[MDEV-4373] MWL#253: Valgrind warnings 'Use of uninitialised value' and 'Invalid read' in get_column_range_cardinality Created: 2013-04-06  Updated: 2013-04-06  Resolved: 2013-04-06

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Igor Babaev
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Relates
relates to MDEV-4145 Take into account the selectivity of ... Closed

 Description    

==19269== Thread 4:
 
==19269== Use of uninitialised value of size 8
 
==19269==    at 0xD35BEB: my_strnxfrm_simple (ctype-simple.c:86)
 
==19269==    by 0x7CD8EC: Field_str::middle_point_pos(Field*, Field*) (field.cc:6206)
 
==19269==    by 0x6AAAC3: get_column_range_cardinality(Field*, st_key_range*, st_key_range*) (sql_statistics.cc:3403)
 
==19269==    by 0x8F69C4: records_in_column_ranges(PARAM*, unsigned int, SEL_ARG*) (opt_range.cc:3306)
 
==19269==    by 0x8F6D50: calculate_cond_selectivity_for_table(THD*, TABLE*, Item*) (opt_range.cc:3385)
 
==19269==    by 0x65087E: make_join_statistics(JOIN*, List<TABLE_LIST>&, Item*, st_dynamic_array*) (sql_select.cc:3839)
 
==19269==    by 0x647A3C: JOIN::optimize_inner() (sql_select.cc:1306)
 
==19269==    by 0x6469E7: JOIN::optimize() (sql_select.cc:1008)
 
==19269==    by 0x64E69C: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:3220)
 
==19269==    by 0x644E52: handle_select(THD*, LEX*, select_result*, unsigned long) (sql_select.cc:376)
 
==19269==    by 0x61C303: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:4797)
 
==19269==    by 0x614903: mysql_execute_command(THD*) (sql_parse.cc:2266)
 
==19269==    by 0x61EBA5: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:5920)
 
==19269==    by 0x611C27: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1091)
 
==19269==    by 0x610E55: do_command(THD*) (sql_parse.cc:810)
 
==19269==    by 0x729CC7: do_handle_one_connection(THD*) (sql_connect.cc:1266)
 
==19269== Invalid read of size 1
 
==19269==    at 0xD35BE1: my_strnxfrm_simple (ctype-simple.c:86)
 
==19269==    by 0x7CDA62: Field_str::middle_point_pos(Field*, Field*) (field.cc:6212)
 
==19269==    by 0x6AAAC3: get_column_range_cardinality(Field*, st_key_range*, st_key_range*) (sql_statistics.cc:3403)
 
==19269==    by 0x8F69C4: records_in_column_ranges(PARAM*, unsigned int, SEL_ARG*) (opt_range.cc:3306)
 
==19269==    by 0x8F6D50: calculate_cond_selectivity_for_table(THD*, TABLE*, Item*) (opt_range.cc:3385)
 
==19269==    by 0x65087E: make_join_statistics(JOIN*, List<TABLE_LIST>&, Item*, st_dynamic_array*) (sql_select.cc:3839)
 
==19269==    by 0x647A3C: JOIN::optimize_inner() (sql_select.cc:1306)
 
==19269==    by 0x6469E7: JOIN::optimize() (sql_select.cc:1008)
 
==19269==    by 0x64E69C: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:3220)
 
==19269==    by 0x644E52: handle_select(THD*, LEX*, select_result*, unsigned long) (sql_select.cc:376)
 
==19269==    by 0x61C303: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:4797)
 
==19269==    by 0x614903: mysql_execute_command(THD*) (sql_parse.cc:2266)
 
==19269==    by 0x61EBA5: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:5920)
 
==19269==    by 0x611C27: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1091)
 
==19269==    by 0x610E55: do_command(THD*) (sql_parse.cc:810)
 
==19269==    by 0x729CC7: do_handle_one_connection(THD*) (sql_connect.cc:1266)
 
==19269==  Address 0x1194efc0 is 0 bytes after a block of size 48 alloc'd
 
==19269==    at 0x4C2B6CD: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
 
==19269==    by 0xCFFFCE: my_malloc (my_malloc.c:99)
 
==19269==    by 0xCF0E84: alloc_root (my_alloc.c:180)
 
==19269==    by 0x6A7319: create_min_max_statistical_fields_for_table_share(THD*, TABLE_SHARE*) (sql_statistics.cc:1721)
 
==19269==    by 0x6A7BC0: alloc_statistics_for_table_share(THD*, TABLE_SHARE*, bool) (sql_statistics.cc:2000)
 
==19269==    by 0x5B76F2: open_and_process_table(THD*, LEX*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*, st_mem_root*) (sql_base.cc:4646)
 
==19269==    by 0x5B8428: open_tables(THD*, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:5062)
 
==19269==    by 0x5B92C2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:5667)
 
==19269==    by 0x5AC212: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:532)
 
==19269==    by 0x61C06B: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:4755)
 
==19269==    by 0x614903: mysql_execute_command(THD*) (sql_parse.cc:2266)
 
==19269==    by 0x61EBA5: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:5920)
 
==19269==    by 0x611C27: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1091)
 
==19269==    by 0x610E55: do_command(THD*) (sql_parse.cc:810)
 
==19269==    by 0x729CC7: do_handle_one_connection(THD*) (sql_connect.cc:1266)
 
==19269==    by 0x7296B2: handle_one_connection (sql_connect.cc:1181)
 

revision-id: igor@askmonty.org-20130404211131-w3aybgqc80g7aiaq
 
revno: 3516
 
branch-nick: maria-10.0-mwl253
 

SET use_stat_tables = PREFERABLY;
 
SET optimizer_use_condition_selectivity=3;
 
 
 
CREATE TABLE t1 (a VARCHAR(1));
 
INSERT INTO t1 VALUES ('x'),('y');
 
 
 
ANALYZE TABLE t1;
 
FLUSH TABLES;
 
 
 
SELECT * FROM t1 WHERE a <= 'w';

Reproducible with MyISAM, Aria, InnoDB.

EXPLAIN EXTENDED
 
SELECT * FROM t1 WHERE a <= 'w';
 
id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 
1	SIMPLE	t1	ALL	NULL	NULL	NULL	NULL	2	100.00	Using where
 
Warnings:
 
Note	1003	select `test`.`t1`.`a` AS `a` from `test`.`t1` where (`test`.`t1`.`a` <= 'w')



 Comments   
Comment by Igor Babaev [ 2013-04-06 ]

A fix for the bug has been pushed into maria-10.0-mwl253.

Generated at Thu Feb 08 06:55:56 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.