UseAfterFree in ScanActor #15393

Hor911 · 2025-03-06T08:18:58Z

Alloc

    #0 0x1a9cc52d in operator new(unsigned long) /-S/contrib/libs/clang18-rt/lib/asan/asan_new_delete.cpp:86:3
    #1 0x3e21c0c3 in __libcpp_operator_new<unsigned long> /-S/contrib/libs/cxxsupp/libcxx/include/new:265:10
    #2 0x3e21c0c3 in __libcpp_allocate /-S/contrib/libs/cxxsupp/libcxx/include/new:289:10
    #3 0x3e21c0c3 in allocate /-S/contrib/libs/cxxsupp/libcxx/include/__memory/allocator.h:118:32
    #4 0x3e21c0c3 in allocate /-S/contrib/libs/cxxsupp/libcxx/include/__memory/allocator_traits.h:281:16
    #5 0x3e21c0c3 in std::__y1::unique_ptr<std::__y1::__tree_node<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, void*>, std::__y1::__tree_node_destructor<std::__y1::allocator<std::__y1::__tree_node<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, void*>>>> std::__y1::__tree<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, std::__y1::__map_value_compare<unsigned int, std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, TLess<unsigned int>, true>, std::__y1::allocator<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>>>::__construct_node<int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>(int&&, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData&&) /-S/contrib/libs/cxxsupp/libcxx/include/__tree:1812:21
    #6 0x3e21be15 in std::__y1::pair<std::__y1::__tree_iterator<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, std::__y1::__tree_node<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, void*>*, long>, bool> std::__y1::__tree<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, std::__y1::__map_value_compare<unsigned int, std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>, TLess<unsigned int>, true>, std::__y1::allocator<std::__y1::__value_type<unsigned int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>>>::__emplace_unique_impl<int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData>(int&&, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData&&) /-S/contrib/libs/cxxsupp/libcxx/include/__tree:1822:23
    #7 0x3e1b0378 in __emplace_unique<int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData> /-S/contrib/libs/cxxsupp/libcxx/include/__tree:1044:12
    #8 0x3e1b0378 in emplace<int, NKikimr::NMiniKQL::TKqpScanComputeContext::TScanData> /-S/contrib/libs/cxxsupp/libcxx/include/map:1166:20
    #9 0x3e1b0378 in NKikimr::NMiniKQL::TKqpScanComputeContext::AddTableScan(unsigned int, NKikimrTxDataShard::TKqpTransaction_TScanTaskMeta const&, NYql::NDqProto::EDqStatsMode) /-S/ydb/core/kqp/runtime/kqp_scan_data.cpp:732:25
    #10 0x3fd5d2a1 in NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor::DoBootstrap() /-S/ydb/core/kqp/compute_actor/kqp_scan_compute_actor.cpp:276:16
    #11 0x3fda2b88 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::Bootstrap() /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:162:43
    #12 0x3fda182e in NActors::TActorBootstrapped<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor>::StateBootstrap(TAutoPtr<NActors::IEventHandle, TDelete>&) /-S/ydb/library/actors/core/actor_bootstrapped.h:26:22

