[MDEV-3237] LP:778917 - Valgrind warnings in maria-5.3-mwl34 Created: 2011-05-07  Updated: 2015-02-02  Resolved: 2012-10-04

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Critical
Reporter: Philip Stoev (Inactive) Assignee: Michael Widenius
Resolution: Fixed Votes: 0
Labels: Launchpad

Attachments: XML File LPexportBug778917.xml     File LPexportBug778917_bug778917.test     File LPexportBug778917_bug778917.valgrind.warnings    

 Description   

A simple RQG test produced the misc valgrind warnings from the attached file. Most seem to be related to handling malformed datetimes, however note that there are 2 warnings about innodb and myisam using an undefined value for some internal operations.

Let me know if individual test cases are required – I can provide the RQG grammar and/or MTR.

 Comments   
Comment by Philip Stoev (Inactive) [ 2011-05-07 ]

Re: Valgrind warnings in maria-5.3-mwl34
valgrind warnings

Comment by Philip Stoev (Inactive) [ 2011-05-07 ]

valgrind warnings
bug778917.valgrind.warnings
LPexportBug778917_bug778917.valgrind.warnings

Comment by Michael Widenius [ 2011-05-10 ]

Re: Valgrind warnings in maria-5.3-mwl34
I looked at the valgrind result, but unfortunately without the test cases that caused the failures there is not much I can do.
So please provide the RQG and MTR grammar so that I can test this myself.

I think that I manged to fix a couple of the valgrind errors as part of other bug fixes, but looking at the log there are some left that would be nice to get rid off.

Comment by Philip Stoev (Inactive) [ 2011-05-11 ]

Re: Valgrind warnings in maria-5.3-mwl34
Unsimplified test case. When run without valgrind, causes the following crash as well:

