This repository has been archived by the owner on Jul 26, 2022. It is now read-only.
ASAN failure #61
Assignees
Comments
maykov
added a commit
that referenced
this issue
Apr 30, 2015
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. #61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
maykov
added a commit
that referenced
this issue
Aug 27, 2015
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. #61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
maykov
added a commit
to facebook/mysql-5.6
that referenced
this issue
Sep 14, 2015
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
jtolmer
pushed a commit
to facebook/mysql-5.6
that referenced
this issue
Jan 5, 2016
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
george-lorch
pushed a commit
to george-lorch/percona-server
that referenced
this issue
May 7, 2016
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB/mysql-5.6#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
george-lorch
pushed a commit
to george-lorch/percona-server
that referenced
this issue
May 9, 2016
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB/mysql-5.6#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
hermanlee
pushed a commit
to facebook/mysql-5.6
that referenced
this issue
Jan 31, 2017
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
VitaliyLi
pushed a commit
to VitaliyLi/mysql-5.6
that referenced
this issue
Feb 9, 2017
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
gunnarku
pushed a commit
to facebook/mysql-8.0
that referenced
this issue
Jul 21, 2017
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB/mysql-5.6#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
gunnarku
pushed a commit
to facebook/mysql-8.0
that referenced
this issue
Jul 25, 2017
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB/mysql-5.6#61 Test Plan: ran perfschema.bad_option_4 test in perfschema, asan configuration, it passed Reviewers: yoshinorim, hermanlee4 Reviewed By: hermanlee4 Differential Revision: https://reviews.facebook.net/D37797
facebook-github-bot
pushed a commit
to facebook/mysql-5.6
that referenced
this issue
Dec 23, 2019
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: 71eff98
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Aug 12, 2020
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: 71eff98
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Sep 9, 2020
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: 71eff98
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Sep 16, 2020
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: 71eff98
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Oct 5, 2020
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: 71eff98
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Nov 11, 2020
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: 71eff98
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Mar 11, 2021
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: c1032bb4650
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Aug 16, 2021
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: c1032bb4650
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Aug 30, 2021
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: c1032bb4650
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Sep 1, 2021
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: c1032bb4650
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Sep 2, 2021
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797 fbshipit-source-id: c1032bb4650
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Jan 17, 2022
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797
ldonoso
pushed a commit
to ldonoso/percona-server
that referenced
this issue
Mar 15, 2022
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB/mysql-5.6#61 Differential Revision: https://reviews.facebook.net/D37797
inikep
pushed a commit
to inikep/mysql-5.6
that referenced
this issue
Apr 26, 2022
Summary: As I discovered using ASAN and perfschema.bad_option_4 test, in case when mysqld aborts, the rocksdb_done function is called before the background_thread had a chance to start. The background_thread accesses data which has been deleted by the done function. This diff provides a more correct check for whether the background function should be aborted. MySQLOnRocksDB#61 Differential Revision: https://reviews.facebook.net/D37797
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
==822389== ERROR: AddressSanitizer: heap-use-after-free on address 0x601a0000b300 at pc 0x193f58e bp 0x7f37cd573510 sp 0x7f37cd573508
READ of size 4 at 0x601a0000b300 thread T24
#0 0x193f58d in ZN12RDBSE_KEYDEFC1ERKS /data/users/maykov/mysql/5.6/storage/rocksdb/rdb_datadic.cc:121
