Bug #49506 Valgrind error in make_cond_for_table_from_pred
Submitted: 7 Dec 2009 13:19 Modified: 12 Mar 2010 16:34
Reporter: Olav Sandstå Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Optimizer Severity:S2 (Serious)
Version:6.0.14, 5 1 OS:Linux
Assigned to: Olav Sandstå CPU Architecture:Any

[7 Dec 2009 13:19] Olav Sandstå 
Description:
The following valgrind error is reported for several tests (e.g. the followin tests: innodb, innodb_mysql, compress, fulltext, greedy_optimizer)

==7502== Thread 3:
==7502== Conditional jump or move depends on uninitialised value(s)
==7502==    at 0x6FCD5E: make_cond_for_table_from_pred(Item*, Item*, unsigned long long, unsigned long long, bool) (sql_select.cc:18149)
==7502==    by 0x6FD316: make_cond_for_table(Item*, unsigned long long, unsigned long long, bool) (sql_select.cc:18141)
==7502==    by 0x7186ED: make_join_select(JOIN*, Item*) (sql_select.cc:8916)
==7502==    by 0x724C5E: JOIN::optimize() (sql_select.cc:1720)
==7502==    by 0x72903C: mysql_select(THD*, Item***, TABLE_LIST*, unsigned, List<Item>&, Item*, unsigned, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:3126)
==7502==    by 0x68935E: mysql_execute_command(THD*) (sql_parse.cc:3427)
==7502==    by 0x68E1AC: mysql_parse(THD*, char const*, unsigned, char const**) (sql_parse.cc:5975)
==7502==    by 0x68F5F6: dispatch_command(enum_server_command, THD*, char*, unsigned) (sql_parse.cc:1076)
==7502==    by 0x690A9E: do_command(THD*) (sql_parse.cc:758)
==7502==    by 0x67E87E: handle_one_connection (sql_connect.cc:1164)
==7502==    by 0x37242062F6: start_thread (in /lib64/libpthread-2.5.so)
==7502==    by 0x37236D1B6C: clone (in /lib64/libc-2.5.so)

How to repeat:
1. Use the mysql-6.0-codebase-bugfixing tree
2. Compile with support for valgrind
3. Run the innodb_mysql test with valgrind
[7 Dec 2009 13:22] Olav Sandstå 
Sergey Petrunya has also reported this problem as part of bug#41996. See this bug report for his analysis of the bug, a reproduction case and a proposed fix to the problem.

The proposed fix has a also been submitted under SCA on the internals email list:

http://lists.mysql.com/internals/37586
[7 Dec 2009 13:30] Olav Sandstå 
The code in add_cond_and_fix() in sql_select.cc where the call to res->update_used_tables() is missing:

    {
      *e1= res;
      res->quick_fix_field();
 -->> res->update_used_tables();  <<-- missing call to update_used_tables
    }

is identical in earlier versions, at least back to mysql-5.0 codebase. 

I have tried to run the reproduction case on mysql-5.0, mysql-5.1 and mysql-next-mr-bugfixing without seeing this valgring error. Thus, this far I have only seen it in the mysql-6.0-codebase-bugfixing tree.
[8 Dec 2009 7:53] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/93113

3760 Olav Sandstaa	2009-12-08
      Fix for Bug#49506 Valgrind error in make_cond_for_table_from_pred
      
      This fix has been proposed by Sergey Petrunya and has been contributed
      under SCA by sca@askmonty.org.
      
      The cause for this valgrind error is that in the function
      add_cond_and_fix() in sql_select.cc an Item_cond_and object is
      created. This is marked as fixed but does not have a correct
      table_map() attribute. Later, in make_join_select(), if
      engine_condition_pushdown is in use, this table map is used and
      results in the valgrind error.
      
      The fix is to add a call to update_used_tables() in add_cond_and_fix()
      so that the table map is updated correctly.
      
      This patch is tested by multiple existing tests (e.g. the tests
      innodb_mysql, innodb, fulltext, compress all produces this valgrind
      warning/error without this fix).
     @ sql/sql_select.cc
        In add_cond_and_fix() add a call to update_used_tables() to ensure
        the table map is updated.
[9 Dec 2009 8:16] Olav Sandstå 
Pushed to
bzr+ssh://bk-internal.mysql.com/bzrroot/server/mysql-6.0-codebase-bugfixing/
[9 Dec 2009 9:16] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/93278

3252 Olav Sandstaa	2009-12-09
      Fix for Bug#49506 Valgrind error in make_cond_for_table_from_pred
            
      This fix has been proposed by Sergey Petrunya and has been contributed
      under SCA by sca@askmonty.org.
            
      The cause for this valgrind error is that in the function
      add_cond_and_fix() in sql_select.cc an Item_cond_and object is
      created. This is marked as fixed but does not have a correct
      table_map() attribute. Later, in make_join_select(), if
      engine_condition_pushdown is in use, this table map is used and
      results in the valgrind error.
            
      The fix is to add a call to update_used_tables() in add_cond_and_fix()
      so that the table map is updated correctly.
            
      This patch is tested by multiple existing tests (e.g. the tests
      innodb_mysql, innodb, fulltext, compress all produces this valgrind
      warning/error without this fix).
     @ sql/sql_select.cc
        In add_cond_and_fix() add a call to update_used_tables() to ensure
        the table map is updated.
[9 Dec 2009 9:21] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/93280

3749 Olav Sandstaa	2009-12-09 [merge]
      Merge Bug#49506 from mysql-5.1-bugteam
[9 Dec 2009 9:31] Olav Sandstå 
Pushed to
bzr+ssh://osandstaa@bk-internal.mysql.com/bzrroot/server/mysql-5.1-bugteam
and
bzr+ssh://osandstaa@bk-internal.mysql.com/bzrroot/server/mysql-pe
[11 Dec 2009 6:01] Bugs System 
Pushed into 6.0.14-alpha (revid:alik@sun.com-20091211055901-yp18b3c7xuhl87rf) (version source revid:alik@sun.com-20091211055401-43rjwq7gjed6ds83) (merge vers: 6.0.14-alpha) (pib:13)
[18 Dec 2009 2:46] Paul DuBois 
Noted in 6.0.14 changelog.

A Valgrind error in make_cond_for_table_from_pred() was corrected.
Thanks to Sergey Petrunya for the patch to fix this bug.
[19 Dec 2009 8:28] Bugs System 
Pushed into 6.0.14-alpha (revid:alik@sun.com-20091219082307-f3i4fn0tm8trb3c0) (version source revid:alik@sun.com-20091216180721-eoa754i79j4ssd3m) (merge vers: 6.0.14-alpha) (pib:15)
[19 Dec 2009 8:31] Bugs System 
Pushed into 5.5.1-m2 (revid:alik@sun.com-20091219082021-f34nq4jytwamozz0) (version source revid:alexey.kopytov@sun.com-20091211164058-ycpe0f20d1c4h1gl) (merge vers: 5.5.0-beta) (pib:15)
[19 Dec 2009 8:36] Bugs System 
Pushed into mysql-next-mr (revid:alik@sun.com-20091219082213-nhjjgmphote4ntxj) (version source revid:alik@sun.com-20091216180221-a5ps59gajad3pip9) (pib:15)
[20 Dec 2009 0:41] Paul DuBois 
Noted in 5.5.1 changelog.
[15 Jan 2010 9:00] Bugs System 
Pushed into 5.1.43 (revid:joro@sun.com-20100115085139-qkh0i0fpohd9u9p5) (version source revid:zhenxing.he@sun.com-20091210045610-lmebcvl2i1b4dzzl) (merge vers: 5.1.42) (pib:16)
[15 Jan 2010 18:37] Paul DuBois 
Noted in 5.1.43 changelog.
[12 Mar 2010 14:08] Bugs System 
Pushed into 5.1.44-ndb-7.0.14 (revid:jonas@mysql.com-20100312135944-t0z8s1da2orvl66x) (version source revid:jonas@mysql.com-20100312115609-woou0te4a6s4ae9y) (merge vers: 5.1.44-ndb-7.0.14) (pib:16)
[12 Mar 2010 14:24] Bugs System 
Pushed into 5.1.44-ndb-6.2.19 (revid:jonas@mysql.com-20100312134846-tuqhd9w3tv4xgl3d) (version source revid:jonas@mysql.com-20100312060623-mx6407w2vx76h3by) (merge vers: 5.1.44-ndb-6.2.19) (pib:16)
[12 Mar 2010 14:37] Bugs System 
Pushed into 5.1.44-ndb-6.3.33 (revid:jonas@mysql.com-20100312135724-xcw8vw2lu3mijrhn) (version source revid:jonas@mysql.com-20100312103652-snkltsd197l7q2yg) (merge vers: 5.1.44-ndb-6.3.33) (pib:16)