Bug #59851 | uninitialised value in Item_func_like::select_optimize with subquery and like | ||
---|---|---|---|
Submitted: | 31 Jan 2011 16:07 | Modified: | 16 Aug 2011 1:38 |
Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Optimizer | Severity: | S2 (Serious) |
Version: | 5.0.93,5.1.56, 5.5.10,5.6.2 | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | valgrind |
[31 Jan 2011 16:07]
Shane Bester
[31 Jan 2011 16:08]
MySQL Verification Team
full outputs from valgrind
Attachment: bug59851_5.5.10_valgrind_output.txt (text/plain), 17.45 KiB.
[1 Feb 2011 9:17]
Valeriy Kravchuk
I've got this in valgrind build of current mysql-51 on 32-bit Ubuntu 10.04: ==14500== Thread 11: ==14500== Conditional jump or move depends on uninitialised value(s) ==14500== at 0x81FD0E2: Item_func_like::select_optimize() const (item_cmpfunc.cc:4666) ==14500== by 0x82FD005: add_key_fields(JOIN*, key_field_t**, unsigned int*, Item*, unsigned long long, st_sargable_param**) (sql_select.cc:3561) ==14500== by 0x82FE053: update_ref_and_keys(THD*, st_dynamic_array*, st_join_table*, unsigned int, Item*, COND_EQUAL*, unsigned long long, st_select_lex*, st_sargable_param**) (sql_select.cc:3955) ==14500== by 0x82FAF13: make_join_statistics(JOIN*, TABLE_LIST*, Item*, st_dynamic_array*) (sql_select.cc:2800) ==14500== by 0x82F4781: JOIN::optimize() (sql_select.cc:1021) ==14500== by 0x82FA01C: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2531) ==14500== by 0x82F2740: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:269) ==14500== by 0x8298095: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5158) ==14500== by 0x828E699: mysql_execute_command(THD*) (sql_parse.cc:2293) ==14500== by 0x829A2BE: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6075) ==14500== by 0x828C000: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1261) ==14500== by 0x828B108: do_command(THD*) (sql_parse.cc:889) ==14500== ==14500== Conditional jump or move depends on uninitialised value(s) ==14500== at 0x81FD0E2: Item_func_like::select_optimize() const (item_cmpfunc.cc:4666) ==14500== by 0x83A5488: get_mm_tree(RANGE_OPT_PARAM*, Item*) (opt_range.cc:5504) ==14500== by 0x839E5CE: SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool) (opt_range.cc:2326) ==14500== by 0x82FA388: get_quick_record_count(THD*, SQL_SELECT*, st_table*, Bitmap<64u> const*, unsigned long long) (sql_select.cc:2592) ==14500== by 0x82FBCE5: make_join_statistics(JOIN*, TABLE_LIST*, Item*, st_dynamic_array*) (sql_select.cc:3024) ==14500== by 0x82F4781: JOIN::optimize() (sql_select.cc:1021) ==14500== by 0x82FA01C: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2531) ==14500== by 0x82F2740: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:269) ==14500== by 0x8298095: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5158) ==14500== by 0x828E699: mysql_execute_command(THD*) (sql_parse.cc:2293) ==14500== by 0x829A2BE: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6075) ==14500== by 0x828C000: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1261) ==14500== In -debug build valgrind reported no errors like this :(
[16 Aug 2011 1:38]
Paul DuBois
Noted in 5.6.3 changelog. For the LIKE operator, an attempt to use an uninitialized string buffer in the case of an empty wildcard was corrected.