Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-21172

Memory leak after failed ADD PRIMARY KEY

Details

    Description

      10.5 commit f6003fbc8cbd6779b6e7fcf5b05293b54a4948f8
      10.3 commit ba95c303e379b9f23289aaaffe18fb5d49ddf4a3
      compiled with debug and ASAN
       
      main/ASAN1-master.opt
      -------------------------------------
      --innodb-page-size=4k
       
      main/ASAN1.test
      ---------------------------
      --disable_abort_on_error
      --source include/have_innodb.inc
       
      # No crash with 10.5
      # CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Dynamic ;
      # No crash with 10.5
      # CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compressed ;
      # CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Redundant ;
        CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compact ;
      ALTER TABLE t1 ADD UNIQUE ( col_varchar, col2 ) ;
      ALTER TABLE t1 ADD COLUMN col_text_copy TEXT ;
      ALTER TABLE t1 ADD PRIMARY KEY ( col2, col_varchar ) ;
       
      SET GLOBAL innodb_fast_shutdown=0;
      --source include/restart_mysqld.inc
      DROP TABLE t1;
       
      Result on 10.3
      ----------------------
      ...
      MariaDB Version 10.3.21-MariaDB-debug
       ...
      Installing system database...
       
      =============================================================
       
      TEST                                      RESULT   TIME (ms) or COMMENT
      --------------------------------------------------------------------------
      ...
      CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compact ;
      ALTER TABLE t1 ADD UNIQUE ( col_varchar, col2 ) ;
      ALTER TABLE t1 ADD COLUMN col_text_copy TEXT ;
      ALTER TABLE t1 ADD PRIMARY KEY ( col2, col_varchar ) ;
      ERROR 42000: Row size too large. The maximum row size for the used table type, not counting BLOBs, is 1982. This includes storage overhead, check the manual. You have to change some columns to TEXT or BLOBs
      SET GLOBAL innodb_fast_shutdown=0;
      DROP TABLE t1;
      main.ASAN1 'innodb'                      [ fail ]  Found warnings/errors in server log file!
              Test ended at 2019-11-28 15:51:46
      line
      2019-11-28 15:50:44 9 [ERROR] InnoDB: Cannot add field `col_text_copy` in table `test`.`#sql-438aa_9` because after adding it, the row size is 2105 which is greater than maximum allowed size (1982 bytes) for a record on index leaf page.
      Attempting backtrace. You can use the following information to find out
      ^ Found warnings in mysql-test/var/log/mysqld.1.err
      ok
       - found 'core' (0/5)
      Trying 'dbx' to get a backtrace
      Core was generated by `/home/mleich/work/10.3/bld_asan/sql/mysqld --defaults-group-suffix=.1 --default'.
      Program terminated with signal SIGABRT, Aborted.
      #0  0x00007f726605f8f0 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #0  0x00007f726605f8f0 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #1  0x00007f726606604d in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #2  0x00007f726605c1e6 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #3  0x00007f7266059c8b in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #4  <signal handler called>
      #5  0x0000556aa8f07991 in my_read (Filedes=3, Buffer=0x7ffe601b86f0 "Limit", ' ' <repeats 21 times>, "Soft Limit", ' ' <repeats 11 times>, "Hard Limit", ' ' <repeats 11 times>, "Units     \nMax cpu time", ' ' <repeats 14 times>, "unlimited", ' ' <repeats 12 times>, "unlimited", ' ' <repeats 12 times>, "seconds   \nMax file size", ' ' <repeats 13 times>, "unlimited       "..., Count=4096, MyFlags=0) at /home/mleich/work/10.3/mysys/my_read.c:63
      #6  0x0000556aa7c42af0 in output_core_info () at /home/mleich/work/10.3/sql/signal_handler.cc:66
      #7  0x0000556aa7c43a79 in handle_fatal_signal (sig=6) at /home/mleich/work/10.3/sql/signal_handler.cc:339
      #8  <signal handler called>
      #9  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
      #10 0x00007f7263e6737a in __GI_abort () at abort.c:89
      #11 0x00007f7266071169 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #12 0x00007f726606606b in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #13 0x00007f726607c3c6 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #14 0x00007f7263e6a5ea in __cxa_finalize (d=0x7f72662bc3e0) at cxa_finalize.c:56
      #15 0x00007f7265fae5b3 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #16 0x00007ffe601ba8f0 in ?? ()
      #17 0x00007f7266f4210a in _dl_fini () at dl-fini.c:235
      Backtrace stopped: frame did not save the PC
       