Free

    #0 0x1a9ccd8d in operator delete(void*) /-S/contrib/libs/clang18-rt/lib/asan/asan_new_delete.cpp:143:3
    #1 0x3fd61c93 in clear /-S/contrib/libs/cxxsupp/libcxx/include/__tree:1572:3
    #2 0x3fd61c93 in clear /-S/contrib/libs/cxxsupp/libcxx/include/map:1314:58
    #3 0x3fd61c93 in Clear /-S/ydb/core/kqp/runtime/kqp_scan_data.h:407:15
    #4 0x3fd61c93 in NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor::PassAway() /-S/ydb/core/kqp/compute_actor/kqp_scan_compute_actor.h:133:28
    #5 0x3fd99457 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::Terminate(bool, NYql::TIssues const&) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:578:15
    #6 0x3fd985a3 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::Terminate(bool, TBasicString<char, std::__y1::char_traits<char>> const&) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:583:9
    #7 0x3fd53f4f in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::ReportStateAndMaybeDie(NYql::NDqProto::StatusIds_StatusCode, NYql::TIssues const&, bool) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:653:9
    #8 0x3fd64ab3 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::CheckRunStatus() /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:509:21
    #9 0x3fd83150 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::ProcessOutputsImpl(NYql::NDq::ERunStatus) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:434:9
    #10 0x3fd77a89 in NYql::NDq::TDqSyncComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor>::DoExecuteImpl() /-S/ydb/library/yql/dq/actors/compute/dq_sync_compute_actor_base.h:46:16
    #11 0x3fd62957 in NKikimr::NKqp::TSchedulableComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor>::DoExecuteImpl() /-S/ydb/core/kqp/runtime/kqp_compute_scheduler.h:214:31
    #12 0x3fd56f9e in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::DoExecute() /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:355:17
    #13 0x3fd88817 in HandleExecuteBase /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:1062:13
    #14 0x3fd88817 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::BaseStateFuncBody(TAutoPtr<NActors::IEventHandle, TDelete>&) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:302:13
    #15 0x3fd61160 in BaseStateFuncBody /-S/ydb/core/kqp/runtime/kqp_compute_scheduler.h:181:24
    #16 0x3fd61160 in NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor::StateFunc(TAutoPtr<NActors::IEventHandle, TDelete>&) /-S/ydb/core/kqp/compute_actor/kqp_scan_compute_actor.h:84:21

Use

    #0 0x1b2c891c in TIntrusivePtr /-S/util/generic/ptr.h:527:16
    #1 0x1b2c891c in TBasicString /-S/util/generic/string.h:420:11
    #2 0x1b2c891c in CreateString<TBasicString<char, std::__y1::char_traits<char> > > /-S/contrib/libs/protobuf/src/google/protobuf/arenastring.cc:102:24
    #3 0x1b2c891c in void google::protobuf::internal::ArenaStringPtr::Set<>(TBasicString<char, std::__y1::char_traits<char>> const&, google::protobuf::Arena*) /-S/contrib/libs/protobuf/src/google/protobuf/arenastring.cc:150:38
    #4 0x3fd55266 in set_tablepath<const TBasicString<char, std::__y1::char_traits<char> > &> /-B/ydb/library/yql/dq/actors/protos/dq_stats.pb.h:14526:21
    #5 0x3fd55266 in SetTablePath /-B/ydb/library/yql/dq/actors/protos/dq_stats.pb.h:3675:61
    #6 0x3fd55266 in NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor::FillExtraStats(NYql::NDqProto::TDqComputeActorStats*, bool) /-S/ydb/core/kqp/compute_actor/kqp_scan_compute_actor.cpp:98:21
    #7 0x3fd8b383 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::FillStats(NYql::NDqProto::TDqComputeActorStats*, bool) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:1964:39
    #8 0x3fd8a545 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::ReportStats(TInstant, NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::ESendStats) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:1995:9
    #9 0x3fd56fde in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::DoExecute() /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:362:13
    #10 0x3fd88817 in HandleExecuteBase /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:1062:13
    #11 0x3fd88817 in NYql::NDq::TDqComputeActorBase<NKikimr::NKqp::NScanPrivate::TKqpScanComputeActor, NYql::NDq::TComputeActorAsyncInputHelperSync>::BaseStateFuncBody(TAutoPtr<NActors::IEventHandle, TDelete>&) /-S/ydb/library/yql/dq/actors/compute/dq_compute_actor_impl.h:302:13

The text was updated successfully, but these errors were encountered:

Hor911 self-assigned this Mar 6, 2025

Hor911 mentioned this issue Mar 6, 2025

Correct ScanActor termination #15395

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

UseAfterFree in ScanActor #15393

UseAfterFree in ScanActor #15393

Hor911 commented Mar 6, 2025 •

edited

Loading

UseAfterFree in ScanActor #15393

UseAfterFree in ScanActor #15393

Comments

Hor911 commented Mar 6, 2025 • edited Loading

Hor911 commented Mar 6, 2025 •

edited

Loading