  1. 2011-05-11T13:15:59 Error: Memory allocated at string.c:39 was overrun, discovered at 'string.c:84'
  2. 2011-05-11T13:15:59 Error: Memory allocated at string.c:39 was overrun, discovered at 'string.c:84'
  3. 2011-05-11T13:15:59 Error: Memory allocated at string.c:39 was overrun, discovered at 'string.c:84'
  1. 2011-05-11T13:15:59 #0 0x00857424 in __kernel_vsyscall ()
  2. 2011-05-11T13:15:59 #0 0x00857424 in __kernel_vsyscall ()
  3. 2011-05-11T13:15:59 #1 0x008263c3 in pthread_kill () from /lib/libpthread.so.0
  4. 2011-05-11T13:15:59 #2 0x0878175c in my_write_core (sig=11) at stacktrace.c:426
  5. 2011-05-11T13:15:59 #3 0x0828ebf4 in handle_segfault (sig=11) at mysqld.cc:2776
  6. 2011-05-11T13:15:59 #4 <signal handler called>
  7. 2011-05-11T13:15:59 #5 0x006cfc91 in vfprintf () from /lib/libc.so.6
  8. 2011-05-11T13:15:59 #6 0x006d1572 in buffered_vfprintf () from /lib/libc.so.6
  9. 2011-05-11T13:15:59 #7 0x006cc5a3 in vfprintf () from /lib/libc.so.6
  10. 2011-05-11T13:15:59 #8 0x006d6b9f in fprintf () from /lib/libc.so.6
  11. 2011-05-11T13:15:59 #9 0x087658b7 in _checkchunk (irem=0xae585be8, filename=0x89746ff "string.c", lineno=84) at safemalloc.c:492
  12. 2011-05-11T13:15:59 #10 0x08765aa2 in _sanity (filename=0x89746ff "string.c", lineno=84) at safemalloc.c:535
  13. 2011-05-11T13:15:59 #11 0x087650b9 in _myfree (ptr=0xae5859b0, filename=0x89746ff "string.c", lineno=84, myflags=0) at safemalloc.c:280
  14. 2011-05-11T13:15:59 #12 0x08764fc8 in _myrealloc (ptr=0xae5859b0, size=353, filename=0x89746ff "string.c", lineno=84, MyFlags=16) at safemalloc.c:258
  15. 2011-05-11T13:15:59 #13 0x0877326f in dynstr_realloc (str=0xae89ec98, additional_size=10) at string.c:84
  16. 2011-05-11T13:15:59 #14 0x0875b9ee in dynamic_column_var_uint_store (str=0xae89ec98, val=8) at ma_dyncol.c:132
  17. 2011-05-11T13:15:59 #15 0x0875bfb5 in dynamic_column_string_store (str=0xae89ec98, string=0xae5079d4, charset=0x8ab5360) at ma_dyncol.c:409
  18. 2011-05-11T13:15:59 #16 0x0875ca3a in data_store (str=0xae89ec98, value=0xae5079d0) at ma_dyncol.c:816
  19. 2011-05-11T13:15:59 #17 0x0875ebc8 in dynamic_column_update_many (str=0xae89ed84, add_column_count=1, column_numbers=0xae507a10, values=0xae5079d0) at ma_dyncol.c:2010
  20. 2011-05-11T13:15:59 #18 0x082211b4 in Item_func_dyncol_add::val_str (this=0xae5075c8, str=0xae89ef30) at item_strfunc.cc:3745
  21. 2011-05-11T13:15:59 #19 0x082213d2 in Item_dyncol_get::get_dyn_value (this=0xae5076d8, val=0xae89eec4, tmp=0xae89ef30) at item_strfunc.cc:3808
  22. 2011-05-11T13:15:59 #20 0x082217fc in Item_dyncol_get::val_int (this=0xae5076d8) at item_strfunc.cc:3915
  23. 2011-05-11T13:15:59 #21 0x081eed11 in Item_func_signed::val_int (this=0xae507758) at item_func.cc:996
  24. 2011-05-11T13:15:59 #22 0x081daeb6 in Item::update_null_value (this=0xae507758) at item.h:909
  25. 2011-05-11T13:15:59 #23 0x081ff268 in Item_func::is_null (this=0xae507758) at item_func.h:159
  26. 2011-05-11T13:15:59 #24 0x0820f35c in Item_func_isnull::val_int (this=0xae5077d8) at item_cmpfunc.cc:4748
  27. 2011-05-11T13:15:59 #25 0x0832f44a in evaluate_join_record (join=0xae547d98, join_tab=0xae507d60, error=0) at sql_select.cc:14061
  28. 2011-05-11T13:15:59 #26 0x0832f1fd in sub_select (join=0xae547d98, join_tab=0xae507d60, end_of_records=false) at sql_select.cc:14006
  29. 2011-05-11T13:15:59 #27 0x0832e487 in do_select (join=0xae547d98, fields=0x9da1a38, table=0x0, procedure=0x0) at sql_select.cc:13501
  30. 2011-05-11T13:15:59 #28 0x08314cf2 in JOIN::exec (this=0xae547d98) at sql_select.cc:2482
  31. 2011-05-11T13:15:59 #29 0x0831550e in mysql_select (thd=0x9da0008, rref_pointer_array=0x9da1aa8, tables=0xae507158, wild_num=0, fields=..., conds=0xae5077d8, og_num=0,
  32. 2011-05-11T13:15:59 order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147764736, result=0xae5078d0, unit=0x9da1708, select_lex=0x9da19a4)
  33. 2011-05-11T13:15:59 at sql_select.cc:2701
  34. 2011-05-11T13:15:59 #30 0x0830dd6b in handle_select (thd=0x9da0008, lex=0x9da16ac, result=0xae5078d0, setup_tables_done_option=0) at sql_select.cc:282
  35. 2011-05-11T13:15:59 #31 0x082aa718 in execute_sqlcom_select (thd=0x9da0008, all_tables=0xae507158) at sql_parse.cc:5094
  36. 2011-05-11T13:15:59 #32 0x082a1562 in mysql_execute_command (thd=0x9da0008) at sql_parse.cc:2239
  37. 2011-05-11T13:15:59 #33 0x082accbb in mysql_parse (thd=0x9da0008,
  38. 2011-05-11T13:15:59 rawbuf=0xae506ba0 "SELECT COLUMN_DELETE( `col_blob_not_null_key` , 188 ) FROM `table10_aria_int_autoinc` WHERE COLUMN_GET( COLUMN_ADD( `col_tinyblob_key` , 9 , 'tqwsylzafh' ) , 0 AS INTEGER ) IS NULL", length=181, found_semicolon=0xae8a0228) at sql_parse.cc:6094
  39. 2011-05-11T13:15:59 #34 0x0829f1eb in dispatch_command (command=COM_QUERY, thd=0x9da0008, packet=0x9dfa8e9 "", packet_length=181) at sql_parse.cc:1215
  40. 2011-05-11T13:15:59 #35 0x0829e649 in do_command (thd=0x9da0008) at sql_parse.cc:904
  41. 2011-05-11T13:15:59 #36 0x0829b6fc in handle_one_connection (arg=0x9da0008) at sql_connect.cc:1154
  42. 2011-05-11T13:15:59 #37 0x00821919 in start_thread () from /lib/libpthread.so.0
  43. 2011-05-11T13:15:59 #38 0x0076acce in clone () from /lib/libc.so.6
Comment by Philip Stoev (Inactive) [ 2011-05-11 ]

