Bug #93538 Memory access error on corrupted mysql.slave_relay_log_info
Submitted: 10 Dec 2018 8:50 Modified: 10 Dec 2018 19:37
Reporter: Ramesh Sivaraman Email Updates:
Status: Can't repeat Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:8.0.13 OS:Any
Assigned to: MySQL Verification Team CPU Architecture:Any

[10 Dec 2018 8:50] Ramesh Sivaraman 
Description:
Memory leak issue with System_table_access::open_table.

Attached valgrind output.

How to repeat:
Testcase
--------

rm -rf /dev/shm/1544200424/
mkdir -p /dev/shm/1544200424/tmp

/qa/binaries/mysql-8.0.13-linux-x86_64-debug/bin/mysqld --no-defaults --initialize-insecure --basedir=/qa/binaries/mysql-8.0.13-linux-x86_64-debug --datadir=/dev/shm/1544200424/data

valgrind --suppressions=/qa/binaries/mysql-8.0.13-linux-x86_64-debug/mysql-test/valgrind.supp --num-callers=40 --show-reachable=yes /qa/binaries/mysql-8.0.13-linux-x86_64-debug/bin/mysqld --no-defaults --basedir=/qa/binaries/mysql-8.0.13-linux-x86_64-debug --datadir=/dev/shm/1544200424/data --port=32094 --tmpdir=/dev/shm/1544200424/tmp --pid-file=/dev/shm/1544200424/pid.pid --core-file --log-error=/dev/shm/1544200424/error.log.out --socket=/dev/shm/1544200424/socket.sock &

SQL

start slave until master_log_file='master-bin.0',master_log_pos=0;
SET @@global.table_open_cache=-0;
ALTER TABLE mysql.slave_relay_log_info DROP COLUMN Number_of_workers;

Shutdown the server and analyze the error log.
[10 Dec 2018 8:52] Ramesh Sivaraman 
Valgrind output.

Attachment: valgrind_error.log (application/octet-stream, text), 14.28 KiB.
[10 Dec 2018 10:37] Ramesh Sivaraman 
changed synopsis
[10 Dec 2018 19:37] MySQL Verification Team 
Hi Ramesh,

==8926== HEAP SUMMARY:
==8926==     in use at exit: 72,832 bytes in 3 blocks
==8926==   total heap usage: 393,565 allocs, 393,562 frees, 532,235,602 bytes allocated
==8926==
==8926== LEAK SUMMARY:
==8926==    definitely lost: 0 bytes in 0 blocks
==8926==    indirectly lost: 0 bytes in 0 blocks
==8926==      possibly lost: 0 bytes in 0 blocks
==8926==    still reachable: 0 bytes in 0 blocks
==8926==         suppressed: 72,832 bytes in 3 blocks
==8926==
==8926== For counts of detected and suppressed errors, rerun with: -v
==8926== ERROR SUMMARY: 3 errors from 3 contexts (suppressed: 0 from 0)

I do not see a memory leak here? 

You had 3 read errors that I cannot reproduce. 

==8926== Invalid read of size 8
==8926==    at 0x4150EF1: System_table_access::open_table(THD*, MYSQL_LEX_STRING, MYSQL_LEX_STRING, unsigned int, thr_lock_type, TABLE**, Open_tables_backup*) (rpl_table_access.cc:94)
==8926==    by 0x41BC0F8: Rpl_info_table::do_flush_info(bool) (rpl_info_table.cc:193)
==8926==    by 0x4189A55: Rpl_info_handler::flush_info(bool) (rpl_info_handler.h:97)
==8926==    by 0x4190E0E: Relay_log_info::flush_info(bool) (rpl_rli.cc:1848)
==8926==    by 0x41655E6: terminate_slave_threads(Master_info*, int, unsigned long, bool) (rpl_slave.cc:1571)
==8926==    by 0x4166BB5: end_slave() (rpl_slave.cc:1960)
==8926==  Address 0x44846580 is 32 bytes inside a block of size 2,576 free'd
==8926==    at 0x79E5DBB: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==8926==    by 0x4523871: my_raw_free(void*) (my_malloc.cc:281)
==8926==    by 0x45236FE: my_free(void*) (my_malloc.cc:153)
==8926==    by 0x2F3B71C: intern_close_table(TABLE*) (sql_base.cc:1096)
==8926==  Block was alloc'd at
==8926==    at 0x79E4B8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==8926==    by 0x452374E: my_raw_malloc(unsigned long, int) (my_malloc.cc:199)
==8926==    by 0x45233A6: my_malloc(unsigned int, unsigned long, int) (my_malloc.cc:81)
==8926==    by 0x2F40E92: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:3334)