=================================================================
|
==27353==ERROR: AddressSanitizer: heap-use-after-free on address 0x61800024ed18 at pc 0x55642549e803 bp 0x7ff1d287e0d0 sp 0x7ff1d287e0c8
|
READ of size 8 at 0x61800024ed18 thread T34
|
#0 0x55642549e802 in id_name_t::operator char const*() const /10.3/storage/innobase/include/dict0mem.h:520
|
#1 0x55642547a327 in get_foreign_key_info /10.3/storage/innobase/handler/ha_innodb.cc:15084
|
#2 0x55642547a9b0 in ha_innobase::get_foreign_key_list(THD*, List<st_foreign_key_info>*) /10.3/storage/innobase/handler/ha_innodb.cc:15127
|
#3 0x55642495286b in fk_prepare_copy_alter_table /10.3/sql/sql_table.cc:8921
|
#4 0x556424959f31 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /10.3/sql/sql_table.cc:9999
|
#5 0x556424ad5427 in Sql_cmd_alter_table::execute(THD*) /10.3/sql/sql_alter.cc:512
|
#6 0x5564246f3ef4 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:6052
|
#7 0x5564247007a6 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:7840
|
#8 0x5564246d6e7b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1852
|
#9 0x5564246d35b6 in do_command(THD*) /10.3/sql/sql_parse.cc:1398
|
#10 0x556424ac43cf in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1403
|
#11 0x556424ac3c87 in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#12 0x7ff200e23fa2 in start_thread /build/glibc-vjB4T1/glibc-2.28/nptl/pthread_create.c:486
|
#13 0x7ff2007a74ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce)
|
|
0x61800024ed18 is located 152 bytes inside of 792-byte region [0x61800024ec80,0x61800024ef98)
|
freed by thread T38 here:
|
#0 0x7ff200f25fb0 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe8fb0)
|
#1 0x556425641bc5 in mem_heap_block_free(mem_block_info_t*, mem_block_info_t*) /10.3/storage/innobase/mem/mem0mem.cc:416
|
#2 0x556425c27a14 in mem_heap_free /10.3/storage/innobase/include/mem0mem.ic:417
|
#3 0x556425c31fd3 in dict_mem_index_free(dict_index_t*) /10.3/storage/innobase/dict/dict0mem.cc:1108
|
#4 0x556425bd8718 in dict_index_remove_from_cache_low /10.3/storage/innobase/dict/dict0dict.cc:2202
|
#5 0x556425bd8742 in dict_index_remove_from_cache(dict_table_t*, dict_index_t*) /10.3/storage/innobase/dict/dict0dict.cc:2213
|
#6 0x5564257c50af in row_merge_drop_indexes(trx_t*, dict_table_t*, unsigned long) /10.3/storage/innobase/row/row0merge.cc:4002
|
#7 0x55642550edd6 in innobase_rollback_sec_index /10.3/storage/innobase/handler/handler0alter.cc:7375
|
#8 0x55642551c09a in ha_innobase::commit_inplace_alter_table(TABLE*, Alter_inplace_info*, bool) /10.3/storage/innobase/handler/handler0alter.cc:9802
|
#9 0x556424eab123 in handler::ha_commit_inplace_alter_table(TABLE*, Alter_inplace_info*, bool) /10.3/sql/handler.cc:4602
|
#10 0x5564249493b4 in mysql_inplace_alter_table /10.3/sql/sql_table.cc:7735
|
#11 0x556424959d39 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /10.3/sql/sql_table.cc:9980
|
#12 0x556424ad5427 in Sql_cmd_alter_table::execute(THD*) /10.3/sql/sql_alter.cc:512
|
#13 0x5564246f3ef4 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:6052
|
#14 0x5564247007a6 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:7840
|
#15 0x5564246d6e7b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1852
|
#16 0x5564246d35b6 in do_command(THD*) /10.3/sql/sql_parse.cc:1398
|
#17 0x556424ac43cf in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1403
|
#18 0x556424ac3c87 in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#19 0x7ff200e23fa2 in start_thread /build/glibc-vjB4T1/glibc-2.28/nptl/pthread_create.c:486
|
|
previously allocated by thread T38 here:
|
#0 0x7ff200f26330 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)
|
#1 0x556425640caa in mem_heap_create_block_func(mem_block_info_t*, unsigned long, char const*, unsigned int, unsigned long) /10.3/storage/innobase/mem/mem0mem.cc:277
|
#2 0x5564256417f8 in mem_heap_add_block(mem_block_info_t*, unsigned long) /10.3/storage/innobase/mem/mem0mem.cc:378
|
#3 0x556425c27363 in mem_heap_alloc /10.3/storage/innobase/include/mem0mem.ic:191
|
#4 0x556425c27046 in mem_heap_zalloc /10.3/storage/innobase/include/mem0mem.ic:160
|
#5 0x556425c2f5f3 in dict_mem_index_create(dict_table_t*, char const*, unsigned long, unsigned long) /10.3/storage/innobase/dict/dict0mem.cc:770