#1 0x1943bf6 in _ZN17Table_ddl_manager4findEj /data/users/maykov/mysql/5.6/storage/rocksdb/rdb_datadic.cc:1322
#2 0x192173d in _Z23compute_optimizer_statsv /data/users/maykov/mysql/5.6/storage/rocksdb/ha_rocksdb.cc:4820
#3 0x19245bb in _Z17background_threadPv /data/users/maykov/mysql/5.6/storage/rocksdb/ha_rocksdb.cc:5289
#4 0x7f37ea58f1e8 in _ZN6__asan10AsanThread11ThreadStartEv ??:0
#5 0x7f37e9f09fa7 in start_thread ??:0
#6 0x7f37e828d5bc in __clone /home/engshare/third-party2/glibc/2.17/src/glibc-2.17/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:113
0x601a0000b300 is located 0 bytes inside of 136-byte region [0x601a0000b300,0x601a0000b388)
freed by thread T0 here:
#0 0x7f37ea58613a in _ZdlPv ??:0
#1 0x193faaa in ~RDBSE_TABLE_DEF /data/users/maykov/mysql/5.6/storage/rocksdb/rdb_datadic.h:470
#2 0x113d78b in my_hash_free_elements /data/users/maykov/mysql/5.6/mysys/hash.c:134
#3 0x1944a26 in _ZN17Table_ddl_manager7cleanupEv /data/users/maykov/mysql/5.6/storage/rocksdb/rdb_datadic.cc:1477
#4 0x190adfc in _ZL17rocksdb_done_funcPv /data/users/maykov/mysql/5.6/storage/rocksdb/ha_rocksdb.cc:1722
#5 0x615fdb in _Z22ha_finalize_handlertonP13st_plugin_int /data/users/maykov/mysql/5.6/sql/handler.cc:627
#6 0xaeda2d in plugin_deinitialize /data/users/maykov/mysql/5.6/sql/sql_plugin.cc:944
#7 0xaf2364 in _Z15plugin_shutdownv /data/users/maykov/mysql/5.6/sql/sql_plugin.cc:1725
#8 0x5ea8a7 in _ZL8clean_upb.part.181 /data/users/maykov/mysql/5.6/sql/mysqld.cc:2031
#9 0x5ef3d9 in clean_up /data/users/maykov/mysql/5.6/sql/mysqld.cc:1903
#10 0x5f0f09 in _ZL22init_server_componentsv /data/users/maykov/mysql/5.6/sql/mysqld.cc:5497
#11 0x5f9986 in _Z11mysqld_mainiPPc /data/users/maykov/mysql/5.6/sql/mysqld.cc:6246
#12 0x7f37e81abefe in __libc_start_main ??:0
#13 0x5d98e8 in _start /home/engshare/third-party2/glibc/2.17/src/glibc-2.17/csu/../sysdeps/x86_64/start.S:123
previously allocated by thread T0 here:
#0 0x7f37ea585f7a in _Znwm ??:0
#1 0x194ad04 in _ZN17Table_ddl_manager4initEP12Dict_managerP21Column_family_manager /data/users/maykov/mysql/5.6/storage/rocksdb/rdb_datadic.cc:1275
#2 0x191e0e4 in _ZL17rocksdb_init_funcPv /data/users/maykov/mysql/5.6/storage/rocksdb/ha_rocksdb.cc:1660
#3 0x6161a9 in _Z24ha_initialize_handlertonP13st_plugin_int /data/users/maykov/mysql/5.6/sql/handler.cc:673
#4 0xade8ac in _ZL17plugin_initializeP13st_plugin_int /data/users/maykov/mysql/5.6/sql/sql_plugin.cc:1137
#5 0xaf599b in _Z11plugin_initPiPPci /data/users/maykov/mysql/5.6/sql/sql_plugin.cc:1431
#6 0x5efec1 in _ZL22init_server_componentsv /data/users/maykov/mysql/5.6/sql/mysqld.cc:5474
#7 0x5f9986 in _Z11mysqld_mainiPPc /data/users/maykov/mysql/5.6/sql/mysqld.cc:6246
#8 0x7f37e81abefe in __libc_start_main ??:0
#9 0x5d98e8 in _start /home/engshare/third-party2/glibc/2.17/src/glibc-2.17/csu/../sysdeps/x86_64/start.S:123
Thread T24 created by T0 here:
#0 0x7f37ea57f21b in pthread_create asan_rtl
#1 0x191e14c in inline_mysql_thread_create /data/users/maykov/mysql/5.6/include/mysql/psi/mysql_thread.h:1252
#2 0x6161a9 in _Z24ha_initialize_handlertonP13st_plugin_int /data/users/maykov/mysql/5.6/sql/handler.cc:673
#3 0xade8ac in _ZL17plugin_initializeP13st_plugin_int /data/users/maykov/mysql/5.6/sql/sql_plugin.cc:1137
#4 0xaf599b in _Z11plugin_initPiPPci /data/users/maykov/mysql/5.6/sql/sql_plugin.cc:1431
#5 0x5efec1 in _ZL22init_server_componentsv /data/users/maykov/mysql/5.6/sql/mysqld.cc:5474
#6 0x5f9986 in _Z11mysqld_mainiPPc /data/users/maykov/mysql/5.6/sql/mysqld.cc:6246
#7 0x7f37e81abefe in __libc_start_main ??:0
#8 0x5d98e8 in _start /home/engshare/third-party2/glibc/2.17/src/glibc-2.17/csu/../sysdeps/x86_64/start.S:123
Shadow bytes around the buggy address:
0x0c03bfff9610: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c03bfff9620: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c03bfff9630: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c03bfff9640: fa fa fa fa fa fa fd fd fd fd fd fd fd fd fd fd
0x0c03bfff9650: fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa
=>0x0c03bfff9660:[fd]fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c03bfff9670: fd fa fa fa fa fa fa fa fa fa fd fd fd fd fd fd
0x0c03bfff9680: fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa
0x0c03bfff9690: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
0x0c03bfff96a0: fd fd fd fd fd fa fa fa fa fa fa fa fa fa fd fd
0x0c03bfff96b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap righ redzone: fb
Freed Heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
ASan internal: fe
==822389== ABORTING
The text was updated successfully, but these errors were encountered: