[MDEV-5518] Valgrind warnings " Syscall param write(buf) points to uninitialised byte(s)" on SELECT with joins, TEMPTABLE view or SELECT SQ without derived_merge - JIRA

Details

Type: Bug
Status: Stalled
Priority: Minor
Resolution: Unresolved
Affects Version/s: 5.3.12, 5.5.34, 5.5.38, 10.0.7
Fix Version/s: 10.0, 5.5
Component/s: None
Labels:
- upstream
- valgrind

Description

Important note, please read before running

In the MTR test case below, the SELECT is run with 'send'. It means that the SELECT is sent to server, and the test will end right after that, without waiting till SELECT is finished. It is not necessary to produce the valgrind warning, no race condition or concurrency is required. But the SELECT takes forever to be executed with valgrind (hours, at least – I have never seen it finish), so without 'send' the MTR test case will hang, which might be confusing (although if you look into the server error log, the valgrind warning will already be there).
If you need to debug the test case, or run it without MTR, just remove 'send'.

Test case:


--source include/have_innodb.inc

CREATE TABLE city ( 
  id INT, 
  i1 INT, 
  i2 INT, 
  country_code VARCHAR(3), 
  name VARCHAR(35), 
  PRIMARY KEY (id), 
  INDEX (country_code,name)
) ENGINE=InnoDB; 
INSERT INTO city VALUES (3890,19,19,'USA','Glendale'),(3962,13,13,'USA','Grand Prairie'),
(3908,18,18,'USA','Henderson'),(3867,23,23,'USA','Hialeah'),(3947,14,14,'USA','Hollywood'),
(3838,37,37,'USA','Honolulu'),(3796,195,195,'USA','Houston'),(3893,19,19,'USA','Huntington Beach'),
(3920,16,16,'USA','Huntsville'),(3995,11,11,'USA','Independence'),(3804,79,79,'USA','Indianapolis'),
(3997,11,11,'USA','Inglewood'),(3940,14,14,'USA','Irvine'),(3892,19,19,'USA','Irving'),
(3901,18,18,'USA','Jackson'),(3806,74,74,'USA','Jacksonville'),(3864,24,24,'USA','Jersey City'),
(4014,11,11,'USA','Joliet'),(3828,44,44,'USA','Kansas City'),(3936,15,15,'USA','Kansas City'),
(4062,9,9,'USA','Kenosha'),(3910,17,17,'USA','Knoxville'),(4000,11,11,'USA','Lafayette'),
(3811,60,60,'USA','Milwaukee'),(3837,38,38,'USA','Minneapolis'),(4041,10,10,'USA','Mission Viejo'),
(3884,20,20,'USA','Mobile'),(3894,19,19,'USA','Modesto'),(3879,20,20,'USA','Montgomery'),
(3942,14,14,'USA','Moreno Valley'),(3959,13,13,'USA','Naperville'),(3814,57,57,'USA','Nashville-Davidson'),
(4044,9,9,'USA','New Bedford'),(3971,12,12,'USA','New Haven'),(3823,48,48,'USA','New Orleans'),
(3793,801,801,'USA','New York'),(3855,27,27,'USA','Newark'),(3905,18,18,'USA','Newport News'),
(3865,23,23,'USA','Norfolk'),(4046,9,9,'USA','Norman'),(3990,12,12,'USA','North Las Vegas'),
(4022,10,10,'USA','Norwalk'),(3833,40,40,'USA','Oakland'),(3918,16,16,'USA','Oceanside'),
(4064,9,9,'USA','Odessa'),(3821,51,51,'USA','Oklahoma City'),(3836,39,39,'USA','Omaha'),
(3921,16,16,'USA','Ontario'),(3958,13,13,'USA','Orange'),(3897,19,19,'USA','Orlando'),
(3933,15,15,'USA','Overland Park'),(3915,17,17,'USA','Oxnard'),(3986,12,12,'USA','Palmdale'),
