[MDEV-21016] ASAN heap-use-after-free in trx_update_mod_tables_timestamp or in mysql_inplace_alter_table upon server shutdown during versioning operation - Jira

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 10.3(EOL), 10.4(EOL)
Fix Version/s: 10.4(EOL)
Component/s: Data Definition - Alter Table, Storage Engine - InnoDB, Versioned Tables
Labels:
- trx-versioning

Description

Note: The test case is for reproducing purposes only. It greps the error log file at the end to detect the ASAN errors. It is due to ~~MDEV-21014~~ (ASAN errors not detected). Don't put it into the regression suite like that, either get ~~MDEV-21014~~ fixed, or replace grep with a smarter indication of the problem.

Note: the test case is non-deterministic. It usually fails for me, but sometimes it may miss the mark. Run with --repeat if it doesn't fail right away.

--source include/have_innodb.inc

CREATE TABLE t1 (

 f01 TIMESTAMP,

 f02 VARBINARY(1000),

 f03 BIT(15),

 f04 DATETIME,

 f05 BLOB,

 f06 YEAR,

 f07 TINYINT,

 f08 DECIMAL(5,2),

 f09 CHAR(125),

 f10 TIME,

 f11 DATE,

 pk INT,

 PRIMARY KEY(pk)

 ) ENGINE=InnoDB ;

INSERT INTO t1 VALUES

 ('2017-10-15 10:40:31','foo',NULL,'1981-06-28 00:00:00','bar',1977,3,0.1,'foobar','07:54:20','2029-06-13',1) ;

--connect (con1,localhost,root,,)

--send

    ALTER TABLE t1 ADD COLUMN s BIGINT UNSIGNED AS ROW START, ADD COLUMN e BIGINT UNSIGNED AS ROW END, ADD PERIOD FOR SYSTEM_TIME(s,e), WITH SYSTEM VERSIONING;

--connection default

--source include/restart_mysqld.inc

--exec ! grep "ERROR: AddressSanitizer" $MYSQLTEST_VARDIR/log/mysqld.1.err

# Cleanup

DROP TABLE t1;

10.3 ASAN 352e7667 - Usual outcome
==17016==ERROR: AddressSanitizer: heap-use-after-free on address 0x61800004ff70 at pc 0x56091307c447 bp 0x7f2140504b80 sp 0x7f2140504b78
WRITE of size 8 at 0x61800004ff70 thread T28
#0 0x56091307c446 in trx_update_mod_tables_timestamp /data/src/10.3/storage/innobase/trx/trx0trx.cc:1289
#1 0x56091307d37a in trx_commit_in_memory /data/src/10.3/storage/innobase/trx/trx0trx.cc:1389
#2 0x56091307f6ab in trx_commit_low(trx_t, mtr_t) /data/src/10.3/storage/innobase/trx/trx0trx.cc:1586
#3 0x56091307f7d4 in trx_commit(trx_t*) /data/src/10.3/storage/innobase/trx/trx0trx.cc:1610
#4 0x560913080274 in trx_commit_for_mysql(trx_t*) /data/src/10.3/storage/innobase/trx/trx0trx.cc:1746
#5 0x560912cba8d2 in rollback_inplace_alter_table(Alter_inplace_info, TABLE const, row_prebuilt_t*) /data/src/10.3/storage/innobase/handler/handler0alter.cc:7373
#6 0x560912caac0d in ha_innobase::commit_inplace_alter_table(TABLE, Alter_inplace_info, bool) /data/src/10.3/storage/innobase/handler/handler0alter.cc:9227
#7 0x5609126ead42 in handler::ha_commit_inplace_alter_table(TABLE, Alter_inplace_info, bool) /data/src/10.3/sql/handler.cc:4576
#8 0x5609121f8e33 in mysql_inplace_alter_table /data/src/10.3/sql/sql_table.cc:7753
#9 0x56091220619e in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Alter_info, unsigned int, st_order*, bool) /data/src/10.3/sql/sql_table.cc:9868
#10 0x5609123522f3 in Sql_cmd_alter_table::execute(THD*) /data/src/10.3/sql/sql_alter.cc:500
#11 0x560911feb05c in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:6028
#12 0x560911ff6358 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7815
#13 0x560911fd107e in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1856
#14 0x560911fcdf5d in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1401
#15 0x560912343090 in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1403
#16 0x560912342a57 in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1308
#17 0x5609137a9adb in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1862
#18 0x7f2157eef4a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
#19 0x7f2156436d0e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8d0e)

0x61800004ff70 is located 752 bytes inside of 776-byte region [0x61800004fc80,0x61800004ff88)
freed by thread T28 here:
#0 0x7f21581c6a10 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1a10)
#1 0x560912da0585 in mem_heap_block_free(mem_block_info_t, mem_block_info_t) /data/src/10.3/storage/innobase/mem/mem0mem.cc:426
#2 0x560913252f2e in mem_heap_free /data/src/10.3/storage/innobase/include/mem0mem.ic:437
#3 0x560913255f88 in dict_mem_table_free(dict_table_t*) /data/src/10.3/storage/innobase/dict/dict0mem.cc:242
#4 0x56091321467f in dict_table_remove_from_cache_low(dict_table_t*, unsigned long) /data/src/10.3/storage/innobase/dict/dict0dict.cc:2039
#5 0x56091321470f in dict_table_remove_from_cache(dict_table_t*) /data/src/10.3/storage/innobase/dict/dict0dict.cc:2049
#6 0x560912ef9e09 in row_drop_table_from_cache /data/src/10.3/storage/innobase/row/row0mysql.cc:3279
#7 0x560912efbf4b in row_drop_table_for_mysql(char const, trx_t, enum_sql_command, bool, bool) /data/src/10.3/storage/innobase/row/row0mysql.cc:3757
#8 0x560912ed4ebf in row_merge_drop_table(trx_t, dict_table_t) /data/src/10.3/storage/innobase/row/row0merge.cc:4503
#9 0x560913209e3f in dict_table_close_and_drop(trx_t, dict_table_t) /data/src/10.3/storage/innobase/dict/dict0dict.cc:565
#10 0x560912cb9b2e in rollback_inplace_alter_table(Alter_inplace_info, TABLE const, row_prebuilt_t*) /data/src/10.3/storage/innobase/handler/handler0alter.cc:7289
#11 0x560912caac0d in ha_innobase::commit_inplace_alter_table(TABLE, Alter_inplace_info, bool) /data/src/10.3/storage/innobase/handler/handler0alter.cc:9227
#12 0x5609126ead42 in handler::ha_commit_inplace_alter_table(TABLE, Alter_inplace_info, bool) /data/src/10.3/sql/handler.cc:4576
#13 0x5609121f8e33 in mysql_inplace_alter_table /data/src/10.3/sql/sql_table.cc:7753
#14 0x56091220619e in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Alter_info, unsigned int, st_order*, bool) /data/src/10.3/sql/sql_table.cc:9868
#15 0x5609123522f3 in Sql_cmd_alter_table::execute(THD*) /data/src/10.3/sql/sql_alter.cc:500
#16 0x560911feb05c in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:6028
#17 0x560911ff6358 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7815
#18 0x560911fd107e in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1856
#19 0x560911fcdf5d in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1401
#20 0x560912343090 in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1403
#21 0x560912342a57 in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1308
#22 0x5609137a9adb in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1862
#23 0x7f2157eef4a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)

previously allocated by thread T28 here:
#0 0x7f21581c6d28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
#1 0x560912d9f9e4 in mem_heap_create_block_func(mem_block_info_t, unsigned long, char const, unsigned int, unsigned long) /data/src/10.3/storage/innobase/mem/mem0mem.cc:280
#2 0x560912da01e3 in mem_heap_add_block(mem_block_info_t*, unsigned long) /data/src/10.3/storage/innobase/mem/mem0mem.cc:385
#3 0x5609132529cc in mem_heap_alloc /data/src/10.3/storage/innobase/include/mem0mem.ic:203
#4 0x560913252707 in mem_heap_zalloc /data/src/10.3/storage/innobase/include/mem0mem.ic:170
#5 0x560913255310 in dict_mem_table_create(char const, fil_space_t, unsigned long, unsigned long, unsigned long, unsigned long) /data/src/10.3/storage/innobase/dict/dict0mem.cc:146
#6 0x560912c8e0f2 in prepare_inplace_alter_table_dict /data/src/10.3/storage/innobase/handler/handler0alter.cc:5064
#7 0x560912c9f0f3 in ha_innobase::prepare_inplace_alter_table(TABLE, Alter_inplace_info) /data/src/10.3/storage/innobase/handler/handler0alter.cc:6784
#8 0x5609126eaa45 in handler::ha_prepare_inplace_alter_table(TABLE, Alter_inplace_info) /data/src/10.3/sql/handler.cc:4556
#9 0x5609121f814c in mysql_inplace_alter_table /data/src/10.3/sql/sql_table.cc:7573
#10 0x56091220619e in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Alter_info, unsigned int, st_order*, bool) /data/src/10.3/sql/sql_table.cc:9868
#11 0x5609123522f3 in Sql_cmd_alter_table::execute(THD*) /data/src/10.3/sql/sql_alter.cc:500
#12 0x560911feb05c in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:6028
#13 0x560911ff6358 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7815
#14 0x560911fd107e in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1856
#15 0x560911fcdf5d in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1401
#16 0x560912343090 in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1403
#17 0x560912342a57 in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1308
#18 0x5609137a9adb in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1862
#19 0x7f2157eef4a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)