      Thread 1 (Thread 0x7f726713f780 (LWP 276650)):
      #0  0x00007f726605f8f0 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #1  0x00007f726606604d in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #2  0x00007f726605c1e6 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #3  0x00007f7266059c8b in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #4  <signal handler called>
      #5  0x0000556aa8f07991 in my_read (Filedes=3, Buffer=0x7ffe601b86f0 "Limit", ' ' <repeats 21 times>, "Soft Limit", ' ' <repeats 11 times>, "Hard Limit", ' ' <repeats 11 times>, "Units     \nMax cpu time", ' ' <repeats 14 times>, "unlimited", ' ' <repeats 12 times>, "unlimited", ' ' <repeats 12 times>, "seconds   \nMax file size", ' ' <repeats 13 times>, "unlimited       "..., Count=4096, MyFlags=0) at /home/mleich/work/10.3/mysys/my_read.c:63
      #6  0x0000556aa7c42af0 in output_core_info () at /home/mleich/work/10.3/sql/signal_handler.cc:66
      #7  0x0000556aa7c43a79 in handle_fatal_signal (sig=6) at /home/mleich/work/10.3/sql/signal_handler.cc:339
      #8  <signal handler called>
      #9  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:58
      #10 0x00007f7263e6737a in __GI_abort () at abort.c:89
      #11 0x00007f7266071169 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #12 0x00007f726606606b in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #13 0x00007f726607c3c6 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #14 0x00007f7263e6a5ea in __cxa_finalize (d=0x7f72662bc3e0) at cxa_finalize.c:56
      #15 0x00007f7265fae5b3 in ?? () from /usr/lib/x86_64-linux-gnu/libasan.so.3
      #16 0x00007ffe601ba8f0 in ?? ()
      #17 0x00007f7266f4210a in _dl_fini () at dl-fini.c:235
      Backtrace stopped: frame did not save the PC
       
      ==276650==ERROR: LeakSanitizer: detected memory leaks
      Indirect leak of 1656 byte(s) in 1 object(s) allocated from:
          #0 0x7f7266055ec0 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc6ec0)
      and so on
      

      Attachments

        Issue Links

          Activity

            I cannot repeat this on 10.3 ba95c303e379b9f23289aaaffe18fb5d49ddf4a3.

            I compiled with clang 9.0.0 and WITH_ASAN, and did not get any Sanitizer message in mysql-test/var/log/mysqld.1.err after running the following test:

            --disable_abort_on_error
            --source include/have_innodb.inc
            # No crash with 10.5
            # CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Dynamic ;
            # No crash with 10.5
            # CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compressed ;
            # CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Redundant ;
              CREATE TABLE t1 ( col2 INT, col_varchar VARCHAR(500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compact ;
            ALTER TABLE t1 ADD UNIQUE ( col_varchar, col2 ) ;
            ALTER TABLE t1 ADD COLUMN col_text_copy TEXT ;
            ALTER TABLE t1 ADD PRIMARY KEY ( col2, col_varchar ) ;
            SET GLOBAL innodb_fast_shutdown=0;
            --source include/restart_mysqld.inc
            DROP TABLE t1;
            

            Could you try with a newer compiler? We have witnessed some suspected ASAN bugs in older GCC in the past.

            marko Marko Mäkelä added a comment - I cannot repeat this on 10.3 ba95c303e379b9f23289aaaffe18fb5d49ddf4a3. I compiled with clang 9.0.0 and WITH_ASAN, and did not get any Sanitizer message in mysql-test/var/log/mysqld.1.err after running the following test: --disable_abort_on_error --source include/have_innodb.inc # No crash with 10.5 # CREATE TABLE t1 ( col2 INT , col_varchar VARCHAR (500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Dynamic ; # No crash with 10.5 # CREATE TABLE t1 ( col2 INT , col_varchar VARCHAR (500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compressed ; # CREATE TABLE t1 ( col2 INT , col_varchar VARCHAR (500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Redundant ; CREATE TABLE t1 ( col2 INT , col_varchar VARCHAR (500), col_text TEXT ) ENGINE = InnoDB ROW_FORMAT = Compact ; ALTER TABLE t1 ADD UNIQUE ( col_varchar, col2 ) ; ALTER TABLE t1 ADD COLUMN col_text_copy TEXT ; ALTER TABLE t1 ADD PRIMARY KEY ( col2, col_varchar ) ; SET GLOBAL innodb_fast_shutdown=0; --source include/restart_mysqld.inc DROP TABLE t1; Could you try with a newer compiler? We have witnessed some suspected ASAN bugs in older GCC in the past.

