Hi Varun, On Thu, Jan 28, 2021 at 06:14:08PM +0530, varun wrote:
revision-id: 46271662a71c4ba7826a7760059c9853586ed424 (mariadb-10.2.31-719-g46271662a71) parent(s): 20f6c403eb976a6dd25cb58d0ce17f6da2566253 author: Varun Gupta committer: Varun Gupta timestamp: 2021-01-28 18:09:58 +0530 message:
MDEV-22251: get_key_scans_params: Conditional jump or move depends on uninitialised value
The parameter is_ror_scan was not initialized. It should be initialized whenever we try to call check_quick_select() for a SEL_ARG.
...
diff --git a/sql/opt_range.cc b/sql/opt_range.cc index 7785c768fbc..b98d773aa3a 100644 --- a/sql/opt_range.cc +++ b/sql/opt_range.cc @@ -2457,6 +2457,7 @@ int SQL_SELECT::test_quick_select(THD *thd, key_map keys_to_use, param.remove_false_where_parts= remove_false_parts_of_where; param.force_default_mrr= ordered_output; param.possible_keys.clear_all(); + param.is_ror_scan= FALSE;
thd->no_errors=1; // Don't warn about NULL init_sql_alloc(&alloc, thd->variables.range_alloc_block_size, 0, @@ -6819,6 +6820,7 @@ static TRP_RANGE *get_key_scans_params(PARAM *param, SEL_TREE *tree, double found_read_time; uint mrr_flags, buf_size; INDEX_SCAN_INFO *index_scan; + param->is_ror_scan= FALSE; uint keynr= param->real_keynr[idx]; if (key->type == SEL_ARG::MAYBE_KEY || key->maybe_flag)
check_quick_select actually does initialize PARAM::is_ror_scan, except for "degenerate" cases that are handled at the start of the function. So, I think an easier fix would be to just have check_quick_select to set is_ror_scan for the degenerate cases, too. I've also removed another redundant initialization, and it seems things work. Please find the patch below: diff --git a/sql/opt_range.cc b/sql/opt_range.cc index 7785c768fbc..f2c55b2b5a5 100644 --- a/sql/opt_range.cc +++ b/sql/opt_range.cc @@ -3065,7 +3065,6 @@ bool calculate_cond_selectivity_for_table(THD *thd, TABLE *table, Item **cond) param.mem_root= &alloc; param.old_root= thd->mem_root; param.table= table; - param.is_ror_scan= FALSE; param.remove_false_where_parts= true; if (create_key_parts_for_pseudo_indexes(¶m, used_fields)) @@ -10385,6 +10384,7 @@ ha_rows check_quick_select(PARAM *param, uint idx, bool index_only, uint keynr= param->real_keynr[idx]; DBUG_ENTER("check_quick_select"); + param->is_ror_scan= FALSE; /* Handle cases when we don't have a valid non-empty list of range */ if (!tree) DBUG_RETURN(HA_POS_ERROR); BR Sergei -- Sergei Petrunia, Software Developer MariaDB Corporation | Skype: sergefp | Blog: http://petrunia.net