[MDEV-32476] LeakSanitizer errors in get_quick_select or Assertion `status_var.local_memory_used == 0 || !debug_assert_on_not_freed_memory' failed - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Affects Version/s: 10.6
Fix Version/s: 10.6.16, 10.10.7, 10.11.6, 11.0.4, 11.1.3
Component/s: Server
Labels:
- regression

Description

Set to "blocker" because it's a recent regression in a to-be-released GA patch, even though the test case is somewhat artificial.

--source include/have_innodb.inc

CREATE TABLE t (pk INT AUTO_INCREMENT, f INT, PRIMARY KEY (pk), KEY(f)) ENGINE=InnoDB;

INSERT INTO t VALUES (1,10),(2,20);

--error ER_TRUNCATED_WRONG_VALUE

INSERT INTO t (f) SELECT t1.f FROM t t1, t t2 WHERE t1.f = 10 AND t2.pk > 'foo';

# Cleanup

DROP TABLE t;

10.6 1c554459
==3570623==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 328 byte(s) in 1 object(s) allocated from:
#0 0x7fcc4a4b94c8 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cpp:95
#1 0x563645eba552 in get_quick_select(PARAM, unsigned int, SEL_ARG, unsigned int, unsigned int, st_mem_root*) /data/src/10.6/sql/opt_range.cc:11834
#2 0x563645ee5379 in TRP_RANGE::make_quick(PARAM, bool, st_mem_root) /data/src/10.6/sql/opt_range.cc:2280
#3 0x563645e80d3a in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool, bool) /data/src/10.6/sql/opt_range.cc:3079
#4 0x5636452f9975 in get_quick_record_count /data/src/10.6/sql/sql_select.cc:5135
#5 0x563645300781 in make_join_statistics /data/src/10.6/sql/sql_select.cc:5862
#6 0x5636452de70c in JOIN::optimize_inner() /data/src/10.6/sql/sql_select.cc:2531
#7 0x5636452d764c in JOIN::optimize() /data/src/10.6/sql/sql_select.cc:1868
#8 0x5636452f90b3 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /data/src/10.6/sql/sql_select.cc:5077
#9 0x5636452c8d6f in handle_select(THD, LEX, select_result*, unsigned long) /data/src/10.6/sql/sql_select.cc:559
#10 0x563645221376 in mysql_execute_command(THD*, bool) /data/src/10.6/sql/sql_parse.cc:4731
#11 0x5636452383a8 in mysql_parse(THD, char, unsigned int, Parser_state*) /data/src/10.6/sql/sql_parse.cc:8050
#12 0x56364520e047 in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /data/src/10.6/sql/sql_parse.cc:1896
#13 0x56364520ad7b in do_command(THD*, bool) /data/src/10.6/sql/sql_parse.cc:1409
#14 0x56364567acb1 in do_handle_one_connection(CONNECT*, bool) /data/src/10.6/sql/sql_connect.cc:1416
#15 0x56364567a672 in handle_one_connection /data/src/10.6/sql/sql_connect.cc:1318
#16 0x5636462dc6eb in pfs_spawn_thread /data/src/10.6/storage/perfschema/pfs.cc:2201
#17 0x7fcc49aa7fd3 in start_thread nptl/pthread_create.c:442

