Uploaded image for project: 'CORAL and COOL'
  1. CORAL and COOL
  2. CORALCOOL-1191

valgrind reports invalid read in __intel_new_memcpy from Oracle OCIStmtPrepare2

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Medium
    • Resolution: Clarified
    • Affects Version/s: None
    • Fix Version/s: 3.2.0
    • Component/s: CORALSERVER
    • Labels:
      None

      Description

      valgrind reports invalid read in __intel_new_memcpy from Oracle OCIStmtPrepare2

      Following up on Andy's reports in bug #98514 I am analysing the CoralServer through valgrind.

      Using the suppresion file
      http://coral.cvs.cern.ch/cgi-bin/coral.cgi/coral/Tests/cmt/valgrind.supp
      most issues go away, but there are still a few around.

      I see one invalid read in particular:
      http://coral.cvs.cern.ch/cgi-bin/coral.cgi/coral/logs/CORAL_SERVER/CoralAccess/server/serverLog_server_valgrind.txt?rev=1.4&content-type=text/vnd.viewcvs-markup

      ==xxxxx== Thread 7:
      ==xxxxx== Invalid read of size 8
      ==xxxxx==    at 0xC126B89: __intel_new_memcpy (in /afs/cern.ch/sw/lcg/external/oracle/11.2.0.3.0/linux64/lib/libclntsh.so.11.1)
      ==xxxxx==    by 0xB5C78FC: kpurclientparse (in /afs/cern.ch/sw/lcg/external/oracle/11.2.0.3.0/linux64/lib/libclntsh.so.11.1)
      ==xxxxx==    by 0xB5CB082: kpureq (in /afs/cern.ch/sw/lcg/external/oracle/11.2.0.3.0/linux64/lib/libclntsh.so.11.1)
      ==xxxxx==    by 0xB5CAD62: kpuStmtPrep2New (in /afs/cern.ch/sw/lcg/external/oracle/11.2.0.3.0/linux64/lib/libclntsh.so.11.1)
      ==xxxxx==    by 0xB5C9DAC: kpureq2 (in /afs/cern.ch/sw/lcg/external/oracle/11.2.0.3.0/linux64/lib/libclntsh.so.11.1)
      ==xxxxx==    by 0xB5A3DAE: OCIStmtPrepare2 (in /afs/cern.ch/sw/lcg/external/oracle/11.2.0.3.0/linux64/lib/libclntsh.so.11.1)
      ==xxxxx==    by 0xB04F8AA: coral::OracleAccess::OracleStatement::OracleStatement(boost::shared_ptr<coral::OracleAccess::SessionProperties const>, std::string const&, std::string const&amp\;) (OracleStatement.cpp:53)
      ==xxxxx==    by 0xB0B7E73: coral::OracleAccess::Transaction::start(bool) (Transaction.cpp:124)
      ==xxxxx==    by 0x6122063: coral::ConnectionService::TransactionProxy::start(bool) (TransactionProxy.cpp:27)
      ==xxxxx==    by 0x5768A35: coral::CoralServer::CoralServerFacade::startTransaction(unsigned int, bool) const (CoralServerFacade.cpp:145)
      ==xxxxx==    by 0x4C815A9: coral::CoralStubs::request_TransactionStartRO(coral::ICoralFacade&, coral::CoralStubs::SegmentReaderIterator&, coral::CoralStubs::rowIteratorMap&amp\;) (ServerStub.cpp:133)
      ==xxxxx==    by 0x4C802FD: coral::CoralStubs::ServerStub::replyToRequest(coral::ByteBuffer const&amp\;) (ServerStub.cpp:975)
      ==xxxxx==    by 0x414904: coral::CoralServer::ServerStubWrapper::replyToRequest(coral::ByteBuffer const&amp\;) (ServerStubWrapper.h:54)
      ==xxxxx==    by 0x4DB4E94: coral::CoralSockets::SocketThread::HandlerThread::operator()() (SocketThread.cpp:99)
      ==xxxxx==    by 0x4DC6ED2: coral::CoralSockets::ThreadWrapper::operator()() (ThreadManager.h:127)
      ==xxxxx==    by 0x4DC7031: boost::detail::thread_data<coral::CoralSockets::ThreadWrapper>::run() (thread.hpp:61)
      ==xxxxx==    by 0x4DF3363: thread_proxy (in /cvmfs/sft.cern.ch/lcg/external/Boost/1.48.0_python2.6/x86_64-slc5-gcc43-opt/lib/libboost_thread-gcc43-mt-1_48.so.1.48.0)
      ==xxxxx==    by 0x302740677C: start_thread (pthread_create.c:301)
      ==xxxxx==    by 0x30264D3C1C: clone (in /lib64/libc-2.5.so)
      ==xxxxx==  Address 0xec5f1a8 is 264 bytes inside a block of size 271 alloc'd
