Bug #101827 DDL log entry may free twice and break the free list
Submitted: 2 Dec 2020 2:03 Modified: 2 Dec 2020 13:38
Reporter: long jlong (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: DDL Severity:S3 (Non-critical)
Version:5.7 OS:CentOS
Assigned to: CPU Architecture:Any

[2 Dec 2020 2:03] long jlong 
Description:
from Tencent Cloud-Native Database Team(CDB&CynosDB)
In handle_alter_part_end, if execute_ddl_log_entry return TRUE, write_log_completed will release part_info->first_log_entry and part_info->exec_log_entry once. then because part_info is a clone of lpt->part_info, in release_log_entries will release it again, which will break the global_ddl_log.first_free list, may cause a list like this 1->2->3->1->2->3...

How to repeat:
Read the code

Suggested fix:
write_log_completed do not to release part_info->first_log_entry.
[2 Dec 2020 13:38] MySQL Verification Team 
Hi Mr. jlong,

Thank you for your bug report.

We have analysed the logic that you described and we discovered that you are quite right.

However, it must be noted that this is 5.7-only bug, since that part of code does no longer exist in 8.0  !!!!!!!

Verified as reported !!!!!
[2 Dec 2020 13:38] MySQL Verification Team 
Hi Mr. jlong,

Thank you for your bug report.

We have analysed the logic that you described and we discovered that you are quite right.

However, it must be noted that this is 5.7-only bug, since that part of code does no longer exist in 8.0  !!!!!!!

Verified as reported !!!!!
[3 Dec 2020 2:04] long jlong 
Simple fix from TXSQL Team of Tencent

(*) I confirm the code being submitted is offered under the terms of the OCA, and that I am authorized to contribute it.

Contribution: patch.diff (application/octet-stream, text), 579 bytes.