(3967,12,12,'USA','Paradise'),(3943,14,14,'USA','Pasadena'),(3953,13,13,'USA','Pasadena'),
(3932,15,15,'USA','Paterson'),(3951,14,14,'USA','Pembroke Pines'),(3996,11,11,'USA','Peoria'),
(4007,11,11,'USA','Peoria'),(3797,152,152,'USA','Philadelphia'),(3798,132,132,'USA','Phoenix'),
(3844,33,33,'USA','Pittsburgh'),(3870,22,22,'USA','Plano'),(3930,15,15,'USA','Pomona'),
(3820,53,53,'USA','Portland'),(4035,10,10,'USA','Portsmouth'),(3912,17,17,'USA','Providence'),
(4016,11,11,'USA','Provo'),(4029,10,10,'USA','Pueblo'),(3854,28,28,'USA','Raleigh'),
(3961,13,13,'USA','Rancho Cucamonga'),(3904,18,18,'USA','Reno'),(3887,20,20,'USA','Richmond'),
(4047,9,9,'USA','Richmond'),(3859,26,26,'USA','Riverside'),(4050,9,9,'USA','Roanoke'),
(3871,22,22,'USA','Rochester'),(3929,15,15,'USA','Rockford'),(3832,41,41,'USA','Sacramento'),
(3841,35,35,'USA','Saint Louis'),(3851,29,29,'USA','Saint Paul'),(3860,25,25,'USA','Saint Petersburg'),
(3952,14,14,'USA','Salem'),(3927,15,15,'USA','Salinas'),(3903,18,18,'USA','Salt Lake City'),
(3801,114,114,'USA','San Antonio'),(3900,19,19,'USA','San Bernardino'),(4034,10,10,'USA','San Buenaventura'),
(3799,122,122,'USA','San Diego'),(3805,78,78,'USA','San Francisco'),(3803,89,89,'USA','San Jose'),
(4056,9,9,'USA','San Mateo'),(4030,10,10,'USA','Sandy'),(3843,34,34,'USA','Santa Ana'),
(4025,10,10,'USA','Santa Clara'),(3926,15,15,'USA','Santa Clarita'),(4060,9,9,'USA','Santa Monica'),
(3934,15,15,'USA','Santa Rosa'),(3956,13,13,'USA','Savannah'),(3878,20,20,'USA','Scottsdale'),
(3816,56,56,'USA','Seattle'),(3880,20,20,'USA','Shreveport'),(3999,11,11,'USA','Simi Valley'),
(3970,12,12,'USA','Sioux Falls'),(4008,11,11,'USA','South Bend'),(3889,20,20,'USA','Spokane'),
(3924,15,15,'USA','Springfield'),(3925,15,15,'USA','Springfield'),(3998,11,11,'USA','Springfield'),
(3983,12,12,'USA','Stamford'),(3969,12,12,'USA','Sterling Heights'),(3862,24,24,'USA','Stockton'),
(3955,13,13,'USA','Sunnyvale'),(4043,10,10,'USA','Sunrise Manor'),(3935,15,15,'USA','Syracuse'),
(3891,19,19,'USA','Tacoma'),(3928,15,15,'USA','Tallahassee'),(3849,30,30,'USA','Tampa'),
(3919,16,16,'USA','Tempe'),(3984,12,12,'USA','Thousand Oaks'),(3848,31,31,'USA','Toledo'),
(3972,12,12,'USA','Topeka'),(3949,14,14,'USA','Torrance'),(3822,49,49,'USA','Tucson'),
(3835,39,39,'USA','Tulsa'),(3985,12,12,'USA','Vallejo'),(3939,14,14,'USA','Vancouver'),
(3830,43,43,'USA','Virginia Beach'),(4057,9,9,'USA','Visalia'),(3993,11,11,'USA','Waco'),
(3948,14,14,'USA','Warren'),(3813,57,57,'USA','Washington'),(4010,11,11,'USA','Waterbury'),
(4017,11,11,'USA','West Covina'),(4004,11,11,'USA','West Valley City'),(4033,10,10,'USA','Westminster'),
(3842,34,34,'USA','Wichita'),(4018,10,10,'USA','Wichita Falls'),(3888,20,20,'USA','Yonkers'); 

CREATE TABLE country (
  code VARCHAR(3), 
  name VARCHAR(52), 
  PRIMARY KEY (code)
) ENGINE=InnoDB; 
INSERT INTO country VALUES ('USA','United States'),('CAN','Canada');

CREATE ALGORITHM=TEMPTABLE VIEW v AS SELECT c1.* FROM city c1, city c2;

send SELECT * FROM city, country, v;

