[MDEV-35326] Memory Leak in init_io_cache_ext upon SHUTDOWN - Jira

Roel Van de Paar created issue - 2024-11-03 23:40

Roel Van de Paar made changes - 2024-11-03 23:47

Field	Original Value	New Value
Labels	LSAN Memory_leak	LSAN Memory_leak sporadic

Roel Van de Paar made changes - 2024-11-03 23:48

Description

{code:sql}
INSTALL PLUGIN Spider SONAME 'ha_spider.so';
CREATE TABLE t (c INT) ENGINE=Spider;
CREATE PROCEDURE p() CONTAINS SQL READS SQL DATA SELECT * FROM t INTO OUTFILE 'foo.txt';
CALL p();
SHUTDOWN;
{code}

Leads to:

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Optimized, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1094811==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x561ef72c2087 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd+0x836a087)
    #1 0x561efbbda2b4 in my_malloc /test/11.2_opt_san/mysys/my_malloc.c:93
    #2 0x561efbb76f57 in init_io_cache_ext /test/11.2_opt_san/mysys/mf_iocache.c:248
    #3 0x561efbb7781d in init_io_cache /test/11.2_opt_san/mysys/mf_iocache.c:301
    #4 0x561ef787c5e0 in create_file /test/11.2_opt_san/sql/sql_class.cc:3333
    #5 0x561ef78c66ef in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_class.cc:3355
    #6 0x561ef8002244 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_select.cc:1866
    #7 0x561ef80ac457 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_opt_san/sql/sql_select.cc:5333
    #8 0x561ef80ae550 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_opt_san/sql/sql_select.cc:642
    #9 0x561ef7be3450 in execute_sqlcom_select /test/11.2_opt_san/sql/sql_parse.cc:6177
    #10 0x561ef7c5375f in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:3984
    #11 0x561ef8b2ab3f in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:1050
    #12 0x561ef8b4554a in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_opt_san/sql/sp_instr.cc:296
    #13 0x561ef8b4deab in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_opt_san/sql/sp_instr.cc:475
    #14 0x561ef8b5263d in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:953
    #15 0x561ef761671a in sp_head::execute(THD*, bool) /test/11.2_opt_san/sql/sp_head.cc:1284
    #16 0x561ef76235d0 in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_opt_san/sql/sp_head.cc:2300
    #17 0x561ef7bde90a in do_execute_sp /test/11.2_opt_san/sql/sql_parse.cc:3064
    #18 0x561ef7bffe1a in Sql_cmd_call::execute(THD*) /test/11.2_opt_san/sql/sql_parse.cc:3309
    #19 0x561ef7c428c4 in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:5892
    #20 0x561ef7c64482 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_opt_san/sql/sql_parse.cc:7938
    #21 0x561ef7c760da in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_opt_san/sql/sql_parse.cc:1894
    #22 0x561ef7c86486 in do_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:1407
    #23 0x561ef8659efc in do_handle_one_connection(CONNECT*, bool) /test/11.2_opt_san/sql/sql_connect.cc:1439
    #24 0x561ef865c52c in handle_one_connection /test/11.2_opt_san/sql/sql_connect.cc:1341
    #25 0x154f9e89ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Debug, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1096914==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x5579c7b4fa67 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd+0x88b4a67)
    #1 0x5579cc9baca3 in my_malloc /test/11.2_dbg_san/mysys/my_malloc.c:93
    #2 0x5579cc9618f3 in init_io_cache_ext /test/11.2_dbg_san/mysys/mf_iocache.c:248
    #3 0x5579cc9619a5 in init_io_cache /test/11.2_dbg_san/mysys/mf_iocache.c:301
    #4 0x5579c80f9b2b in create_file /test/11.2_dbg_san/sql/sql_class.cc:3333
    #5 0x5579c8149aa1 in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_class.cc:3355
    #6 0x5579c886cf06 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_select.cc:1866
    #7 0x5579c8913aa3 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_dbg_san/sql/sql_select.cc:5333
    #8 0x5579c89152d4 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_dbg_san/sql/sql_select.cc:642
    #9 0x5579c8468dd9 in execute_sqlcom_select /test/11.2_dbg_san/sql/sql_parse.cc:6177
    #10 0x5579c84cd8fc in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:3984
    #11 0x5579c944707d in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:1050
    #12 0x5579c9465e62 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_dbg_san/sql/sp_instr.cc:296
    #13 0x5579c946e92a in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_dbg_san/sql/sp_instr.cc:475
    #14 0x5579c94730b3 in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:953
    #15 0x5579c7eeceb6 in sp_head::execute(THD*, bool) /test/11.2_dbg_san/sql/sp_head.cc:1284
    #16 0x5579c7ef8c5b in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_dbg_san/sql/sp_head.cc:2300
    #17 0x5579c846a5c1 in do_execute_sp /test/11.2_dbg_san/sql/sql_parse.cc:3064
    #18 0x5579c8488510 in Sql_cmd_call::execute(THD*) /test/11.2_dbg_san/sql/sql_parse.cc:3309
    #19 0x5579c84efb47 in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:5892
    #20 0x5579c84f8351 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_dbg_san/sql/sql_parse.cc:7938
    #21 0x5579c850829b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1894
    #22 0x5579c8516b06 in do_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1407
    #23 0x5579c8f3e791 in do_handle_one_connection(CONNECT*, bool) /test/11.2_dbg_san/sql/sql_connect.cc:1439
    #24 0x5579c8f3fcb3 in handle_one_connection /test/11.2_dbg_san/sql/sql_connect.cc:1341
    #25 0x1514d189ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