Thread T28 created by T0 here:
#0 0x7f2158135f59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)
#1 0x5609137a9f17 in spawn_thread_v1 /data/src/10.3/storage/perfschema/pfs.cc:1912
#2 0x560911d3cd40 in inline_mysql_thread_create /data/src/10.3/include/mysql/psi/mysql_thread.h:1268
#3 0x560911d5204c in create_thread_to_handle_connection(CONNECT*) /data/src/10.3/sql/mysqld.cc:6600
#4 0x560911d5272f in create_new_thread /data/src/10.3/sql/mysqld.cc:6670
#5 0x560911d53747 in handle_connections_sockets() /data/src/10.3/sql/mysqld.cc:6945
#6 0x560911d5151c in mysqld_main(int, char**) /data/src/10.3/sql/mysqld.cc:6222
#7 0x560911d3b45f in main /data/src/10.3/sql/main.cc:25
#8 0x7f215636e2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)

SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.3/storage/innobase/trx/trx0trx.cc:1289 in trx_update_mod_tables_timestamp
Shadow bytes around the buggy address:
0x0c3080001f90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080001fa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080001fb0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080001fc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c3080001fd0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
=>0x0c3080001fe0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
0x0c3080001ff0: fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c3080002000: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c3080002010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c3080002020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c3080002030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb

Reproducible on 10.3-10.5.

Occasionally it ends with a different error:

Some 10.4 ASAN build
2019-11-08 17:15:26 9 [Warning] `mysql`.`transaction_registry` does not exist (open failed).
=================================================================
==7686==ERROR: AddressSanitizer: heap-use-after-free on address 0x6200000330f8 at pc 0x55962b4853ee bp 0x7fb1b205b690 sp 0x7fb1b205b688
READ of size 8 at 0x6200000330f8 thread T27
#0 0x55962b4853ed in mysql_inplace_alter_table /data/src/10.4/sql/sql_table.cc:7869
#1 0x55962b49301f in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Alter_info, unsigned int, st_order*, bool) /data/src/10.4/sql/sql_table.cc:10094
#2 0x55962b5e9f49 in Sql_cmd_alter_table::execute(THD*) /data/src/10.4/sql/sql_alter.cc:508
#3 0x55962b26f1b4 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:6099
#4 0x55962b279bad in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7898
#5 0x55962b252e6a in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1842
#6 0x55962b24fd5e in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1360
#7 0x55962b5d4c02 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
#8 0x55962b5d45b6 in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
#9 0x55962ca33ddd in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
#10 0x7fb1c98994a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
#11 0x7fb1c7de0d0e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8d0e)

