt_range.cc:5339)
==19248== by 0x837BB8E: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool) (opt_range.cc:3067)
==19248== by 0x82E7B1A: get_quick_record_count(THD*, SQL_SELECT*, st_table*, Bitmap<64u> const*, unsigned long long) (sql_select.cc:2600)
==19248== by 0x82E98D8: make_join_statistics(JOIN*, TABLE_LIST*, Item*, st_dynamic_array*) (sql_select.cc:3037)
==19248== by 0x82E2066: JOIN::optimize() (sql_select.cc:1029)
==19248== by 0x82E7842: mysql_select(THD*, Item**, TABLE_LIST, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2538)
==19248== by 0x82DFF48: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:280)
==19248== by 0x8286DD9: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5166)
==19248== by 0x827D735: mysql_execute_command(THD*) (sql_parse.cc:2340)
==19248== by 0x8288E45: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6092)
==19248== by 0x827B221: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1269)
==19248== by 0x827A47E: do_command(THD*) (sql_parse.cc:895)
==19248==
==19248== Invalid read of size 4
==19248== at 0x83802DF: get_best_index_intersect(PARAM*, SEL_TREE*, double) (opt_range.cc:5365)
==19248== by 0x837BB8E: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool) (opt_range.cc:3067)
==19248== by 0x82E7B1A: get_quick_record_count(THD*, SQL_SELECT*, st_table*, Bitmap<64u> const*, unsigned long long) (sql_select.cc:2600)
==19248== by 0x82E98D8: make_join_statistics(JOIN*, TABLE_LIST*, Item*, st_dynamic_array*) (sql_select.cc:3037)
==19248== by 0x82E2066: JOIN::optimize() (sql_select.cc:1029)
==19248== by 0x82E7842: mysql_select(THD*, Item**, TABLE_LIST, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2538)
==19248== by 0x82DFF48: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:280)
==19248== by 0x8286DD9: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5166)
==19248== by 0x827D735: mysql_execute_command(THD*) (sql_parse.cc:2340)
==19248== by 0x8288E45: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6092)
==19248== by 0x827B221: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1269)
==19248== by 0x827A47E: do_command(THD*) (sql_parse.cc:895)
==19248== by 0x827748F: handle_one_connection (sql_connect.cc:1138)
==19248== by 0x821918: start_thread (in /lib/libpthread-2.12.1.so)
==19248== by 0x76ACCD: clone (in /lib/libc-2.12.1.so)
==19248== Address 0x52d26b4 is 0 bytes after a block of size 20 alloc'd
==19248== at 0x4005BDC: malloc (vg_replace_malloc.c:195)
==19248== by 0x87164F3: my_malloc (my_malloc.c:38)
==19248== by 0x87170F6: alloc_root (my_alloc.c:165)
==19248== by 0x837F54A: prepare_search_best_index_intersect(PARAM*, SEL_TREE*, st_common_index_intersection_info*, st_partial_index_intersection_info*, double) (opt_range.cc:4995)
==19248== by 0x838015A: get_best_index_intersect(PARAM*, SEL_TREE*, double) (opt_range.cc:5339)
==19248== by 0x837BB8E: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool) (opt_range.cc:3067)
==19248== by 0x82E7B1A: get_quick_record_count(THD*, SQL_SELECT*, st_table*, Bitmap<64u> const*, unsigned long long) (sql_select.cc:2600)
==19248== by 0x82E98D8: make_join_statistics(JOIN*, TABLE_LIST*, Item*, st_dynamic_array*) (sql_select.cc:3037)
==19248== by 0x82E2066: JOIN::optimize() (sql_select.cc:1029)
==19248== by 0x82E7842: mysql_select(THD*, Item**, TABLE_LIST, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2538)
==19248== by 0x82DFF48: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:280)
==19248== by 0x8286DD9: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5166)
==19248== by 0x827D735: mysql_execute_command(THD*) (sql_parse.cc:2340)
==19248== by 0x8288E45: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6092)
==19248== by 0x827B221: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1269)
==19248== by 0x827A47E: do_command(THD*) (sql_parse.cc:895)
==19248==
|
|
Re: Memory corruption in test_quick_select() in maria-5.1-wl21
New test case:
--source include/have_innodb.inc;
CREATE TABLE t1 (
f1 int,
f4 varchar(32),
f5 int,
PRIMARY KEY (f1),
KEY (f4)) ENGINE=InnoDB;
INSERT IGNORE INTO t1 VALUES ('5','H','1'),('9','g','0'),('527','i','0'),('528','y','1'),('529','S','6'),('530','m','7'),('531','b','2'),('532','N','1'),('533','V',NULL),('534','l','1'),('535','M','0'),('536','w','1'),('537','j','5'),('538','l','0'),('539','n','2'),('540','m','2'),('541','r','2'),('542','l','2'),('543','h','3'),('544','o','0'),('956','h','0'),('957','g','0'),('958','W','5'),('959','s','3'),('960','w','0'),('961','q','0'),('962','e',NULL),('963','u','7'),('964','q','1'),('965','N',NULL),('966','e','0'),('967','t','3'),('968','e','6'),('969','f',NULL),('970','j','0'),('971','s','3'),('972','I','0'),('973','h','4'),('974','g','1'),('975','s','0'),('976','r','3'),('977','x','1'),('978','v','8'),('979','j',NULL),('980','z','7'),('981','t','9'),('982','j','5'),('983','u',NULL),('984','g','6'),('985','w','1'),('986','h','1'),('987','v','0'),('988','v','0'),('989','c','2'),('990','b','7'),('991','z','0'),('992','M','1'),('993','u','2'),('994','r','2'),('995','b','4'),('996','A','2'),('997','u','0'),('998','a','0'),('999','j','2'),('1','I','2');
EXPLAIN
SELECT DISTINCT *
FROM t1 FORCE KEY
( PRIMARY , f4 )
WHERE
( NOT ( f1 = 149 ) OR ( f1 = 196 ) )
AND ( f4 IS NULL OR f4 LIKE 'h%' ) );
|
LPexportBug684086.xml