[#MDEV-32436] MSAN / Valgrind errors upon subquery from InnoDB table

--source include/have_innodb.inc

CREATE TABLE t1 (a VARCHAR(256)) ENGINE=InnoDB;

INSERT INTO t1 VALUES (1),(5);

CREATE TABLE t2 (b INT) ENGINE=InnoDB;

INSERT INTO t2 VALUES (2),(3);

SELECT * FROM t1 WHERE EXISTS (SELECT 1 FROM t2 WHERE b <> t1.a);

# Cleanup

DROP TABLE t1, t2;

10.4 0c7af6a2 Valgrind
==1983132== Thread 27:
==1983132== Conditional jump or move depends on uninitialised value(s)
==1983132== at 0x1280A8A: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58)
==1983132== by 0x1282A8D: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220)
==1983132== by 0x1282DD3: rec_set_n_fields_old(unsigned char*, unsigned long) (rem0rec.inl:431)
==1983132== by 0x128811B: rec_convert_dtuple_to_rec_old(unsigned char, dtuple_t const, unsigned long) (rem0rec.cc:1425)
==1983132== by 0x1288971: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1776)
==1983132== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1983132== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1983132== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==1983132== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==1983132== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==1983132== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==1983132== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==1983132== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==1983132== by 0x1276DC8: que_thr_step(que_thr_t*) (que0que.cc:945)
==1983132== by 0x12771CD: que_run_threads_low(que_thr_t*) (que0que.cc:1028)
==1983132== by 0x1277467: que_run_threads(que_thr_t*) (que0que.cc:1068)
==1983132==
==1983132== Conditional jump or move depends on uninitialised value(s)
==1983132== at 0x12809EC: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41)
==1983132== by 0x12824A4: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178)
==1983132== by 0x1282FDD: rec_set_info_bits_old(unsigned char*, unsigned long) (rem0rec.inl:575)
==1983132== by 0x128813E: rec_convert_dtuple_to_rec_old(unsigned char, dtuple_t const, unsigned long) (rem0rec.cc:1428)
==1983132== by 0x1288971: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1776)
==1983132== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1983132== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1983132== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==1983132== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==1983132== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==1983132== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==1983132== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==1983132== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==1983132== by 0x1276DC8: que_thr_step(que_thr_t*) (que0que.cc:945)
==1983132== by 0x12771CD: que_run_threads_low(que_thr_t*) (que0que.cc:1028)
==1983132== by 0x1277467: que_run_threads(que_thr_t*) (que0que.cc:1068)
==1983132==
==1983132== Conditional jump or move depends on uninitialised value(s)
==1983132== at 0x1280A8A: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58)
==1983132== by 0x1282A8D: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220)
==1983132== by 0x128311A: rec_set_heap_no_new(unsigned char*, unsigned long) (rem0rec.inl:764)
==1983132== by 0x1291B9A: void rec_convert_dtuple_to_rec_comp<false, false>(unsigned char, dict_index_t const, dfield_t const*, unsigned long, rec_comp_status_t, bool) (rem0rec.cc:1562)
==1983132== by 0x1288669: rec_convert_dtuple_to_rec_new(unsigned char, dict_index_t const, dtuple_t const*) (rem0rec.cc:1742)
==1983132== by 0x1288954: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1774)
==1983132== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1983132== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1983132== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==1983132== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==1983132== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==1983132== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==1983132== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==1983132== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==1983132== by 0x12EDBB0: row_insert_for_mysql(unsigned char const, row_prebuilt_t, ins_mode_t) (row0mysql.cc:1395)
==1983132== by 0x111F5A3: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171)
==1983132==
==1983132== Conditional jump or move depends on uninitialised value(s)
==1983132== at 0x12809EC: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41)
==1983132== by 0x12824A4: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178)
==1983132== by 0x1283010: rec_set_info_bits_new(unsigned char*, unsigned long) (rem0rec.inl:587)
==1983132== by 0x1288686: rec_convert_dtuple_to_rec_new(unsigned char, dict_index_t const, dtuple_t const*) (rem0rec.cc:1747)
==1983132== by 0x1288954: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1774)
==1983132== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==1983132== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==1983132== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==1983132== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==1983132== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==1983132== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==1983132== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==1983132== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==1983132== by 0x12EDBB0: row_insert_for_mysql(unsigned char const, row_prebuilt_t, ins_mode_t) (row0mysql.cc:1395)
==1983132== by 0x111F5A3: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171)
==1983132== by 0xD0ACD9: handler::ha_write_row(unsigned char const*) (handler.cc:6860)
==1983132==

