Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.2.28, 5.5.66, 10.1.42, 10.3.19, 10.4.9
Description
Notes:
The test case is highly non-deterministic, sometimes it fails almost right away many times in a row, and sometimes it takes dozens of attempts. also many times in a row. Run with big --repeat=N value before deciding it's fixed or not reproducible. Please try to create a deterministic one for regression suite.
Sequence engine is not important for the scenario, it is just used to populate the table.
Use of DAYOFWEEK('utf8') in the WHERE clause seems to be important. Probably it can be replaced by something more sensible, but I couldn't find quickly enough what it might be.
--source include/have_sequence.inc
|
|
|
CREATE TABLE t1 (a INT) ENGINE=HEAP; |
INSERT INTO t1 SELECT seq FROM seq_1_to_10000; |
SELECT * FROM t1; |
|
|
--connect (con1,localhost,root,,test)
|
--send
|
SELECT * FROM t1 WHERE DAYOFWEEK('utf8'); |
|
|
--connection default
|
SELECT * FROM t1; |
FLUSH TABLES;
|
|
|
# Cleanup
|
--connection con1
|
--reap
|
--disconnect con1
|
|
|
--connection default
|
DROP TABLE IF EXISTS t1; |
|
10.4 ASAN 0339cbe2 |
==17429==ERROR: AddressSanitizer: heap-use-after-free on address 0x6180000247b8 at pc 0x5654f0a73816 bp 0x7ff7398b8480 sp 0x7ff7398b8478
|
WRITE of size 8 at 0x6180000247b8 thread T27
|
#0 0x5654f0a73815 in list_delete /data/src/10.4/mysys/list.c:52
|
#1 0x5654efe74b6b in hp_close /data/src/10.4/storage/heap/hp_close.c:40
|
#2 0x5654efe74954 in heap_close /data/src/10.4/storage/heap/hp_close.c:28
|
#3 0x5654efe581b4 in ha_heap::close() /data/src/10.4/storage/heap/ha_heap.cc:140
|
#4 0x5654ef966100 in handler::ha_close() /data/src/10.4/sql/handler.cc:2812
|
#5 0x5654ef4b2d7c in closefrm(TABLE*) /data/src/10.4/sql/table.cc:4053
|
#6 0x5654ef775394 in intern_close_table /data/src/10.4/sql/table_cache.cc:222
|
#7 0x5654ef775a4e in tc_purge(bool) /data/src/10.4/sql/table_cache.cc:335
|
#8 0x5654ef0800de in purge_tables(bool) /data/src/10.4/sql/sql_base.cc:335
|
#9 0x5654ef080315 in close_cached_tables(THD*, TABLE_LIST*, bool, unsigned long) /data/src/10.4/sql/sql_base.cc:364
|
#10 0x5654ef5dd168 in reload_acl_and_cache(THD*, unsigned long long, TABLE_LIST*, int*) /data/src/10.4/sql/sql_reload.cc:332
|
#11 0x5654ef2017e2 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:5458
|
#12 0x5654ef210c8d in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7898
|
#13 0x5654ef1e9f4a in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1842
|
#14 0x5654ef1e6e3e in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1360
|
#15 0x5654ef56bca6 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
|
#16 0x5654ef56b65a in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
|
#17 0x7ff75cf124a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
|
#18 0x7ff75b459d0e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8d0e)
|
|
|
0x6180000247b8 is located 824 bytes inside of 852-byte region [0x618000024480,0x6180000247d4)
|
freed by thread T27 here:
|
#0 0x7ff75d1e9a10 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1a10)
|
#1 0x5654f0afc7b5 in free_memory /data/src/10.4/mysys/safemalloc.c:279
|
#2 0x5654f0afbe9e in sf_free /data/src/10.4/mysys/safemalloc.c:197
|
#3 0x5654f0acdfdb in my_free /data/src/10.4/mysys/my_malloc.c:222
|
#4 0x5654efe74c68 in hp_close /data/src/10.4/storage/heap/hp_close.c:43
|
#5 0x5654efe74954 in heap_close /data/src/10.4/storage/heap/hp_close.c:28
|
#6 0x5654efe581b4 in ha_heap::close() /data/src/10.4/storage/heap/ha_heap.cc:140
|
#7 0x5654ef966100 in handler::ha_close() /data/src/10.4/sql/handler.cc:2812
|
#8 0x5654ef4b2d7c in closefrm(TABLE*) /data/src/10.4/sql/table.cc:4053
|
#9 0x5654ef775394 in intern_close_table /data/src/10.4/sql/table_cache.cc:222
|
#10 0x5654ef775a4e in tc_purge(bool) /data/src/10.4/sql/table_cache.cc:335
|
#11 0x5654ef0800de in purge_tables(bool) /data/src/10.4/sql/sql_base.cc:335
|
#12 0x5654ef080315 in close_cached_tables(THD*, TABLE_LIST*, bool, unsigned long) /data/src/10.4/sql/sql_base.cc:364
|
#13 0x5654ef5dd168 in reload_acl_and_cache(THD*, unsigned long long, TABLE_LIST*, int*) /data/src/10.4/sql/sql_reload.cc:332
|
#14 0x5654ef2017e2 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:5458
|
#15 0x5654ef210c8d in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7898
|
#16 0x5654ef1e9f4a in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1842
|
#17 0x5654ef1e6e3e in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1360
|
#18 0x5654ef56bca6 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
|
#19 0x5654ef56b65a in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
|
#20 0x7ff75cf124a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
|
|
|
previously allocated by thread T27 here:
|
#0 0x7ff75d1e9d28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
|
#1 0x5654f0afb8b6 in sf_malloc /data/src/10.4/mysys/safemalloc.c:118
|
#2 0x5654f0acd6ea in my_malloc /data/src/10.4/mysys/my_malloc.c:101
|
#3 0x5654efe68755 in heap_open_from_share /data/src/10.4/storage/heap/hp_open.c:33
|
#4 0x5654efe69062 in heap_open /data/src/10.4/storage/heap/hp_open.c:121
|
#5 0x5654efe57aa2 in ha_heap::open(char const*, int, unsigned int) /data/src/10.4/storage/heap/ha_heap.cc:94
|
#6 0x5654ef965166 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /data/src/10.4/sql/handler.cc:2746
|
#7 0x5654ef4b1dfe in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /data/src/10.4/sql/table.cc:3951
|
#8 0x5654ef0883d3 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.4/sql/sql_base.cc:2086
|
#9 0x5654ef090894 in open_and_process_table /data/src/10.4/sql/sql_base.cc:3850
|
#10 0x5654ef092ec0 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:4324
|
#11 0x5654ef097be4 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:5217
|
#12 0x5654ef004531 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.4/sql/sql_base.h:505
|
#13 0x5654ef1fa9cc in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:4608
|
#14 0x5654ef210c8d in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7898
|
#15 0x5654ef1e9f4a in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1842
|
#16 0x5654ef1e6e3e in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1360
|
#17 0x5654ef56bca6 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
|
#18 0x5654ef56b65a in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
