Bug #11033 Valgrind warning in compare_record
Submitted: 2 Jun 2005 15:10 Modified: 12 Apr 2006 1:05
Reporter: Magnus Blaudd
Status: Closed
Category:Server: Cluster Severity:S3 (Non-critical)
Version:5.0.7 OS:
Assigned to: Jonas Oreland Target Version:

[2 Jun 2005 15:10] Magnus Blaudd 
Description:
Valgrind reports "Conditional jump or move depends on uninitialised value(s)" in function
 compare_record(sql_update.cc:35) when running the ndb_autodicover test.

This is most likely caused by a missed refresh of the table definition or table cache in
NdbApi when the table has changed in NDB, thus reading is perfomed after the end of
table->record[0] or table->record[1]. 

#define cmp_record(A,B) memcmp((A)->record[0],(A)->B,(size_t) (A)->s->reclength)

static bool compare_record(TABLE *table, query_id_t query_id)
{
  if (table->s->blob_fields + table->s->varchar_fields == 0)
    return cmp_record(table,record[1]);   <<<<<< Problem

If expanding the macro, line 35 it will look like
    memcmp((table->record[0], table->record[1], table->s->reclength);
  

This is the output from valgrind:
>>>>>
CURRENT_TEST: ndb_autodiscover
==14653==
==14653== Thread 16:
==14653== Conditional jump or move depends on uninitialised value(s)
==14653==    at 0x82086D0: compare_record(st_table*, unsigned long long)
(sql_update.cc:35)
==14653==    by 0x8209790: mysql_update(THD*, st_table_list*, List<Item>&, List<Item>&,
Item*, unsigned, st_order*, unsigned long long, enum_duplicates, bool)
(sql_update.cc:409)
==14653==    by 0x81AD4DB: mysql_execute_command(THD*) (sql_parse.cc:3113)
==14653==    by 0x81B334C: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:5252)
==14653==    by 0x81A96A5: dispatch_command(enum_server_command, THD*, char*, unsigned)
(sql_parse.cc:1651)
==14653==    by 0x81A8F8C: do_command(THD*) (sql_parse.cc:1454)
==14653==    by 0x81A8191: handle_one_connection (sql_parse.cc:1114)
==14653==    by 0xDD5340: start_thread (in /lib/tls/libpthread-2.3.5.so)
==14653==    by 0xBD7FED: clone (in /lib/tls/libc-2.3.5.so)
==14653==
==14653== Use of uninitialised value of size 4
==14653==    at 0x82086D0: compare_record(st_table*, unsigned long long)
(sql_update.cc:35)
==14653==    by 0x8209790: mysql_update(THD*, st_table_list*, List<Item>&, List<Item>&,
Item*, unsigned, st_order*, unsigned long long, enum_duplicates, bool)
(sql_update.cc:409)
==14653==    by 0x81AD4DB: mysql_execute_command(THD*) (sql_parse.cc:3113)
==14653==    by 0x81B334C: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:5252)
==14653==    by 0x81A96A5: dispatch_command(enum_server_command, THD*, char*, unsigned)
(sql_parse.cc:1651)
==14653==    by 0x81A8F8C: do_command(THD*) (sql_parse.cc:1454)
==14653==    by 0x81A8191: handle_one_connection (sql_parse.cc:1114)
==14653==    by 0xDD5340: start_thread (in /lib/tls/libpthread-2.3.5.so)
==14653==    by 0xBD7FED: clone (in /lib/tls/libc-2.3.5.so)

How to repeat:
Run mysql-test-run --do-test=ndb_autodiscover --valgrind

Suggested fix:
Disect ndb_autodiscover test case to find exactly where problem occurs.
[2 Jun 2005 15:16] Magnus Blaudd 
This could be a related hint.

==15225== Thread 16:
==15225== Use of uninitialised value of size 4
==15225==    at 0x850F018: _db_dump_ (dbug.c:994)
==15225==    by 0x826ED47: ha_ndbcluster::set_ndb_value(NdbOperation*, Field*, unsigned,
bool*) (ha_ndbcluster.cc:638)
==15225==    by 0x82740C3: ha_ndbcluster::write_row(char*) (ha_ndbcluster.cc:2002)
==15225==    by 0x8274770: ha_ndbcluster::update_row(char const*, char*)
(ha_ndbcluster.cc:2155)
==15225==    by 0x82097FA: mysql_update(THD*, st_table_list*, List<Item>&, List<Item>&,
Item*, unsigned, st_order*, unsigned long long, enum_duplicates, bool)
(sql_update.cc:423)
==15225==    by 0x81AD4DB: mysql_execute_command(THD*) (sql_parse.cc:3113)
==15225==    by 0x81B334C: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:5252)
==15225==    by 0x81A96A5: dispatch_command(enum_server_command, THD*, char*, unsigned)
(sql_parse.cc:1651)
==15225==    by 0x81A8F8C: do_command(THD*) (sql_parse.cc:1454) ==15225==    by
0x81A8191: handle_one_connection (sql_parse.cc:1114)
==15225==    by 0xDD5340: start_thread (in /lib/tls/libpthread-2.3.5.so)
==15225==    by 0xBD7FED: clone (in /lib/tls/libc-2.3.5.so)
==15225==
==15225== Use of uninitialised value of size 4
==15225==    at 0x850F035: _db_dump_ (dbug.c:995)
==15225==    by 0x826ED47: ha_ndbcluster::set_ndb_value(NdbOperation*, Field*, unsigned,
bool*) (ha_ndbcluster.cc:638)
                                                              1005,1        42%
[7 Apr 2006 15:50] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/4638
[9 Apr 2006 23:14] Jonas Oreland 
pushed into 5.1.10
[10 Apr 2006 10:16] Jonas Oreland 
pushed into 5.0.21
[12 Apr 2006 1:05] Jon Stephens 
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.

If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information 
about accessing the source trees is available at
    http://www.mysql.com/doc/en/Installing_source_tree.html

Additional info:

Documented bugfix in 5.1.10 and 5.0.21 changelogs. Closed.