10.6 8941bdc47 MSAN
Uninitialized bytes in MemcmpInterceptorCommon at offset 4 inside [0x7150000a03b8, 259)
==2014396==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x55b671823c3e in bcmp (/mnt8t/src/10.6-msan/sql/mariadbd+0x79dc3e)
#1 0x55b671f635e0 in cmp_buffer_with_ref(THD, TABLE, st_table_ref*) /data/src/10.6-msan/sql/sql_select.cc:25596:10
#2 0x55b671f635e0 in join_read_key2(THD, st_join_table, TABLE, st_table_ref) /data/src/10.6-msan/sql/sql_select.cc:22391:7
#3 0x55b6724ee6d7 in Expression_cache_tmptable::check_value(Item**) /data/src/10.6-msan/sql/sql_expression_cache.cc:223:15
#4 0x55b672b2072b in Item_cache_wrapper::check_cache() /data/src/10.6-msan/sql/item.cc:8848:22
#5 0x55b672b20fca in Item_cache_wrapper::val_int() /data/src/10.6-msan/sql/item.cc:8911:22
#6 0x55b672b8aace in Item_in_optimizer::val_int() /data/src/10.6-msan/sql/item_cmpfunc.cc:1637:28
#7 0x55b671f617b9 in evaluate_join_record(JOIN, st_join_table, int) /data/src/10.6-msan/sql/sql_select.cc:21825:25
#8 0x55b671e33847 in sub_select(JOIN, st_join_table, bool) /data/src/10.6-msan/sql/sql_select.cc:21766:9
#9 0x55b671ed39cd in do_select(JOIN, Procedure) /data/src/10.6-msan/sql/sql_select.cc:21257:14
#10 0x55b671ed39cd in JOIN::exec_inner() /data/src/10.6-msan/sql/sql_select.cc:4834:50
#11 0x55b671ecf547 in JOIN::exec() /data/src/10.6-msan/sql/sql_select.cc:4612:3
#12 0x55b671e367d0 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /data/src/10.6-msan/sql/sql_select.cc:5091:9
#13 0x55b671e351e6 in handle_select(THD, LEX, select_result*, unsigned long) /data/src/10.6-msan/sql/sql_select.cc:559:10
#14 0x55b671d6a64a in execute_sqlcom_select(THD, TABLE_LIST) /data/src/10.6-msan/sql/sql_parse.cc:6285:12
#15 0x55b671d442fe in mysql_execute_command(THD*, bool) /data/src/10.6-msan/sql/sql_parse.cc:3961:12
#16 0x55b671d2bd5a in mysql_parse(THD, char, unsigned int, Parser_state*) /data/src/10.6-msan/sql/sql_parse.cc:8050:18
#17 0x55b671d202a0 in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /data/src/10.6-msan/sql/sql_parse.cc:1896:7
#18 0x55b671d2e150 in do_command(THD*, bool) /data/src/10.6-msan/sql/sql_parse.cc:1409:17
#19 0x55b67235de9f in do_handle_one_connection(CONNECT*, bool) /data/src/10.6-msan/sql/sql_connect.cc:1416:11
#20 0x55b67235d485 in handle_one_connection /data/src/10.6-msan/sql/sql_connect.cc:1318:5
#21 0x55b6737d24ca in pfs_spawn_thread /data/src/10.6-msan/storage/perfschema/pfs.cc:2201:3
#22 0x7f3b2b3b1fd3 in start_thread nptl/./nptl/pthread_create.c:442:8
#23 0x7f3b2b4325bb in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Uninitialized value was stored to memory at
#0 0x55b671819749 in __msan_memcpy (/mnt8t/src/10.6-msan/sql/mariadbd+0x793749)
#1 0x55b671f6393f in cmp_buffer_with_ref(THD, TABLE, st_table_ref*) /data/src/10.6-msan/sql/sql_select.cc:25588:7
#2 0x55b671f6393f in join_read_key2(THD, st_join_table, TABLE, st_table_ref) /data/src/10.6-msan/sql/sql_select.cc:22391:7

Uninitialized value was stored to memory at
#0 0x55b671819749 in __msan_memcpy (/mnt8t/src/10.6-msan/sql/mariadbd+0x793749)
#1 0x55b6729fe792 in field_conv_memcpy(Field, Field) /data/src/10.6-msan/sql/field_conv.cc:881:5
#2 0x55b6729fe792 in field_conv(Field, Field) /data/src/10.6-msan/sql/field_conv.cc:911:10

Memory was marked as uninitialized
#0 0x55b67181feee in __msan_allocated_memory (/mnt8t/src/10.6-msan/sql/mariadbd+0x799eee)
#1 0x55b67414981e in row_sel_field_store_in_mysql_format_func(unsigned char, mysql_row_templ_t const, dict_index_t const, unsigned long, unsigned char const, unsigned long) /data/src/10.6-msan/storage/innobase/row/row0sel.cc:2802:2

SUMMARY: MemorySanitizer: use-of-uninitialized-value (/mnt8t/src/10.6-msan/sql/mariadbd+0x79dc3e) in bcmp
Exiting

