maria-developers team mailing list archive

Thread
Date

Re: bzr commit into MariaDB 5.1, with Maria 1.5:maria branch (knielsen:2686)

To: Sergei Golubchik <sergii@xxxxxxxxx>
From: Kristian Nielsen <knielsen@xxxxxxxxxxxxxxx>
Date: Wed, 18 Mar 2009 20:48:50 +0100
Cc: maria-developers@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20090318164348.GA28992@janus.mylan> (Sergei Golubchik's message of "Wed\, 18 Mar 2009 17\:43\:48 +0100")
User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.1 (gnu/linux)

Sergei Golubchik <sergii@xxxxxxxxx> writes:

>> === modified file 'dbug/dbug.c'
>> --- a/dbug/dbug.c	2009-03-12 22:27:35 +0000
>> +++ b/dbug/dbug.c	2009-03-18 14:08:05 +0000
>> @@ -506,6 +506,7 @@ int DbugParse(CODE_STATE *cs, const char
>>    rel= control[0] == '+' || control[0] == '-';
>>    if ((!rel || (!stack->out_file && !stack->next)))
>>    {
>> +    FreeState(cs, stack, 0);
>
> you may be freeing uuninitialized data here.

Ok, that's not good, obviously.

> What are you trying to fix anyway ?

The leak from this Valgrind warning:

==28234== 51 bytes in 1 blocks are definitely lost in loss record 3 of 7
==28234==    at 0x4C22FAB: malloc (vg_replace_malloc.c:207)
==28234==    by 0xAA3452: DbugMalloc (dbug.c:2164)
==28234==    by 0xAA2864: ListAddDel (dbug.c:1489)
==28234==    by 0xAA009E: DbugParse (dbug.c:572)
==28234==    by 0xAA0A27: _db_set_init_ (dbug.c:913)
==28234==    by 0x66C4C3: mysqld_get_one_option (mysqld.cc:7942)
==28234==    by 0xA89E5C: handle_options (my_getopt.c:530)
==28234==    by 0x6720C4: get_options(int*, char**) (mysqld.cc:8524)
==28234==    by 0x672590: init_common_variables(char const*, int, char**, char const**) (mysqld.cc:3312)
==28234==    by 0x673EAB: main (mysqld.cc:4318)

If I remember correctly, it is init_settings.keywords that is not de-allocated
correctly when DbugParse is called multiple times.

Due to BUG#43418, mysql-test-run was not detecting all Valgrind warnings. And
after I fixed that bug, a number of additional warnings surfaced, this on
included.

If you have a better suggestion for silencing this leak, that would be
great. Otherwise I need to look a bit deeper, I admit I did not properly check
for the possibility of freeing uninitialised pointers.

>> @@ -1648,10 +1649,12 @@ static void FreeState(CODE_STATE *cs, st
>>      FreeList(state->processes);
>>    if (!is_shared(state, p_functions))
>>      FreeList(state->p_functions);
>> -  if (!is_shared(state, out_file))
>> +  if (!is_shared(state, out_file) &&
>> +      state->out_file != stderr && state->out_file != stdout)
>>      DBUGCloseFile(cs, state->out_file);
>>    (void) fflush(cs->stack->out_file);
>> -  if (state->prof_file)
>> +  if (state->prof_file &&
>> +      state->out_file != stderr && state->out_file != stdout)
>
> typo. you obviously want s/out_file/prof_file/g

Well spotted!

Thanks a lot, Sergei!

 - Kristian.

References

bzr commit into MariaDB 5.1, with Maria 1.5:maria branch (knielsen:2686)
From: knielsen, 2009-03-18
Re: bzr commit into MariaDB 5.1, with Maria 1.5:maria branch (knielsen:2686)
From: Sergei Golubchik, 2009-03-18