Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22788

SUMMARY: AddressSanitizer: heap-use-after-free storage/innobase/include/dict0dict.ic:1026 in dict_index_get_nth_field

    XMLWordPrintable

Details

    Description

      RQG testing on
      origin/10.2 50641db2d11ad8a2228f7938d851e52decb71a9b 2020-06-01T15:38:04+02:00
       
      ==73006==ERROR: AddressSanitizer: heap-use-after-free on address 0x617000276bb0 at pc 0x56316fa45e19 bp 0x46215c741180 sp 0x46215c741170
      READ of size 20 at 0x617000276bb0 thread T34
          #0 0x56316fa45e18 in dict_index_get_nth_field storage/innobase/include/dict0dict.ic:1026
          #1 0x56316fa45f56 in dict_index_get_nth_col storage/innobase/include/dict0dict.ic:1079
          #2 0x56316fa73897 in dict_foreign_qualify_index(dict_table_t const*, char const**, char const**, unsigned long, dict_index_t const*, dict_index_t const*, bool, unsigned long, fkerr_t*, unsigned long*, dict_index_t**) storage/innobase/dict/dict0dict.cc:6662
          #3 0x56316fa5d99e in dict_foreign_find_index(dict_table_t const*, char const**, char const**, unsigned long, dict_index_t const*, bool, unsigned long, fkerr_t*, unsigned long*, dict_index_t**) storage/innobase/dict/dict0dict.cc:3148
          #4 0x56316f4943ec in innobase_update_foreign_try storage/innobase/handler/handler0alter.cc:7338
          #5 0x56316f4a2a2d in commit_try_norebuild(Alter_inplace_info*, ha_innobase_inplace_ctx*, TABLE*, TABLE const*, trx_t*, char const*) (/home/mleich/Server_bin/10.2_asan/bin/mysqld+0x1b55a2d)
          #6 0x56316f49905e in ha_innobase::commit_inplace_alter_table(TABLE*, Alter_inplace_info*, bool) storage/innobase/handler/handler0alter.cc:8423
          #7 0x56316eeb9886 in handler::ha_commit_inplace_alter_table(TABLE*, Alter_inplace_info*, bool) sql/handler.cc:4378
          #8 0x56316ea8679a in mysql_inplace_alter_table sql/sql_table.cc:7480
          #9 0x56316ea96323 in mysql_alter_table(THD*, char*, char*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) sql/sql_table.cc:9615
          #10 0x56316ebe9080 in Sql_cmd_alter_table::execute(THD*) sql/sql_alter.cc:333
          #11 0x56316e851c05 in mysql_execute_command(THD*) sql/sql_parse.cc:5972
          #12 0x56316e85d65c in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) sql/sql_parse.cc:7741
          #13 0x56316e834308 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) sql/sql_parse.cc:1831
          #14 0x56316e830d2f in do_command(THD*) sql/sql_parse.cc:1385
          #15 0x56316ebd8f75 in do_handle_one_connection(CONNECT*) sql/sql_connect.cc:1336
          #16 0x56316ebd8832 in handle_one_connection sql/sql_connect.cc:1241
          #17 0x796d128366da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)
          #18 0x4d414f47e88e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x12188e)
      ...
      SUMMARY: AddressSanitizer: heap-use-after-free storage/innobase/include/dict0dict.ic:1026 in dict_index_get_nth_field
      ...
      Query (0x62b00012d228): ALTER TABLE `D` /* 100301 WAIT 1 */ ADD CONSTRAINT r FOREIGN KEY ( `col_int_nokey` ) REFERENCES `AA` (col_varchar_key) ON DELETE RESTRICT, ALGORITHM=INPLACE
      ...
      Connection ID (thread ID): 18
      Status: NOT_KILLED
       
      RQG
      -------
      git clone https://github.com/mleich1/rqg --branch experimental RQG_mleich
      origin/experimental 5c63068c24fa6d687422f4d26490b067ff6535e4 2020-05-28T13:50:30+02:00
       
      perl rqg.pl \                        
      --views \
      --grammar=conf/mariadb/partitions_innodb.yy \
      --redefine=conf/mariadb/alter_table.yy \
      --redefine=conf/mariadb/instant_add.yy \
      --redefine=conf/mariadb/modules/alter_table_columns.yy \
      --redefine=conf/mariadb/sp.yy \
      --redefine=conf/mariadb/bulk_insert.yy \
      --redefine=conf/mariadb/modules/userstat.yy \
      --redefine=conf/mariadb/modules/foreign_keys.yy \
      --redefine=conf/mariadb/modules/locks.yy \
      --redefine=conf/mariadb/modules/sql_mode.yy \
      --redefine=conf/mariadb/versioning.yy \
      --redefine=conf/mariadb/sequences.yy \
      --redefine=conf/mariadb/modules/locks-10.4-extra.yy \
      --mysqld=--innodb_use_native_aio=1 \
      --mysqld=--innodb_stats_persistent=off \
      --mysqld=--innodb_lock_schedule_algorithm=fcfs \
      --mysqld=--loose-idle_write_transaction_timeout=0 \
      --mysqld=--loose-idle_transaction_timeout=0 \
      --mysqld=--loose-idle_readonly_transaction_timeout=0 \
      --mysqld=--connect_timeout=60 \
      --mysqld=--interactive_timeout=28800 \
      --mysqld=--slave_net_timeout=60 \
      --mysqld=--net_read_timeout=30 \
      --mysqld=--net_write_timeout=60 \
      --mysqld=--loose-table_lock_wait_timeout=50 \
      --mysqld=--wait_timeout=28800 \
      --mysqld=--lock-wait-timeout=86400 \
      --mysqld=--innodb-lock-wait-timeout=50 \
      --no-mask \
      --queries=10000000 \
      --seed=random \
      --reporters=Backtrace \
      --reporters=ErrorLog \
      --reporters=Deadlock1 \
      --validators=None \
      --mysqld=--log_output=none \
      --mysqld=--log-bin \
      --mysqld=--log_bin_trust_function_creators=1 \
      --mysqld=--loose-max-statement-time=30 \
      --mysqld=--loose-debug_assert_on_not_freed_memory=0 \
      --engine=InnoDB \
      --restart_timeout=120 \
      --duration=300 \
      --mysqld=--loose-innodb_fatal_semaphore_wait_threshold=300 \
      --threads=2 \
      --mysqld=--innodb_page_size=8K \
      --mysqld=--innodb-buffer-pool-size=8M \
      --duration=300 \
      --no_mask \
      --workdir=<local settings> \
      --vardir=<local settings> \
      --mtr-build-thread=<local settings> \
      --basedir1=<local settings> \
      --script_debug=_nix_ \
      --rr=Server \
      --rr_options=--chaos
      

      Attachments

        Issue Links

          Activity

            People

              vlad.lesin Vladislav Lesin
              mleich Matthias Leich
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.