Indirect leak of 4080 byte(s) in 1 object(s) allocated from:
#0 0x7fcc4a4b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69
#1 0x563646ee20db in my_malloc /data/src/10.6/mysys/my_malloc.c:91
#2 0x563646ebe8c4 in alloc_root /data/src/10.6/mysys/my_alloc.c:256
#3 0x563644f1e9e9 in Query_arena::alloc(unsigned long) /data/src/10.6/sql/sql_class.h:1251
#4 0x563645e737ed in QUICK_RANGE_SELECT::QUICK_RANGE_SELECT(THD, TABLE, unsigned int, bool, st_mem_root, bool) /data/src/10.6/sql/opt_range.cc:1301
#5 0x563645eba65c in get_quick_select(PARAM, unsigned int, SEL_ARG, unsigned int, unsigned int, st_mem_root*) /data/src/10.6/sql/opt_range.cc:11834
#6 0x563645ee5379 in TRP_RANGE::make_quick(PARAM, bool, st_mem_root) /data/src/10.6/sql/opt_range.cc:2280
#7 0x563645e80d3a in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool, bool) /data/src/10.6/sql/opt_range.cc:3079
#8 0x5636452f9975 in get_quick_record_count /data/src/10.6/sql/sql_select.cc:5135
#9 0x563645300781 in make_join_statistics /data/src/10.6/sql/sql_select.cc:5862
#10 0x5636452de70c in JOIN::optimize_inner() /data/src/10.6/sql/sql_select.cc:2531
#11 0x5636452d764c in JOIN::optimize() /data/src/10.6/sql/sql_select.cc:1868
#12 0x5636452f90b3 in mysql_select(THD, TABLE_LIST, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /data/src/10.6/sql/sql_select.cc:5077
#13 0x5636452c8d6f in handle_select(THD, LEX, select_result*, unsigned long) /data/src/10.6/sql/sql_select.cc:559
#14 0x563645221376 in mysql_execute_command(THD*, bool) /data/src/10.6/sql/sql_parse.cc:4731
#15 0x5636452383a8 in mysql_parse(THD, char, unsigned int, Parser_state*) /data/src/10.6/sql/sql_parse.cc:8050
#16 0x56364520e047 in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /data/src/10.6/sql/sql_parse.cc:1896
#17 0x56364520ad7b in do_command(THD*, bool) /data/src/10.6/sql/sql_parse.cc:1409
#18 0x56364567acb1 in do_handle_one_connection(CONNECT*, bool) /data/src/10.6/sql/sql_connect.cc:1416
#19 0x56364567a672 in handle_one_connection /data/src/10.6/sql/sql_connect.cc:1318
#20 0x5636462dc6eb in pfs_spawn_thread /data/src/10.6/storage/perfschema/pfs.cc:2201
#21 0x7fcc49aa7fd3 in start_thread nptl/pthread_create.c:442

SUMMARY: AddressSanitizer: 4408 byte(s) leaked in 2 allocation(s).

mariadbd: /data/src/10.6/sql/sql_class.cc:1770: virtual THD::~THD(): Assertion `status_var.local_memory_used == 0 || !debug_assert_on_not_freed_memory' failed.

231015 21:28:42 [ERROR] mysqld got signal 6 ;

sql/signal_handler.cc:241(handle_fatal_signal)[0x55751e876fd3]

libc_sigaction.c:0(__restore_rt)[0x7f9d9245af90]

nptl/pthread_kill.c:44(__pthread_kill_implementation)[0x7f9d924a9ccc]

posix/raise.c:27(__GI_raise)[0x7f9d9245aef2]

stdlib/abort.c:81(__GI_abort)[0x7f9d92445472]

intl/loadmsgcat.c:1177(_nl_load_domain)[0x7f9d92445395]

/lib/x86_64-linux-gnu/libc.so.6(+0x34df2)[0x7f9d92453df2]

sql/sql_class.cc:1773(THD::~THD())[0x55751ded6e9b]

sql/sql_class.cc:1776(THD::~THD())[0x55751ded721a]

sql/sql_connect.cc:1359(do_handle_one_connection(CONNECT*, bool))[0x55751e46d258]

sql/sql_connect.cc:1320(handle_one_connection)[0x55751e46c673]

perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55751f0ce6ec]

nptl/pthread_create.c:442(start_thread)[0x7f9d924a7fd4]

x86_64/clone3.S:83(clone3)[0x7f9d925285bc]

Trying to get some variables.

Some pointers may be invalid and cause the dump to abort.

Query (0x0): (null)

Connection ID (thread ID): 7

Status: KILL_CONNECTION

The failure started happening after this commit in 10.6:

commit 9ba8dc1413ff0fac018b5e22cdb5f5a8ff912ab2 (HEAD)

Author: Michael Widenius <monty@mariadb.org>

Date:   Wed Sep 27 17:26:24 2023 +0300

    MDEV-32164 Server crashes in JOIN::cleanup after erroneous query with view

Attachments

Activity

People

Assignee:: Michael Widenius

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2023-10-15 18:31

Updated:: 2023-10-22 13:42

Resolved:: 2023-10-22 13:42

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.