10.6 625a150a86ce6da15fb5c3c39924723c9933bc51
Thread 2 hit Breakpoint 1, 0x000055e3e1730af0 in __sanitizer::Die() ()
(rr) bt
#0 0x000055e3e1730af0 in __sanitizer::Die() ()
#1 0x000055e3e1755de2 in MemcmpInterceptorCommon(void, int ()(void const, void const, unsigned long), void const, void const, unsigned long) ()
#2 0x000055e3e1755fb2 in bcmp ()
#3 0x000055e3e288e9ee in cmp_buffer_with_ref (thd=<optimized out>, table=0x720000050030, tab_ref=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:25596
#4 join_read_key2 (thd=<optimized out>, tab=tab@entry=0x0, table=0x720000050030, table_ref=table_ref@entry=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:22391
#5 0x000055e3e2e72bf3 in Expression_cache_tmptable::check_value (this=0x7130000210b0, value=0x7f05582ed740) at /mariadb/10.6/sql/sql_expression_cache.cc:223
#6 0x000055e3e1b21bcf in Item_cache_wrapper::check_cache (this=0x70d000006c40) at /mariadb/10.6/sql/item.cc:8848
#7 Item_cache_wrapper::val_int (this=0x70d000006c40) at /mariadb/10.6/sql/item.cc:8911
…
(rr) f 3
#3 0x000055e3e288e9ee in cmp_buffer_with_ref (thd=<optimized out>, table=0x720000050030, tab_ref=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:25596
25596 return memcmp(tab_ref->key_buff2, tab_ref->key_buff, tab_ref->key_length)
(rr) i lo
no_prev_key = <optimized out>
(rr) p *tab_ref
$1 = {key_err = false, has_record = true, key_parts = 1, key_length = 259, key = 0, key_buff = 0x7150000a0030 "", key_buff2 = 0x7150000a0138 "", key_copy = 0x704000021570,
const_ref_part_map = 11936128518282651045, items = 0x7040000215b0, cond_guards = 0xa5a5a5a5a5a5a5a5, null_rejecting = 1, depend_map = 11936128518282651045,
null_ref_key = 0xa5a5a5a5a5a5a5a5 <error: Cannot access memory at address 0xa5a5a5a5a5a5a5a5>, null_ref_part = 2779096485, use_count = 0, disable_cache = false, uses_splitting = 165}
(rr) call (void)__msan_print_shadow(tab_ref->key_buff2,tab_ref->key_length)
Shadow map [0x2150000a0138, 0x2150000a023b) of [0x7150000a0138, 0x7150000a023b), 259 bytes:
0x2150000a0138[0x7150000a0138]: 00000000 ffffffff ffffffff ffffffff \|. A A A\|
0x2150000a0148[0x7150000a0148]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0158[0x7150000a0158]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0168[0x7150000a0168]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0178[0x7150000a0178]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0188[0x7150000a0188]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0198[0x7150000a0198]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a01a8[0x7150000a01a8]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a01b8[0x7150000a01b8]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a01c8[0x7150000a01c8]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a01d8[0x7150000a01d8]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a01e8[0x7150000a01e8]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a01f8[0x7150000a01f8]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0208[0x7150000a0208]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0218[0x7150000a0218]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0228[0x7150000a0228]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0238[0x7150000a0238]: ffffff.. ........ ........ ........ \|A . . .\|
…

10.6 625a150a86ce6da15fb5c3c39924723c9933bc51
(rr) break __sanitizer::Die
Breakpoint 1 at 0x55e3e1730af0
(rr) c
Continuing.
2023-10-11 13:46:43 0 [Warning] Could not increase number of max_open_files to more than 1024 (request: 32183)
2023-10-11 13:46:43 0 [Warning] Changed limits: max_open_files: 1024 max_connections: 151 (was 151) table_cache: 421 (was 2000)
…
Thread 2 hit Breakpoint 1, 0x000055e3e1730af0 in __sanitizer::Die() ()
(rr) f 3
#3 0x000055e3e288e9ee in cmp_buffer_with_ref (thd=<optimized out>, table=0x720000050030, tab_ref=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:25596
25596 return memcmp(tab_ref->key_buff2, tab_ref->key_buff, tab_ref->key_length)
(rr) call (void)__msan_print_shadow(tab_ref->key_buff,tab_ref->key_length)
Shadow map [0x2150000a0030, 0x2150000a0133) of [0x7150000a0030, 0x7150000a0133), 259 bytes:
0x2150000a0030[0x7150000a0030]: 00000000 ffffffff ffffffff ffffffff \|. A A A\|
0x2150000a0040[0x7150000a0040]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0050[0x7150000a0050]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0060[0x7150000a0060]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0070[0x7150000a0070]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0080[0x7150000a0080]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0090[0x7150000a0090]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a00a0[0x7150000a00a0]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a00b0[0x7150000a00b0]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a00c0[0x7150000a00c0]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a00d0[0x7150000a00d0]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a00e0[0x7150000a00e0]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a00f0[0x7150000a00f0]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0100[0x7150000a0100]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0110[0x7150000a0110]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0120[0x7150000a0120]: ffffffff ffffffff ffffffff ffffffff \|A A A A\|
0x2150000a0130[0x7150000a0130]: ffffff.. ........ ........ ........ \|A . . .\|
…

10.6 625a150a86ce6da15fb5c3c39924723c9933bc51
Thread 2 hit Breakpoint 1, 0x000055e3e1730af0 in __sanitizer::Die() ()
(rr) watch (char)0x2150000a0030@8
Hardware watchpoint 2: (char)0x2150000a0030@8
(rr) watch (char)0x2150000a0138@8
Hardware watchpoint 3: (char)0x2150000a0138@8
(rr) reverse-continue
Continuing.