Setup:

{noformat}
Compiled with a recent version of GCC (I use GCC 12.3.0) and:
    -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON
Set before execution:
    export ASAN_OPTIONS=quarantine_size_mb=512:atexit=0:detect_invalid_pointer_pairs=3:dump_instruction_bytes=1:abort_on_error=1:allocator_may_return_null=1
{noformat}

Bug confirmed present in:
MariaDB: 10.5.27 (dbg), 10.5.27 (opt), 10.6.20 (dbg), 10.6.20 (opt), 10.11.10 (dbg), 10.11.10 (opt), 11.2.6 (dbg), 11.2.6 (opt), 11.4.4 (dbg), 11.4.4 (opt), 11.6.2 (dbg), 11.6.2 (opt), 11.7.0 (dbg), 11.7.0 (opt)

LSAN|memory leak|mysys/my_malloc.c|__interceptor_malloc|my_malloc|init_io_cache_ext|init_io_cache
LSAN|memory leak|mysys/my_malloc.c|malloc|my_malloc|init_io_cache_ext|init_io_cache

{code:sql}
INSTALL PLUGIN Spider SONAME 'ha_spider.so';
CREATE TABLE t (c INT) ENGINE=Spider;
CREATE PROCEDURE p() CONTAINS SQL READS SQL DATA SELECT * FROM t INTO OUTFILE 'foo.txt';
CALL p();
SHUTDOWN;
{code}

Leads to:

