Bug #11033 Valgrind warning in compare_record
Submitted: 2 Jun 2005 13:10 Modified: 11 Apr 2006 23:05
Reporter: Magnus Blåudd Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Cluster: Cluster (NDB) storage engine Severity:S3 (Non-critical)
Version:5.0.7 OS:
Assigned to: Jonas Oreland CPU Architecture:Any

[2 Jun 2005 13:10] Magnus Blåudd 
Description:
Valgrind reports "Conditional jump or move depends on uninitialised value(s)" in function  compare_record(sql_update.cc:35) when running the ndb_autodicover test.

This is most likely caused by a missed refresh of the table definition or table cache in NdbApi when the table has changed in NDB, thus reading is perfomed after the end of table->record[0] or table->record[1]. 

#define cmp_record(A,B) memcmp((A)->record[0],(A)->B,(size_t) (A)->s->reclength)

static bool compare_record(TABLE *table, query_id_t query_id)
{
  if (table->s->blob_fields + table->s->varchar_fields == 0)
    return cmp_record(table,record[1]);   <<<<<< Problem

If expanding the macro, line 35 it will look like
    memcmp((table->record[0], table->record[1], table->s->reclength);
  

This is the output from valgrind:
>>>>>
CURRENT_TEST: ndb_autodiscover
==14653==
==14653== Thread 16:
==14653== Conditional jump or move depends on uninitialised value(s)
==14653==    at 0x82086D0: compare_record(st_table*, unsigned long long) (sql_update.cc:35)
==14653==    by 0x8209790: mysql_update(THD*, st_table_list*, List<Item>&, List<Item>&, Item*, unsigned, st_order*, unsigned long long, enum_duplicates, bool) (sql_update.cc:409)
==14653==    by 0x81AD4DB: mysql_execute_command(THD*) (sql_parse.cc:3113)
==14653==    by 0x81B334C: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:5252)
==14653==    by 0x81A96A5: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1651)
==14653==    by 0x81A8F8C: do_command(THD*) (sql_parse.cc:1454)
==14653==    by 0x81A8191: handle_one_connection (sql_parse.cc:1114)
==14653==    by 0xDD5340: start_thread (in /lib/tls/libpthread-2.3.5.so)
==14653==    by 0xBD7FED: clone (in /lib/tls/libc-2.3.5.so)
==14653==
==14653== Use of uninitialised value of size 4
==14653==    at 0x82086D0: compare_record(st_table*, unsigned long long) (sql_update.cc:35)
==14653==    by 0x8209790: mysql_update(THD*, st_table_list*, List<Item>&, List<Item>&, Item*, unsigned, st_order*, unsigned long long, enum_duplicates, bool) (sql_update.cc:409)
==14653==    by 0x81AD4DB: mysql_execute_command(THD*) (sql_parse.cc:3113)
==14653==    by 0x81B334C: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:5252)
==14653==    by 0x81A96A5: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1651)
==14653==    by 0x81A8F8C: do_command(THD*) (sql_parse.cc:1454)
==14653==    by 0x81A8191: handle_one_connection (sql_parse.cc:1114)
==14653==    by 0xDD5340: start_thread (in /lib/tls/libpthread-2.3.5.so)
==14653==    by 0xBD7FED: clone (in /lib/tls/libc-2.3.5.so)

How to repeat:
Run mysql-test-run --do-test=ndb_autodiscover --valgrind

Suggested fix:
Disect ndb_autodiscover test case to find exactly where problem occurs.
[2 Jun 2005 13:16] Magnus Blåudd 
This could be a related hint.

==15225== Thread 16:
==15225== Use of uninitialised value of size 4
==15225==    at 0x850F018: _db_dump_ (dbug.c:994)
==15225==    by 0x826ED47: ha_ndbcluster::set_ndb_value(NdbOperation*, Field*, unsigned, bool*) (ha_ndbcluster.cc:638)
==15225==    by 0x82740C3: ha_ndbcluster::write_row(char*) (ha_ndbcluster.cc:2002)
==15225==    by 0x8274770: ha_ndbcluster::update_row(char const*, char*) (ha_ndbcluster.cc:2155)
==15225==    by 0x82097FA: mysql_update(THD*, st_table_list*, List<Item>&, List<Item>&, Item*, unsigned, st_order*, unsigned long long, enum_duplicates, bool) (sql_update.cc:423)
==15225==    by 0x81AD4DB: mysql_execute_command(THD*) (sql_parse.cc:3113)
==15225==    by 0x81B334C: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:5252)
==15225==    by 0x81A96A5: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1651)
==15225==    by 0x81A8F8C: do_command(THD*) (sql_parse.cc:1454) ==15225==    by 0x81A8191: handle_one_connection (sql_parse.cc:1114)
==15225==    by 0xDD5340: start_thread (in /lib/tls/libpthread-2.3.5.so)
==15225==    by 0xBD7FED: clone (in /lib/tls/libc-2.3.5.so)
==15225==
==15225== Use of uninitialised value of size 4
==15225==    at 0x850F035: _db_dump_ (dbug.c:995)
==15225==    by 0x826ED47: ha_ndbcluster::set_ndb_value(NdbOperation*, Field*, unsigned, bool*) (ha_ndbcluster.cc:638)
                                                              1005,1        42%
[7 Apr 2006 13:50] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/4638
[9 Apr 2006 21:14] Jonas Oreland 
pushed into 5.1.10
[10 Apr 2006 8:16] Jonas Oreland 
pushed into 5.0.21
[11 Apr 2006 23:05] Jon Stephens 
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.

If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information 
about accessing the source trees is available at
    http://www.mysql.com/doc/en/Installing_source_tree.html

Additional info:

Documented bugfix in 5.1.10 and 5.0.21 changelogs. Closed.