|
#19 0x7ff75cf124a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
|
|
|
Thread T27 created by T0 here:
|
#0 0x7ff75d158f59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)
|
#1 0x5654f0b27bb0 in spawn_thread_noop /data/src/10.4/mysys/psi_noop.c:187
|
#2 0x5654eef41cb8 in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1268
|
#3 0x5654eef5625c in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6234
|
#4 0x5654eef5693f in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6304
|
#5 0x5654eef56cca in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6402
|
#6 0x5654eef5791c in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6560
|
#7 0x5654eef55add in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5892
|
#8 0x5654eef3fb9f in main /data/src/10.4/sql/main.cc:25
|
#9 0x7ff75b3912e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
|
|
|
SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.4/mysys/list.c:52 in list_delete
|
Shadow bytes around the buggy address:
|
0x0c307fffc8a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc8b0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc8c0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc8d0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc8e0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
=>0x0c307fffc8f0: fd fd fd fd fd fd fd[fd]fd fd fd fa fa fa fa fa
|
0x0c307fffc900: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c307fffc910: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc920: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffc940: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Heap right redzone: fb
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack partial redzone: f4
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
==17429==ABORTING
|
Reproducible on 10.1-10.4, I didn't try 5.5. The failure however appeared after 5.5 merge, apparently with this commit:
commit afb4878703e71307af0fe8723f8ab10e8d4e0288
|
Author: Sergey Vojtovich
|
Date: Tue Jun 25 15:52:05 2019 +0400
|
|
|
MDEV-18783 - Server crash in hp_rb_make_key
|
Attachments
Issue Links
- is caused by
-
-
- Closed
-
Activity
For the record: here is another variation of a failure which started happening after the same change. It happens interchangeably with list_delete from the description (more rarely than list_delete), and disappears after either rolling back commit afb48787, or applying the patch https://github.com/MariaDB/server/commit/cd156e2c3e8576ee42ff470235d3af005daee274. The test case for reproducing it thr_lock.test
is attached. It needs to be run with --repeat and may need to be re-run multiple times as it is more likely to hit list_delete. It is a very dirty test case which mustn't be used for anything other than experimenting.
|
10.3 ASAN debug e1a2b125 |
=================================================================
|
==27971==ERROR: AddressSanitizer: heap-use-after-free on address 0x61800003ff70 at pc 0x563944865c65 bp 0x7f7c8244ac90 sp 0x7f7c8244ac88
|
WRITE of size 8 at 0x61800003ff70 thread T8
|
#0 0x563944865c64 in thr_lock /data/src/10.3/mysys/thr_lock.c:832
|
#1 0x563944868376 in thr_multi_lock /data/src/10.3/mysys/thr_lock.c:1295
|
#2 0x56394395987e in mysql_lock_tables(THD*, st_mysql_lock*, unsigned int) /data/src/10.3/sql/lock.cc:347
|
#3 0x56394395943b in mysql_lock_tables(THD*, TABLE**, unsigned int, unsigned int) /data/src/10.3/sql/lock.cc:299
|
#4 0x563942e3a3f1 in lock_tables(THD*, TABLE_LIST*, unsigned int, unsigned int) /data/src/10.3/sql/sql_base.cc:5296
|
#5 0x563942e38aae in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.3/sql/sql_base.cc:5041
|
#6 0x5639431b8562 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int) /data/src/10.3/sql/sql_base.h:496
|
#7 0x5639431b4c71 in Sql_cmd_create_table_like::execute(THD*) /data/src/10.3/sql/sql_table.cc:11099
|
#8 0x563942f910ec in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:6028
|
#9 0x563942f9c3e8 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7815
|
#10 0x563942f7710e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1856
|
#11 0x563942f73fed in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1401
|
#12 0x5639432e90e4 in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1403
|
#13 0x5639432e8aab in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1308
|
#14 0x56394474f5a5 in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1862
|
#15 0x7f7c8e1be4a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
|
#16 0x7f7c8c705d0e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8d0e)
|
|
|
0x61800003ff70 is located 752 bytes inside of 876-byte region [0x61800003fc80,0x61800003ffec)
|
freed by thread T8 here:
|
#0 0x7f7c8e495a10 in free (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1a10)
|
#1 0x563944880045 in free_memory /data/src/10.3/mysys/safemalloc.c:279
|
#2 0x56394487f72e in sf_free /data/src/10.3/mysys/safemalloc.c:197
|
#3 0x56394485186b in my_free /data/src/10.3/mysys/my_malloc.c:223
|
#4 0x563943b83072 in hp_close /data/src/10.3/storage/heap/hp_close.c:43
|
#5 0x563943b82d5e in heap_close /data/src/10.3/storage/heap/hp_close.c:28
|
#6 0x563943b6631e in ha_heap::close() /data/src/10.3/storage/heap/ha_heap.cc:140
|
#7 0x5639436826c4 in handler::ha_close() /data/src/10.3/sql/handler.cc:2826
|
#8 0x56394322f405 in closefrm(TABLE*) /data/src/10.3/sql/table.cc:3639
|
#9 0x56394349a6d1 in intern_close_table /data/src/10.3/sql/table_cache.cc:222
|
#10 0x56394349ad9d in tc_purge(bool) /data/src/10.3/sql/table_cache.cc:335
|
#11 0x563942e2216e in close_cached_tables(THD*, TABLE_LIST*, bool, unsigned long) /data/src/10.3/sql/sql_base.cc:377
|
#12 0x56394335270e in reload_acl_and_cache(THD*, unsigned long long, TABLE_LIST*, int*) /data/src/10.3/sql/sql_reload.cc:337
|
#13 0x563942f8cb69 in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:5365
|
#14 0x563942f9c3e8 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7815
|
#15 0x563942f7710e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1856
|
#16 0x563942f73fed in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1401
|
#17 0x5639432e90e4 in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1403
|
#18 0x5639432e8aab in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1308
|
#19 0x56394474f5a5 in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1862
|
#20 0x7f7c8e1be4a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
|
|
|
previously allocated by thread T6 here:
|
#0 0x7f7c8e495d28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
|
#1 0x56394487f146 in sf_malloc /data/src/10.3/mysys/safemalloc.c:118
|
#2 0x563944850f7a in my_malloc /data/src/10.3/mysys/my_malloc.c:101
|
#3 0x563943b76b5f in heap_open_from_share /data/src/10.3/storage/heap/hp_open.c:33
|
#4 0x563943b7746c in heap_open /data/src/10.3/storage/heap/hp_open.c:121
|
#5 0x563943b65c0c in ha_heap::open(char const*, int, unsigned int) /data/src/10.3/storage/heap/ha_heap.cc:94
|
#6 0x563943681724 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /data/src/10.3/sql/handler.cc:2760
|
#7 0x56394322e50d in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /data/src/10.3/sql/table.cc:3541
|
#8 0x563942e29924 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.3/sql/sql_base.cc:1979
|
#9 0x563942e31959 in open_and_process_table /data/src/10.3/sql/sql_base.cc:3675
|
#10 0x563942e33be4 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.3/sql/sql_base.cc:4144
|
#11 0x563942e389c3 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.3/sql/sql_base.cc:5032
|
#12 0x563942daa71d in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.3/sql/sql_base.h:505
|
#13 0x563943203a8f in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.3/sql/sql_view.cc:450
|
#14 0x563942f90178 in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:5849
|
#15 0x563942f9c3e8 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7815
|
#16 0x563942f7710e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1856
|
#17 0x563942f73fed in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1401
|
#18 0x5639432e90e4 in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1403
|
#19 0x5639432e8aab in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1308
|
#20 0x56394474f5a5 in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1862
|
#21 0x7f7c8e1be4a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
|
|
|
Thread T8 created by T0 here:
|
#0 0x7f7c8e404f59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)
|
#1 0x56394474f9e1 in spawn_thread_v1 /data/src/10.3/storage/perfschema/pfs.cc:1912
|
#2 0x563942ce2dd0 in inline_mysql_thread_create /data/src/10.3/include/mysql/psi/mysql_thread.h:1268
|
#3 0x563942cf80dc in create_thread_to_handle_connection(CONNECT*) /data/src/10.3/sql/mysqld.cc:6600
|
#4 0x563942cf87bf in create_new_thread /data/src/10.3/sql/mysqld.cc:6670
|
#5 0x563942cf97d7 in handle_connections_sockets() /data/src/10.3/sql/mysqld.cc:6945
|
#6 0x563942cf75ac in mysqld_main(int, char**) /data/src/10.3/sql/mysqld.cc:6222
|
#7 0x563942ce14ef in main /data/src/10.3/sql/main.cc:25
|
#8 0x7f7c8c63d2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
|
|
|
Thread T6 created by T0 here:
|
#0 0x7f7c8e404f59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)
|
#1 0x56394474f9e1 in spawn_thread_v1 /data/src/10.3/storage/perfschema/pfs.cc:1912
|
#2 0x563942ce2dd0 in inline_mysql_thread_create /data/src/10.3/include/mysql/psi/mysql_thread.h:1268
|
#3 0x563942cf80dc in create_thread_to_handle_connection(CONNECT*) /data/src/10.3/sql/mysqld.cc:6600
|
#4 0x563942cf87bf in create_new_thread /data/src/10.3/sql/mysqld.cc:6670
|
#5 0x563942cf97d7 in handle_connections_sockets() /data/src/10.3/sql/mysqld.cc:6945
|
#6 0x563942cf75ac in mysqld_main(int, char**) /data/src/10.3/sql/mysqld.cc:6222
|
#7 0x563942ce14ef in main /data/src/10.3/sql/main.cc:25
|
#8 0x7f7c8c63d2e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
|
|
|
SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.3/mysys/thr_lock.c:832 in thr_lock
|
Shadow bytes around the buggy address:
|
0x0c307fffff90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffffa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffffb0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffffc0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c307fffffd0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
=>0x0c307fffffe0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
|
0x0c307ffffff0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa
|
0x0c3080000000: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c3080000010: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c3080000020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c3080000030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Heap right redzone: fb
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack partial redzone: f4
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
==27971==ABORTING
|
----------SERVER LOG END-------------
|
|
10.3 non-ASAN debug e1a2b125 |
#3 <signal handler called>
|
#4 hp_close (info=0x8f8f8f8f8f8f8f8f) at /data/src/10.3/storage/heap/hp_close.c:38
|
#5 0x000056493241a604 in hp_panic (flag=HA_PANIC_CLOSE) at /data/src/10.3/storage/heap/hp_panic.c:34
|
#6 0x0000564932414691 in heap_panic (hton=0x5649358ff3b0, flag=HA_PANIC_CLOSE) at /data/src/10.3/storage/heap/ha_heap.cc:39
|
#7 0x00005649322043c5 in ha_finalize_handlerton (plugin=0x5649358d0e20) at /data/src/10.3/sql/handler.cc:488
|
#8 0x0000564931f04b27 in plugin_deinitialize (plugin=0x5649358d0e20, ref_check=true) at /data/src/10.3/sql/sql_plugin.cc:1236
|
#9 0x0000564931f05091 in reap_plugins () at /data/src/10.3/sql/sql_plugin.cc:1312
|
#10 0x0000564931f074ba in plugin_shutdown () at /data/src/10.3/sql/sql_plugin.cc:1981
|
#11 0x0000564931dbb1e2 in clean_up (print_message=true) at /data/src/10.3/sql/mysqld.cc:2248
|
#12 0x0000564931dbad30 in unireg_end () at /data/src/10.3/sql/mysqld.cc:2116
|
#13 0x0000564931dbac2a in kill_server (sig_ptr=0x0) at /data/src/10.3/sql/mysqld.cc:2043
|
#14 0x0000564931dbac6c in kill_server_thread (arg=0x7f1f45e0de00) at /data/src/10.3/sql/mysqld.cc:2066
|
#15 0x0000564932a0b322 in pfs_spawn_thread (arg=0x7f1f3c001350) at /data/src/10.3/storage/perfschema/pfs.cc:1862
|
#16 0x00007f1f4d6ee4a4 in start_thread (arg=0x7f1f45c4c700) at pthread_create.c:456
|
#17 0x00007f1f4bc35d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
|
These are probably variations of the same as well:
|
10.3 ASAN e1a2b125 |
==6673==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000030 (pc 0x00000257aa85 bp 0x7fd7a16677a0 sp 0x7fd7a1667780 T32)
|
==6673==The signal is caused by a READ memory access.
|
#0 0x257aa84 in inline_mysql_cond_signal /home/vsts/src/include/mysql/psi/mysql_thread.h:1225
|
#1 0x257dfa7 in free_all_read_locks /home/vsts/src/mysys/thr_lock.c:1066
|
#2 0x257f18d in wake_up_waiters /home/vsts/src/mysys/thr_lock.c:1242
|
#3 0x257bc4d in wait_for_lock /home/vsts/src/mysys/thr_lock.c:626
|
#4 0x257daf2 in thr_lock /home/vsts/src/mysys/thr_lock.c:1014
|
#5 0x257f41c in thr_multi_lock /home/vsts/src/mysys/thr_lock.c:1295
|
#6 0x1418478 in mysql_lock_tables(THD*, st_mysql_lock*, unsigned int) /home/vsts/src/sql/lock.cc:347
|
#7 0x1417ef5 in mysql_lock_tables(THD*, TABLE**, unsigned int, unsigned int) /home/vsts/src/sql/lock.cc:299
|
#8 0x7f8be7 in lock_tables(THD*, TABLE_LIST*, unsigned int, unsigned int) /home/vsts/src/sql/sql_base.cc:5296
|
#9 0x7f6f67 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /home/vsts/src/sql/sql_base.cc:5041
|
#10 0x7524c7 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /home/vsts/src/sql/sql_base.h:505
|
#11 0x93a204 in mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) /home/vsts/src/sql/sql_load.cc:407
|
#12 0x96cab2 in mysql_execute_command(THD*) /home/vsts/src/sql/sql_parse.cc:4868
|
#13 0x98189c in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/vsts/src/sql/sql_parse.cc:7815
|
#14 0x95833c in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/vsts/src/sql/sql_parse.cc:1855
|
#15 0x954ad0 in do_command(THD*) /home/vsts/src/sql/sql_parse.cc:1401
|
#16 0xd3f16c in do_handle_one_connection(CONNECT*) /home/vsts/src/sql/sql_connect.cc:1403
|
#17 0xd3ea20 in handle_one_connection /home/vsts/src/sql/sql_connect.cc:1308
|
#18 0x7fd7cfa1d6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#19 0x7fd7cee4f41c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
#0 0x7fd7d1264d6f in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d6f)
|
#1 0x25c77f3 in spawn_thread_noop /home/vsts/src/mysys/psi_noop.c:187
|
#2 0x66ed7c in inline_mysql_thread_create /home/vsts/src/include/mysql/psi/mysql_thread.h:1268
|
#3 0x687cc6 in create_thread_to_handle_connection(CONNECT*) /home/vsts/src/sql/mysqld.cc:6602
|
#4 0x688497 in create_new_thread /home/vsts/src/sql/mysqld.cc:6670
|
#5 0x689770 in handle_connections_sockets() /home/vsts/src/sql/mysqld.cc:6945
|
#6 0x686ffe in mysqld_main(int, char**) /home/vsts/src/sql/mysqld.cc:6222
|
#7 0x66d456 in main /home/vsts/src/sql/main.cc:25
|
#8 0x7fd7ced6882f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
191105 10:18:11 [ERROR] mysqld got signal 6 ;
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
Thread pointer: 0x62a00009c270
|
stack_bottom = 0x7fd7a166ba40 thread_stack 0x5fc00
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0x55900)[0x7fd7d1282900]
|
/home/vsts/server/bin/mysqld(my_print_stacktrace+0xc3)[0x2575b17]
|
maria/ma_blockrec.c:2145(write_full_pages)[0x10f1772]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x11390)[0x7fd7cfa27390]
|
linux/raise.c:54(__GI_raise)[0x7fd7ced7d428]
|
stdlib/abort.c:91(__GI_abort)[0x7fd7ced7f02a]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0x10077e)[0x7fd7d132d77e]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0x108578)[0x7fd7d1335578]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0xe67c9)[0x7fd7d13137c9]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0xe5312)[0x7fd7d1312312]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x11390)[0x7fd7cfa27390]
|
/home/vsts/server/bin/mysqld[0x257aa85]
|
maria/ma_blockrec.c:2808(write_block_record)[0x257dfa8]
|
maria/ma_blockrec.c:3282(write_block_record)[0x257f18e]
|
maria/ma_blockrec.c:3411(write_block_record)[0x257bc4e]
|
maria/ma_blockrec.c:2945(write_block_record)[0x257daf3]
|
maria/ma_blockrec.c:3223(write_block_record)[0x257f41d]
|
maria/ma_blockrec.c:3439(write_block_record)[0x1418479]
|
sql-common/client.c:1726(mysql_ssl_free)[0x1417ef6]
|
sql-common/client.c:1685(mysql_ssl_set)[0x7f8be8]
|
/home/vsts/server/bin/mysqld(_Z20open_and_lock_tablesP3THDRK14DDL_options_stP10TABLE_LISTbjP19Prelocking_strategy+0x2d8)[0x7f6f68]
|
/home/vsts/server/bin/mysqld(_Z20open_and_lock_tablesP3THDP10TABLE_LISTbj+0x141)[0x7524c8]
|
/home/vsts/server/bin/mysqld(_Z10mysql_loadP3THDPK12sql_exchangeP10TABLE_LISTR4ListI4ItemES9_S9_15enum_duplicatesbb+0x704)[0x93a205]
|
/home/vsts/server/bin/mysqld(_Z21mysql_execute_commandP3THD+0xbd95)[0x96cab3]
|
/home/vsts/server/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x701)[0x98189d]
|
/home/vsts/server/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x21f1)[0x95833d]
|
/home/vsts/server/bin/mysqld(_Z10do_commandP3THD+0x155b)[0x954ad1]
|
/home/vsts/server/bin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x5b3)[0xd3f16d]
|
sql/sql_load.cc:961(read_fixed_length(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, unsigned long, bool))[0xd3ea21]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba)[0x7fd7cfa1d6ba]
|
x86_64/clone.S:111(clone)[0x7fd7cee4f41d]
|
Query (0x62b00000e290): LOAD DATA INFILE 'load_AA_HEAP' REPLACE INTO TABLE AA_HEAP /* QNO 9977 CON_ID 14 */
|
Status: NOT_KILLED
|
|
10.4 0339cbe2 |
#3 <signal handler called>
|
#4 0x000055661fdca45d in has_old_lock (data=0x140, owner=0x7f9520002678) at /home/elenst/src/10.4/mysys/thr_lock.c:496
|
#5 0x000055661fdcacc6 in thr_lock (data=0x7f9520260318, owner=0x7f9520002678, lock_wait_timeout=60) at /home/elenst/src/10.4/mysys/thr_lock.c:830
|
#6 0x000055661fdcbaa6 in thr_multi_lock (data=0x7f9520013820, count=1, owner=0x7f9520002678, lock_wait_timeout=60) at /home/elenst/src/10.4/mysys/thr_lock.c:1295
|
#7 0x000055661f67fb02 in mysql_lock_tables (thd=0x7f9520000af0, sql_lock=0x7f95200137f8, flags=0) at /home/elenst/src/10.4/sql/lock.cc:351
|
#8 0x000055661f67f903 in mysql_lock_tables (thd=0x7f9520000af0, tables=0x7f95200137f0, count=1, flags=0) at /home/elenst/src/10.4/sql/lock.cc:300
|
#9 0x000055661f135f0c in lock_tables (thd=0x7f9520000af0, tables=0x7f95200126d0, count=1, flags=0) at /home/elenst/src/10.4/sql/sql_base.cc:5481
|
#10 0x000055661f1354dc in open_and_lock_tables (thd=0x7f9520000af0, options=..., tables=0x7f95200126d0, derived=true, flags=0, prelocking_strategy=0x7f95a5b40fb0) at /home/elenst/src/10.4/sql/sql_base.cc:5226
|
#11 0x000055661f0ef129 in open_and_lock_tables (thd=0x7f9520000af0, tables=0x7f95200126d0, derived=true, flags=0) at /home/elenst/src/10.4/sql/sql_base.h:505
|
#12 0x000055661f1de2da in execute_sqlcom_select (thd=0x7f9520000af0, all_tables=0x7f95200126d0) at /home/elenst/src/10.4/sql/sql_parse.cc:6278
|
#13 0x000055661f1d40fa in mysql_execute_command (thd=0x7f9520000af0) at /home/elenst/src/10.4/sql/sql_parse.cc:3899
|
#14 0x000055661f1e297d in mysql_parse (thd=0x7f9520000af0, rawbuf=0x7f9520011de8 "SELECT `from`, `to` INTO @tm1, @tm2 FROM ts2 ORDER BY `from` LIMIT 1 /* QNO 1830 CON_ID 19 */", length=94, parser_state=0x7f95a5b42080, is_com_multi=false, is_next_command=false) at /home/elenst/src/10.4/sql/sql_parse.cc:7898
|
#15 0x000055661f1cdcc9 in dispatch_command (command=COM_QUERY, thd=0x7f9520000af0, packet=0x7f9520008321 "SELECT `from`, `to` INTO @tm1, @tm2 FROM ts2 ORDER BY `from` LIMIT 1 /* QNO 1830 CON_ID 19 */ ", packet_length=95, is_com_multi=false, is_next_command=false) at /home/elenst/src/10.4/sql/sql_parse.cc:1842
|
#16 0x000055661f1cc294 in do_command (thd=0x7f9520000af0) at /home/elenst/src/10.4/sql/sql_parse.cc:1360
|
#17 0x000055661f3562fd in do_handle_one_connection (connect=0x55664fcebaf0) at /home/elenst/src/10.4/sql/sql_connect.cc:1412
|
#18 0x000055661f35602c in handle_one_connection (arg=0x55664fcebaf0) at /home/elenst/src/10.4/sql/sql_connect.cc:1316
|
#19 0x00007f96ccdc5dd5 in start_thread () from /lib64/libpthread.so.0
|
#20 0x00007f96caf7cead in clone () from /lib64/libc.so.6
|
For the record: this variation is strongly suspected to have the same cause (and hopefully fixed by the same patch), but it hasn't been proven yet, as it doesn't yet have a reliable test case to reproduce it:
|
10.3 ASAN e1a2b125 |
==6710==ERROR: AddressSanitizer: heap-use-after-free on address 0x6180000e5370 at pc 0x00000257e1c1 bp 0x7fd69d884150 sp 0x7fd69d884140
|
WRITE of size 8 at 0x6180000e5370 thread T33
|
#0 0x257e1c0 in thr_unlock /home/vsts/src/mysys/thr_lock.c:1087
|
#1 0x257ff1a in thr_multi_unlock /home/vsts/src/mysys/thr_lock.c:1416
|
#2 0x1419421 in mysql_unlock_tables(THD*, st_mysql_lock*, bool) /home/vsts/src/sql/lock.cc:431
|
#3 0x14196b2 in mysql_unlock_some_tables(THD*, TABLE**, unsigned int, unsigned int) /home/vsts/src/sql/lock.cc:454
|
#4 0x141a2e4 in mysql_lock_remove(THD*, st_mysql_lock*, TABLE*) /home/vsts/src/sql/lock.cc:549
|
#5 0x7def76 in close_all_tables_for_name(THD*, TABLE_SHARE*, ha_extra_function, TABLE*) /home/vsts/src/sql/sql_base.cc:687
|
#6 0xbd5fe0 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /home/vsts/src/sql/sql_table.cc:10054
|
#7 0xd5032e in Sql_cmd_alter_table::execute(THD*) /home/vsts/src/sql/sql_alter.cc:500
|
#8 0x974f4d in mysql_execute_command(THD*) /home/vsts/src/sql/sql_parse.cc:6028
|
#9 0x98189c in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/vsts/src/sql/sql_parse.cc:7815
|
#10 0x95833c in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/vsts/src/sql/sql_parse.cc:1855
|
#11 0x954ad0 in do_command(THD*) /home/vsts/src/sql/sql_parse.cc:1401
|
#12 0xd3f16c in do_handle_one_connection(CONNECT*) /home/vsts/src/sql/sql_connect.cc:1403
|
#13 0xd3ea20 in handle_one_connection /home/vsts/src/sql/sql_connect.cc:1308
|
#14 0x7fd6ccd436b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#15 0x7fd6cc17541c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)
|
0x6180000e5370 is located 752 bytes inside of 860-byte region [0x6180000e5080,0x6180000e53dc)
|
#0 0x7fd6ce6317f8 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xde7f8)
|
#1 0x2598787 in free_memory /home/vsts/src/mysys/safemalloc.c:279
|
#2 0x2597d8c in sf_free /home/vsts/src/mysys/safemalloc.c:197
|
#3 0x256687d in my_free /home/vsts/src/mysys/my_malloc.c:223
|
#4 0x168f9b3 in hp_close /home/vsts/src/storage/heap/hp_close.c:43
|
#5 0x168f63b in heap_close /home/vsts/src/storage/heap/hp_close.c:28
|
#6 0x167048e in ha_heap::close() /home/vsts/src/storage/heap/ha_heap.cc:140
|
#7 0x1107963 in handler::ha_close() /home/vsts/src/sql/handler.cc:2826
|
#8 0x249e7d6 in ha_partition::close() /home/vsts/src/sql/ha_partition.cc:3845
|
#9 0x1107963 in handler::ha_close() /home/vsts/src/sql/handler.cc:2826
|
#10 0xc6c0ba in closefrm(TABLE*) /home/vsts/src/sql/table.cc:3639
|
#11 0xf2136c in intern_close_table /home/vsts/src/sql/table_cache.cc:222
|
#12 0xf29260 in tdc_remove_table(THD*, enum_tdc_remove_table_type, char const*, char const*, bool) /home/vsts/src/sql/table_cache.cc:1151
|
#13 0x7e2344 in wait_while_table_is_used(THD*, TABLE*, ha_extra_function) /home/vsts/src/sql/sql_base.cc:1259
|
#14 0xbd5f75 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /home/vsts/src/sql/sql_table.cc:10051
|
#15 0xd5032e in Sql_cmd_alter_table::execute(THD*) /home/vsts/src/sql/sql_alter.cc:500
|
#16 0x974f4d in mysql_execute_command(THD*) /home/vsts/src/sql/sql_parse.cc:6028
|
#17 0x98189c in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/vsts/src/sql/sql_parse.cc:7815
|
#18 0x95833c in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/vsts/src/sql/sql_parse.cc:1855
|
#19 0x954ad0 in do_command(THD*) /home/vsts/src/sql/sql_parse.cc:1401
|
#20 0xd3f16c in do_handle_one_connection(CONNECT*) /home/vsts/src/sql/sql_connect.cc:1403
|
#21 0xd3ea20 in handle_one_connection /home/vsts/src/sql/sql_connect.cc:1308
|
#22 0x7fd6ccd436b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#0 0x7fd6ce631b90 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb90)
|
#1 0x2597775 in sf_malloc /home/vsts/src/mysys/safemalloc.c:118
|
#2 0x2565d4c in my_malloc /home/vsts/src/mysys/my_malloc.c:101
|
#3 0x1681bab in heap_open_from_share /home/vsts/src/storage/heap/hp_open.c:33
|
#4 0x16825f4 in heap_open /home/vsts/src/storage/heap/hp_open.c:121
|
#5 0x166fc91 in ha_heap::open(char const*, int, unsigned int) /home/vsts/src/storage/heap/ha_heap.cc:94
|
#6 0x11067a6 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /home/vsts/src/sql/handler.cc:2760
|
#7 0x24c9bef in ha_partition::open_read_partitions(char*, unsigned long) /home/vsts/src/sql/ha_partition.cc:8456
|
#8 0x249c8dc in ha_partition::open(char const*, int, unsigned int) /home/vsts/src/sql/ha_partition.cc:3589
|
#9 0x11067a6 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /home/vsts/src/sql/handler.cc:2760
|
#10 0xc6aee7 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /home/vsts/src/sql/table.cc:3541
|
#11 0x7e5a48 in open_table(THD*, TABLE_LIST*, Open_table_context*) /home/vsts/src/sql/sql_base.cc:1979
|
#12 0x7eeb65 in open_and_process_table /home/vsts/src/sql/sql_base.cc:3675
|
#13 0x7f1422 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /home/vsts/src/sql/sql_base.cc:4144
|
#14 0x94e16c in open_tables /home/vsts/src/sql/sql_base.h:251
|
#15 0x95e40f in lock_tables_open_and_lock_tables /home/vsts/src/sql/sql_parse.cc:2861
|
#16 0x96cf3b in mysql_execute_command(THD*) /home/vsts/src/sql/sql_parse.cc:4947
|
#17 0x98189c in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/vsts/src/sql/sql_parse.cc:7815
|
#18 0x95833c in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/vsts/src/sql/sql_parse.cc:1855
|
#19 0x954ad0 in do_command(THD*) /home/vsts/src/sql/sql_parse.cc:1401
|
#20 0xd3f16c in do_handle_one_connection(CONNECT*) /home/vsts/src/sql/sql_connect.cc:1403
|
#21 0xd3ea20 in handle_one_connection /home/vsts/src/sql/sql_connect.cc:1308
|
#22 0x7fd6ccd436b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
|
#0 0x7fd6ce58ad6f in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d6f)
|
#1 0x25c77f3 in spawn_thread_noop /home/vsts/src/mysys/psi_noop.c:187
|
#2 0x66ed7c in inline_mysql_thread_create /home/vsts/src/include/mysql/psi/mysql_thread.h:1268
|
#3 0x687cc6 in create_thread_to_handle_connection(CONNECT*) /home/vsts/src/sql/mysqld.cc:6602
|
#4 0x688497 in create_new_thread /home/vsts/src/sql/mysqld.cc:6670
|
#5 0x689770 in handle_connections_sockets() /home/vsts/src/sql/mysqld.cc:6945
|
#6 0x686ffe in mysqld_main(int, char**) /home/vsts/src/sql/mysqld.cc:6222
|
#7 0x66d456 in main /home/vsts/src/sql/main.cc:25
|
#8 0x7fd6cc08e82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
#0 0x7fd6ce58ad6f in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x37d6f)
|
#1 0x25c77f3 in spawn_thread_noop /home/vsts/src/mysys/psi_noop.c:187
|
#2 0x66ed7c in inline_mysql_thread_create /home/vsts/src/include/mysql/psi/mysql_thread.h:1268
|
#3 0x687cc6 in create_thread_to_handle_connection(CONNECT*) /home/vsts/src/sql/mysqld.cc:6602
|
#4 0x688497 in create_new_thread /home/vsts/src/sql/mysqld.cc:6670
|
#5 0x689770 in handle_connections_sockets() /home/vsts/src/sql/mysqld.cc:6945
|
#6 0x686ffe in mysqld_main(int, char**) /home/vsts/src/sql/mysqld.cc:6222
|
#7 0x66d456 in main /home/vsts/src/sql/main.cc:25
|
#8 0x7fd6cc08e82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
0x0c3080014a10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080014a20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080014a30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080014a40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080014a50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
=>0x0c3080014a60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
|
0x0c3080014a70: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
|
0x0c3080014a80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c3080014a90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080014aa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c3080014ab0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
Container overflow: fc
|
191105 10:47:04 [ERROR] mysqld got signal 6 ;
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
Thread pointer: 0x62a0000ea270
|
stack_bottom = 0x7fd69d889a40 thread_stack 0x5fc00
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0x55900)[0x7fd6ce5a8900]
|
/home/vsts/server/bin/mysqld(my_print_stacktrace+0xc3)[0x2575b17]
|
maria/ma_blockrec.c:2145(write_full_pages)[0x10f1772]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x11390)[0x7fd6ccd4d390]
|
linux/raise.c:54(__GI_raise)[0x7fd6cc0a3428]
|
stdlib/abort.c:91(__GI_abort)[0x7fd6cc0a502a]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0x10077e)[0x7fd6ce65377e]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0x108578)[0x7fd6ce65b578]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(+0xe9565)[0x7fd6ce63c565]
|
/usr/lib/x86_64-linux-gnu/libasan.so.4(__asan_report_store8+0x3a)[0x7fd6ce63d86a]
|
/home/vsts/server/bin/mysqld(thr_unlock+0x114)[0x257e1c1]
|
maria/ma_blockrec.c:3288(write_block_record)[0x257ff1b]
|
maria/ma_blockrec.c:3548(allocate_and_write_block_record)[0x1419422]
|
sql-common/client.c:1968(mysql_init_character_set)[0x14196b3]
|
sql-common/client.c:2087(send_client_connect_attrs)[0x141a2e5]
|
sql-common/client.c:2273(send_client_reply_packet)[0x7def77]
|
/home/vsts/server/bin/mysqld(_Z17mysql_alter_tableP3THDPK25st_mysql_const_lex_stringS3_P14HA_CREATE_INFOP10TABLE_LISTP10Alter_infojP8st_orderb+0x65cf)[0xbd5fe1]
|
sql/sql_acl.cc:822(Grant_table_base::compute_num_privilege_cols())[0xd5032f]
|
sql/sql_parse.cc:691(init_update_queries())[0x974f4e]
|
/home/vsts/server/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x701)[0x98189d]
|
/home/vsts/server/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x21f1)[0x95833d]
|
/home/vsts/server/bin/mysqld(_Z10do_commandP3THD+0x155b)[0x954ad1]
|
/home/vsts/server/bin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x5b3)[0xd3f16d]
|
sql/sql_load.cc:961(read_fixed_length(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, unsigned long, bool))[0xd3ea21]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba)[0x7fd6ccd436ba]
|
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fd6cc17541d]
|
Query (0x62b00003f290): ALTER TABLE j ORDER BY `col_int_nokey` /* QNO 1602 CON_ID 16 */
|
Status: NOT_KILLED
|
Apparently the same problem, happens even more in concurrent tests on debug builds (ASAN not needed there):
10.3 e1a2b125
#3 <signal handler called>#4 0x0000564784b74160 in list_add (root=0x7fd2ec2449d8, element=0x7fd2d006e248) at /home/elenst/src/10.3/mysys/list.c:34#5 0x0000564784b33f32 in heap_open (name=0x7fd3040ac568 "./test/table0_int", mode=2) at /home/elenst/src/10.3/storage/heap/hp_open.c:124#6 0x0000564784b2e3a6 in ha_heap::open (this=0x7fd2d00e7e08, name=0x7fd3040ac568 "./test/table0_int", mode=2, test_if_locked=18) at /home/elenst/src/10.3/storage/heap/ha_heap.cc:94#7 0x0000564784339591 in handler::ha_open (this=0x7fd2d00e7e08, table_arg=0x7fd2d00ab0c0, name=0x7fd3040ac568 "./test/table0_int", mode=2, test_if_locked=18, mem_root=0x0, partitions_to_open=0x0) at /home/elenst/src/10.3/sql/handler.cc:2760#8 0x0000564784132e9d in open_table_from_share (thd=0x7fd2d0000af0, share=0x7fd3040ac028, alias=0x7fd2d00d06c8, db_stat=33, prgflag=8, ha_open_flags=18, outparam=0x7fd2d00ab0c0, is_create_table=false, partitions_to_open=0x0) at /home/elenst/src/10.3/sql/table.cc:3541#9 0x0000564783f7b10b in open_table (thd=0x7fd2d0000af0, table_list=0x7fd2d00d0680, ot_ctx=0x7fd34a763c60) at /home/elenst/src/10.3/sql/sql_base.cc:1983#10 0x0000564783f7e929 in open_and_process_table (thd=0x7fd2d0000af0, tables=0x7fd2d00d0680, counter=0x7fd34a763d34, flags=512, prelocking_strategy=0x7fd34a763ce0, has_prelocking_list=false, ot_ctx=0x7fd34a763c60) at /home/elenst/src/10.3/sql/sql_base.cc:3675#11 0x0000564783f7f91e in open_tables (thd=0x7fd2d0000af0, options=..., start=0x7fd34a763d20, counter=0x7fd34a763d34, flags=512, prelocking_strategy=0x7fd34a763ce0) at /home/elenst/src/10.3/sql/sql_base.cc:4146#12 0x0000564783fce145 in open_tables (thd=0x7fd2d0000af0, tables=0x7fd34a763d20, counter=0x7fd34a763d34, flags=512) at /home/elenst/src/10.3/sql/sql_base.h:474#13 0x0000564784038436 in select_like_stmt_test_with_open (stmt=0x7fd2d00a0220, tables=0x7fd2d00d0680, specific_prepare=0x564784039250 <mysql_insert_select_prepare_tester(THD*)>, setup_tables_done_option=1073741824) at /home/elenst/src/10.3/sql/sql_prepare.cc:1751#14 0x00005647840393c5 in mysql_test_insert_select (stmt=0x7fd2d00a0220, tables=0x7fd2d00d0680) at /home/elenst/src/10.3/sql/sql_prepare.cc:2194#15 0x0000564784039d2c in check_prepared_statement (stmt=0x7fd2d00a0220) at /home/elenst/src/10.3/sql/sql_prepare.cc:2457#16 0x000056478403db88 in Prepared_statement::prepare (this=0x7fd2d00a0220, packet=0x7fd2d00115f8 "INSERT INTO `table0_int` SELECT * FROM `table0_int` /* QNO 1635 CON_ID 29 */ ", packet_len=77) at /home/elenst/src/10.3/sql/sql_prepare.cc:4028#17 0x0000564784040623 in Prepared_statement::execute_immediate (this=0x7fd2d00a0220, query=0x7fd2d00115f8 "INSERT INTO `table0_int` SELECT * FROM `table0_int` /* QNO 1635 CON_ID 29 */ ", query_len=77) at /home/elenst/src/10.3/sql/sql_prepare.cc:4921#18 0x000056478403aabe in mysql_sql_stmt_execute_immediate (thd=0x7fd2d0000af0) at /home/elenst/src/10.3/sql/sql_prepare.cc:2905#19 0x00005647840132b1 in mysql_execute_command (thd=0x7fd2d0000af0) at /home/elenst/src/10.3/sql/sql_parse.cc:3827#20 0x00005647840209c5 in mysql_parse (thd=0x7fd2d0000af0, rawbuf=0x7fd2d00113d8 "/* GenTest::Transform::ExecuteAsExecuteImmediate */ EXECUTE IMMEDIATE 'INSERT INTO `table0_int` SELECT * FROM `table0_int` /* QNO 1635 CON_ID 29 */ ' /* TRANSFORM_OUTCOME_UNORDERED_MATCH */ /* QNO 163"..., length=214, parser_state=0x7fd34a7654f0, is_com_multi=false, is_next_command=false) at /home/elenst/src/10.3/sql/sql_parse.cc:7815#21 0x000056478400d63f in dispatch_command (command=COM_QUERY, thd=0x7fd2d0000af0, packet=0x7fd2d0008b61 "/* GenTest::Transform::ExecuteAsExecuteImmediate */ EXECUTE IMMEDIATE 'INSERT INTO `table0_int` SELECT * FROM `table0_int` /* QNO 1635 CON_ID 29 */ ' /* TRANSFORM_OUTCOME_UNORDERED_MATCH */ /* QNO 163"..., packet_length=215, is_com_multi=false, is_next_command=false) at /home/elenst/src/10.3/sql/sql_parse.cc:1856#22 0x000056478400bed4 in do_command (thd=0x7fd2d0000af0) at /home/elenst/src/10.3/sql/sql_parse.cc:1402#23 0x000056478418544b in do_handle_one_connection (connect=0x564791046b50) at /home/elenst/src/10.3/sql/sql_connect.cc:1403#24 0x000056478418518d in handle_one_connection (arg=0x564791046b50) at /home/elenst/src/10.3/sql/sql_connect.cc:1308#25 0x00007fd4ba4d9dd5 in start_thread () from /lib64/libpthread.so.0#26 0x00007fd4b8690ead in clone () from /lib64/libc.so.6