Details
-
Bug
-
Status: Closed (View Workflow)
-
Minor
-
Resolution: Won't Fix
-
10.0.2, 5.5.31, 5.1.67, 5.2.14, 5.3.12
-
None
Description
AddressSanitizer has detected use-after-free error in the rpl.rpl_stop_slave test case on our build bots. Looking at the stack traces it can happen anywhere and the problem is that DBUG_EXECUTE_IF doesn't acquire any locks to check if keyword exists in the debug state. This happened on 10.0.1 code base with our patches merged in (so line numbers below can be a little bit off) but I don't see any changes in lp:maria head that could have fixed the issue. Tell me if you think there is fix already.
The end of the stack trace of the thread that freed memory:
#1 0x1503577 in FreeList dbug/dbug.c:1776
|
#2 0x14ff069 in FreeState dbug/dbug.c:1588
|
#3 0x14fd5be in DbugParse dbug/dbug.c:471
|
#4 0x14feea7 in _db_set_init_ dbug/dbug.c:871
|
#5 0xe3258f in Sys_var_dbug::global_update(THD*, set_var*) sql/sys_vars.h:917
|
The end of the stack trace of the thread that reads the memory after that:
#1 0x15031a4 in InList dbug/dbug.c:1512
|
#2 0x15028f2 in _db_keyword_ dbug/dbug.c:1712
|
#3 0x147cda2 in my_malloc mysys/my_malloc.c:120
|