            I missed the page size option:

            ASAN_OPTIONS=abort_on_error=1 ./mtr --mysqld=--innodb-page-size=4k innodb.MDEV-21172
            

            With this invocation, I will get a leak report with an incomplete stack trace:

            10.3 ba95c303e379b9f23289aaaffe18fb5d49ddf4a3

            2019-11-28 19:17:54 0 [Note] /dev/shm/10.3/sql/mysqld: Shutdown complete
             
             
            =================================================================
            ==1844390==ERROR: LeakSanitizer: detected memory leaks
             
            Indirect leak of 2416 byte(s) in 2 object(s) allocated from:
                #0 0x6626ed in malloc (/dev/shm/10.3/sql/mysqld+0x6626ed)
                #1 0x18f3c5f in mem_heap_create_block_func(mem_block_info_t*, unsigned long, char const*, unsigned int, unsigned long) /mariadb/10.3/storage/innobase/mem/mem0mem.cc:280:37
                #2 0x18f43ae in mem_heap_add_block(mem_block_info_t*, unsigned long) /mariadb/10.3/storage/innobase/mem/mem0mem.cc:385:14
             
            Indirect leak of 240 byte(s) in 1 object(s) allocated from:
                #0 0x6626ed in malloc (/dev/shm/10.3/sql/mysqld+0x6626ed)
                #1 0x18f3c5f in mem_heap_create_block_func(mem_block_info_t*, unsigned long, char const*, unsigned int, unsigned long) /mariadb/10.3/storage/innobase/mem/mem0mem.cc:280:37
                #2 0x1f0b899 in mem_heap_create_func(unsigned long, char const*, unsigned int, unsigned long) /mariadb/10.3/storage/innobase/include/mem0mem.ic:393:10
                #3 0x1f0b899 in dict_mem_index_create(dict_table_t*, char const*, unsigned long, unsigned long) /mariadb/10.3/storage/innobase/dict/dict0mem.cc:733:9
             
            SUMMARY: AddressSanitizer: 2656 byte(s) leaked in 3 allocation(s).
            191128 19:17:54 [ERROR] mysqld got signal 6 ;
            

            I am assigning this to kevg, because this leak was introduced with my merge of MDEV-20949 to 10.3.

            marko Marko Mäkelä added a comment - I missed the page size option: ASAN_OPTIONS=abort_on_error=1 ./mtr --mysqld=--innodb-page-size=4k innodb.MDEV-21172 With this invocation, I will get a leak report with an incomplete stack trace: 10.3 ba95c303e379b9f23289aaaffe18fb5d49ddf4a3 2019-11-28 19:17:54 0 [Note] /dev/shm/10.3/sql/mysqld: Shutdown complete     ================================================================= ==1844390==ERROR: LeakSanitizer: detected memory leaks   Indirect leak of 2416 byte(s) in 2 object(s) allocated from: #0 0x6626ed in malloc (/dev/shm/10.3/sql/mysqld+0x6626ed) #1 0x18f3c5f in mem_heap_create_block_func(mem_block_info_t*, unsigned long, char const*, unsigned int, unsigned long) /mariadb/10.3/storage/innobase/mem/mem0mem.cc:280:37 #2 0x18f43ae in mem_heap_add_block(mem_block_info_t*, unsigned long) /mariadb/10.3/storage/innobase/mem/mem0mem.cc:385:14   Indirect leak of 240 byte(s) in 1 object(s) allocated from: #0 0x6626ed in malloc (/dev/shm/10.3/sql/mysqld+0x6626ed) #1 0x18f3c5f in mem_heap_create_block_func(mem_block_info_t*, unsigned long, char const*, unsigned int, unsigned long) /mariadb/10.3/storage/innobase/mem/mem0mem.cc:280:37 #2 0x1f0b899 in mem_heap_create_func(unsigned long, char const*, unsigned int, unsigned long) /mariadb/10.3/storage/innobase/include/mem0mem.ic:393:10 #3 0x1f0b899 in dict_mem_index_create(dict_table_t*, char const*, unsigned long, unsigned long) /mariadb/10.3/storage/innobase/dict/dict0mem.cc:733:9   SUMMARY: AddressSanitizer: 2656 byte(s) leaked in 3 allocation(s). 191128 19:17:54 [ERROR] mysqld got signal 6 ; I am assigning this to kevg , because this leak was introduced with my merge of MDEV-20949 to 10.3.

            In 10.3 we need to manually free index memory after in all place of failures. Patch has no test, because MTR ignores LSAN reports so failure won't be seen.

            kevg Eugene Kosov (Inactive) added a comment - In 10.3 we need to manually free index memory after in all place of failures. Patch has no test, because MTR ignores LSAN reports so failure won't be seen.

            I force-pushed my simplified version of the patch (with test case) to the staging branch.

            marko Marko Mäkelä added a comment - I force-pushed my simplified version of the patch (with test case) to the staging branch.

            People

              marko Marko Mäkelä
              mleich Matthias Leich
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.