MySQL Bugs: #24487: Valgrind: uninited byte in table->record[1] in binlog code for rbr + innodb

Bug #24487	Valgrind: uninited byte in table->record[1] in binlog code for rbr + innodb
Submitted:	21 Nov 2006 21:38	Modified:	10 Dec 2006 5:28
Reporter:	Lars Thalmann	Email Updates:
Status:	Closed	Impact on me:	None
Category:	MySQL Server	Severity:	S3 (Non-critical)
Version:	5.1 source	OS:
Assigned to:	Andrei Elkin	CPU Architecture:	Any

Description:
FAILURE 1
---------
VALGRIND: 'Syscall param write(buf) points to uninitialised byte(s)'
    COUNT: 2
    FUNCTION: (within    FILES:    slave.err
    TESTS:    rpl_row_tabledefs_2myisam rpl_row_tabledefs_3innodb
    STACK: at 0x4D3FADF: (within /lib64/tls/libpthread-0.60.so)
             by 0x93918E: my_write (my_write.c:35)
             by 0x93EDA3: my_b_flush_io_cache (mf_iocache.c:1716)
             by 0x688AFB: MYSQL_BIN_LOG::flush_and_set_pending_rows_event(THD*, Rows_log_event*) (log.cc:3326)
             by 0x5E6DA7: THD::binlog_flush_pending_rows_event(bool) (sql_class.cc:2812)
             by 0x699343: Rows_log_event::exec_event(st_relay_log_info*) (log_event.cc:5853)
             by 0x74832D: exec_relay_log_event(THD*, st_relay_log_info*) (slave.cc:1802)
             by 0x745EDA: handle_slave_sql (slave.cc:2363)
             by 0x4D3AC63: start_thread (in /lib64/tls/libpthread-0.60.so)
             by 0x52F3242: clone (in /lib64/tls/libc-2.3.2.so)
           Address 0x54B3453 is 43 bytes inside a block of size 8,192 alloc'd
             at 0x4A18B63: malloc (vg_replace_malloc.c:149)
             by 0x9407EE: my_malloc (my_malloc.c:35)
             by 0x93D1E9: init_io_cache (mf_iocache.c:214)
             by 0x685200: MYSQL_LOG::open(char const*, enum_log_type, char const*, cache_type) (log.cc:1858)
             by 0x6866E5: MYSQL_BIN_LOG::open(char const*, enum_log_type, char const*, cache_type, bool, unsigned long, bool) (log.cc:2430)
             by 0x5F7B51: init_server_components() (mysqld.cc:3322)
             by 0x5F43FC: main (mysqld.cc:3595)

FAILURE 2
---------
VALGRIND: 'Syscall param pwrite64(buf) points to uninitialised byte(s)'
    COUNT: 2
    FUNCTION: (within    FILES:    slave.err
    TESTS:    rpl_row_tabledefs_2myisam rpl_row_tabledefs_3innodb
    STACK: at 0x4D4090C: (within /lib64/tls/libpthread-0.60.so)
             by 0x938F33: my_pwrite (my_pread.c:150)
             by 0x88FB8B: _mi_update_static_record (mi_statrec.c:92)
             by 0x896C6E: mi_update (mi_update.c:158)
             by 0x6D34E8: handler::ha_update_row(char const*, char*) (handler.cc:3669)
             by 0x6995B4: Rows_log_event::exec_event(st_relay_log_info*) (log_event.cc:5780)
             by 0x74832D: exec_relay_log_event(THD*, st_relay_log_info*) (slave.cc:1802)
             by 0x745EDA: handle_slave_sql (slave.cc:2363)
             by 0x4D3AC63: start_thread (in /lib64/tls/libpthread-0.60.so)
             by 0x52F3242: clone (in /lib64/tls/libc-2.3.2.so)
           Address 0x5A90A99 is 17 bytes inside a block of size 48 alloc'd
             at 0x4A18B63: malloc (vg_replace_malloc.c:149)
             by 0x9407EE: my_malloc (my_malloc.c:35)
             by 0x941132: alloc_root (my_alloc.c:154)
             by 0x63EEFE: open_table_from_share(THD*, st_table_share*, char const*, unsigned, unsigned, unsigned, st_table*, bool) (table.cc:1377)
             by 0x63B6F7: open_unireg_entry(THD*, st_table*, st_table_list*, char const*, char*, unsigned, st_mem_root*, unsigned) (sql_base.cc:2756)
             by 0x635584: open_table(THD*, st_table_list*, st_mem_root*, bool*, unsigned) (sql_base.cc:2051)
             by 0x636557: open_tables(THD*, st_table_list**, unsigned*, unsigned) (sql_base.cc:2984)
             by 0x636C60: open_normal_and_derived_tables(THD*, st_table_list*, unsigned) (sql_base.cc:3246)
             by 0x6747FC: mysql_test_insert(Prepared_statement*, st_table_list*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates) (sql_prepare.cc:1046)
             by 0x673DC9: check_prepared_statement(Prepared_statement*, bool) (sql_prepare.cc:1681)
             by 0x672F09: Prepared_statement::prepare(char const*, unsigned) (sql_prepare.cc:2865)
             by 0x670EC1: mysql_stmt_prepare(THD*, char const*, unsigned) (sql_prepare.cc:1908)
             by 0x60F874: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1811)
             by 0x60E1EB: do_command(THD*) (sql_parse.cc:1619)
             by 0x60D5C8: handle_one_connection (sql_parse.cc:1234)
             by 0x4D3AC63: start_thread (in /lib64/tls/libpthread-0.60.so)