Unsimplified test case. When run without valgrind, causes the following crash as well:

  1. 2011-05-11T13:15:59 Error: Memory allocated at string.c:39 was overrun, discovered at 'string.c:84'
  2. 2011-05-11T13:15:59 Error: Memory allocated at string.c:39 was overrun, discovered at 'string.c:84'
  3. 2011-05-11T13:15:59 Error: Memory allocated at string.c:39 was overrun, discovered at 'string.c:84'
  1. 2011-05-11T13:15:59 #0 0x00857424 in __kernel_vsyscall ()
  2. 2011-05-11T13:15:59 #0 0x00857424 in __kernel_vsyscall ()
  3. 2011-05-11T13:15:59 #1 0x008263c3 in pthread_kill () from /lib/libpthread.so.0
  4. 2011-05-11T13:15:59 #2 0x0878175c in my_write_core (sig=11) at stacktrace.c:426
  5. 2011-05-11T13:15:59 #3 0x0828ebf4 in handle_segfault (sig=11) at mysqld.cc:2776
  6. 2011-05-11T13:15:59 #4 <signal handler called>
  7. 2011-05-11T13:15:59 #5 0x006cfc91 in vfprintf () from /lib/libc.so.6
  8. 2011-05-11T13:15:59 #6 0x006d1572 in buffered_vfprintf () from /lib/libc.so.6
  9. 2011-05-11T13:15:59 #7 0x006cc5a3 in vfprintf () from /lib/libc.so.6
  10. 2011-05-11T13:15:59 #8 0x006d6b9f in fprintf () from /lib/libc.so.6
  11. 2011-05-11T13:15:59 #9 0x087658b7 in _checkchunk (irem=0xae585be8, filename=0x89746ff "string.c", lineno=84) at safemalloc.c:492
  12. 2011-05-11T13:15:59 #10 0x08765aa2 in _sanity (filename=0x89746ff "string.c", lineno=84) at safemalloc.c:535
  13. 2011-05-11T13:15:59 #11 0x087650b9 in _myfree (ptr=0xae5859b0, filename=0x89746ff "string.c", lineno=84, myflags=0) at safemalloc.c:280
  14. 2011-05-11T13:15:59 #12 0x08764fc8 in _myrealloc (ptr=0xae5859b0, size=353, filename=0x89746ff "string.c", lineno=84, MyFlags=16) at safemalloc.c:258
  15. 2011-05-11T13:15:59 #13 0x0877326f in dynstr_realloc (str=0xae89ec98, additional_size=10) at string.c:84
  16. 2011-05-11T13:15:59 #14 0x0875b9ee in dynamic_column_var_uint_store (str=0xae89ec98, val=8) at ma_dyncol.c:132
  17. 2011-05-11T13:15:59 #15 0x0875bfb5 in dynamic_column_string_store (str=0xae89ec98, string=0xae5079d4, charset=0x8ab5360) at ma_dyncol.c:409
  18. 2011-05-11T13:15:59 #16 0x0875ca3a in data_store (str=0xae89ec98, value=0xae5079d0) at ma_dyncol.c:816
  19. 2011-05-11T13:15:59 #17 0x0875ebc8 in dynamic_column_update_many (str=0xae89ed84, add_column_count=1, column_numbers=0xae507a10, values=0xae5079d0) at ma_dyncol.c:2010
  20. 2011-05-11T13:15:59 #18 0x082211b4 in Item_func_dyncol_add::val_str (this=0xae5075c8, str=0xae89ef30) at item_strfunc.cc:3745
  21. 2011-05-11T13:15:59 #19 0x082213d2 in Item_dyncol_get::get_dyn_value (this=0xae5076d8, val=0xae89eec4, tmp=0xae89ef30) at item_strfunc.cc:3808
  22. 2011-05-11T13:15:59 #20 0x082217fc in Item_dyncol_get::val_int (this=0xae5076d8) at item_strfunc.cc:3915
  23. 2011-05-11T13:15:59 #21 0x081eed11 in Item_func_signed::val_int (this=0xae507758) at item_func.cc:996