==4487== Thread 20:
==4487== Syscall param write(buf) points to uninitialised byte(s)
==4487==    at 0x58BD12D: ??? (syscall-template.S:82)
==4487==    by 0xB6F04B: my_write (my_write.c:51)
==4487==    by 0xB75778: my_b_flush_io_cache (mf_iocache.c:1758)
==4487==    by 0xB74F70: _my_b_write (mf_iocache.c:1514)
==4487==    by 0xA4324B: _ma_write_static_record (ma_statrec.c:50)
==4487==    by 0xA45D0B: maria_write (ma_write.c:285)
==4487==    by 0x9A835A: ha_maria::write_row(unsigned char*) (ha_maria.cc:1171)
==4487==    by 0x5D0A8C: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:3823)
==4487==    by 0x74EBFA: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15666)
==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)
==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)
==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)
==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)
==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)
==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)
==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)
==4487==  Address 0x2323e4b8 is 72 bytes inside a block of size 131,116 alloc'd
==4487==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==4487==    by 0xB7912E: _mymalloc (safemalloc.c:140)
==4487==    by 0xB7307D: init_io_cache (mf_iocache.c:244)
==4487==    by 0x9D8109: maria_extra (ma_extra.c:145)
==4487==    by 0x9AB16A: ha_maria::start_bulk_insert(unsigned long long) (ha_maria.cc:2087)
==4487==    by 0x762A05: handler::ha_start_bulk_insert(unsigned long long) (handler.h:1779)
==4487==    by 0x74EBDF: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15655)
==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)
==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)
==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)
==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)
==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)
==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)
==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)
==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)
==4487==    by 0x74FA23: do_select(JOIN*, List<Item>*, st_table*, Procedure*) (sql_select.cc:15926)
==4487== Syscall param write(buf) points to uninitialised byte(s)
==4487==    at 0x58BD12D: ??? (syscall-template.S:82)
==4487==    by 0xB6F04B: my_write (my_write.c:51)
==4487==    by 0xB75778: my_b_flush_io_cache (mf_iocache.c:1758)
==4487==    by 0xB75A1A: end_io_cache (mf_iocache.c:1831)
==4487==    by 0x9D819A: maria_extra (ma_extra.c:164)
==4487==    by 0x9AB45D: ha_maria::end_bulk_insert() (ha_maria.cc:2175)
==4487==    by 0x762A38: handler::ha_end_bulk_insert() (handler.h:1784)
==4487==    by 0x74EC9C: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15676)
==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)
==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)
==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)
==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)
==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)
==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)
==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)
==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)
==4487==  Address 0x2323e4a7 is 55 bytes inside a block of size 131,116 alloc'd
==4487==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==4487==    by 0xB7912E: _mymalloc (safemalloc.c:140)
==4487==    by 0xB7307D: init_io_cache (mf_iocache.c:244)
==4487==    by 0x9D8109: maria_extra (ma_extra.c:145)
==4487==    by 0x9AB16A: ha_maria::start_bulk_insert(unsigned long long) (ha_maria.cc:2087)
==4487==    by 0x762A05: handler::ha_start_bulk_insert(unsigned long long) (handler.h:1779)
==4487==    by 0x74EBDF: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15655)
==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)
==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)
==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)
==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)
==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)
==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)
==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)
==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)
==4487==    by 0x74FA23: do_select(JOIN*, List<Item>*, st_table*, Procedure*) (sql_select.cc:15926)
==4487== Syscall param pwrite64(buf) points to uninitialised byte(s)
==4487==    at 0x58BDA43: ??? (syscall-template.S:82)
==4487==    by 0xB6EDB7: my_pwrite (my_pread.c:155)
==4487==    by 0x9D2186: _ma_nommap_pwrite (ma_dynrec.c:227)
==4487==    by 0xA43399: _ma_write_static_record (ma_statrec.c:64)
==4487==    by 0xA45D0B: maria_write (ma_write.c:285)
==4487==    by 0x9A835A: ha_maria::write_row(unsigned char*) (ha_maria.cc:1171)
==4487==    by 0x5D0A8C: handler::ha_write_tmp_row(unsigned char*) (sql_class.h:3823)
==4487==    by 0x74ECD1: create_internal_tmp_table_from_heap2(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool, handlerton*, char const*) (sql_select.cc:15679)
==4487==    by 0x74E7F6: create_internal_tmp_table_from_heap(THD*, st_table*, st_maria_columndef*, st_maria_columndef**, int, bool) (sql_select.cc:15421)
==4487==    by 0x8AF10E: select_union::send_data(List<Item>&) (sql_union.cc:87)
==4487==    by 0x752C00: end_send(JOIN*, st_join_table*, bool) (sql_select.cc:17329)
==4487==    by 0x6F922E: JOIN_CACHE::generate_full_extensions(unsigned char*) (sql_join_cache.cc:2396)
==4487==    by 0x6F8F45: JOIN_CACHE::join_matching_records(bool) (sql_join_cache.cc:2288)
==4487==    by 0x6F8971: JOIN_CACHE::join_records(bool) (sql_join_cache.cc:2085)
==4487==    by 0x74FD36: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:16042)
==4487==    by 0x74FFBC: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:16212)
==4487==  Address 0x22efc664 is 100 bytes inside a block of size 1,000 alloc'd
==4487==    at 0x4C28BED: malloc (vg_replace_malloc.c:263)
==4487==    by 0xB7912E: _mymalloc (safemalloc.c:140)
==4487==    by 0xB787FE: alloc_root (my_alloc.c:218)
==4487==    by 0x74C2F4: create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char*, bool) (sql_select.cc:14709)
==4487==    by 0x8AF2AF: select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool) (sql_union.cc:149)
==4487==    by 0x8B3126: mysql_derived_prepare(THD*, st_lex*, TABLE_LIST*) (sql_derived.cc:675)
==4487==    by 0x8B2573: mysql_handle_single_derived(st_lex*, TABLE_LIST*, unsigned int) (sql_derived.cc:185)
==4487==    by 0x724860: TABLE_LIST::handle_derived(st_lex*, unsigned int) (table.cc:5924)
==4487==    by 0x58978D: st_select_lex::handle_derived(st_lex*, unsigned int) (sql_lex.cc:3209)
==4487==    by 0x72689B: JOIN::prepare(Item***, TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) (sql_select.cc:581)
==4487==    by 0x72F5EE: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2989)
==4487==    by 0x726104: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:288)
==4487==    by 0x6B4DEB: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5172)
==4487==    by 0x6ABF87: mysql_execute_command(THD*) (sql_parse.cc:2305)
==4487==    by 0x6B7752: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6173)
==4487==    by 0x6A9767: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1243)

