MySQL Bugs: #20951: valgrind error in prepared statements (CREATE SELECT)

Bug #20951	valgrind error in prepared statements (CREATE SELECT)
Submitted:	10 Jul 2006 20:19	Modified:	28 Aug 2006 14:39
Reporter:	Guilhem Bichot	Email Updates:
Status:	Can't repeat	Impact on me:	None
Category:	MySQL Server: Prepared statements	Severity:	S3 (Non-critical)
Version:	5.1-bk	OS:	Linux (linux)
Assigned to:		CPU Architecture:	Any

Description:
linux 64 bit, latest Valgrind (my machine), gcc 4.0.2.
in master.err:
==13164== Thread 4:
==13164== Invalid write of size 8
==13164==    at 0x5CE1D1: THD::rollback_item_tree_changes() (sql_class.cc:927)
==13164==    by 0x65A75F: Prepared_statement::cleanup_stmt() (sql_prepare.cc:2707)
==13164==    by 0x65D242: Prepared_statement::prepare(char const*, unsigned) (sql_prepare.cc:2818)
==13164==    by 0x65D50D: mysql_sql_stmt_prepare(THD*) (sql_prepare.cc:2053)
==13164==    by 0x5F6C14: mysql_execute_command(THD*) (sql_parse.cc:2569)
==13164==    by 0x5FCA28: mysql_parse(THD*, char*, unsigned) (sql_parse.cc:6048)
==13164==    by 0x5FD499: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1796)
==13164==    by 0x5FE582: do_command(THD*) (sql_parse.cc:1582)
==13164==    by 0x5FF1ED: handle_one_connection (sql_parse.cc:1222)
==13164==    by 0x320070697B: start_thread (in /lib64/libpthread-2.3.5.so)
==13164==    by 0x31FFAC9C2D: clone (in /lib64/libc-2.3.5.so)
==13164==  Address 0x5EE07A8 is just below the stack ptr.  To suppress, use: --workaround-gcc296-bugs=yes

The address mentioned is the "*...->change" variable.

How to repeat:
run this test:
drop database if exists mysqltest1;
create database mysqltest1;
prepare stmt1 from "create table mysqltest1.t2 select rpad(UUID(),100,' ')";
execute stmt1;
deallocate prepare stmt1;

like this:
./mysql-test-run.pl --skip-ndb --skip-innodb --valgrind t/bug.test                             

Pops in test rpl_switch_stm_row_mixed.test when --ps-protocol, but has nothing to do with replication as the testcase above shows.

valgrind, so P1

Verified just as described with 5.1.12-bk, ChangeSet@1.2247, 2006-07-13 19:12:20+02:00, built on on 32bit Linux with gcc 3.3.5. Same things in master.err:

==14658== Thread 5:
==14658== Invalid write of size 4
==14658==    at 0x8202F94: THD::rollback_item_tree_changes() (sql_class.cc:933)
==14658==    by 0x829DCA9: mysql_sql_stmt_prepare(THD*) (sql_prepare.cc:2053)
==14658==    by 0x8230E7C: mysql_execute_command(THD*) (sql_parse.cc:2624)
==14658==    by 0x822F259: dispatch_command(enum_server_command, THD*, char*, un
signed) (sql_parse.cc:1816)
==14658==    by 0x822EACB: do_command(THD*) (sql_parse.cc:1602)
==14658==    by 0x822DC58: handle_one_connection (sql_parse.cc:1222)
==14658==    by 0x404EAA6: (within /lib/tls/libpthread.so.0)
==14658==    by 0x4245C2D: clone (in /lib/tls/libc.so.6)
==14658==  Address 0x4D7BAA4 is just below the stack ptr.  To suppress, use: --w
orkaround-gcc296-bugs=yes

Back to open so Valeriy will try to re-verify it.
I can't 5.1-runtime tree, 5.1 main tree and 5.0-runtime tree.

andrey@lmy004:/work/mysql-5.1-clean> bk changes | head
ChangeSet@1.2264, 2006-07-24 09:38:42+10:00, stewart@willster.(none) +1 -0
  BUG#20294 Instance manager test im_instance_conf fails randomly

  (well, im_options in this case, but using existing bug report)

Can't repeat with current 5.1.12-BK any more.