Problem found during RQG testing.
|
Thread1:
|
CREATE TABLE IF NOT EXISTS t1 ( col1 INT, col2 INT, col_int INTEGER, col_int_g INTEGER GENERATED ALWAYS AS (col_int) VIRTUAL ) ENGINE = InnoDB ROW_FORMAT = Dynamic ;
|
...
|
XA BEGIN 'xid1';
|
followed by looping with
|
UPDATE t1 SET col1_copy = col1 ;
|
ALTER TABLE t1 CHANGE COLUMN IF EXISTS col1_copy col1 INT, LOCK = DEFAULT ;
|
|
Thread2:
|
Looping with
|
ALTER TABLE t1 ADD COLUMN col1_copy INT , LOCK = DEFAULT ;
|
ALTER TABLE t1 DROP COLUMN IF EXISTS col1, LOCK = DEFAULT ;
|
|
The statements executed within the loops fail quite often which is IMHO to be expected.
|
But after rather short time comes a
|
==15203==ERROR: AddressSanitizer: heap-use-after-free on address 0x60300003aae0 at pc 0x564ff4abd6df bp 0x7f70c7aceed0 sp 0x7f70c7aceec0
|
READ of size 8 at 0x60300003aae0 thread T29
|
#0 0x564ff4abd6de in std::__cxx11::_List_base<dict_v_idx_t, ut_allocator<dict_v_idx_t, true> >::_M_clear() /usr/include/c++/7/bits/list.tcc:69
|
#1 0x564ff4abbcb3 in std::__cxx11::_List_base<dict_v_idx_t, ut_allocator<dict_v_idx_t, true> >::~_List_base() /usr/include/c++/7/bits/stl_list.h:442
|
#2 0x564ff4aaafcd in std::__cxx11::list<dict_v_idx_t, ut_allocator<dict_v_idx_t, true> >::~list() /usr/include/c++/7/bits/stl_list.h:733
|
#3 0x564ff4aae3f1 in ha_innobase_inplace_ctx::~ha_innobase_inplace_ctx() (/home/mleich/Server/10.4/bld_asan/sql/mysqld+0x20203f1)
|
#4 0x564ff4aae499 in ha_innobase_inplace_ctx::~ha_innobase_inplace_ctx() (/home/mleich/Server/10.4/bld_asan/sql/mysqld+0x2020499)
|
#5 0x564ff3f0a1fa in Alter_inplace_info::~Alter_inplace_info() /home/mleich/Server/10.4/sql/handler.h:2461
|
#6 0x564ff3effa72 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /home/mleich/Server/10.4/sql/sql_table.cc:9868
|
#7 0x564ff406f315 in Sql_cmd_alter_table::execute(THD*) /home/mleich/Server/10.4/sql/sql_alter.cc:490
|
#8 0x564ff3cb8594 in mysql_execute_command(THD*) /home/mleich/Server/10.4/sql/sql_parse.cc:6344
|
#9 0x564ff3cc4194 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/mleich/Server/10.4/sql/sql_parse.cc:8154
|
#10 0x564ff3c98746 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/mleich/Server/10.4/sql/sql_parse.cc:1831
|
#11 0x564ff3c94f61 in do_command(THD*) /home/mleich/Server/10.4/sql/sql_parse.cc:1364
|
#12 0x564ff4057596 in do_handle_one_connection(CONNECT*) /home/mleich/Server/10.4/sql/sql_connect.cc:1398
|
#13 0x564ff4056e51 in handle_one_connection /home/mleich/Server/10.4/sql/sql_connect.cc:1301
|
#14 0x564ff55c1a94 in pfs_spawn_thread /home/mleich/Server/10.4/storage/perfschema/pfs.cc:1862
|
#15 0x7f70de8f77fb in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x77fb)
|
#16 0x7f70ddb2db5e in clone (/lib/x86_64-linux-gnu/libc.so.6+0x114b5e)
|
....
|
|
Observations:
|
1. In case I remove the XA BEGIN 'xid1'; from the actions of Thread1
|
than nothing bad happens.
|
2. In case I rewrite the DDLs to
|
ALTER .... ALGORITHM = COPY
|
than nothing bad happens.
|
|
Bug
Major