Bug #41759 Valgrind warning: Invalid read of size 1 open_tables() with ps-protocol
Submitted: 27 Dec 2008 1:16 Modified: 12 Nov 2009 18:50
Reporter: Sergey Petrunya Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: CPU Architecture:Any

[27 Dec 2008 1:16] Sergey Petrunya 
Description:
Detected by pushbuild: when one runs

  mysql-test-run --suite=ndb --valgrind --ps-protocol
 
they get this warning around ndb_dbug_lock.test:

do_command: packet_header: Memory: 0x14204600  Bytes: (==15126== Thread 40:
==15126== Invalid read of size 1
==15126==    at 0x400624D: strnlen (mc_replace_strmem.c:230)
==15126==    by 0x88D21EE: my_vsnprintf (my_vsnprintf.c:119)
==15126==    by 0x891E3CB: DbugFprintf (dbug.c:1361)
==15126==    by 0x891E375: _db_doprnt_ (dbug.c:1346)
==15126==    by 0x8373285: open_tables(THD*, TABLE_LIST**, unsigned*, unsigned) (sql_base.cc:3647)
==15126==    by 0x8373B54: open_and_lock_tables_derived(THD*, TABLE_LIST*, bool, unsigned) (sql_base.cc:4164)
==15126==    by 0x83281F3: open_and_lock_tables(THD*, TABLE_LIST*) (mysql_priv.h:1604)
==15126==    by 0x831B393: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:4712)
==15126==    by 0x831C6A1: mysql_execute_command(THD*) (sql_parse.cc:2062)
==15126==    by 0x83CBE03: Prepared_statement::execute(String*, bool) (sql_prepare.cc:3757)
==15126==    by 0x83CC0AC: Prepared_statement::execute_loop(String*, bool, unsigned char*, unsigned char*) (sql_prepare.cc:3387)
==15126==    by 0x83CC527: mysql_stmt_execute(THD*, char*, unsigned) (sql_prepare.cc:2543)
==15126==    by 0x8325C1E: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:961)
==15126==    by 0x8327041: do_command(THD*) (sql_parse.cc:690)
==15126==    by 0x8314372: handle_one_connection (sql_connect.cc:1145)
==15126==    by 0xA803DA: start_thread (in /lib/libpthread-2.5.so)
==15126==  Address 0x158B7CB0 is 3,176 bytes inside a block of size 3,264 free'd
==15126==    at 0x400501A: free (vg_replace_malloc.c:233)
==15126==    by 0x88E8EC0: my_no_flags_free (my_malloc.c:59)
==15126==    by 0x89131F3: free_root (my_alloc.c:349)
==15126==    by 0x838D7A0: free_tmp_table(THD*, TABLE*) (sql_select.cc:15579)
==15126==    by 0x837020B: close_thread_tables(THD*, bool) (sql_base.cc:1352)
==15126==    by 0x83C9726: Prepared_statement::cleanup_stmt() (sql_prepare.cc:3062)
==15126==    by 0x83CA01F: Prepared_statement::prepare(char const*, unsigned) (sql_prepare.cc:3217)
==15126==    by 0x83CCB76: mysql_stmt_prepare(THD*, char const*, unsigned) (sql_prepare.cc:2170)
==15126==    by 0x8325C78: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:976)
==15126==    by 0x8327041: do_command(THD*) (sql_parse.cc:690)
==15126==    by 0x8314372: handle_one_connection (sql_connect.cc:1145)
==15126==    by 0xA803DA: start_thread (in /lib/libpthread-2.5.so)
==15126==    by 0x9C526D: clone (in /lib/libc-2.5.so)
==15126== 

How to repeat:
See above
[27 Dec 2008 1:22] Sergey Petrunya 
Running just ndb_dbug_lock and/or preceding/following tests is not enough to repeat the problem. You need to run either the whole testsuite or these tests (maybe this is not a minimum set but tolerable): 

ndb.bug36547                   [ pass ]           4659
ndb.loaddata_autocom_ndb       [ pass ]          10770
ndb.ndb_cache                  [ pass ]          20767
ndb.ndb_cache2                 [ pass ]          30935
ndb.ndb_cache_multi            [ pass ]           4947
ndb.ndb_cache_multi2           [ pass ]           5110
ndb.ndb_cache_trans            [ pass ]           9302
ndb.ndb_charset                [ pass ]          29771
ndb.ndb_column_properties      [ pass ]          46133
ndb.ndb_condition_pushdown     [ pass ]          43229
ndb.ndb_config                 [ pass ]           3147
ndb.ndb_config2                [ pass ]           1167
ndb.ndb_cursor                 [ pass ]           6008
ndb.ndb_database               [ pass ]           4035
ndb.ndb_dbug_lock              [ pass ]          23520
[27 Dec 2008 1:33] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/62355

2751 Sergey Petrunia	2008-12-27
      BUG#41759: Valgrind warning: Invalid read of size 1 open_tables() with ps-protocol
      - In open_tables(): Don't try accessing tables->table_name before is guaranteed to have a valid
        value (see the code between the two locations for code and comments about when the table may not 
        have a valid name when passed to open_tables).
[29 Dec 2008 15:39] Bugs System 
Pushed into 6.0.10-alpha (revid:sergefp@mysql.com-20081229085854-ui755edl9x4xomen) (version source revid:sergefp@mysql.com-20081227013233-f9n2by8romt37hyi) (merge vers: 6.0.10-alpha) (pib:6)
[7 Jan 2009 1:07] Paul DuBois 
Noted in 6.0.10 changelog.

A Valgrind warning in open_tables() was corrected.
[19 Oct 2009 20:23] Guilhem Bichot 
I ported the fix to the next-mr-bugfixing tree
[19 Oct 2009 20:36] Guilhem Bichot 
This was originally fixed by Sergey P, reviewed by Igor.
Nothing to document, as it's a rare Valgrind warning when using --debug with certain tests.
[31 Oct 2009 8:18] Bugs System 
Pushed into 6.0.14-alpha (revid:alik@sun.com-20091031081410-qkxmjsdzjmj840aq) (version source revid:guilhem@mysql.com-20091019192733-v4nfabu8milak2ql) (merge vers: 6.0.14-alpha) (pib:13)
[31 Oct 2009 17:20] Paul DuBois 
Setting report to NDI pending push to 5.5.x.
[12 Nov 2009 8:20] Bugs System 
Pushed into 5.5.0-beta (revid:alik@sun.com-20091110093229-0bh5hix780cyeicl) (version source revid:mikael@mysql.com-20091102100915-a2nbfxaqprpgptfw) (merge vers: 5.5.0-beta) (pib:13)
[12 Nov 2009 18:50] Paul DuBois 
Noted in 5.5.0 changelog.