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Optimized, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1094811==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x561ef72c2087 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd+0x836a087)
    #1 0x561efbbda2b4 in my_malloc /test/11.2_opt_san/mysys/my_malloc.c:93
    #2 0x561efbb76f57 in init_io_cache_ext /test/11.2_opt_san/mysys/mf_iocache.c:248
    #3 0x561efbb7781d in init_io_cache /test/11.2_opt_san/mysys/mf_iocache.c:301
    #4 0x561ef787c5e0 in create_file /test/11.2_opt_san/sql/sql_class.cc:3333
    #5 0x561ef78c66ef in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_class.cc:3355
    #6 0x561ef8002244 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_select.cc:1866
    #7 0x561ef80ac457 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_opt_san/sql/sql_select.cc:5333
    #8 0x561ef80ae550 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_opt_san/sql/sql_select.cc:642
    #9 0x561ef7be3450 in execute_sqlcom_select /test/11.2_opt_san/sql/sql_parse.cc:6177
    #10 0x561ef7c5375f in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:3984
    #11 0x561ef8b2ab3f in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:1050
    #12 0x561ef8b4554a in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_opt_san/sql/sp_instr.cc:296
    #13 0x561ef8b4deab in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_opt_san/sql/sp_instr.cc:475
    #14 0x561ef8b5263d in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:953
    #15 0x561ef761671a in sp_head::execute(THD*, bool) /test/11.2_opt_san/sql/sp_head.cc:1284
    #16 0x561ef76235d0 in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_opt_san/sql/sp_head.cc:2300
    #17 0x561ef7bde90a in do_execute_sp /test/11.2_opt_san/sql/sql_parse.cc:3064
    #18 0x561ef7bffe1a in Sql_cmd_call::execute(THD*) /test/11.2_opt_san/sql/sql_parse.cc:3309
    #19 0x561ef7c428c4 in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:5892
    #20 0x561ef7c64482 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_opt_san/sql/sql_parse.cc:7938
    #21 0x561ef7c760da in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_opt_san/sql/sql_parse.cc:1894
    #22 0x561ef7c86486 in do_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:1407
    #23 0x561ef8659efc in do_handle_one_connection(CONNECT*, bool) /test/11.2_opt_san/sql/sql_connect.cc:1439
    #24 0x561ef865c52c in handle_one_connection /test/11.2_opt_san/sql/sql_connect.cc:1341
    #25 0x154f9e89ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Debug, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1096914==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x5579c7b4fa67 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd+0x88b4a67)
    #1 0x5579cc9baca3 in my_malloc /test/11.2_dbg_san/mysys/my_malloc.c:93
    #2 0x5579cc9618f3 in init_io_cache_ext /test/11.2_dbg_san/mysys/mf_iocache.c:248
    #3 0x5579cc9619a5 in init_io_cache /test/11.2_dbg_san/mysys/mf_iocache.c:301
    #4 0x5579c80f9b2b in create_file /test/11.2_dbg_san/sql/sql_class.cc:3333
    #5 0x5579c8149aa1 in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_class.cc:3355
    #6 0x5579c886cf06 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_select.cc:1866
    #7 0x5579c8913aa3 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_dbg_san/sql/sql_select.cc:5333
    #8 0x5579c89152d4 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_dbg_san/sql/sql_select.cc:642
    #9 0x5579c8468dd9 in execute_sqlcom_select /test/11.2_dbg_san/sql/sql_parse.cc:6177
    #10 0x5579c84cd8fc in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:3984
    #11 0x5579c944707d in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:1050
    #12 0x5579c9465e62 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_dbg_san/sql/sp_instr.cc:296
    #13 0x5579c946e92a in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_dbg_san/sql/sp_instr.cc:475
    #14 0x5579c94730b3 in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:953
    #15 0x5579c7eeceb6 in sp_head::execute(THD*, bool) /test/11.2_dbg_san/sql/sp_head.cc:1284
    #16 0x5579c7ef8c5b in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_dbg_san/sql/sp_head.cc:2300
    #17 0x5579c846a5c1 in do_execute_sp /test/11.2_dbg_san/sql/sql_parse.cc:3064
    #18 0x5579c8488510 in Sql_cmd_call::execute(THD*) /test/11.2_dbg_san/sql/sql_parse.cc:3309
    #19 0x5579c84efb47 in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:5892
    #20 0x5579c84f8351 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_dbg_san/sql/sql_parse.cc:7938
    #21 0x5579c850829b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1894
    #22 0x5579c8516b06 in do_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1407
    #23 0x5579c8f3e791 in do_handle_one_connection(CONNECT*, bool) /test/11.2_dbg_san/sql/sql_connect.cc:1439
    #24 0x5579c8f3fcb3 in handle_one_connection /test/11.2_dbg_san/sql/sql_connect.cc:1341
    #25 0x1514d189ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

Setup:

{noformat}
Compiled with a recent version of GCC (I use GCC 12.3.0) and:
    -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON
Set before execution:
    export ASAN_OPTIONS=quarantine_size_mb=512:atexit=0:detect_invalid_pointer_pairs=3:dump_instruction_bytes=1:abort_on_error=1:allocator_may_return_null=1
{noformat}

Bug confirmed present in:
MariaDB: 10.5.27 (dbg), 10.5.27 (opt), 10.6.20 (dbg), 10.6.20 (opt), 10.11.10 (dbg), 10.11.10 (opt), 11.2.6 (dbg), 11.2.6 (opt), 11.4.4 (dbg), 11.4.4 (opt), 11.6.2 (dbg), 11.6.2 (opt), 11.7.0 (dbg), 11.7.0 (opt)

Issue lightly sporadic, especially on 10.6.

