[MDEV-28582] atomic.alter_table_rocksdb reports UBSAN failure on old versions Created: 2022-05-16  Updated: 2022-05-17  Resolved: 2022-05-16

Status: Closed
Project: MariaDB Server
Component/s: Storage Engine - RocksDB
Affects Version/s: 10.6
Fix Version/s: N/A

Type: Bug Priority: Major
Reporter: Sergei Petrunia Assignee: Sergei Petrunia
Resolution: Won't Fix Votes: 0
Labels: None


 Description   

Build the server with BUILD/compile-pentium64-ubsan. Run atomic.alter_table_rocksdb test and observe a complaint like this:

 
 
atomic.alter_table_rocksdb 'innodb'      [ fail ]  Found warnings/errors in server log file!
 
        Test ended at 2022-05-16 16:18:35
 
line
 
/home/psergey/dev-git2/10.6/sql/handler.h:2653:12: runtime error: member call on address 0x7f37c00192b0 which does not point to an object of type 'inplace_alter_handler_ctx'
 
/home/psergey/dev-git2/10.6/sql/handler.h:2653:12: runtime error: member call on address 0x7f83ac0192b0 which does not point to an object of type 'inplace_alter_handler_ctx'
 
^ Found warnings in /optane/dev-git2/10.6/mysql-test/var/log/mysqld.1.err
 
ok



 Comments   
Comment by Sergei Petrunia [ 2022-05-16 ]

Can be narrowed down to a very simple test:

--source include/have_rocksdb.inc
 
create table t1 (a int, b int, key(a)) engine=rocksdb;
 
insert into t1 values (1,1),(2,2);
 
ALTER TABLE t1 DROP INDEX a;
 
 
 
drop table t1;

produces this:

/home/psergey/dev-git2/10.6/sql/handler.h:2658:12: runtime error: member call on address 0x7fc5e0016b90 which does not point to an object of type 'inplace_alter_handler_ctx'
 
0x7fc5e0016b90: note: object is of type 'myrocks::Rdb_inplace_alter_ctx'
 
 c5 7f 00 00  b8 96 5b 1a c6 7f 00 00  50 14 06 e0 c5 7f 00 00  a8 59 20 e0 c5 7f 00 00  48 89 21 e0
 
              ^~~~~~~~~~~~~~~~~~~~~~~
 
              vptr for 'myrocks::Rdb_inplace_alter_ctx'

Comment by Sergei Petrunia [ 2022-05-16 ]

Note that a similar test with InnoDB 

--source include/have_innodb.inc
 
 
 
create table t1 (a int, b int, key(a)) engine=innodb;
 
insert into t1 values (1,1),(2,2);
 
ALTER TABLE t1 DROP INDEX a;
 
 
 
drop table t1;

produces no errors.

Comment by Sergei Petrunia [ 2022-05-16 ]

The complaint doesn't make much sense:

does not point to an object of type 'inplace_alter_handler_ctx'
0x7fc5e0016b90: note: object is of type 'myrocks::Rdb_inplace_alter_ctx'

Well, myrocks::Rdb_inplace_alter_ctx does inherit from inplace_alter_handler_ctx.

The line where the failure happens (handler.h:2658) is:

    delete handler_ctx;

class inplace_alter_handler_ctx does have a virtual destructor.

After having looked at the code closely, I still don't see anything wrong. A bug in UBSAN?

Comment by Sergei Petrunia [ 2022-05-16 ]

Looks like a bug in UBSAN to me.

I can observe the issue on Ubuntu Bionic (gcc 7.5). I can't observe the issue on a newer Ubuntu Impish (gcc 11.2)

Generated at Thu Feb 08 10:01:51 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.