Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-18546

ASAN heap-use-after-free in innobase_get_computed_value / row_purge

    XMLWordPrintable

Details

    Description

      10.4 3c305d3f1951f1667f84e48

          #0 0x7f96f940c934 in __asan_memcpy (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x8c934)
          #1 0x55ed26e2b9dc in innobase_get_computed_value(dtuple_t const*, dict_v_col_t const*, dict_index_t const*, mem_block_info_t**, mem_block_info_t*, dict_field_t const*, THD*, TABLE*, unsigned char*, dict_table_t const*, upd_t*, dict_foreign_t*) /10.4/storage/innobase/handler/ha_innodb.cc:20699
          #2 0x55ed27149034 in row_vers_build_clust_v_col /10.4/storage/innobase/row/row0vers.cc:484
          #3 0x55ed2714af9a in row_vers_old_has_index_entry(bool, unsigned char const*, mtr_t*, dict_index_t*, dtuple_t const*, unsigned long, unsigned long, purge_vcol_info_t*) /10.4/storage/innobase/row/row0vers.cc:958
          #4 0x55ed270dfc66 in row_purge_poss_sec(purge_node_t*, dict_index_t*, dtuple_t const*, btr_pcur_t*, mtr_t*, bool) /10.4/storage/innobase/row/row0purge.cc:345
          #5 0x55ed270e0de6 in row_purge_remove_sec_if_poss_leaf /10.4/storage/innobase/row/row0purge.cc:607
          #6 0x55ed270e1406 in row_purge_remove_sec_if_poss /10.4/storage/innobase/row/row0purge.cc:720
          #7 0x55ed270e1872 in row_purge_del_mark /10.4/storage/innobase/row/row0purge.cc:794
          #8 0x55ed270e44fd in row_purge_record_func /10.4/storage/innobase/row/row0purge.cc:1194
          #9 0x55ed270e4c1b in row_purge /10.4/storage/innobase/row/row0purge.cc:1261
          #10 0x55ed270e53e2 in row_purge_step(que_thr_t*) /10.4/storage/innobase/row/row0purge.cc:1347
          #11 0x55ed26ff925c in que_thr_step /10.4/storage/innobase/que/que0que.cc:1042
          #12 0x55ed26ff965b in que_run_threads_low /10.4/storage/innobase/que/que0que.cc:1104
          #13 0x55ed26ff99a2 in que_run_threads(que_thr_t*) /10.4/storage/innobase/que/que0que.cc:1144
          #14 0x55ed27159743 in srv_task_execute /10.4/storage/innobase/srv/srv0srv.cc:2437
          #15 0x55ed2715997d in srv_worker_thread /10.4/storage/innobase/srv/srv0srv.cc:2485
          #16 0x7f96f81a26b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
          #17 0x7f96f743341c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
      

      Attachments

        Issue Links

          Activity

            People

              nikitamalyavin Nikita Malyavin
              alice Alice Sherepa
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.