Roel Van de Paar made changes - 2024-11-04 01:31

Link

This issue relates to TODO-3120 [ TODO-3120 ]

Roel Van de Paar made changes - 2024-11-04 02:45

Description

{code:sql}
INSTALL PLUGIN Spider SONAME 'ha_spider.so';
CREATE TABLE t (c INT) ENGINE=Spider;
CREATE PROCEDURE p() CONTAINS SQL READS SQL DATA SELECT * FROM t INTO OUTFILE 'foo.txt';
CALL p();
SHUTDOWN;
{code}

Leads to:

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Optimized, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1094811==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x561ef72c2087 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd+0x836a087)
    #1 0x561efbbda2b4 in my_malloc /test/11.2_opt_san/mysys/my_malloc.c:93
    #2 0x561efbb76f57 in init_io_cache_ext /test/11.2_opt_san/mysys/mf_iocache.c:248
    #3 0x561efbb7781d in init_io_cache /test/11.2_opt_san/mysys/mf_iocache.c:301
    #4 0x561ef787c5e0 in create_file /test/11.2_opt_san/sql/sql_class.cc:3333
    #5 0x561ef78c66ef in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_class.cc:3355
    #6 0x561ef8002244 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_select.cc:1866
    #7 0x561ef80ac457 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_opt_san/sql/sql_select.cc:5333
    #8 0x561ef80ae550 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_opt_san/sql/sql_select.cc:642
    #9 0x561ef7be3450 in execute_sqlcom_select /test/11.2_opt_san/sql/sql_parse.cc:6177
    #10 0x561ef7c5375f in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:3984
    #11 0x561ef8b2ab3f in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:1050
    #12 0x561ef8b4554a in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_opt_san/sql/sp_instr.cc:296
    #13 0x561ef8b4deab in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_opt_san/sql/sp_instr.cc:475
    #14 0x561ef8b5263d in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:953
    #15 0x561ef761671a in sp_head::execute(THD*, bool) /test/11.2_opt_san/sql/sp_head.cc:1284
    #16 0x561ef76235d0 in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_opt_san/sql/sp_head.cc:2300
    #17 0x561ef7bde90a in do_execute_sp /test/11.2_opt_san/sql/sql_parse.cc:3064
    #18 0x561ef7bffe1a in Sql_cmd_call::execute(THD*) /test/11.2_opt_san/sql/sql_parse.cc:3309
    #19 0x561ef7c428c4 in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:5892
    #20 0x561ef7c64482 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_opt_san/sql/sql_parse.cc:7938
    #21 0x561ef7c760da in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_opt_san/sql/sql_parse.cc:1894
    #22 0x561ef7c86486 in do_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:1407
    #23 0x561ef8659efc in do_handle_one_connection(CONNECT*, bool) /test/11.2_opt_san/sql/sql_connect.cc:1439
    #24 0x561ef865c52c in handle_one_connection /test/11.2_opt_san/sql/sql_connect.cc:1341
    #25 0x154f9e89ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Debug, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1096914==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x5579c7b4fa67 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd+0x88b4a67)
    #1 0x5579cc9baca3 in my_malloc /test/11.2_dbg_san/mysys/my_malloc.c:93
    #2 0x5579cc9618f3 in init_io_cache_ext /test/11.2_dbg_san/mysys/mf_iocache.c:248
    #3 0x5579cc9619a5 in init_io_cache /test/11.2_dbg_san/mysys/mf_iocache.c:301
    #4 0x5579c80f9b2b in create_file /test/11.2_dbg_san/sql/sql_class.cc:3333
    #5 0x5579c8149aa1 in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_class.cc:3355
    #6 0x5579c886cf06 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_select.cc:1866
    #7 0x5579c8913aa3 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_dbg_san/sql/sql_select.cc:5333
    #8 0x5579c89152d4 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_dbg_san/sql/sql_select.cc:642
    #9 0x5579c8468dd9 in execute_sqlcom_select /test/11.2_dbg_san/sql/sql_parse.cc:6177
    #10 0x5579c84cd8fc in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:3984
    #11 0x5579c944707d in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:1050
    #12 0x5579c9465e62 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_dbg_san/sql/sp_instr.cc:296
    #13 0x5579c946e92a in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_dbg_san/sql/sp_instr.cc:475
    #14 0x5579c94730b3 in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:953
    #15 0x5579c7eeceb6 in sp_head::execute(THD*, bool) /test/11.2_dbg_san/sql/sp_head.cc:1284
    #16 0x5579c7ef8c5b in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_dbg_san/sql/sp_head.cc:2300
    #17 0x5579c846a5c1 in do_execute_sp /test/11.2_dbg_san/sql/sql_parse.cc:3064
    #18 0x5579c8488510 in Sql_cmd_call::execute(THD*) /test/11.2_dbg_san/sql/sql_parse.cc:3309
    #19 0x5579c84efb47 in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:5892
    #20 0x5579c84f8351 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_dbg_san/sql/sql_parse.cc:7938
    #21 0x5579c850829b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1894
    #22 0x5579c8516b06 in do_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1407
    #23 0x5579c8f3e791 in do_handle_one_connection(CONNECT*, bool) /test/11.2_dbg_san/sql/sql_connect.cc:1439
    #24 0x5579c8f3fcb3 in handle_one_connection /test/11.2_dbg_san/sql/sql_connect.cc:1341
    #25 0x1514d189ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

