MySQL Bugs: #96100: Generated column cause a heap-use-after-free error

Bug #96100	Generated column cause a heap-use-after-free error
Submitted:	5 Jul 2019 8:57	Modified:	5 Jul 2019 11:25
Reporter:	zkong kong	Email Updates:
Status:	Verified	Impact on me:	None
Category:	MySQL Server: DML	Severity:	S2 (Serious)
Version:	5.7.26	OS:	CentOS
Assigned to:		CPU Architecture:	Any
Tags:	asan

Description:
build a asan version with:
COMMON_FLAGS="-O0 -fsanitize=address -ldl -lpthread  -fno-omit-frame-pointer -fstack-usage -g -fprofile-arcs -static-libgcc -ftest-coverage"

run test below:
create database kz;
use kz;
CREATE TABLE t1(
  a INT not null,
  b CHAR(4) not null,
  c TEXT GENERATED ALWAYS AS ((a <> b)) VIRTUAL,
  UNIQUE KEY i1 (a),
  UNIQUE KEY i2 (c(1))
) ENGINE=INNODB;
insert into t1 set a=1;
insert into t1 set a=0;

replace into t1 set b ='1'; -- heap-use-after-free

Version: '5.7.26-local-debug-log'  socket: '/u01/kongzhi/mysql-5.7-server/run/mysql.sock'  port: 3724  Source distribution
=================================================================
==120900== ERROR: AddressSanitizer: heap-use-after-free on address 0x6010000779c0 at pc 0x40caf21 bp 0x2aab6c526db0 sp 0x2aab6c526da0

How to repeat:
as Description

Hello zkong kong,

Thank you for the report.
Verified as described.

regards,
Umesh

Test results - 5.7.26

Attachment: 96100_5.7.26.results (application/octet-stream, text), 17.34 KiB.