Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.5.2, 10.2, 10.3, 10.4, 10.5
-
None
-
Ubuntu 18.04
Description
We found an assertion fail that crashes the latest version of mariadb.
POC:
—
CREATE TEMPORARY TABLE v0 ( v1 NUMERIC PRIMARY KEY ) ; |
SELECT v1 FROM v0 WHERE v1 < 8 GROUP BY 26631087.000000 WINDOW v2 AS ( PARTITION BY v1 ORDER BY 'x' DESC ) ; |
—
Stack dump:
|
|
```
|
Server version: 10.5.3-MariaDB-debug
|
key_buffer_size=134217728
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=2
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467925 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
|
Thread pointer: 0x7f0208000d78
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7f0274877dc0 thread_stack 0x49000
|
fil/fil0fil.cc:3410(fil_ibd_discover(unsigned long, Datafile&))[0x32d4681]
|
sql/multi_range_read.cc:764(Mrr_ordered_index_reader::refill_buffer(bool))[0x13c0898]
|
??:0(__restore_rt)[0x7f027ac16890]
|
linux/raise.c:51(__GI_raise)[0x7f02788c8e97]
|
stdlib/abort.c:81(__GI_abort)[0x7f02788ca801]
|
assert/assert.c:89(__assert_fail_base)[0x7f02788ba39a]
|
??:0(__assert_fail)[0x7f02788ba412]
|
sql/sql_alloc.h:40(sp_instr_hpush_jump::~sp_instr_hpush_jump())[0xb55f7b]
|
sql/log_event.h:1461(queue_event(Master_info*, char const*, unsigned long))[0xb09548]
|
sql/log_event.h:2752(rpl_master_has_bug(Relay_log_info const*, unsigned int, bool, bool (*)(void const*), void const*))[0xb14a50]
|
sql/sql_alloc.h:39(show_master_info_get_fields(THD*, List<Item>*, bool, unsigned long))[0xae4b43]
|
sql/sql_list.h:195(show_master_info_get_fields(THD*, List<Item>*, bool, unsigned long))[0xae2fa2]
|
sql/mysqld.cc:3213(my_message_sql)[0xa3bb5e]
|
sql/sql_basic_types.h:151(time_round_mode_t::time_round_mode_t(unsigned long long))[0xa2c499]
|
sql/sys_vars.ic:627(Sys_var_charptr_fscs::Sys_var_charptr(char const*, char const, int, long, unsigned long, CMD_LINE, char const, PolyLock*, sys_var::binlog_status_enum, bool (*)(PolyLock**, THD*, set_v$
|
r*), bool (*)(sys_var::binlog_status_enum, THD, enum_var_type), char const))[0xa07b70]
|
sql/sys_vars.ic:324(Sys_var_typelib::Sys_var_typelib(char const*, char const*, int, long, CMD_LINE, enum_mysql_show_type, char const**, unsigned long long, PolyLock*, sys_var::binlog_status_enum, bool (*$
|
(sys_var*, THD*, set_var*), bool (*)(sys_var*, THD*, enum_var_type), char const*))[0x9fb5cc]
|
sql/sys_vars.cc:5730(__cxx_global_var_init.1236)[0xa099cb]
|
sql/item.h:4563(Item_empty_string::Item_empty_string(THD*, char const*, unsigned int, charset_info_st const*))[0xedb6d1]
|
sql/item.h:746(show_binlog_info_get_fields(THD*, List<Item>*))[0xedaec1]
|
gcalc_slicescan.cc:0(__afl_fork_wait_loop)[0x1e8dfc6]
|
nptl/pthread_create.c:463(start_thread)[0x7f027ac0b6db]
|
x86_64/clone.S:97(clone)[0x7f02789ab88f]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x7f02080127d0): SELECT v1 FROM v0 WHERE v1 < 8 GROUP BY 26631087.000000 WINDOW v2 AS ( PARTITION BY v1 ORDER BY 'x' DESC )
|
Connection ID (thread ID): 3
|
Status: NOT_KILLED
|
```
|
Attachments
Issue Links
- relates to
-
-
- Closed
-