Setup:

{noformat}
Compiled with a recent version of GCC (I use GCC 12.3.0) and:
    -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON
Set before execution:
    export ASAN_OPTIONS=quarantine_size_mb=512:atexit=0:detect_invalid_pointer_pairs=3:dump_instruction_bytes=1:abort_on_error=1:allocator_may_return_null=1
{noformat}

Bug confirmed present in:
MariaDB: 10.5.27 (dbg), 10.5.27 (opt), 10.6.20 (dbg), 10.6.20 (opt), 10.11.10 (dbg), 10.11.10 (opt), 11.2.6 (dbg), 11.2.6 (opt), 11.4.4 (dbg), 11.4.4 (opt), 11.6.2 (dbg), 11.6.2 (opt), 11.7.0 (dbg), 11.7.0 (opt)

Issue lightly sporadic, especially on 10.6.

{code:sql}
INSTALL PLUGIN Spider SONAME 'ha_spider.so';
CREATE TABLE t (c INT) ENGINE=Spider;
CREATE PROCEDURE p() CONTAINS SQL READS SQL DATA SELECT * FROM t INTO OUTFILE 'foo.txt';
CALL p();
SHUTDOWN;
{code}

Leads to:

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Optimized, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1094811==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x561ef72c2087 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-opt/bin/mariadbd+0x836a087)
    #1 0x561efbbda2b4 in my_malloc /test/11.2_opt_san/mysys/my_malloc.c:93
    #2 0x561efbb76f57 in init_io_cache_ext /test/11.2_opt_san/mysys/mf_iocache.c:248
    #3 0x561efbb7781d in init_io_cache /test/11.2_opt_san/mysys/mf_iocache.c:301
    #4 0x561ef787c5e0 in create_file /test/11.2_opt_san/sql/sql_class.cc:3333
    #5 0x561ef78c66ef in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_class.cc:3355
    #6 0x561ef8002244 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_opt_san/sql/sql_select.cc:1866
    #7 0x561ef80ac457 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_opt_san/sql/sql_select.cc:5333
    #8 0x561ef80ae550 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_opt_san/sql/sql_select.cc:642
    #9 0x561ef7be3450 in execute_sqlcom_select /test/11.2_opt_san/sql/sql_parse.cc:6177
    #10 0x561ef7c5375f in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:3984
    #11 0x561ef8b2ab3f in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:1050
    #12 0x561ef8b4554a in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_opt_san/sql/sp_instr.cc:296
    #13 0x561ef8b4deab in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_opt_san/sql/sp_instr.cc:475
    #14 0x561ef8b5263d in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_opt_san/sql/sp_instr.cc:953
    #15 0x561ef761671a in sp_head::execute(THD*, bool) /test/11.2_opt_san/sql/sp_head.cc:1284
    #16 0x561ef76235d0 in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_opt_san/sql/sp_head.cc:2300
    #17 0x561ef7bde90a in do_execute_sp /test/11.2_opt_san/sql/sql_parse.cc:3064
    #18 0x561ef7bffe1a in Sql_cmd_call::execute(THD*) /test/11.2_opt_san/sql/sql_parse.cc:3309
    #19 0x561ef7c428c4 in mysql_execute_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:5892
    #20 0x561ef7c64482 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_opt_san/sql/sql_parse.cc:7938
    #21 0x561ef7c760da in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_opt_san/sql/sql_parse.cc:1894
    #22 0x561ef7c86486 in do_command(THD*, bool) /test/11.2_opt_san/sql/sql_parse.cc:1407
    #23 0x561ef8659efc in do_handle_one_connection(CONNECT*, bool) /test/11.2_opt_san/sql/sql_connect.cc:1439
    #24 0x561ef865c52c in handle_one_connection /test/11.2_opt_san/sql/sql_connect.cc:1341
    #25 0x154f9e89ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

{noformat:title=CS 11.2.6 66b8d32b7514f46b1467d404d3f9ad688bbfeb4f (Debug, UBASAN)}
2024-11-04 10:36:23 0 [Note] /test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd: Shutdown complete

Warning: Memory not freed: 131192

=================================================================
==1096914==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 131096 byte(s) in 1 object(s) allocated from:
    #0 0x5579c7b4fa67 in malloc (/test/UBASAN_MD171024-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd+0x88b4a67)
    #1 0x5579cc9baca3 in my_malloc /test/11.2_dbg_san/mysys/my_malloc.c:93
    #2 0x5579cc9618f3 in init_io_cache_ext /test/11.2_dbg_san/mysys/mf_iocache.c:248
    #3 0x5579cc9619a5 in init_io_cache /test/11.2_dbg_san/mysys/mf_iocache.c:301
    #4 0x5579c80f9b2b in create_file /test/11.2_dbg_san/sql/sql_class.cc:3333
    #5 0x5579c8149aa1 in select_export::prepare(List<Item>&, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_class.cc:3355
    #6 0x5579c886cf06 in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /test/11.2_dbg_san/sql/sql_select.cc:1866
    #7 0x5579c8913aa3 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.2_dbg_san/sql/sql_select.cc:5333
    #8 0x5579c89152d4 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.2_dbg_san/sql/sql_select.cc:642
    #9 0x5579c8468dd9 in execute_sqlcom_select /test/11.2_dbg_san/sql/sql_parse.cc:6177
    #10 0x5579c84cd8fc in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:3984
    #11 0x5579c944707d in sp_instr_stmt::exec_core(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:1050
    #12 0x5579c9465e62 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*, bool) /test/11.2_dbg_san/sql/sp_instr.cc:296
    #13 0x5579c946e92a in sp_lex_keeper::validate_lex_and_exec_core(THD*, unsigned int*, bool, sp_lex_instr*) /test/11.2_dbg_san/sql/sp_instr.cc:475
    #14 0x5579c94730b3 in sp_instr_stmt::execute(THD*, unsigned int*) /test/11.2_dbg_san/sql/sp_instr.cc:953
    #15 0x5579c7eeceb6 in sp_head::execute(THD*, bool) /test/11.2_dbg_san/sql/sp_head.cc:1284
    #16 0x5579c7ef8c5b in sp_head::execute_procedure(THD*, List<Item>*) /test/11.2_dbg_san/sql/sp_head.cc:2300
    #17 0x5579c846a5c1 in do_execute_sp /test/11.2_dbg_san/sql/sql_parse.cc:3064
    #18 0x5579c8488510 in Sql_cmd_call::execute(THD*) /test/11.2_dbg_san/sql/sql_parse.cc:3309
    #19 0x5579c84efb47 in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:5892
    #20 0x5579c84f8351 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_dbg_san/sql/sql_parse.cc:7938
    #21 0x5579c850829b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1894
    #22 0x5579c8516b06 in do_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1407
    #23 0x5579c8f3e791 in do_handle_one_connection(CONNECT*, bool) /test/11.2_dbg_san/sql/sql_connect.cc:1439
    #24 0x5579c8f3fcb3 in handle_one_connection /test/11.2_dbg_san/sql/sql_connect.cc:1341
    #25 0x1514d189ca93 in start_thread nptl/pthread_create.c:447