0x6200000330f8 is located 120 bytes inside of 3652-byte region [0x620000033080,0x620000033ec4)
freed by thread T27 here:
#0 0x7fb1c9b70a10 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1a10)
#1 0x55962cb65c5f in free_memory /data/src/10.4/mysys/safemalloc.c:279
#2 0x55962cb65348 in sf_free /data/src/10.4/mysys/safemalloc.c:197
#3 0x55962cb37485 in my_free /data/src/10.4/mysys/my_malloc.c:222
#4 0x55962b7de32c in intern_close_table /data/src/10.4/sql/table_cache.cc:224
#5 0x55962b7de54f in tc_remove_table /data/src/10.4/sql/table_cache.cc:260
#6 0x55962b7df9c8 in tc_release_table(TABLE*) /data/src/10.4/sql/table_cache.cc:474
#7 0x55962b0ece77 in close_thread_table(THD, TABLE*) /data/src/10.4/sql/sql_base.cc:1078
#8 0x55962b0ec54b in close_thread_tables(THD*) /data/src/10.4/sql/sql_base.cc:1020
#9 0x55962b1178bb in close_system_tables(THD, Open_tables_backup) /data/src/10.4/sql/sql_base.cc:9058
#10 0x55962b118156 in close_log_table(THD, Open_tables_backup) /data/src/10.4/sql/sql_base.cc:9170
#11 0x55962b541cc1 in TR_table::~TR_table() /data/src/10.4/sql/table.cc:9194
#12 0x55962b484fab in mysql_inplace_alter_table /data/src/10.4/sql/sql_table.cc:7784
#13 0x55962b49301f in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Alter_info, unsigned int, st_order*, bool) /data/src/10.4/sql/sql_table.cc:10094
#14 0x55962b5e9f49 in Sql_cmd_alter_table::execute(THD*) /data/src/10.4/sql/sql_alter.cc:508
#15 0x55962b26f1b4 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:6099
#16 0x55962b279bad in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7898
#17 0x55962b252e6a in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1842
#18 0x55962b24fd5e in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1360
#19 0x55962b5d4c02 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
#20 0x55962b5d45b6 in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
#21 0x55962ca33ddd in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
#22 0x7fb1c98994a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)

previously allocated by thread T27 here:
#0 0x7fb1c9b70d28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
#1 0x55962cb64d60 in sf_malloc /data/src/10.4/mysys/safemalloc.c:118
#2 0x55962cb36b94 in my_malloc /data/src/10.4/mysys/my_malloc.c:101
#3 0x55962b0f1217 in open_table(THD, TABLE_LIST, Open_table_context*) /data/src/10.4/sql/sql_base.cc:2079
#4 0x55962b0f97b4 in open_and_process_table /data/src/10.4/sql/sql_base.cc:3850
#5 0x55962b0fbde0 in open_tables(THD, DDL_options_st const&, TABLE_LIST, unsigned int, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:4324
#6 0x55962b100b04 in open_and_lock_tables(THD, DDL_options_st const&, TABLE_LIST, bool, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:5217
#7 0x55962b06d451 in open_and_lock_tables(THD, TABLE_LIST, bool, unsigned int) /data/src/10.4/sql/sql_base.h:505
#8 0x55962b1b57e4 in mysql_insert(THD, TABLE_LIST, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /data/src/10.4/sql/sql_insert.cc:764
#9 0x55962b262b84 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:4529
#10 0x55962b279bad in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7898
#11 0x55962b252e6a in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1842
#12 0x55962b24fd5e in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1360
#13 0x55962b5d4c02 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
#14 0x55962b5d45b6 in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
#15 0x55962ca33ddd in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
#16 0x7fb1c98994a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)

Thread T27 created by T0 here:
#0 0x7fb1c9adff59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)
#1 0x55962ca341ca in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1912
#2 0x55962afaabd8 in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1268
#3 0x55962afbf17c in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6234
#4 0x55962afbf85f in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6304
#5 0x55962afbfbea in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6402
#6 0x55962afc083c in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6560
#7 0x55962afbe9fd in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5892
#8 0x55962afa8abf in main /data/src/10.4/sql/main.cc:25
#9 0x7fb1c7d182e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)

SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.4/sql/sql_table.cc:7869 in mysql_inplace_alter_table
Shadow bytes around the buggy address:
0x0c407fffe5c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c407fffe5d0: 00 00 00 00 00 00 00 00 04 fa fa fa fa fa fa fa
0x0c407fffe5e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c407fffe5f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
0x0c407fffe600: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
=>0x0c407fffe610: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]
0x0c407fffe620: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c407fffe630: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c407fffe640: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c407fffe650: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
0x0c407fffe660: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb

Attachments

Issue Links

relates to

MDEV-16226 TRX_ID-based System Versioning refactoring

Stalled

Activity

People

Assignee:: Aleksey Midenkov

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 2019-11-08 16:26

Updated:: 2023-10-06 21:49

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.