      ==xxxxx==    at 0x4A08024: operator new(unsigned long) (vg_replace_malloc.c:287)
      ==xxxxx==    by 0x582C780: std::string::_Rep::_S_create(unsigned long, unsigned long, std::allocator<char> const&amp\;) (in /cvmfs/sft.cern.ch/lcg/external/gcc/4.3.5/x86_64-slc5-gcc34-opt/lib64/libstdc++.so.6.0.10)
      ==xxxxx==    by 0x582D394: ??? (in /cvmfs/sft.cern.ch/lcg/external/gcc/4.3.5/x86_64-slc5-gcc34-opt/lib64/libstdc++.so.6.0.10)
      ==xxxxx==    by 0x582D449: std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string<char*>(char*, char*, std::allocator<char> const&amp\;) (in /cvmfs/sft.cern.ch/lcg/external/gcc/4.3.5/x86_64-slc5-gcc34-opt/lib64/libstdc++.so.6.0.10)
      ==xxxxx==    by 0x582B0AD: std::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> >::str() const (in /cvmfs/sft.cern.ch/lcg/external/gcc/4.3.5/x86_64-slc5-gcc34-opt/lib64/libstdc++.so.6.0.10)
      ==xxxxx==    by 0xB0B7E33: coral::OracleAccess::Transaction::start(bool) (Transaction.cpp:124)
      ==xxxxx==    by 0x6122063: coral::ConnectionService::TransactionProxy::start(bool) (TransactionProxy.cpp:27)
      ==xxxxx==    by 0x5768A35: coral::CoralServer::CoralServerFacade::startTransaction(unsigned int, bool) const (CoralServerFacade.cpp:145)
      ==xxxxx==    by 0x4C815A9: coral::CoralStubs::request_TransactionStartRO(coral::ICoralFacade&, coral::CoralStubs::SegmentReaderIterator&, coral::CoralStubs::rowIteratorMap&amp\;) (ServerStub.cpp:133)
      ==xxxxx==    by 0x4C802FD: coral::CoralStubs::ServerStub::replyToRequest(coral::ByteBuffer const&amp\;) (ServerStub.cpp:975)
      ==xxxxx==    by 0x414904: coral::CoralServer::ServerStubWrapper::replyToRequest(coral::ByteBuffer const&amp\;) (ServerStubWrapper.h:54)
      ==xxxxx==    by 0x4DB4E94: coral::CoralSockets::SocketThread::HandlerThread::operator()() (SocketThread.cpp:99)
      ==xxxxx==    by 0x4DC6ED2: coral::CoralSockets::ThreadWrapper::operator()() (ThreadManager.h:127)
      ==xxxxx==    by 0x4DC7031: boost::detail::thread_data<coral::CoralSockets::ThreadWrapper>::run() (thread.hpp:61)
      ==xxxxx==    by 0x4DF3363: thread_proxy (in /cvmfs/sft.cern.ch/lcg/external/Boost/1.48.0_python2.6/x86_64-slc5-gcc43-opt/lib/libboost_thread-gcc43-mt-1_48.so.1.48.0)
      ==xxxxx==    by 0x302740677C: start_thread (pthread_create.c:301)
      ==xxxxx==    by 0x30264D3C1C: clone (in /lib64/libc-2.5.so)
      ==xxxxx== 
      {
         <insert_a_suppression_name_here>
         Memcheck:Addr8
         fun:__intel_new_memcpy
         fun:kpurclientparse
         fun:kpureq
         fun:kpuStmtPrep2New
         fun:kpureq2
         fun:OCIStmtPrepare2
         fun:_ZN5coral12OracleAccess15OracleStatementC1EN5boost10shared_ptrIKNS0_17SessionPropertiesEEERKSsS8_
         fun:_ZN5coral12OracleAccess11Transaction5startEb
         fun:_ZN5coral17ConnectionService16TransactionProxy5startEb
         fun:_ZNK5coral11CoralServer17CoralServerFacade16startTransactionEjb
         fun:_ZN5coral10CoralStubs26request_TransactionStartROERNS_12ICoralFacadeERNS0_21SegmentReaderIteratorERNS0_14rowIteratorMapE
         fun:_ZN5coral10CoralStubs10ServerStub14replyToRequestERKNS_10ByteBufferE
         fun:_ZN5coral11CoralServer17ServerStubWrapper14replyToRequestERKNS_10ByteBufferE
         fun:_ZN5coral12CoralSockets12SocketThread13HandlerThreadclEv
         fun:_ZN5coral12CoralSockets13ThreadWrapperclEv
         fun:_ZN5boost6detail11thread_dataIN5coral12CoralSockets13ThreadWrapperEE3runEv
         fun:thread_proxy
         fun:start_thread
         fun:clone
      }