revision-id: sanja@askmonty.org-20131218135951-agw2htf09w418t91
revno: 3737
branch-nick: 5.3
BUILD/compile-pentium-debug-max-no-ndb (also reproducible with BUILD/compile-pentium-valgrind-max-no-ndb)

Gliffy Diagrams

Attachments

Issue Links

links to

Bug #73819 Valgrind warnings " Syscall param write(buf) points to uninitialised byte(s)"

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Sergei Golubchik added a comment - 2014-07-29 13:57

Elena Stepanova, I failed to repeat the issue in the current 5.5 tree. Want to try again or to close it?

Show

Sergei Golubchik added a comment - 2014-07-29 13:57 Elena Stepanova , I failed to repeat the issue in the current 5.5 tree. Want to try again or to close it?

Hide

Permalink

Elena Stepanova added a comment - 2014-08-04 17:21

Still reproducible on the current 5.5 tree:

revision-id: sergii@pisem.net-20140803113854-ku86z409wqigl8s6
revno: 4264
branch-nick: 5.5-mdev5518
Built as: cmake . -DCMAKE_BUILD_TYPE=Debug && make -j3

Show

Elena Stepanova added a comment - 2014-08-04 17:21 Still reproducible on the current 5.5 tree: revision-id: sergii@pisem.net-20140803113854-ku86z409wqigl8s6 revno: 4264 branch-nick: 5.5-mdev5518 Built as: cmake . -DCMAKE_BUILD_TYPE=Debug && make -j3

Hide

Permalink

Sergei Golubchik added a comment - 2014-09-05 20:16

This is upstream issue, caused by this changeset. Reported as Bug#73819

Show

Sergei Golubchik added a comment - 2014-09-05 20:16 This is upstream issue, caused by this changeset . Reported as Bug#73819

Hide

Permalink

Elena Stepanova added a comment - 2014-11-09 16:59

Seems to have disappeared between 5.5.38 and 5.5.39, need to re-check.

Show

Elena Stepanova added a comment - 2014-11-09 16:59 Seems to have disappeared between 5.5.38 and 5.5.39, need to re-check.

Valgrind warnings " Syscall param write(buf) points to uninitialised byte(s)" on SELECT with joins, TEMPTABLE view or SELECT SQ without derived_merge

Details

Description

Gliffy Diagrams

Attachments

Issue Links

Activity

People

Dates

Time Tracking

Agile