Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-34772

Overuse of big stackvariables results in stackoverflows

Details

    • Bug
    • Status: Stalled (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.5.26, 10.6.19, 10.11.9, 11.4.3
    • 10.5, 10.6, 10.11, 11.4
    • Backup
    • MariaDB 10.11.8
      Alpine Linux 3.20.2

    Description

      Currently, the code relies on big stack buffers for temporary data.
      This leads to stack overflow crashes.

      In my case, on my system, the stack limit is 8192, whereas below, more is requested.

      Example:

      static bool page_is_corrupted(const byte *page, ulint page_no,
      		 
                        const xb_fil_cur_t *cursor,
      		 
                        const fil_space_t *space)
      		 
      {
      		 
          byte tmp_frame[UNIV_PAGE_SIZE_MAX];
      		 
          byte tmp_page[UNIV_PAGE_SIZE_MAX];

      Perhaps threadlocal static- or heap buffers should be used instead

      Attachments

        Issue Links

          includes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-35022 Fix Overuse of big stackvariables results inside InnoDB & Mariabackup

          • Major - Major loss of function.
          • Open
          is caused by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-12112 corruption in encrypted table may be overlooked

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-18025 Mariabackup fails to detect corrupted page_compressed=1 tables

          • Major - Major loss of function.
          • Closed
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-35669 Alpine: mariadb-backup fails on fresh installation

          • Major - Major loss of function.
          • Open
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-25087 Stack overflow upon exceeding FOREIGN KEY recursion depth

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Open

          Activity

            Ascending order - Click to sort in descending order
            marko Marko Mäkelä added a comment -

            Thank you. In 10.6 this excessive stack usage would actually be flagged at compilation time if PRAGMA_DISABLE_CHECK_STACK_FRAME hadn’t been added to disable this.

            I agree that these buffers could be declared as static thread_local. Based on the debugger output (including some disassembly) that you provided I concluded that this is a stack overflow.

            marko Marko Mäkelä added a comment - Thank you. In 10.6 this excessive stack usage would actually be flagged at compilation time if PRAGMA_DISABLE_CHECK_STACK_FRAME hadn’t been added to disable this. I agree that these buffers could be declared as static thread_local . Based on the debugger output (including some disassembly) that you provided I concluded that this is a stack overflow.
            thiru Thirunarayanan Balathandayuthapani added a comment -

            https://github.com/MariaDB/server/pull/3470

            thiru Thirunarayanan Balathandayuthapani added a comment - https://github.com/MariaDB/server/pull/3470
            marko Marko Mäkelä added a comment -

            It would seem to me that using thread_local is not a real solution, because pthread_create() could allocate a contiguous area of virtual memory that comprises both the thread local storage (TLS) and the stack. Adding thread_local qualifiers to some local variables that were previously dynamically allocated from the stack would seem to significantly increase the size of the TLS.

            marko Marko Mäkelä added a comment - It would seem to me that using thread_local is not a real solution, because pthread_create() could allocate a contiguous area of virtual memory that comprises both the thread local storage (TLS) and the stack. Adding thread_local qualifiers to some local variables that were previously dynamically allocated from the stack would seem to significantly increase the size of the TLS.

            People

              thiru Thirunarayanan Balathandayuthapani
              jbau32 Johannes Baumgarten
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.