SUMMARY: AddressSanitizer: 131096 byte(s) leaked in 1 allocation(s).
241104 10:36:25 [ERROR] mysqld got signal 6 ;
{noformat}

Setup:

{noformat}
Compiled with a recent version of GCC (I use GCC 11.4.0) and:
    -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON
Set before execution:
    export ASAN_OPTIONS=quarantine_size_mb=512:atexit=0:detect_invalid_pointer_pairs=3:dump_instruction_bytes=1:abort_on_error=1:allocator_may_return_null=1
{noformat}

Bug confirmed present in:
MariaDB: 10.5.27 (dbg), 10.5.27 (opt), 10.6.20 (dbg), 10.6.20 (opt), 10.11.10 (dbg), 10.11.10 (opt), 11.2.6 (dbg), 11.2.6 (opt), 11.4.4 (dbg), 11.4.4 (opt), 11.6.2 (dbg), 11.6.2 (opt), 11.7.0 (dbg), 11.7.0 (opt)

Issue lightly sporadic, especially on 10.6.

Julien Fritsch made changes - 2024-11-22 14:56

Fix Version/s

11.6(EOL) [ 29515 ]

Julien Fritsch made changes - 2024-11-22 17:06

Fix Version/s

11.2(EOL) [ 28603 ]

Yuchen Pei made changes - 2024-12-16 04:35

Status

Open [ 1 ]

Confirmed [ 10101 ]

Yuchen Pei made changes - 2024-12-16 04:36

Assignee	Yuchen Pei [ JIRAUSER52627 ]	Oleksandr Byelkin [ sanja ]
Status	Confirmed [ 10101 ]	In Review [ 10002 ]

Oleksandr Byelkin made changes - 2025-01-08 13:22

Status

In Review [ 10002 ]

Stalled [ 10000 ]

Oleksandr Byelkin made changes - 2025-01-08 13:33

Status

Stalled [ 10000 ]

In Progress [ 3 ]

Oleksandr Byelkin made changes - 2025-01-08 13:33

Assignee	Oleksandr Byelkin [ sanja ]	Sergei Golubchik [ serg ]
Status	In Progress [ 3 ]	In Review [ 10002 ]

Sergei Golubchik made changes - 2025-01-10 13:45

Attachment

multi_update.diff [ 74452 ]

Sergei Golubchik made changes - 2025-01-10 13:47

Assignee

Sergei Golubchik [ serg ]

Oleksandr Byelkin [ sanja ]

Sergei Golubchik made changes - 2025-01-10 14:38

Status

In Review [ 10002 ]

Stalled [ 10000 ]

Oleksandr Byelkin made changes - 2025-01-10 16:10

Status

Stalled [ 10000 ]

In Progress [ 3 ]

Oleksandr Byelkin made changes - 2025-01-13 09:42

Fix Version/s		10.5.28 [ 29952 ]
Fix Version/s	10.5 [ 23123 ]
Fix Version/s	10.6 [ 24028 ]
Fix Version/s	10.11 [ 27614 ]
Fix Version/s	11.4 [ 29301 ]
Resolution		Fixed [ 1 ]
Status	In Progress [ 3 ]	Closed [ 6 ]

JiraAutomate made changes - 2025-01-13 09:42

Fix Version/s		10.6.21 [ 29953 ]
Fix Version/s		10.11.11 [ 29954 ]
Fix Version/s		11.4.5 [ 29956 ]
Fix Version/s		11.7.2 [ 29914 ]

MariaDB Server

Memory Leak in init_io_cache_ext upon SHUTDOWN

Details

Description

Attachments

Attachments

Activity

People

Dates

Git Integration