Thread 2 hit Hardware watchpoint 2: (char)0x2150000a0030@8

Old value = "\000\000\000\000\377\377\377\377"
New value = "\000\000\000\000\000\000\000"
__memcpy_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:501
501 ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S: Tiedostoa tai hakemistoa ei ole.
(rr) bt
#0 __memcpy_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:501
#1 0x000055e3e17a4bdf in __msan::CopyShadowAndOrigin(void const, void const, unsigned long, __sanitizer::StackTrace*) ()
#2 0x000055e3e174ade0 in __msan_memcpy ()
#3 0x000055e3e1c3ba18 in field_conv_memcpy (to=0x7110000869f0, from=<optimized out>) at /mariadb/10.6/sql/field_conv.cc:881
#4 field_conv (to=0x7110000869f0, from=<optimized out>) at /mariadb/10.6/sql/field_conv.cc:911
#5 0x000055e3e28e93e9 in store_key_item::copy_inner (this=0x707000007650) at /mariadb/10.6/sql/sql_select.h:2029
#6 0x000055e3e289c623 in store_key::copy (this=0x707000007650, thd=<optimized out>) at /mariadb/10.6/sql/sql_select.h:1924
#7 cp_buffer_from_ref (thd=thd@entry=0x72b000070018, table=table@entry=0x720000050030, ref=ref@entry=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:25611
#8 0x000055e3e288e908 in cmp_buffer_with_ref (thd=0x72b000070018, table=0x720000050030, tab_ref=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:25593
#9 join_read_key2 (thd=0x72b000070018, tab=tab@entry=0x0, table=0x720000050030, table_ref=table_ref@entry=0x713000021170) at /mariadb/10.6/sql/sql_select.cc:22391
#10 0x000055e3e2e72bf3 in Expression_cache_tmptable::check_value (this=0x7130000210b0, value=0x7f05582ed740) at /mariadb/10.6/sql/sql_expression_cache.cc:223
#11 0x000055e3e1b21bcf in Item_cache_wrapper::check_cache (this=0x70d000006c40) at /mariadb/10.6/sql/item.cc:8848
#12 Item_cache_wrapper::val_int (this=0x70d000006c40) at /mariadb/10.6/sql/item.cc:8911
#13 0x000055e3e1a076ea in Item_in_optimizer::val_int (this=0x710000014830) at /mariadb/10.6/sql/item_cmpfunc.cc:1637
…
(rr) frame 3
#3 0x000055e3e1c3ba18 in field_conv_memcpy (to=0x7110000869f0, from=<optimized out>) at /mariadb/10.6/sql/field_conv.cc:881
881 memcpy(to->ptr,from->ptr, to->pack_length());
(rr) p (Field_varstring)to
$1 = {<Field_longstr> = {<Field_str> = {<Field> = {<Value_source> = {<No data fields>}, _vptr$Field = 0x55e3e4dfc0a0 <vtable for Field_varstring+16>, ptr = 0x7150000a0031 "", null_ptr = 0x7150000a0030 "",
table = 0x720000050030, orig_table = 0x719000041f18, table_name = 0x720000050140, field_name = {str = 0x704000020d70 "a", length = 1}, comment = {str = 0x55e3e0f1d008 "", length = 0},
option_list = 0x0, option_struct = 0x0, key_start = {buffer = {0}}, part_of_key = {buffer = {0}}, part_of_key_not_clustered = {buffer = {0}}, part_of_sortkey = {buffer = {0}},
unireg_check = Field::NONE, invisible = VISIBLE, field_length = 256, flags = 0, field_index = 1, null_bit = 1 '\001', is_created_from_null_item = false, cond_selectivity = 1, next_equal_field = 0x0,
read_stats = 0x0, collected_stats = 0x0, vcol_info = 0x0, check_constraint = 0x0, default_value = 0x0}, m_collation = {collation = 0x55e3e50f3950 <my_charset_latin1>, derivation = DERIVATION_IMPLICIT,
repertoire = MY_REPERTOIRE_UNICODE30}}, <No data fields>}, length_bytes = 2}

  uint32 pack_length() const override

  { return (uint32) field_length+length_bytes; }

10.6 625a150a86ce6da15fb5c3c39924723c9933bc51
(rr) p/x (char)0x2150000a1e31@100
$5 = {0x0, 0x0, 0x0, 0xff <repeats 97 times>}
(rr) p/x (char)0x7150000a1e31@3
$6 = {0x1, 0x0, 0x35}
(rr) watch -l (char)0x7150000a1e31@3
Hardware watchpoint 4: -location (char)0x7150000a1e31@3
(rr) rc
Continuing.

Thread 2 hit Hardware watchpoint 4: -location (char)0x7150000a1e31@3

Old value = "\001\0005"
New value = "\001\0001"
__memcpy_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:323
323 in ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S
(rr) bt
#0 __memcpy_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:323
#1 0x000055e3e174adc8 in __msan_memcpy ()
#2 0x000055e3e41bb193 in row_sel_field_store_in_mysql_format_func (dest=0x7150000a1e33 "1", dest@entry=0x7150000a1e30 "\376\001", templ=0x709000009120, index=index@entry=0x7150000a2108,
field_no=field_no@entry=3, data=0x7f055f1cc0ad "5", len=1) at /mariadb/10.6/storage/innobase/row/row0sel.cc:2937
#3 0x000055e3e41ffd43 in row_sel_store_mysql_field (mysql_rec=mysql_rec@entry=0x7150000a1e30 "\376\001", prebuilt=prebuilt@entry=0x71f00000fc88, rec=rec@entry=0x7f055f1cc09a "",
index=index@entry=0x7150000a2108, offsets=0x7f05582ed020, field_no=3, templ=0x709000009120) at /mariadb/10.6/storage/innobase/row/row0sel.cc:3093
#4 0x000055e3e41db2eb in row_sel_store_mysql_rec (mysql_rec=0x7150000a1e30 "\376\001", mysql_rec@entry=0x2150000a2134 "", prebuilt=0x71f00000fc88, prebuilt@entry=0x1719000000ccc, rec=0x7f055f1cc09a "",
rec@entry=0x0, vrow=0x0, rec_clust=false, index=0x7150000a2108, index@entry=0x0, offsets=0x7f05582ed020) at /mariadb/10.6/storage/innobase/row/row0sel.cc:3229
#5 0x000055e3e41d07b2 in row_search_mvcc (buf=<optimized out>, buf@entry=0x7150000a1e30 "\376\001", mode=<optimized out>, mode@entry=PAGE_CUR_UNSUPP, prebuilt=<optimized out>, match_mode=<optimized out>,
match_mode@entry=0, direction=<optimized out>, direction@entry=1) at /mariadb/10.6/storage/innobase/row/row0sel.cc:5684
#6 0x000055e3e35f7dd5 in ha_innobase::general_fetch (this=0x71d000127030, buf=0x7150000a1e30 "\376\001", direction=direction@entry=1, match_mode=match_mode@entry=0)
at /mariadb/10.6/storage/innobase/handler/ha_innodb.cc:9388
#7 0x000055e3e35f8e13 in ha_innobase::rnd_next (this=0x7150000a1e33, buf=0x7f055f1cc0ad "5") at /mariadb/10.6/storage/innobase/handler/ha_innodb.cc:9591
#8 0x000055e3e1875e5e in handler::ha_rnd_next (this=0x71d000127030, buf=0x7150000a1e30 "\376\001") at /mariadb/10.6/sql/handler.cc:3460
#9 0x000055e3e202fb95 in rr_sequential (info=0x71e000012d08) at /mariadb/10.6/sql/records.cc:519
#10 0x000055e3e27728a7 in READ_RECORD::read_record (this=0x71e000012d08) at /mariadb/10.6/sql/records.h:81
#11 sub_select (join=0x71a000040230, join_tab=0x71e000012c30, end_of_records=<optimized out>) at /mariadb/10.6/sql/sql_select.cc:21746
#12 0x000055e3e28062ae in do_select (join=join@entry=0x71a000040230, procedure=<optimized out>) at /mariadb/10.6/sql/sql_select.cc:21257
#13 0x000055e3e2802f0b in JOIN::exec_inner (this=0x71a000040230) at /mariadb/10.6/sql/sql_select.cc:4834
#14 0x000055e3e28002c6 in JOIN::exec (this=this@entry=0x71a000040230) at /mariadb/10.6/sql/sql_select.cc:4612
#15 0x000055e3e277528b in mysql_select (thd=0x72b000070018, thd@entry=0x0, tables=0x71c000041830, tables@entry=0x2e7, fields=<error reading variable: Cannot access memory at address 0x55e300000000>,
conds=0x713000021270, conds@entry=0x0, og_num=og_num@entry=0, order=order@entry=0x0, group=<optimized out>, having=<optimized out>, proc_param=<optimized out>, select_options=<optimized out>,
result=<optimized out>, unit=<optimized out>, select_lex=<optimized out>) at /mariadb/10.6/sql/sql_select.cc:5091
#16 0x000055e3e2773faf in handle_select (thd=<optimized out>, thd@entry=0x72b000070018, lex=lex@entry=0x72b000074110, result=<optimized out>, result@entry=0x7060000195f0,
setup_tables_done_option=setup_tables_done_option@entry=0) at /mariadb/10.6/sql/sql_select.cc:559
#17 0x000055e3e265e729 in execute_sqlcom_select (thd=thd@entry=0x72b000070018, all_tables=0x71c000041830) at /mariadb/10.6/sql/sql_parse.cc:6285
#18 0x000055e3e264021b in mysql_execute_command (thd=thd@entry=0x72b000070018, is_called_from_prepared_stmt=false) at /mariadb/10.6/sql/sql_parse.cc:3961
#19 0x000055e3e262a173 in mysql_parse (thd=thd@entry=0x72b000070018, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f05582ef270) at /mariadb/10.6/sql/sql_parse.cc:8050
#20 0x000055e3e2621640 in dispatch_command (command=command@entry=COM_QUERY, thd=0x72b000070018, packet=<optimized out>, packet_length=packet_length@entry=64, blocking=true)
at /mariadb/10.6/sql/sql_parse.cc:1896
#21 0x000055e3e262b542 in do_command (thd=0x7f055f1cc0ad, blocking=true) at /mariadb/10.6/sql/sql_parse.cc:1409
#22 0x000055e3e2cbcc7f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x7060000124f8, put_in_cache=true) at /mariadb/10.6/sql/sql_connect.cc:1416
#23 0x000055e3e2cbc116 in handle_one_connection (arg=0x7060000124f8) at /mariadb/10.6/sql/sql_connect.cc:1318
#24 0x00007f0562aa63ec in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:444
#25 0x00007f0562b26970 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:100

