[MDEV-33216] ASAN reports "stack use after return" in Wsrep_schema_impl::open_table - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.4
Fix Version/s: 10.4.34, 10.5.25, 10.6.18, 10.11.8, 11.0.6, 11.1.5, 11.2.4
Component/s: Galera
Labels:
None

Description

Wsrep_schema_impl::open_table() has a TABLE_LIST object on the stack and returns TABLE_LIST::table to the caller.

ASAN report:

Address 0x7f173ecfb498 is located in stack of thread T39 at offset 1176 in frame

    #0 0x5627fe37f1df in Wsrep_schema_impl::open_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, thr_lock_type, TABLE**) /mariadb/10.4/sql/wsrep_schema.cc:252

  This frame has 2 object(s):

    [32, 40) 'prelocking_strategy.i'

    [64, 1840) 'tables' (line 258) <== Memory access at offset 1176 is inside this variable

HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork

      (longjmp and C++ exceptions *are* supported)

Thread T39 created by T0 here:

    #0 0x5627fc21666e in pthread_create (/dev/shm/10.4/sql/mysqld+0x301666e) (BuildId: afe830840ad49150)

    #1 0x5627fe1c8b64 in spawn_thread_v1(unsigned int, unsigned long*, pthread_attr_t const*, void* (*)(void*), void*) /mariadb/10.4/storage/perfschema/pfs.cc:1919:15

Attachments

Activity

People

Assignee:: Julius Goryavsky

Reporter:: Daniele Sciascia

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2024-01-10 13:28

Updated:: 2024-04-05 11:04

Resolved:: 2024-03-28 18:22

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.