Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.3(EOL)
-
None
-
None
-
None
Description
10.3 commit 358ae4b46dd52b329154c
=================================================================
|
==25899==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c000c04d30 at pc 0x55ae658cc46c bp 0x7f2c91ce9630 sp 0x7f2c91ce9620
|
READ of size 1 at 0x60c000c04d30 thread T32
|
#0 0x55ae658cc46b in Item_ident::print(String*, enum_query_type) /10.3/sql/item.cc:3320
|
#1 0x55ae658ee323 in Item_field::print(String*, enum_query_type) /10.3/sql/item.cc:7802
|
#2 0x55ae658b636e in Item::print_parenthesised(String*, enum_query_type, precedence) /10.3/sql/item.cc:584
|
#3 0x55ae659a0a6a in Item_func::print_op(String*, enum_query_type) /10.3/sql/item_func.cc:620
|
#4 0x55ae6518e4ca in Item_num_op::print(String*, enum_query_type) /10.3/sql/item_func.h:730
|
#5 0x55ae658b636e in Item::print_parenthesised(String*, enum_query_type, precedence) /10.3/sql/item.cc:584
|
#6 0x55ae653751fd in Item::print_for_table_def(String*) /10.3/sql/item.h:1416
|
#7 0x55ae65375969 in Virtual_column_info::print(String*) /10.3/sql/item.h:6611
|
#8 0x55ae6549246b in pack_expression /10.3/sql/unireg.cc:639
|
#9 0x55ae654926e5 in pack_vcols /10.3/sql/unireg.cc:660
|
#10 0x55ae6548ed0c in build_frm_image(THD*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, List<Create_field>&, unsigned int, st_key*, handler*) /10.3/sql/unireg.cc:194
|
#11 0x55ae653b31bc in mysql_create_frm_image(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, Alter_info*, int, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /10.3/sql/sql_table.cc:4724
|
#12 0x55ae653b45b5 in create_table_impl /10.3/sql/sql_table.cc:4963
|
#13 0x55ae653d01b8 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /10.3/sql/sql_table.cc:9592
|
#14 0x55ae6550bf2f in Sql_cmd_alter_table::execute(THD*) /10.3/sql/sql_alter.cc:466
|
#15 0x55ae651cd951 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:6279
|
#16 0x55ae651d85ab in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:8076
|
#17 0x55ae651b31b6 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1847
|
#18 0x55ae651b034e in do_command(THD*) /10.3/sql/sql_parse.cc:1392
|
#19 0x55ae654fda7b in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1402
|
#20 0x55ae654fd458 in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#21 0x7f2cbfe806b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#22 0x7f2cbf31541c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
=================================================================
|
==2191==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110001c8380 at pc 0x55d611934cfa bp 0x7fbcc7621030 sp 0x7fbcc7621020
|
READ of size 8 at 0x6110001c8380 thread T32
|
#0 0x55d611934cf9 in maria_status /10.3/storage/maria/ma_info.c:59
|
#1 0x55d611970518 in ha_maria::info(unsigned int) /10.3/storage/maria/ha_maria.cc:2518
|
#2 0x55d612495867 in ha_partition::info(unsigned int) /10.3/sql/ha_partition.cc:8205
|
#3 0x55d612467dea in ha_partition::update_create_info(HA_CREATE_INFO*) /10.3/sql/ha_partition.cc:2161
|
#4 0x55d610fc5a3e in mysql_prepare_alter_table(THD*, TABLE*, HA_CREATE_INFO*, Alter_info*, Alter_table_ctx*) /10.3/sql/sql_table.cc:8487
|
#5 0x55d610fca4d6 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /10.3/sql/sql_table.cc:9408
|
#6 0x55d611106f2f in Sql_cmd_alter_table::execute(THD*) /10.3/sql/sql_alter.cc:466
|
#7 0x55d610dc8951 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:6279
|
#8 0x55d610dd35ab in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:8076
|
#9 0x55d610dae1b6 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1847
|
#10 0x55d610dab34e in do_command(THD*) /10.3/sql/sql_parse.cc:1392
|
#11 0x55d6110f8a7b in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1402
|
#12 0x55d6110f8458 in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#13 0x7fbcf57b66b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#14 0x7fbcf4c4b41c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
|
|
|
==7586==ERROR: AddressSanitizer: heap-use-after-free on address 0x6110000a1880 at pc 0x564cad92dcfa bp 0x7fbb52d9fea0 sp 0x7fbb52d9fe90
|
READ of size 8 at 0x6110000a1880 thread T32
|
#0 0x564cad92dcf9 in maria_status /10.3/storage/maria/ma_info.c:59
|
#1 0x564cad969518 in ha_maria::info(unsigned int) /10.3/storage/maria/ha_maria.cc:2518
|
#2 0x564cae48e867 in ha_partition::info(unsigned int) /10.3/sql/ha_partition.cc:8205
|
#3 0x564cae460dea in ha_partition::update_create_info(HA_CREATE_INFO*) /10.3/sql/ha_partition.cc:2161
|
#4 0x564cacf3854a in get_schema_tables_record /10.3/sql/sql_show.cc:5478
|
#5 0x564cacf3189b in fill_schema_table_by_open /10.3/sql/sql_show.cc:4598
|
#6 0x564cacf34c87 in get_all_tables(THD*, TABLE_LIST*, Item*) /10.3/sql/sql_show.cc:5203
|
#7 0x564cacf638d0 in get_schema_tables_result(JOIN*, enum_schema_table_state) /10.3/sql/sql_show.cc:8765
|
#8 0x564cace60f3c in JOIN::exec_inner() /10.3/sql/sql_select.cc:3974
|
#9 0x564cace5f2b7 in JOIN::exec() /10.3/sql/sql_select.cc:3805
|
#10 0x564cace62689 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /10.3/sql/sql_select.cc:4210
|
#11 0x564cace3dfd2 in handle_select(THD*, LEX*, select_result*, unsigned long) /10.3/sql/sql_select.cc:382
|
#12 0x564cacdc3bc1 in execute_sqlcom_select /10.3/sql/sql_parse.cc:6541
|
#13 0x564cacdb23d4 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:3764
|
#14 0x564cacdcc5ab in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:8076
|
#15 0x564cacda71b6 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1847
|
#16 0x564cacda434e in do_command(THD*) /10.3/sql/sql_parse.cc:1392
|
#17 0x564cad0f1a7b in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1402
|
#18 0x564cad0f1458 in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#19 0x7fbb80f456b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#20 0x7fbb803da41c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
|
|
10.3 dbc0d576a3f402ae52 |
==23930==ERROR: AddressSanitizer: heap-use-after-free on address 0x6290078e6290 at pc 0x55e53ed84806 bp 0x7fe1c4097cc0 sp 0x7fe1c4097cb0
|
READ of size 8 at 0x6290078e6290 thread T33
|
#0 0x55e53ed84805 in ha_maria::store_lock(THD*, st_thr_lock_data**, thr_lock_type) /10.3/storage/maria/ha_maria.cc:3008
|
#1 0x55e53eb45986 in get_lock_data(THD*, TABLE**, unsigned int, unsigned int) /10.3/sql/lock.cc:793
|
#2 0x55e53eb41d17 in mysql_lock_tables(THD*, TABLE**, unsigned int, unsigned int) /10.3/sql/lock.cc:301
|
#3 0x55e53e064a58 in lock_tables(THD*, TABLE_LIST*, unsigned int, unsigned int) /10.3/sql/sql_base.cc:5260
|
#4 0x55e53e06321e in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /10.3/sql/sql_base.cc:5005
|
#5 0x55e53dfdb10b in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /10.3/sql/sql_base.h:502
|
#6 0x55e53e110a6d in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /10.3/sql/sql_insert.cc:760
|
#7 0x55e53e1a8174 in mysql_execute_command(THD*) /10.3/sql/sql_parse.cc:4726
|
#8 0x55e53e1bd989 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /10.3/sql/sql_parse.cc:8089
|
#9 0x55e53e1984aa in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /10.3/sql/sql_parse.cc:1857
|
#10 0x55e53e195610 in do_command(THD*) /10.3/sql/sql_parse.cc:1403
|
#11 0x55e53e4ea3fd in do_handle_one_connection(CONNECT*) /10.3/sql/sql_connect.cc:1402
|
#12 0x55e53e4e9dda in handle_one_connection /10.3/sql/sql_connect.cc:1308
|
#13 0x7fe1f96286b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#14 0x7fe1f8abd41c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
|
Attachments
Activity
|
preview-10.10-optimizer ec4e5900d0ae36fe2bc639d8c |
2022-07-15 10:33:11 0x7f4b183f3700 InnoDB: Assertion failure in file /d1/git/10.10/storage/innobase/page/page0zip.cc line 760
|
InnoDB: Failing assertion: i + PAGE_HEAP_NO_USER_LOW == n_heap
|
InnoDB: We intentionally generate a memory trap.
|
InnoDB: Submit a detailed bug report to https://jira.mariadb.org/
|
InnoDB: If you get repeated assertion failures or crashes, even
|
InnoDB: immediately after the mariadbd startup, there may be
|
InnoDB: corruption in the InnoDB tablespace. Please refer to
|
InnoDB: https://mariadb.com/kb/en/library/innodb-recovery-modes/
|
InnoDB: about forcing recovery.
|
220715 10:33:11 [ERROR] mysqld got signal 6 ;
|
|
|
Server version: 10.10.0-MariaDB-log
|
|
|
linux/raise.c:51(__GI_raise)[0x7f4b3aa157bb]
|
stdlib/abort.c:81(__GI_abort)[0x7f4b3aa00535]
|
ut/ut0rbt.cc:471(rbt_eject_node(ib_rbt_node_t*, ib_rbt_node_t*) [clone .cold.36])[0x55c087908524]
|
page/page0zip.cc:1507(page_zip_compress(buf_block_t*, dict_index_t*, unsigned long, mtr_t*))[0x55c0878f6090]
|
btr/btr0bulk.cc:947(BtrBulk::pageCommit(PageBulk*, PageBulk*, bool))[0x55c08803a49f]
|
btr/btr0bulk.cc:900(BtrBulk::pageSplit(PageBulk*, PageBulk*))[0x55c08803a81c]
|
btr/btr0bulk.cc:1082(BtrBulk::insert(dtuple_t*, unsigned long))[0x55c0880394c3]
|
include/btr0bulk.h:301(row_merge_insert_index_tuples(dict_index_t*, dict_table_t const*, pfs_os_file_t const&, unsigned char*, row_merge_buf_t const*, BtrBulk*, unsigned long, double, double, unsigned char*, unsigned long, ut_stage_alter_t*, merge_file_t*))[0x55c087fc3d8f]
|
row/row0merge.cc:2715(row_merge_read_clustered_index(trx_t*, TABLE*, dict_table_t const*, dict_table_t*, bool, dict_index_t**, dict_index_t*, fts_psort_t*, merge_file_t*, unsigned long const*, unsigned long, dtuple_t const*, dict_add_v_col_t const*, unsigned long const*, unsigned long, ib_sequence_t&, unsigned char*, bool, pfs_os_file_t*, ut_stage_alter_t*, double, unsigned char*, TABLE*, bool))[0x55c087fcb801]
|
include/ut0stage.h:395(row_merge_build_indexes(trx_t*, dict_table_t*, dict_table_t*, bool, dict_index_t**, unsigned long const*, unsigned long, TABLE*, dtuple_t const*, unsigned long const*, unsigned long, ib_sequence_t&, bool, ut_stage_alter_t*, dict_add_v_col_t const*, TABLE*, bool))[0x55c087fcc5f4]
|
handler/handler0alter.cc:8538(ha_innobase::inplace_alter_table(TABLE*, Alter_inplace_info*))[0x55c087f433dd]
|
sql/sql_table.cc:7672(mysql_inplace_alter_table)[0x55c087b0a078]
|
sql/sql_alter.cc:547(Sql_cmd_alter_table::execute(THD*))[0x55c087b6dbc1]
|
sql/sql_parse.cc:5996(mysql_execute_command(THD*, bool))[0x55c087a652fa]
|
sql/sql_parse.cc:8053(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55c087a573fc]
|
sql/sql_parse.cc:1896(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x55c087a61d1c]
|
sql/sql_parse.cc:1407(do_command(THD*, bool))[0x55c087a633c6]
|
sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x55c087b68d9f]
|
sql/sql_connect.cc:1312(handle_one_connection)[0x55c087b690dd]
|
perfschema/pfs.cc:2204(pfs_spawn_thread)[0x55c087e8f7d5]
|
nptl/pthread_create.c:487(start_thread)[0x7f4b3aecbfa3]
|
x86_64/clone.S:97(clone)[0x7f4b3aad6eff]
|
InnoDB: Failing assertion: stat_value != UINT64_UNDEFINED
Version: '11.0.1-MariaDB-debug'
|
2023-01-16 14:02:17 0x7f409babc700 InnoDB: Assertion failure in file /10.11/src/storage/innobase/dict/dict0stats.cc line 3589
|
InnoDB: Failing assertion: stat_value != UINT64_UNDEFINED
|
InnoDB: We intentionally generate a memory trap.
|
InnoDB: Submit a detailed bug report to https://jira.mariadb.org/
|
InnoDB: If you get repeated assertion failures or crashes, even
|
InnoDB: immediately after the mariadbd startup, there may be
|
InnoDB: corruption in the InnoDB tablespace. Please refer to
|
InnoDB: https://mariadb.com/kb/en/library/innodb-recovery-modes/
|
InnoDB: about forcing recovery.
|
230116 14:02:17 [ERROR] mysqld got signal 6 ;
|
|
|
Server version: 11.0.1-MariaDB-debug
|
|
|
??:0(gsignal)[0x7f40c667c00b]
|
??:0(abort)[0x7f40c665b859]
|
dict/dict0stats.cc:3591(dict_stats_fetch_index_stats_step(void*, void*))[0x55dc220450ca]
|
row/row0sel.cc:2474(fetch_step(que_thr_t*))[0x55dc21d84595]
|
que/que0que.cc:581(que_thr_step(que_thr_t*))[0x55dc21c3a942]
|
que/que0que.cc:653(que_run_threads_low(que_thr_t*))[0x55dc21c3adac]
|
que/que0que.cc:675(que_run_threads(que_thr_t*))[0x55dc21c3af4e]
|
que/que0que.cc:714(que_eval_sql(pars_info_t*, char const*, trx_t*))[0x55dc21c3b352]
|
dict/dict0stats.cc:3813(dict_stats_fetch_from_ps(dict_table_t*))[0x55dc220464da]
|
dict/dict0stats.cc:4101(dict_stats_update(dict_table_t*, dict_stats_upd_option_t))[0x55dc22047afe]
|
include/dict0stats.inl:165(dict_stats_init(dict_table_t*))[0x55dc21921da7]
|
handler/ha_innodb.cc:14713(ha_innobase::info_low(unsigned int, bool))[0x55dc21972d48]
|
handler/ha_innodb.cc:14976(ha_innobase::info(unsigned int))[0x55dc219746ff]
|
handler/ha_innodb.cc:6141(ha_innobase::open(char const*, int, unsigned int))[0x55dc2193d033]
|
sql/handler.cc:3455(handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*))[0x55dc20f69f8d]
|
sql/table.cc:4462(open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*))[0x55dc20a27144]
|
sql/sql_base.cc:2178(open_table(THD*, TABLE_LIST*, Open_table_context*))[0x55dc20498bf4]
|
sql/sql_base.cc:4108(open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*))[0x55dc204a3efa]
|
sql/sql_base.cc:4595(open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*))[0x55dc204a6b6c]
|
sql/sql_base.h:480(open_tables(THD*, TABLE_LIST**, unsigned int*, unsigned int))[0x55dc2047991d]
|
sql/sql_show.cc:1222(mysqld_show_create_get_fields(THD*, TABLE_LIST*, List<Item>*, String*))[0x55dc2085c3f1]
|
sql/sql_show.cc:1328(mysqld_show_create(THD*, TABLE_LIST*))[0x55dc2085d1e2]
|
sql/sql_parse.cc:4370(mysql_execute_command(THD*, bool))[0x55dc20657770]
|
sql/sql_parse.cc:7998(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55dc206717fc]
|
sql/sql_parse.cc:1896(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x55dc20647ab8]
|
sql/sql_parse.cc:1407(do_command(THD*, bool))[0x55dc206447f4]
|
sql/sql_connect.cc:1415(do_handle_one_connection(CONNECT*, bool))[0x55dc20b0d8e9]
|
sql/sql_connect.cc:1319(handle_one_connection)[0x55dc20b0d246]
|
perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55dc21747b86]
|
nptl/pthread_create.c:478(start_thread)[0x7f40c6b87609]
|
??:0(clone)[0x7f40c6758133]
|
|
|
Query (0x62900004b2a8): show create table test.DD
|
|
220707 14:57:41 [ERROR] mysqld got signal 11 ;Server version: 10.10.0-MariaDB-debug-logmysys/stacktrace.c:212(my_print_stacktrace)[0x55eda94b2b66]sql/signal_handler.cc:236(handle_fatal_signal)[0x55eda804db5f]??:0(__restore_rt)[0x7f0719f8d730]maria/ma_rt_index.c:492(maria_rtree_get_next)[0x55eda88076cf]maria/ma_rnext.c:91(maria_rnext)[0x55eda87047b0]maria/ha_maria.cc:2481(ha_maria::index_next(unsigned char*))[0x55eda863c1ab]sql/handler.cc:3522(handler::ha_index_next(unsigned char*))[0x55eda806c9b0]sql/log_event_server.cc:8376(Rows_log_event::find_row(rpl_group_info*))[0x55eda844d6c3]sql/log_event_server.cc:8533(Delete_rows_log_event::do_exec_row(rpl_group_info*))[0x55eda844e872]sql/log_event_server.cc:6069(Rows_log_event::do_apply_event(rpl_group_info*))[0x55eda843a7c1]sql/log_event.cc:4152(Log_event::apply_event(rpl_group_info*))[0x55eda83fce04]sql/slave.cc:3881(apply_event_and_update_pos_apply(Log_event*, THD*, rpl_group_info*, int))[0x55eda7506a94]sql/slave.cc:4047(apply_event_and_update_pos(Log_event*, THD*, rpl_group_info*))[0x55eda750768d]sql/slave.cc:4417(exec_relay_log_event(THD*, Relay_log_info*, rpl_group_info*))[0x55eda75093d9]sql/slave.cc:5604(handle_slave_sql)[0x55eda7510f32]perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55eda88c5159]nptl/pthread_create.c:487(start_thread)[0x7f0719f82fa3]x86_64/clone.S:97(clone)[0x7f0719b8beff]