--source include/have_innodb.inc

--source include/have_sequence.inc

CREATE TABLE t (a varchar(256), b varchar(256)) ENGINE=InnoDB;

INSERT INTO t SELECT 'foo','bar' FROM seq_1_to_20;

SELECT * FROM t WHERE b IN (SELECT a FROM t);

# Cleanup

DROP TABLE t;

10.4 0c7af6a2 valgrind
==271965== Thread 27:
==271965== Conditional jump or move depends on uninitialised value(s)
==271965== at 0x1280A8A: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58)
==271965== by 0x1282A8D: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220)
==271965== by 0x1282DD3: rec_set_n_fields_old(unsigned char*, unsigned long) (rem0rec.inl:431)
==271965== by 0x128811B: rec_convert_dtuple_to_rec_old(unsigned char, dtuple_t const, unsigned long) (rem0rec.cc:1425)
==271965== by 0x1288971: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1776)
==271965== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==271965== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==271965== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==271965== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==271965== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==271965== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==271965== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==271965== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==271965== by 0x1276DC8: que_thr_step(que_thr_t*) (que0que.cc:945)
==271965== by 0x12771CD: que_run_threads_low(que_thr_t*) (que0que.cc:1028)
==271965== by 0x1277467: que_run_threads(que_thr_t*) (que0que.cc:1068)
==271965== Conditional jump or move depends on uninitialised value(s)
==271965== at 0x12809EC: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41)
==271965== by 0x12824A4: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178)
==271965== by 0x1282FDD: rec_set_info_bits_old(unsigned char*, unsigned long) (rem0rec.inl:575)
==271965== by 0x128813E: rec_convert_dtuple_to_rec_old(unsigned char, dtuple_t const, unsigned long) (rem0rec.cc:1428)
==271965== by 0x1288971: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1776)
==271965== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==271965== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==271965== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==271965== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==271965== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==271965== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==271965== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==271965== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==271965== by 0x1276DC8: que_thr_step(que_thr_t*) (que0que.cc:945)
==271965== by 0x12771CD: que_run_threads_low(que_thr_t*) (que0que.cc:1028)
==271965== by 0x1277467: que_run_threads(que_thr_t*) (que0que.cc:1068)
==271965== Conditional jump or move depends on uninitialised value(s)
==271965== at 0x1280A8A: mach_write_to_2(unsigned char*, unsigned long) (mach0data.inl:58)
==271965== by 0x1282A8D: rec_set_bit_field_2(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:220)
==271965== by 0x128311A: rec_set_heap_no_new(unsigned char*, unsigned long) (rem0rec.inl:764)
==271965== by 0x1291B9A: void rec_convert_dtuple_to_rec_comp<false, false>(unsigned char, dict_index_t const, dfield_t const*, unsigned long, rec_comp_status_t, bool) (rem0rec.cc:1562)
==271965== by 0x1288669: rec_convert_dtuple_to_rec_new(unsigned char, dict_index_t const, dtuple_t const*) (rem0rec.cc:1742)
==271965== by 0x1288954: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1774)
==271965== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==271965== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==271965== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==271965== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==271965== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==271965== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==271965== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==271965== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==271965== by 0x12EDBB0: row_insert_for_mysql(unsigned char const, row_prebuilt_t, ins_mode_t) (row0mysql.cc:1395)
==271965== by 0x111F5A3: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171)
==271965== Conditional jump or move depends on uninitialised value(s)
==271965== at 0x12809EC: mach_write_to_1(unsigned char*, unsigned long) (mach0data.inl:41)
