[MDEV-16812] Semisync slave io thread segfaults at STOP-SLAVE handling Created: 2018-07-24  Updated: 2022-02-15  Resolved: 2018-07-26

Status: Closed
Project: MariaDB Server
Component/s: libmariadb, Replication
Fix Version/s: 10.3.9

Type: Task Priority: Critical
Reporter: Andrei Elkin Assignee: Andrei Elkin
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Relates
relates to MDEV-27845 ASAN use-after-poison in mysql_real_... Confirmed

 Description   

When the semisync slave is being stopped with STOP SLAVE just after the master was shut down it attempts to reconnect with the master anyway per a semisync routine.
Instead of an expected error the io-thread segfauls like

#0 0x0000555555ecad06 in mysql_real_connect (mysql=0x7fff9801f2f8, host=0x7fff9801cad0 "127.0.0.1", user=0x7fff9801cd28 "root", passwd=0x7fff98007d38 "", db=0x0, port=10760, unix_socket=0x0, client_flag=0) at client.c:3660
 
#1 0x0000555555dfa604 in Repl_semi_sync_slave::kill_connection (this=0x55555746ef70 <repl_semisync_slave>, mysql=0x7fff9801edd8) at semisync_slave.cc:141
 
#2 0x0000555555dfa50c in Repl_semi_sync_slave::slave_stop (this=0x55555746ef70 <repl_semisync_slave>, mi=0x555558253ed0) at semisync_slave.cc:120
 
#3 0x0000555555b2b7ec in handle_slave_io (arg=0x555558253ed0) at slave.cc:4980

at the stack head function is executing

if (!(client_flag & CLIENT_REMEMBER_OPTIONS) &&
 
!mysql->options.extension->async_context)
 
mysql_close_free_options(mysql);

when mysql->options.extension is NULL.

Apparently not-NULL check for mysql->options.extension is missed and should
be deployed to fix the issue.

 Comments   
Comment by Andrei Elkin [ 2018-07-25 ]

The patch is also available in bb-10.3-andrei MDEV-16812 at top commit.

Comment by Oleksandr Byelkin [ 2018-07-25 ]

OK to push!

Comment by Andrei Elkin [ 2018-07-26 ]

a97c190d95b is pushed to 10.3.

Generated at Thu Feb 08 08:31:44 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.