Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.4(EOL)
-
None
Description
10.4 27f3329ff6cb755b600d5363 |
==24262==ERROR: AddressSanitizer: heap-use-after-free on address 0x60400033f530 at pc 0x5651683ed6ba bp 0x7f825cabf350 sp 0x7f825cabf340
|
READ of size 1 at 0x60400033f530 thread T32
|
#0 0x5651683ed6b9 in my_strcasecmp_utf8 /git/10.4/strings/ctype-utf8.c:5109
|
#1 0x565167139e51 in Item_field::rename_fields_processor(void*) /git/10.4/sql/item.cc:721
|
#2 0x56516679bf61 in Item::walk(bool (Item::*)(void*), bool, void*) /git/10.4/sql/item.h:1722
|
#3 0x565166bfd8f2 in mysql_prepare_alter_table(THD*, TABLE*, HA_CREATE_INFO*, Alter_info*, Alter_table_ctx*) /git/10.4/sql/sql_table.cc:7953
|
#4 0x565166c06693 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /git/10.4/sql/sql_table.cc:9388
|
#5 0x565166d4f509 in Sql_cmd_alter_table::execute(THD*) /git/10.4/sql/sql_alter.cc:497
|
#6 0x5651669fbb1f in mysql_execute_command(THD*) /git/10.4/sql/sql_parse.cc:6289
|
#7 0x565166a0632e in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /git/10.4/sql/sql_parse.cc:8091
|
#8 0x5651669e10ab in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /git/10.4/sql/sql_parse.cc:1851
|
#9 0x5651669de243 in do_command(THD*) /git/10.4/sql/sql_parse.cc:1396
|
#10 0x565166d3f7d8 in do_handle_one_connection(CONNECT*) /git/10.4/sql/sql_connect.cc:1402
|
#11 0x565166d3f1b5 in handle_one_connection /git/10.4/sql/sql_connect.cc:1308
|
#12 0x7f828ba9f6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#13 0x7f828af3441c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
|
0x60400033f530 is located 32 bytes inside of 40-byte region [0x60400033f510,0x60400033f538)
|
freed by thread T32 here:
|
#0 0x7f828c5a32ca in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x982ca)
|
#1 0x565168243a33 in my_free /git/10.4/mysys/my_malloc.c:221
|
#2 0x56516821f793 in free_root /git/10.4/mysys/my_alloc.c:419
|
#3 0x5651669e42b0 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /git/10.4/sql/sql_parse.cc:2441
|
#4 0x5651669de243 in do_command(THD*) /git/10.4/sql/sql_parse.cc:1396
|
#5 0x565166d3f7d8 in do_handle_one_connection(CONNECT*) /git/10.4/sql/sql_connect.cc:1402
|
#6 0x565166d3f1b5 in handle_one_connection /git/10.4/sql/sql_connect.cc:1308
|
#7 0x7f828ba9f6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
|
previously allocated by thread T32 here:
|
#0 0x7f828c5a3602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
|
#1 0x565168242f6a in my_malloc /git/10.4/mysys/my_malloc.c:101
|
#2 0x56516821eea0 in alloc_root /git/10.4/mysys/my_alloc.c:194
|
#3 0x56516822006d in strmake_root /git/10.4/mysys/my_alloc.c:479
|
#4 0x56516681017b in THD::make_lex_string(st_mysql_const_lex_string*, char const*, unsigned long) /git/10.4/sql/sql_class.h:3634
|
#5 0x5651669ae90e in Lex_ident_sys_st::copy_keyword(THD*, Lex_ident_cli_st const*) /git/10.4/sql/sql_lex.cc:8625
|
#6 0x5651669ae959 in Lex_ident_sys_st::copy_or_convert(THD*, Lex_ident_cli_st const*, charset_info_st const*) /git/10.4/sql/sql_lex.cc:8634
|
#7 0x5651668f5cfc in THD::to_ident_sys_alloc(Lex_ident_sys_st*, Lex_ident_cli_st const*) /git/10.4/sql/sql_class.cc:2422
|
#8 0x565166f80a1c in MYSQLparse(THD*) /git/10.4/sql/sql_yacc.yy:15382
|
#9 0x565166a123d2 in parse_sql(THD*, Parser_state*, Object_creation_ctx*, bool) /git/10.4/sql/sql_parse.cc:10108
|
#10 0x565166a05ec4 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /git/10.4/sql/sql_parse.cc:8044
|
#11 0x5651669e10ab in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /git/10.4/sql/sql_parse.cc:1851
|
#12 0x5651669de243 in do_command(THD*) /git/10.4/sql/sql_parse.cc:1396
|
#13 0x565166d3f7d8 in do_handle_one_connection(CONNECT*) /git/10.4/sql/sql_connect.cc:1402
|
#14 0x565166d3f1b5 in handle_one_connection /git/10.4/sql/sql_connect.cc:1308
|
#15 0x7f828ba9f6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
|
Thread T32 created by T0 here:
|
#0 0x7f828c541253 in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x36253)
|
#1 0x5651682a55c3 in spawn_thread_noop /git/10.4/mysys/psi_noop.c:187
|
#2 0x56516674cfb4 in inline_mysql_thread_create /git/10.4/include/mysql/psi/mysql_thread.h:1268
|
#3 0x5651667627c4 in create_thread_to_handle_connection(CONNECT*) /git/10.4/sql/mysqld.cc:6330
|
#4 0x565166762ec4 in create_new_thread(CONNECT*) /git/10.4/sql/mysqld.cc:6400
|
#5 0x56516676324f in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /git/10.4/sql/mysqld.cc:6517
|
#6 0x565166763ecc in handle_connections_sockets() /git/10.4/sql/mysqld.cc:6682
|
#7 0x565166761c89 in mysqld_main(int, char**) /git/10.4/sql/mysqld.cc:5952
|
#8 0x56516674b29f in main /git/10.4/sql/main.cc:25
|
#9 0x7f828ae4d82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
perl ./runall-new.pl --no-mask --seed=1543230130 --duration=400 --queries=100M --reporters=Backtrace,ErrorLog,Deadlock --validators=TransformerNoComparator --transformers=ConvertSubqueriesToViews,ConvertTablesToDerived,Count,DisableIndexes,DisableOptimizations,Distinct,EnableOptimizations,ExecuteAsCTE,ExecuteAsDeleteReturning,ExecuteAsDerived,ExecuteAsExcept,ExecuteAsExecuteImmediate,ExecuteAsInsertSelect,ExecuteAsIntersect,ExecuteAsSelectItem,ExecuteAsUnion,ExecuteAsUpdateDelete,ExecuteAsView,ExecuteAsWhereSubquery,Having,InlineSubqueries,InlineVirtualColumns,LimitRowsExamined,OrderBy,StraightJoin,ExecuteAsPreparedTwice,ExecuteAsTrigger,ExecuteAsSPTwice,ExecuteAsFunctionTwice --mysqld=--log_output=FILE --querytimeout=30 --vcols --threads=1 --grammar=conf/mariadb/instant_add.yy --gendata=conf/optimizer/blobs.zz --engine=MyIsam --mtr-build-thread=304 --basedir1=/git/10.4 --vardir1=/1
|
Attachments
Issue Links
- relates to
-
MDEV-18154 Deadlock and assertion upon no-op ALTER under LOCK TABLES
- Closed