FAILURE 3
---------
VALGRIND: 'Syscall param write(buf) points to uninitialised byte(s)'
    COUNT: 2
    FUNCTION: (within    FILES:    master.err
    TESTS:    innodb innodb_mysql
    STACK: at 0x4D3FADF: (within /lib64/tls/libpthread-0.60.so)
             by 0x93918E: my_write (my_write.c:35)
             by 0x93EDA3: my_b_flush_io_cache (mf_iocache.c:1716)
             by 0x6899B8: MYSQL_BIN_LOG::write(THD*, st_io_cache*, Log_event*) (log.cc:3326)
             by 0x68BE97: binlog_end_trans(THD*, binlog_trx_data*, Log_event*, bool) (log.cc:1481)
             by 0x68B94C: MYSQL_BIN_LOG::log(THD*, unsigned long) (log.cc:4977)
             by 0x6CE48F: ha_commit_trans(THD*, bool) (handler.cc:726)
             by 0x6CE986: ha_autocommit_or_rollback(THD*, int) (handler.cc:862)
             by 0x66A204: mysql_insert(THD*, st_table_list*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) (sql_insert.cc:634)
             by 0x611FE1: mysql_execute_command(THD*) (sql_parse.cc:3414)
             by 0x673210: Prepared_statement::execute(String*, bool) (sql_prepare.cc:3005)
             by 0x67169F: mysql_stmt_execute(THD*, char*, unsigned) (sql_prepare.cc:2298)
             by 0x60F886: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1796)
             by 0x60E1EB: do_command(THD*) (sql_parse.cc:1619)
             by 0x60D5C8: handle_one_connection (sql_parse.cc:1234)
             by 0x4D3AC63: start_thread (in /lib64/tls/libpthread-0.60.so)
           Address 0x966B075 is 69 bytes inside a block of size 8,192 alloc'd
             at 0x4A18B63: malloc (vg_replace_malloc.c:149)
             by 0x9407EE: my_malloc (my_malloc.c:35)
             by 0x93D1E9: init_io_cache (mf_iocache.c:214)
             by 0x685200: MYSQL_LOG::open(char const*, enum_log_type, char const*, cache_type) (log.cc:1858)
             by 0x6866E5: MYSQL_BIN_LOG::open(char const*, enum_log_type, char const*, cache_type, bool, unsigned long, bool) (log.cc:2430)
             by 0x5F7B51: init_server_components() (mysqld.cc:3322)
             by 0x5F43FC: main (mysqld.cc:3595)

FAILURE 4
---------
VALGRIND: 'Syscall param write(buf) points to uninitialised byte(s)'
    COUNT: 1
    FUNCTION: (within    FILES:    slave.err
    TESTS:    rpl_row_basic_3innodb
    STACK: at 0x4D3FADF: (within /lib64/tls/libpthread-0.60.so)
             by 0x93918E: my_write (my_write.c:35)
             by 0x93EDA3: my_b_flush_io_cache (mf_iocache.c:1716)
             by 0x6899B8: MYSQL_BIN_LOG::write(THD*, st_io_cache*, Log_event*) (log.cc:3326)
             by 0x68BE97: binlog_end_trans(THD*, binlog_trx_data*, Log_event*, bool) (log.cc:1481)
             by 0x68B94C: MYSQL_BIN_LOG::log(THD*, unsigned long) (log.cc:4977)
             by 0x6CE48F: ha_commit_trans(THD*, bool) (handler.cc:726)
             by 0x6CE986: ha_autocommit_or_rollback(THD*, int) (handler.cc:862)
             by 0x69934E: Rows_log_event::exec_event(st_relay_log_info*) (log_event.cc:5863)
             by 0x74832D: exec_relay_log_event(THD*, st_relay_log_info*) (slave.cc:1802)
             by 0x745EDA: handle_slave_sql (slave.cc:2363)
             by 0x4D3AC63: start_thread (in /lib64/tls/libpthread-0.60.so)
             by 0x52F3242: clone (in /lib64/tls/libc-2.3.2.so)
           Address 0x957AC45 is 69 bytes inside a block of size 8,192 alloc'd
             at 0x4A18B63: malloc (vg_replace_malloc.c:149)
             by 0x9407EE: my_malloc (my_malloc.c:35)
             by 0x93D1E9: init_io_cache (mf_iocache.c:214)
             by 0x685200: MYSQL_LOG::open(char const*, enum_log_type, char const*, cache_type) (log.cc:1858)
             by 0x6866E5: MYSQL_BIN_LOG::open(char const*, enum_log_type, char const*, cache_type, bool, unsigned long, bool) (log.cc:2430)
             by 0x5F7B51: init_server_components() (mysqld.cc:3322)
             by 0x5F43FC: main (mysqld.cc:3595)

How to repeat:
Pushbuild

Since there are several looking independant stacks bug#24533 is opened for
the stack referring to
             by 0x6D34E8: handler::ha_update_row(char const*, char*)
(handler.cc:3669)
             by 0x6995B4: Rows_log_event::exec_event(st_relay_log_info*)

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/15826

ChangeSet@1.2373, 2006-11-26 15:55:49+02:00, aelkin@dsl-hkibras-fe30f900-107.dhcp.inet.fi +1 -0
  Bug #24487 Valgrind: uninited byte in table->record[1] in binlog code for rbr + innodb
  
  The reason of this valgrind's compaint is not a bug but rather a feature of bitwise ops:
  for any value of the byte x
  x | 1 -> 1,  and x & 0 -> 0.
  x, being a null_byte part of record[1] can be left unassigned even after
  ha_innobase::index_read_idx because the above and still be correct.
  Addding a check memory upon the invocation of the function can detect this fact
  long before record[1], old record, is eventually passed to my_write.
  
  Fixed with initialization of record[1]'s null_bytes part in open_table_from_share.

Ok to push

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/16239

ChangeSet@1.2365, 2006-11-30 19:56:34+02:00, aelkin@dsl-hkibras-fe30f900-107.dhcp.inet.fi +1 -0
  Bug #24487 Valgrind: uninited byte in table->record[1] in binlog code for rbr + inno db
  
  The reason of this valgrind's compaint is not a bug but rather a feature of bitwise ops:
  for any value of the byte x
  x | 1 -> 1,  and x & 0 -> 0.
  x, being a null_byte part of record[1] can be left unassigned even after
  ha_innobase::index_read_idx because the above and still be correct.
  Addding a check memory upon the invocation of the function can detect this fact
  long before record[1], old record, is eventually passed to my_write.
  
  Fixed with initialization of record[1]'s null_bytes part in open_table_from_share.

Since there does not appear to be any change visible to end users, I've closed this bug without taking further action.