|
#6 0x556425bdc066 in dict_index_build_internal_non_clust /10.3/storage/innobase/dict/dict0dict.cc:2672
|
#7 0x556425bd72ea in dict_index_add_to_cache(dict_index_t*&, unsigned long, dict_add_v_col_t const*) /10.3/storage/innobase/dict/dict0dict.cc:2049
|
#8 0x556425bb2806 in dict_create_index_step(que_thr_t*) /10.3/storage/innobase/dict/dict0crea.cc:1361
|
#9 0x5564256ffe9d in que_thr_step /10.3/storage/innobase/que/que0que.cc:1048
|
#10 0x5564257002e9 in que_run_threads_low /10.3/storage/innobase/que/que0que.cc:1100
|
#11 0x55642570072e in que_run_threads(que_thr_t*) /10.3/storage/innobase/que/que0que.cc:1140
|
#12 0x5564254f4bf1 in create_index_dict /10.3/storage/innobase/handler/handler0alter.cc:4904
|
#13 0x5564254ff32c in prepare_inplace_alter_table_dict /10.3/storage/innobase/handler/handler0alter.cc:5770
|
#14 0x55642550afe8 in ha_innobase::prepare_inplace_alter_table(TABLE*, Alter_inplace_info*) /10.3/storage/innobase/handler/handler0alter.cc:6948
|
#15 0x556424eaae29 in handler::ha_prepare_inplace_alter_table(TABLE*, Alter_inplace_info*) /10.3/sql/handler.cc:4582
|
#16 0x556424948b32 in mysql_inplace_alter_table /10.3/sql/sql_table.cc:7651
|
#17 0x556424959d39 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /10.3/sql/sql_table.cc:9980
|
#18 0x556424ad5427 in Sql_cmd_alter_table::execute(THD*) /10.3/sql/sql_alter.cc:512
|
#19 0x5564246f3ef4 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:6052
|
#20 0x5564247007a6 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:7840
|
#21 0x5564246d6e7b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1852
|
#22 0x5564246d35b6 in do_command(THD*) /10.3/sql/sql_parse.cc:1398
|
#23 0x556424ac43cf in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1403
|
#24 0x556424ac3c87 in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#25 0x7ff200e23fa2 in start_thread /build/glibc-vjB4T1/glibc-2.28/nptl/pthread_create.c:486
|
|
Thread T34 created by T0 here:
|
#0 0x7ff200e8ddb0 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x50db0)
|
#1 0x55642646da23 in spawn_thread_noop /10.3/mysys/psi_noop.c:187
|
#2 0x5564243e66f4 in inline_mysql_thread_create /10.3/include/mysql/psi/mysql_thread.h:1275
|
#3 0x5564243ffbad in create_thread_to_handle_connection(CONNECT*) /10.3/sql/mysqld.cc:6658
|
#4 0x556424400302 in create_new_thread /10.3/sql/mysqld.cc:6728
|
#5 0x556424401483 in handle_connections_sockets() /10.3/sql/mysqld.cc:6986
|
#6 0x5564243fef21 in mysqld_main(int, char**) /10.3/sql/mysqld.cc:6280
|
#7 0x5564243e4df4 in main /10.3/sql/main.cc:25
|
#8 0x7ff2006d209a in __libc_start_main ../csu/libc-start.c:308
|
|
Thread T38 created by T0 here:
|
#0 0x7ff200e8ddb0 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x50db0)
|
#1 0x55642646da23 in spawn_thread_noop /10.3/mysys/psi_noop.c:187
|
#2 0x5564243e66f4 in inline_mysql_thread_create /10.3/include/mysql/psi/mysql_thread.h:1275
|
#3 0x5564243ffbad in create_thread_to_handle_connection(CONNECT*) /10.3/sql/mysqld.cc:6658
|
#4 0x556424400302 in create_new_thread /10.3/sql/mysqld.cc:6728
|
#5 0x556424401483 in handle_connections_sockets() /10.3/sql/mysqld.cc:6986
|
#6 0x5564243fef21 in mysqld_main(int, char**) /10.3/sql/mysqld.cc:6280
|
#7 0x5564243e4df4 in main /10.3/sql/main.cc:25
|
#8 0x7ff2006d209a in __libc_start_main ../csu/libc-start.c:308
|
|
SUMMARY: AddressSanitizer: heap-use-after-free /10.3/storage/innobase/include/dict0mem.h:520 in id_name_t::operator char const*() const
|
Shadow bytes around the buggy address:
|
0x0c3080041d50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041d60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041d70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041d80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c3080041d90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
=>0x0c3080041da0: fd fd fd[fd]fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041db0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041dc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041dd0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041de0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080041df0: fd fd fd fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
==27353==ABORTING
|