      Note that this has been elsewhere, eg
      http://gcov.php.net/viewer.php?version=PHP_5_3&func=valgrind&file=ext%2Foci8%2Ftests%2Fbug37581.phpt

      ==1785== Invalid read of size 8
      ==1785==    at 0xB80A0C9: __intel_new_memcpy (in /u01/app/oracle/product/11.2.0/xe/lib/libclntsh.so.11.1)
      ==1785==    by 0xA302217: kpureq (in /u01/app/oracle/product/11.2.0/xe/lib/libclntsh.so.11.1)
      ==1785==    by 0xA305B10: kpuStmtPrep2New (in /u01/app/oracle/product/11.2.0/xe/lib/libclntsh.so.11.1)
      ==1785==    by 0xA407153: kpuStmtCachePrepare2 (in /u01/app/oracle/product/11.2.0/xe/lib/libclntsh.so.11.1)
      ==1785==    by 0xA304B1E: kpureq2 (in /u01/app/oracle/product/11.2.0/xe/lib/libclntsh.so.11.1)
      ==1785==    by 0xA1DEE43: OCIStmtPrepare2 (in /u01/app/oracle/product/11.2.0/xe/lib/libclntsh.so.11.1)
      ==1785==    by 0x882117: php_oci_statement_create (oci8_statement.c:60)
      ==1785==    by 0x89ADDD: zif_oci_parse (oci8_interface.c:1724)
      ==1785==    by 0xDB7197: zend_do_fcall_common_helper_SPEC (zend_vm_execute.h:320)
      ==1785==    by 0xDBD476: ZEND_DO_FCALL_SPEC_CONST_HANDLER (zend_vm_execute.h:1640)
      ==1785==    by 0xDB6207: execute (zend_vm_execute.h:107)
      ==1785==    by 0xD69F0B: zend_execute_scripts (zend.c:1259)
      ==1785==  Address 0x14e93918 is 184 bytes inside a block of size 185 alloc'd
      ==1785==    at 0x4C2794E: malloc (vg_replace_malloc.c:270)
      ==1785==    by 0xD316D0: _emalloc (zend_alloc.c:2348)
      ==1785==    by 0xD31CA3: _estrndup (zend_alloc.c:2503)
      ==1785==    by 0xD65BA3: _zval_copy_ctor_func (zend_variables.c:122)
      ==1785==    by 0xDAF233: _zval_copy_ctor (zend_variables.h:45)
      ==1785==    by 0xDB3626: zend_assign_to_variable (zend_execute.c:729)
      ==1785==    by 0xE7A180: ZEND_ASSIGN_SPEC_CV_CONST_HANDLER (zend_vm_execute.h:24202)
      ==1785==    by 0xDB6207: execute (zend_vm_execute.h:107)
      ==1785==    by 0xD69F0B: zend_execute_scripts (zend.c:1259)
      ==1785==    by 0xCB5CF0: php_execute_script (main.c:2316)
      ==1785==    by 0xEACC2C: main (php_cli.c:1189)
      ==1785== 

      There are also several bugs in oracle metalink for __intel_new_memcpy including some server side ORA-07445 (Oracel server crashes).

      But none of them really seems to fit here. Anyway, I never observed problems due to this, but I keep this filed for the record...

      Andrea

        Attachments

          Activity

            People

            Assignee:
            valassi Andrea Valassi
            Reporter:
            valassi Andrea Valassi
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: