[MDEV-23841] Warning: Memory not freed, LeakSanitizer: detected memory leaks in innodb_monitor_validate - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5
Fix Version/s: 10.4.32, 10.5.23, 10.6.16, 10.10.7, 10.11.6, 11.0.4, 11.1.3, 11.2.2
Component/s: Storage Engine - InnoDB, Variables
Labels:
None

Description

--source include/have_innodb.inc

--error ER_WRONG_VALUE_FOR_VAR

SET GLOBAL innodb_monitor_reset_all= '%', innodb_compression_algorithm= foo;

10.5 080522dc ASAN non-debug
2020-09-29 14:20:40 0 [Note] /data/bld/10.5-rel-asan-nightly/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 32

=================================================================
==2843902==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x7f3944b01bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
#1 0x562a14886463 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
#2 0x562a148869f2 in my_strdup /data/src/10.5/mysys/my_malloc.c:231
#3 0x562a13f59d4f in innodb_monitor_validate /data/src/10.5/storage/innobase/handler/ha_innodb.cc:17827
#4 0x562a12e1c242 in sys_var_pluginvar::do_check(THD, set_var) /data/src/10.5/sql/sql_plugin.cc:3546
#5 0x562a12b9e851 in sys_var::check(THD, set_var) /data/src/10.5/sql/set_var.cc:246
#6 0x562a12ba2134 in set_var::check(THD*) /data/src/10.5/sql/set_var.cc:811
#7 0x562a12ba313e in sql_set_variables(THD, List<set_var_base>, bool) /data/src/10.5/sql/set_var.cc:739
#8 0x562a12e11af5 in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5009
#9 0x562a12dd3b1c in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:7994
#10 0x562a12dffce0 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1867
#11 0x562a12e05ac4 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1348
#12 0x562a1319fd2c in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
#13 0x562a131a08ac in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
#14 0x562a13d81648 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
#15 0x7f394497e608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

SUMMARY: AddressSanitizer: 32 byte(s) leaked in 1 allocation(s).

10.5 080522dc ASAN debug
Warning: Memory not freed: 32
Warning: 32 bytes lost at 0x60e000044ad0, allocated by T@0 at 0x55b0b289a69d, mysys/my_malloc.c:88, mysys/my_malloc.c:231, handler/ha_innodb.cc:17827, sql/sql_plugin.cc:3546, sql/set_var.cc:246, sql/set_var.cc:739, sql/sql_parse.cc:5009
Memory lost: 32 bytes in 1 chunks
Warning: 32 bytes lost at 0x60e000044ad0, allocated by T@0 at mysys/my_malloc.c:88, mysys/my_malloc.c:231, handler/ha_innodb.cc:17827, sql/sql_plugin.cc:3546, sql/set_var.cc:246, sql/set_var.cc:811, sql/set_var.cc:739, sql/sql_parse.cc:5009
Memory lost: 32 bytes in 1 chunks

10.2 84261653 Valgrind
Warning: Memory not freed: 16
==2844360== 16 bytes in 1 blocks are definitely lost in loss record 1 of 2
==2844360== at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==2844360== by 0x1180925: my_malloc (my_malloc.c:101)
==2844360== by 0x1181024: my_strdup (my_malloc.c:241)
==2844360== by 0xBBBFAD: innodb_monitor_validate(THD, st_mysql_sys_var, void, st_mysql_value) (ha_innodb.cc:18655)
==2844360== by 0x71F62F: sys_var_pluginvar::do_check(THD, set_var) (sql_plugin.cc:3452)
==2844360== by 0x62BFCC: sys_var::check(THD, set_var) (set_var.cc:248)
==2844360== by 0x62D9D1: set_var::check(THD*) (set_var.cc:789)
==2844360== by 0x62D6B2: sql_set_variables(THD, List<set_var_base>, bool) (set_var.cc:731)
==2844360== by 0x70467D: mysql_execute_command(THD*) (sql_parse.cc:4583)
==2844360== by 0x70E550: mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7733)
==2844360== by 0x6FC85F: dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) (sql_parse.cc:1823)
==2844360== by 0x6FB35A: do_command(THD*) (sql_parse.cc:1377)
==2844360== by 0x85AA12: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
==2844360== by 0x85A777: handle_one_connection (sql_connect.cc:1241)
==2844360== by 0x10CDE41: pfs_spawn_thread (pfs.cc:1869)
==2844360== by 0x4941608: start_thread (pthread_create.c:477)

Reproducible on 10.1-10.5, with different verbosity of the final diagnostics.

Attachments

Activity

Ascending order - Click to sort in descending order

Elena Stepanova added a comment - 2020-09-29 11:30

The bug is not very important in itself, but it would be useful for further testing to understand why LeakSanitizer only reports the leak on a non-debug build with ASAN. Or maybe it will be different on different machines/builds.

Elena Stepanova added a comment - 2020-09-29 11:30 The bug is not very important in itself, but it would be useful for further testing to understand why LeakSanitizer only reports the leak on a non-debug build with ASAN. Or maybe it will be different on different machines/builds.

Marko Mäkelä added a comment - 2022-09-22 15:45

elenst, I have seen in the past that SAFEMALLOC has hidden some leaks from AddressSanitizer. I would recommend cmake -DWITH_SAFEMALLOC=OFF -DWITH_ASAN=ON.

When it comes to this bug, it is obvious when looking at innodb_monitor_validate():

	/* monitor_name could point to memory from MySQL

	or buff[]. Always dup the name to memory allocated

	by InnoDB, so we can access it in another callback

	function innodb_monitor_update() and free it appropriately */

	if (name) {

		monitor_name = my_strdup(PSI_INSTRUMENT_ME,

                                         name, MYF(0));

	} else {

		return(1);

	ret = innodb_monitor_valid_byname(save, monitor_name);

	if (ret) {

		/* Validation failed */

		my_free(monitor_name);

	} else {

		/* monitor_name will be freed in separate callback function

		innodb_monitor_update(). Assert "save" point to

		the "monitor_name" variable */

		ut_ad(*static_cast<char**>(save) == monitor_name);

This logic is bound to fail if a subsequent assignment is flagged invalid.

Marko Mäkelä added a comment - 2022-09-22 15:45 elenst , I have seen in the past that SAFEMALLOC has hidden some leaks from AddressSanitizer. I would recommend cmake -DWITH_SAFEMALLOC=OFF -DWITH_ASAN=ON . When it comes to this bug, it is obvious when looking at innodb_monitor_validate() : /* monitor_name could point to memory from MySQL or buff[]. Always dup the name to memory allocated by InnoDB, so we can access it in another callback function innodb_monitor_update() and free it appropriately */ if (name) { monitor_name = my_strdup(PSI_INSTRUMENT_ME, name, MYF(0)); } else { return (1); } ret = innodb_monitor_valid_byname(save, monitor_name); if (ret) { /* Validation failed */ my_free(monitor_name); } else { /* monitor_name will be freed in separate callback function innodb_monitor_update(). Assert "save" point to the "monitor_name" variable */ ut_ad(* static_cast < char **>(save) == monitor_name); } This logic is bound to fail if a subsequent assignment is flagged invalid.

MariaDB Server

Warning: Memory not freed, LeakSanitizer: detected memory leaks in innodb_monitor_validate

Details

Description

Attachments

Activity

People

Dates

Git Integration