==271965== by 0x12824A4: rec_set_bit_field_1(unsigned char*, unsigned long, unsigned long, unsigned long, unsigned long) (rem0rec.inl:178)
==271965== by 0x1283010: rec_set_info_bits_new(unsigned char*, unsigned long) (rem0rec.inl:587)
==271965== by 0x1288686: rec_convert_dtuple_to_rec_new(unsigned char, dict_index_t const, dtuple_t const*) (rem0rec.cc:1747)
==271965== by 0x1288954: rec_convert_dtuple_to_rec(unsigned char, dict_index_t const, dtuple_t const*, unsigned long) (rem0rec.cc:1774)
==271965== by 0x1411B68: page_cur_tuple_insert(page_cur_t, dtuple_t const, dict_index_t, unsigned short, mem_block_info_t, unsigned long, mtr_t) (page0cur.inl:272)
==271965== by 0x142136A: btr_cur_optimistic_insert(unsigned long, btr_cur_t, unsigned short, mem_block_info_t, dtuple_t, unsigned char, big_rec_t, unsigned long, que_thr_t, mtr_t) (btr0cur.cc:3597)
==271965== by 0x12C1DE6: row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t, unsigned long, dtuple_t, unsigned long, que_thr_t*) (row0ins.cc:2805)
==271965== by 0x12C37CC: row_ins_clust_index_entry(dict_index_t, dtuple_t, que_thr_t*, unsigned long) (row0ins.cc:3281)
==271965== by 0x12C3D67: row_ins_index_entry(dict_index_t, dtuple_t, que_thr_t*) (row0ins.cc:3407)
==271965== by 0x12C46AC: row_ins_index_entry_step(ins_node_t, que_thr_t) (row0ins.cc:3576)
==271965== by 0x12C4BA4: row_ins(ins_node_t, que_thr_t) (row0ins.cc:3713)
==271965== by 0x12C5437: row_ins_step(que_thr_t*) (row0ins.cc:3856)
==271965== by 0x12EDBB0: row_insert_for_mysql(unsigned char const, row_prebuilt_t, ins_mode_t) (row0mysql.cc:1395)
==271965== by 0x111F5A3: ha_innobase::write_row(unsigned char const*) (ha_innodb.cc:8171)
==271965== by 0xD0ACD9: handler::ha_write_row(unsigned char const*) (handler.cc:6860)
==271965== Conditional jump or move depends on uninitialised value(s)
==271965== at 0x4849AD6: bcmp (vg_replace_strmem.c:1203)
==271965== by 0xA1B322: cmp_buffer_with_ref(THD, TABLE, st_table_ref*) (sql_select.cc:24700)
==271965== by 0xA12AB8: join_read_key2(THD, st_join_table, TABLE, st_table_ref) (sql_select.cc:21563)
==271965== by 0xA129A4: join_read_key(st_join_table*) (sql_select.cc:21530)
==271965== by 0xA111CD: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20899)
==271965== by 0xA11A39: evaluate_join_record(JOIN, st_join_table, int) (sql_select.cc:21129)
==271965== by 0xA11418: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20941)
==271965== by 0xA104A6: do_select(JOIN, Procedure) (sql_select.cc:20423)
==271965== by 0x9E3634: JOIN::exec_inner() (sql_select.cc:4605)
==271965== by 0x9E2705: JOIN::exec() (sql_select.cc:4387)
==271965== by 0x9E3F0A: mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:4826)
==271965== by 0x9D2BD2: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:442)
==271965== by 0x994B95: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:6475)
==271965== by 0x98AF99: mysql_execute_command(THD*) (sql_parse.cc:3978)
==271965== by 0x998D2E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8012)
==271965== by 0x984581: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)
==271965== Conditional jump or move depends on uninitialised value(s)
==271965== at 0x4849ACD: bcmp (vg_replace_strmem.c:1203)
==271965== by 0xA1B322: cmp_buffer_with_ref(THD, TABLE, st_table_ref*) (sql_select.cc:24700)
==271965== by 0xA12AB8: join_read_key2(THD, st_join_table, TABLE, st_table_ref) (sql_select.cc:21563)
==271965== by 0xA129A4: join_read_key(st_join_table*) (sql_select.cc:21530)
==271965== by 0xA111CD: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20899)
==271965== by 0xA11A39: evaluate_join_record(JOIN, st_join_table, int) (sql_select.cc:21129)
==271965== by 0xA11418: sub_select(JOIN, st_join_table, bool) (sql_select.cc:20941)
==271965== by 0xA104A6: do_select(JOIN, Procedure) (sql_select.cc:20423)
==271965== by 0x9E3634: JOIN::exec_inner() (sql_select.cc:4605)
==271965== by 0x9E2705: JOIN::exec() (sql_select.cc:4387)
==271965== by 0x9E3F0A: mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) (sql_select.cc:4826)
==271965== by 0x9D2BD2: handle_select(THD, LEX, select_result*, unsigned long) (sql_select.cc:442)
==271965== by 0x994B95: execute_sqlcom_select(THD, TABLE_LIST) (sql_parse.cc:6475)
==271965== by 0x98AF99: mysql_execute_command(THD*) (sql_parse.cc:3978)
==271965== by 0x998D2E: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:8012)
==271965== by 0x984581: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1857)

11.2 872ed5342d8f1ec02f8f8a7a25a606e4ff512234 MSAN
Uninitialized bytes in MemcmpInterceptorCommon at offset 5 inside [0x7150000c2238, 260)
==273060==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x557c9f4f671e in bcmp (/mnt8t/src/11.2-msan/sql/mariadbd+0x7c871e)
#1 0x557c9fdb616e in cmp_buffer_with_ref(THD, TABLE, st_table_ref*) /data/src/11.2-msan/sql/sql_select.cc:27375:10
#2 0x557c9fdb616e in join_read_key2(THD, st_join_table, TABLE, st_table_ref) /data/src/11.2-msan/sql/sql_select.cc:24153:7
#3 0x557c9fc6d2b0 in sub_select(JOIN, st_join_table, bool) /data/src/11.2-msan/sql/sql_select.cc:23477:12
#4 0x557c9fdb4dac in evaluate_join_record(JOIN, st_join_table, int) /data/src/11.2-msan/sql/sql_select.cc:23713:11
#5 0x557c9fc6d4c6 in sub_select(JOIN, st_join_table, bool) /data/src/11.2-msan/sql/sql_select.cc:23517:9
#6 0x557c9fd13d0f in do_select(JOIN, Procedure) /data/src/11.2-msan/sql/sql_select.cc:22997:14
#7 0x557c9fd13d0f in JOIN::exec_inner() /data/src/11.2-msan/sql/sql_select.cc:4943:50
#8 0x557c9fd0e9c5 in JOIN::exec() /data/src/11.2-msan/sql/sql_select.cc:4720:8
#9 0x557c9fc70829 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /data/src/11.2-msan/sql/sql_select.cc:5251:21
#10 0x557c9fc6f2d6 in handle_select(THD, LEX, select_result*, unsigned long long) /data/src/11.2-msan/sql/sql_select.cc:628:10
#11 0x557c9fb451bd in execute_sqlcom_select(THD, TABLE_LIST) /data/src/11.2-msan/sql/sql_parse.cc:6064:12
#12 0x557c9fb23a6a in mysql_execute_command(THD*, bool) /data/src/11.2-msan/sql/sql_parse.cc:3955:12
#13 0x557c9fb0a78a in mysql_parse(THD, char, unsigned int, Parser_state*) /data/src/11.2-msan/sql/sql_parse.cc:7810:18
#14 0x557c9fafecd7 in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /data/src/11.2-msan/sql/sql_parse.cc:1893:7
#15 0x557c9fb0cb80 in do_command(THD*, bool) /data/src/11.2-msan/sql/sql_parse.cc:1406:17
#16 0x557ca01c4adf in do_handle_one_connection(CONNECT*, bool) /data/src/11.2-msan/sql/sql_connect.cc:1445:11
#17 0x557ca01c40b5 in handle_one_connection /data/src/11.2-msan/sql/sql_connect.cc:1347:5
#18 0x557ca15d4aba in pfs_spawn_thread /data/src/11.2-msan/storage/perfschema/pfs.cc:2201:3
#19 0x7fd76f4acfd3 in start_thread nptl/./nptl/pthread_create.c:442:8
#20 0x7fd76f52d5bb in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Uninitialized value was stored to memory at
#0 0x557c9f4ec229 in __msan_memcpy (/mnt8t/src/11.2-msan/sql/mariadbd+0x7be229)
#1 0x557c9fdb64ce in cmp_buffer_with_ref(THD, TABLE, st_table_ref*) /data/src/11.2-msan/sql/sql_select.cc:27367:7
#2 0x557c9fdb64ce in join_read_key2(THD, st_join_table, TABLE, st_table_ref) /data/src/11.2-msan/sql/sql_select.cc:24153:7

Uninitialized value was stored to memory at
#0 0x557c9f4ec229 in __msan_memcpy (/mnt8t/src/11.2-msan/sql/mariadbd+0x7be229)
#1 0x557ca09005b2 in field_conv_memcpy(Field, Field) /data/src/11.2-msan/sql/field_conv.cc:881:5
#2 0x557ca09005b2 in field_conv(Field, Field) /data/src/11.2-msan/sql/field_conv.cc:911:10

Memory was marked as uninitialized
#0 0x557c9f4f29ce in __msan_allocated_memory (/mnt8t/src/11.2-msan/sql/mariadbd+0x7c49ce)
#1 0x557ca1f1b13e in row_sel_field_store_in_mysql_format_func(unsigned char, mysql_row_templ_t const, dict_index_t const, unsigned long, unsigned char const, unsigned long) /data/src/11.2-msan/storage/innobase/row/row0sel.cc:2808:2

SUMMARY: MemorySanitizer: use-of-uninitialized-value (/mnt8t/src/11.2-msan/sql/mariadbd+0x7c871e) in bcmp

[MDEV-32436] MSAN / Valgrind errors upon subquery from InnoDB table Created: 2023-10-10 Updated: 2023-11-28
Status:	Confirmed
Project:	MariaDB Server
Component/s:	Optimizer, Storage Engine - InnoDB
Affects Version/s:	10.4, 10.5, 10.6, 10.10, 10.11, 11.0, 11.1, 11.2
Fix Version/s:	10.4, 10.5, 10.6, 10.11, 11.0, 11.1

[MDEV-32436] MSAN / Valgrind errors upon subquery from InnoDB table Created: 2023-10-10 Updated: 2023-11-28