Valgrind: free in buf_page_get_gen (Invalid read in buf_flush_batch / buf_flush_list) + free in buf_page_get_gen (Invalid read in buf_flush_page_and_try_neighbors)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Percona Server moved to https://jira.percona.com/projects/PS |
Invalid
|
High
|
Laurynas Biveinis | ||
5.1 |
Fix Released
|
High
|
Laurynas Biveinis | ||
5.5 |
Fix Released
|
High
|
Laurynas Biveinis | ||
5.6 |
Invalid
|
High
|
Laurynas Biveinis |
Bug Description
121125 7:05:01 [Note] /data/ssd/
Version: '5.5.28-
==11657== Thread 16:
==11657== Invalid read of size 8
==11657== at 0x87E0C6: buf_flush_batch (buf0flu.c:1770)
==11657== by 0x87E3FF: buf_flush_list (buf0flu.c:2047)
==11657== by 0x823CC1: srv_master_thread (srv0srv.c:3692)
==11657== by 0x38E260677C: start_thread (pthread_
==11657== by 0x38E16D3C1C: clone (in /lib64/libc-2.5.so)
==11657== Address 0x152e01a8 is 56 bytes inside a block of size 152 free'd
==11657== at 0x4A072BA: free (vg_replace_
==11657== by 0x87446A: buf_page_get_gen (buf0buf.ic:886)
==11657== by 0x85ABD1: btr_free_
==11657== by 0x863723: btr_cur_
==11657== by 0x926276: row_undo_ins (row0uins.c:117)
==11657== by 0x91EC13: row_undo_step (row0undo.c:320)
==11657== by 0x913049: que_run_threads (que0que.c:1257)
==11657== by 0x839CB8: trx_general_
==11657== by 0x8077F0: row_mysql_
==11657== by 0x80892B: row_insert_
==11657== by 0x7EFA89: ha_innobase:
==11657== by 0x69B7E1: handler:
==11657== by 0x5673D0: write_record(THD*, TABLE*, st_copy_info*) (sql_insert.
==11657== by 0x56E463: mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) (sql_insert.cc:956)
==11657== by 0x57EE0B: mysql_execute_
==11657== by 0x583112: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:5811)
==11657==
==11657== Invalid read of size 1
==11657== at 0x87D8FB: buf_flush_
==11657== by 0x87E008: buf_flush_batch (buf0flu.c:1738)
==11657== by 0x87E3FF: buf_flush_list (buf0flu.c:2047)
==11657== by 0x823CC1: srv_master_thread (srv0srv.c:3692)
==11657== by 0x38E260677C: start_thread (pthread_
==11657== by 0x38E16D3C1C: clone (in /lib64/libc-2.5.so)
==11657== Address 0x152e017b is 11 bytes inside a block of size 152 free'd
==11657== at 0x4A072BA: free (vg_replace_
==11657== by 0x87446A: buf_page_get_gen (buf0buf.ic:886)
==11657== by 0x85ABD1: btr_free_
==11657== by 0x863723: btr_cur_
==11657== by 0x926276: row_undo_ins (row0uins.c:117)
==11657== by 0x91EC13: row_undo_step (row0undo.c:320)
==11657== by 0x913049: que_run_threads (que0que.c:1257)
==11657== by 0x839CB8: trx_general_
==11657== by 0x8077F0: row_mysql_
==11657== by 0x80892B: row_insert_
==11657== by 0x7EFA89: ha_innobase:
==11657== by 0x69B7E1: handler:
==11657== by 0x5673D0: write_record(THD*, TABLE*, st_copy_info*) (sql_insert.
==11657== by 0x56E463: mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) (sql_insert.cc:956)
==11657== by 0x57EE0B: mysql_execute_
==11657== by 0x583112: mysql_parse(THD*, char*, unsigned int, Parser_state*) (sql_parse.cc:5811)
==11657==
==11657== Invalid read of size 1
[...]
[........ numerous occurrences of Invalid read of size 1 or 4 or 8 in buf_flush_
[...]
==11657==
==11657== HEAP SUMMARY:
==11657== in use at exit: 1,560 bytes in 5 blocks
==11657== total heap usage: 3,162,238 allocs, 3,162,233 frees, 32,397,098,285 bytes allocated
==11657==
==11657== LEAK SUMMARY:
==11657== definitely lost: 0 bytes in 0 blocks
==11657== indirectly lost: 0 bytes in 0 blocks
==11657== possibly lost: 0 bytes in 0 blocks
==11657== still reachable: 0 bytes in 0 blocks
==11657== suppressed: 1,560 bytes in 5 blocks
==11657==
==11657== For counts of detected and suppressed errors, rerun with: -v
==11657== ERROR SUMMARY: 12 errors from 12 contexts (suppressed: 4 from 4)
Related branches
- Alexey Kopytov (community): Needs Resubmitting
- Laurynas Biveinis: Pending requested
-
Diff: 237 lines (+63/-6)5 files modifiedPercona-Server/storage/innodb_plugin/buf/buf0buf.c (+29/-3)
Percona-Server/storage/innodb_plugin/buf/buf0flu.c (+29/-3)
Percona-Server/storage/innodb_plugin/include/buf0buf.h (+3/-0)
Percona-Server/storage/innodb_plugin/include/sync0sync.h (+1/-0)
Percona-Server/storage/innodb_plugin/sync/sync0sync.c (+1/-0)
- Alexey Kopytov (community): Needs Resubmitting
- Laurynas Biveinis: Pending requested
-
Diff: 297 lines (+75/-11)6 files modifiedPercona-Server/storage/innobase/buf/buf0buf.c (+30/-3)
Percona-Server/storage/innobase/buf/buf0flu.c (+36/-8)
Percona-Server/storage/innobase/handler/ha_innodb.cc (+2/-0)
Percona-Server/storage/innobase/include/buf0buf.h (+4/-0)
Percona-Server/storage/innobase/include/sync0sync.h (+2/-0)
Percona-Server/storage/innobase/sync/sync0sync.c (+1/-0)
- Laurynas Biveinis (community): Approve
- Alexey Kopytov (community): Approve
- George Ormond Lorch III (community): Approve (g2)
-
Diff: 515 lines (+102/-79)6 files modifiedPercona-Server/storage/innodb_plugin/buf/buf0buf.c (+24/-18)
Percona-Server/storage/innodb_plugin/buf/buf0flu.c (+56/-47)
Percona-Server/storage/innodb_plugin/buf/buf0lru.c (+11/-7)
Percona-Server/storage/innodb_plugin/include/buf0buf.h (+4/-4)
Percona-Server/storage/innodb_plugin/include/buf0flu.h (+4/-1)
Percona-Server/storage/innodb_plugin/include/buf0lru.h (+3/-2)
- Laurynas Biveinis (community): Approve
- Alexey Kopytov (community): Approve
- George Ormond Lorch III (community): Approve (g2)
-
Diff: 200 lines (+45/-41)2 files modifiedPercona-Server/storage/innobase/buf/buf0buf.c (+10/-5)
Percona-Server/storage/innobase/buf/buf0flu.c (+35/-36)
tags: | added: xtradb |
This bug is a split from bug 1083058