Bug #58205 Valgrind failure in fn_format when called from archive_discover
Submitted: 15 Nov 2010 15:15 Modified: 11 Jan 2011 11:38
Reporter: Mats Kindahl Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Archive storage engine Severity:S3 (Non-critical)
Version:5.5 OS:Linux
Assigned to: Sergey Vojtovich
Triage: Triaged: D1 (Critical)

[15 Nov 2010 15:15] Mats Kindahl
Description:
Running MTR on mysql_client_test generates the following warning:

==12146== Thread 14:
==12146== Conditional jump or move depends on uninitialised value(s)
==12146==    at 0x4027022: bcmp (mc_replace_strmem.c:541)
==12146==    by 0x86BEF19: cleanup_dirname (mf_pack.c:195)
==12146==    by 0x86BF1B6: normalize_dirname (mf_pack.c:315)
==12146==    by 0x86BF268: unpack_dirname (mf_pack.c:343)
==12146==    by 0x86B16F1: fn_format (mf_format.c:55)
==12146==    by 0x84CE4F5: archive_discover(handlerton*, THD*, char const*, char const*, unsigned char**, unsigned int*) (ha_archive.cc:259)
==12146==    by 0x838013E: discover_handlerton(THD*, st_plugin_int**, void*) (handler.cc:3829)
==12146==    by 0x822770F: plugin_foreach_with_mask(THD*, char (*)(THD*, st_plugin_int**, void*), int, unsigned int, void*) (sql_plugin.cc:1953)
==12146==    by 0x838026E: ha_discover(THD*, char const*, char const*, unsigned char**, unsigned int*) (handler.cc:3849)
==12146==    by 0x837FD3F: ha_check_if_table_exists(THD*, char const*, char const*, bool*) (handler.cc:3708)
==12146==    by 0x81BD255: get_table_share_with_discover(THD*, TABLE_LIST*, char*, unsigned int, unsigned int, int*, unsigned int) (sql_base.cc:648)
==12146==    by 0x81C1D2E: open_table(THD*, TABLE_LIST*, st_mem_root*, Open_table_context*) (sql_base.cc:2867)
==12146==    by 0x81C4547: open_and_process_table(THD*, LEX*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*, st_mem_root*) (sql_base.cc:4341)
==12146==    by 0x81C50CF: open_tables(THD*, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4772)
==12146==    by 0x81C6000: open_normal_and_derived_tables(THD*, TABLE_LIST*, unsigned int) (sql_base.cc:5425)
==12146==    by 0x8271DD5: mysqld_list_fields(THD*, TABLE_LIST*, char const*) (sql_show.cc:864)
==12146== Conditional jump or move depends on uninitialised value(s)
==12146==    at 0x86BEF1C: cleanup_dirname (mf_pack.c:195)
==12146==    by 0x86BF1B6: normalize_dirname (mf_pack.c:315)
==12146==    by 0x86BF268: unpack_dirname (mf_pack.c:343)
==12146==    by 0x86B16F1: fn_format (mf_format.c:55)
==12146==    by 0x84CE4F5: archive_discover(handlerton*, THD*, char const*, char const*, unsigned char**, unsigned int*) (ha_archive.cc:259)
==12146==    by 0x838013E: discover_handlerton(THD*, st_plugin_int**, void*) (handler.cc:3829)
==12146==    by 0x822770F: plugin_foreach_with_mask(THD*, char (*)(THD*, st_plugin_int**, void*), int, unsigned int, void*) (sql_plugin.cc:1953)
==12146==    by 0x838026E: ha_discover(THD*, char const*, char const*, unsigned char**, unsigned int*) (handler.cc:3849)
==12146==    by 0x837FD3F: ha_check_if_table_exists(THD*, char const*, char const*, bool*) (handler.cc:3708)
==12146==    by 0x81BD255: get_table_share_with_discover(THD*, TABLE_LIST*, char*, unsigned int, unsigned int, int*, unsigned int) (sql_base.cc:648)
==12146==    by 0x81C1D2E: open_table(THD*, TABLE_LIST*, st_mem_root*, Open_table_context*) (sql_base.cc:2867)
==12146==    by 0x81C4547: open_and_process_table(THD*, LEX*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*, st_mem_root*) (sql_base.cc:4341)
==12146==    by 0x81C50CF: open_tables(THD*, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4772)
==12146==    by 0x81C6000: open_normal_and_derived_tables(THD*, TABLE_LIST*, unsigned int) (sql_base.cc:5425)
==12146==    by 0x8271DD5: mysqld_list_fields(THD*, TABLE_LIST*, char const*) (sql_show.cc:864)
==12146==    by 0x8211294: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1163)
^ Found warnings in /home/bzr/bugs/b57108-5.5-bugteam/mysql-test/var/log/mysqld.1.err
ok

How to repeat:
Build with valgrind.

Execute using
$ ./mtr --mem mysql_client_test --valgrind --valgrind-option=--suppressions=valgrind.supp
[1 Dec 2010 12:54] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/125651

3151 Sergey Vojtovich	2010-12-01
      BUG#58205 - Valgrind failure in fn_format when called from
                  archive_discover
      
      Fixed buffer underrun in cleanup_dirname().
      
      Also fixed that original (unencoded) database and table
      names were used to discover archive tables.
     @ mysql-test/r/archive.result
        A test case for BUG#58205.
     @ mysql-test/t/archive.test
        A test case for BUG#58205.
     @ mysys/mf_pack.c
        Fixed buffer underrun in cleanup_dirname(), when
        it gets path like "a/../" (relative path, where
        first directory is to be cut off).
     @ storage/archive/ha_archive.cc
        Handler discover method gets database and table
        names as is. It must use build_table_filename()
        to get name similar to what it gets on create()
        and open().
[17 Dec 2010 12:51] Bugs System
Pushed into mysql-5.5 5.5.9 (revid:georgi.kodinov@oracle.com-20101217124733-p1ivu6higouawv8l) (version source revid:sergey.vojtovich@oracle.com-20101208121011-gd8fvhvog8s3dfab) (merge vers: 5.5.8) (pib:24)
[17 Dec 2010 12:56] Bugs System
Pushed into mysql-trunk 5.6.1 (revid:georgi.kodinov@oracle.com-20101217125013-y8pb3az32rtbplc9) (version source revid:anitha.gopi@sun.com-20101210041312-50t9adyhwwybsm6x) (merge vers: 5.6.1) (pib:24)
[11 Jan 2011 11:38] Tony Bedford
An entry has been added to the 5.5.9 and 5.6.1 changelogs:

        A Valgrind failure occurred in fn_format when
        called from archive_discover.