  24. 2011-05-11T13:15:59 #22 0x081daeb6 in Item::update_null_value (this=0xae507758) at item.h:909
  25. 2011-05-11T13:15:59 #23 0x081ff268 in Item_func::is_null (this=0xae507758) at item_func.h:159
  26. 2011-05-11T13:15:59 #24 0x0820f35c in Item_func_isnull::val_int (this=0xae5077d8) at item_cmpfunc.cc:4748
  27. 2011-05-11T13:15:59 #25 0x0832f44a in evaluate_join_record (join=0xae547d98, join_tab=0xae507d60, error=0) at sql_select.cc:14061
  28. 2011-05-11T13:15:59 #26 0x0832f1fd in sub_select (join=0xae547d98, join_tab=0xae507d60, end_of_records=false) at sql_select.cc:14006
  29. 2011-05-11T13:15:59 #27 0x0832e487 in do_select (join=0xae547d98, fields=0x9da1a38, table=0x0, procedure=0x0) at sql_select.cc:13501
  30. 2011-05-11T13:15:59 #28 0x08314cf2 in JOIN::exec (this=0xae547d98) at sql_select.cc:2482
  31. 2011-05-11T13:15:59 #29 0x0831550e in mysql_select (thd=0x9da0008, rref_pointer_array=0x9da1aa8, tables=0xae507158, wild_num=0, fields=..., conds=0xae5077d8, og_num=0,
  32. 2011-05-11T13:15:59 order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147764736, result=0xae5078d0, unit=0x9da1708, select_lex=0x9da19a4)
  33. 2011-05-11T13:15:59 at sql_select.cc:2701
  34. 2011-05-11T13:15:59 #30 0x0830dd6b in handle_select (thd=0x9da0008, lex=0x9da16ac, result=0xae5078d0, setup_tables_done_option=0) at sql_select.cc:282
  35. 2011-05-11T13:15:59 #31 0x082aa718 in execute_sqlcom_select (thd=0x9da0008, all_tables=0xae507158) at sql_parse.cc:5094
  36. 2011-05-11T13:15:59 #32 0x082a1562 in mysql_execute_command (thd=0x9da0008) at sql_parse.cc:2239
  37. 2011-05-11T13:15:59 #33 0x082accbb in mysql_parse (thd=0x9da0008,
  38. 2011-05-11T13:15:59 rawbuf=0xae506ba0 "SELECT COLUMN_DELETE( `col_blob_not_null_key` , 188 ) FROM `table10_aria_int_autoinc` WHERE COLUMN_GET( COLUMN_ADD( `col_tinyblob_key` , 9 , 'tqwsylzafh' ) , 0 AS INTEGER ) IS NULL", length=181, found_semicolon=0xae8a0228) at sql_parse.cc:6094
  39. 2011-05-11T13:15:59 #34 0x0829f1eb in dispatch_command (command=COM_QUERY, thd=0x9da0008, packet=0x9dfa8e9 "", packet_length=181) at sql_parse.cc:1215
  40. 2011-05-11T13:15:59 #35 0x0829e649 in do_command (thd=0x9da0008) at sql_parse.cc:904
  41. 2011-05-11T13:15:59 #36 0x0829b6fc in handle_one_connection (arg=0x9da0008) at sql_connect.cc:1154
  42. 2011-05-11T13:15:59 #37 0x00821919 in start_thread () from /lib/libpthread.so.0
  43. 2011-05-11T13:15:59 #38 0x0076acce in clone () from /lib/libc.so.6

bug778917.test
LPexportBug778917_bug778917.test

Comment by Michael Widenius [ 2011-05-11 ]

Re: Valgrind warnings in maria-5.3-mwl34
The problem was using a wrong (too short) strong to column_add().
I have now added a check to detect this + a test case.

Comment by Rasmus Johansson (Inactive) [ 2011-05-11 ]

Launchpad bug id: 778917

Generated at Thu Feb 08 06:47:14 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.