Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31907

Memory leak in sp_rcontext::sp_rcontext upon declaring variable of row type

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.4(EOL), 10.5, 10.6, 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL), 11.1(EOL)
    • 10.5, 10.6, 10.11
    • Stored routines
    • None

    Description

      Test cases below are for reproducing purposes only, please don't add any of them to the regression suite! Create a deterministic one instead.

      --source include/have_innodb.inc
       
      CREATE TABLE t1 (id INT PRIMARY KEY, a INT) ENGINE=InnoDB;
      --let $threads=4
      --system sh -c "$MYSQL_SLAP -uroot --create-schema=test --port=$MASTER_MYPORT --protocol=tcp --concurrency=16 --query='BEGIN NOT ATOMIC DECLARE r ROW TYPE OF test.t1; END' --number-of-queries=800000 &"
      --sleep 1
      --source include/restart_mysqld.inc
      

      10.4 b54e4bf0

      Warning: Memory not freed: 1088
       
      =================================================================
      ==3336920==ERROR: LeakSanitizer: detected memory leaks
       
      Direct leak of 544 byte(s) in 4 object(s) allocated from:
          #0 0x7f9f7feb89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
          #1 0x55ee928ea2ca in my_malloc /data/src/10.4/mysys/my_malloc.c:101
          #2 0x55ee928742af in init_dynamic_array2 /data/src/10.4/mysys/array.c:70
          #3 0x55ee90b31c1e in Dynamic_array<sp_rcontext::Handler_call_frame*>::init(unsigned int, unsigned int) /data/src/10.4/sql/sql_array.h:126
          #4 0x55ee90b313a5 in Dynamic_array<sp_rcontext::Handler_call_frame*>::Dynamic_array(unsigned int, unsigned int) /data/src/10.4/sql/sql_array.h:114
          #5 0x55ee90b24201 in sp_rcontext::sp_rcontext(sp_head const*, sp_pcontext const*, Field*, bool) /data/src/10.4/sql/sp_rcontext.cc:77
          #6 0x55ee90b243df in sp_rcontext::create(THD*, sp_head const*, sp_pcontext const*, Field*, Row_definition_list&) /data/src/10.4/sql/sp_rcontext.cc:101
          #7 0x55ee90af7767 in sp_head::rcontext_create(THD*, Field*, Row_definition_list*, bool) /data/src/10.4/sql/sp_head.cc:1699
          #8 0x55ee90af79c2 in sp_head::rcontext_create(THD*, Field*, List<Item>*) /data/src/10.4/sql/sp_head.cc:1716
          #9 0x55ee90afa3fb in sp_head::execute_procedure(THD*, List<Item>*) /data/src/10.4/sql/sp_head.cc:2194
          #10 0x55ee90d3cc90 in do_execute_sp /data/src/10.4/sql/sql_parse.cc:3062
          #11 0x55ee90d5139f in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:5825
          #12 0x55ee90d5f6ae in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:8010
          #13 0x55ee90d35979 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1857
          #14 0x55ee90d324e8 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1378
          #15 0x55ee91131a47 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1420
          #16 0x55ee9113135e in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1324
          #17 0x55ee91da0dd3 in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869
          #18 0x7f9f7f887fd3 in start_thread nptl/pthread_create.c:442
       
      Direct leak of 544 byte(s) in 4 object(s) allocated from:
          #0 0x7f9f7feb89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
          #1 0x55ee928ea2ca in my_malloc /data/src/10.4/mysys/my_malloc.c:101
          #2 0x55ee928742af in init_dynamic_array2 /data/src/10.4/mysys/array.c:70
          #3 0x55ee90b31be2 in Dynamic_array<sp_instr_hpush_jump*>::init(unsigned int, unsigned int) /data/src/10.4/sql/sql_array.h:126
          #4 0x55ee90b3135f in Dynamic_array<sp_instr_hpush_jump*>::Dynamic_array(unsigned int, unsigned int) /data/src/10.4/sql/sql_array.h:114
          #5 0x55ee90b241e7 in sp_rcontext::sp_rcontext(sp_head const*, sp_pcontext const*, Field*, bool) /data/src/10.4/sql/sp_rcontext.cc:77
          #6 0x55ee90b243df in sp_rcontext::create(THD*, sp_head const*, sp_pcontext const*, Field*, Row_definition_list&) /data/src/10.4/sql/sp_rcontext.cc:101
          #7 0x55ee90af7767 in sp_head::rcontext_create(THD*, Field*, Row_definition_list*, bool) /data/src/10.4/sql/sp_head.cc:1699
          #8 0x55ee90af79c2 in sp_head::rcontext_create(THD*, Field*, List<Item>*) /data/src/10.4/sql/sp_head.cc:1716
          #9 0x55ee90afa3fb in sp_head::execute_procedure(THD*, List<Item>*) /data/src/10.4/sql/sp_head.cc:2194
          #10 0x55ee90d3cc90 in do_execute_sp /data/src/10.4/sql/sql_parse.cc:3062
          #11 0x55ee90d5139f in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:5825
          #12 0x55ee90d5f6ae in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:8010
          #13 0x55ee90d35979 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1857
          #14 0x55ee90d324e8 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1378
          #15 0x55ee91131a47 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1420
          #16 0x55ee9113135e in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1324
          #17 0x55ee91da0dd3 in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869
          #18 0x7f9f7f887fd3 in start_thread nptl/pthread_create.c:442
       
      SUMMARY: AddressSanitizer: 1088 byte(s) leaked in 8 allocation(s).
      

      On 10.5+ it is reproduced more easily, usually this is enough, although the test case above is more reliable

      --source include/have_innodb.inc
       
      CREATE TABLE t1 (id INT PRIMARY KEY, a INT) ENGINE=InnoDB;
       
      --connect (con1,localhost,root,,)
      --send BEGIN NOT ATOMIC DECLARE r ROW TYPE OF t1; END
       
      --connection default
      --source include/restart_mysqld.inc
       
      # Cleanup
      DROP TABLE t1;
      

      Attachments

        Activity

          People

            bar Alexander Barkov
            elenst Elena Stepanova
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.