Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Critical
-
Resolution: Unresolved
-
10.1(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL), 11.3(EOL), 11.4, 11.5(EOL)
Description
SET GLOBAL query_cache_type=ON;
|
SET GLOBAL query_cache_size=1024*64;
|
USE test;
|
CREATE TABLE t (a INT) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 99;
|
SET SESSION query_cache_type=DEFAULT;
|
SELECT COUNT(*) FROM t WHERE c1=2;
|
Leads to:
|
10.5.5 30e7a0a866dce530d8328c6d614e48d39a264f9b (Debug) |
Core was generated by `/test/MD140720-mariadb-10.5.5-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)
|
at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
|
[Current thread is 1 (Thread 0x14ce635f6700 (LWP 2425768))]
|
(gdb) bt
|
#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
|
#1 0x000055872a9ca4d7 in my_write_core (sig=sig@entry=11) at /test/10.5_dbg/mysys/stacktrace.c:518
|
#2 0x000055872a1849ba in handle_fatal_signal (sig=11) at /test/10.5_dbg/sql/signal_handler.cc:330
|
#3 <signal handler called>
|
#4 0x0000558729e65bfb in Query_cache::unlink_table (this=this@entry=0x55872b714920 <query_cache>, node=0x14ce3f880c78) at /test/10.5_dbg/sql/sql_cache.cc:3618
|
#5 0x0000558729e67431 in Query_cache::register_all_tables (this=this@entry=0x55872b714920 <query_cache>, thd=thd@entry=0x14ce3f815088, block=block@entry=0x14ce3f880160, tables_used=tables_used@entry=0x14ce3f8747e8, tables_arg=tables_arg@entry=100) at /test/10.5_dbg/sql/sql_cache.cc:3490
|
#6 0x0000558729e67ba3 in Query_cache::store_query (this=0x55872b714920 <query_cache>, thd=thd@entry=0x14ce3f815088, tables_used=tables_used@entry=0x14ce3f8747e8) at /test/10.5_dbg/sql/sql_cache.cc:1551
|
#7 0x0000558729edf7cf in execute_sqlcom_select (thd=thd@entry=0x14ce3f815088, all_tables=0x14ce3f8747e8) at /test/10.5_dbg/sql/sql_parse.cc:6208
|
#8 0x0000558729ed88b6 in mysql_execute_command (thd=thd@entry=0x14ce3f815088) at /test/10.5_dbg/sql/sql_parse.cc:3931
|
#9 0x0000558729ee5752 in mysql_parse (thd=thd@entry=0x14ce3f815088, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14ce635f5350, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:7993
|
#10 0x0000558729ed2204 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14ce3f815088, packet=packet@entry=0x14ce3f867089 "SELECT COUNT(*) FROM t WHERE c1=2", packet_length=packet_length@entry=33, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:1866
|
#11 0x0000558729ed09de in do_command (thd=0x14ce3f815088) at /test/10.5_dbg/sql/sql_parse.cc:1347
|
#12 0x000055872a02cc3b in do_handle_one_connection (connect=<optimized out>, connect@entry=0x14ce424c7808, put_in_cache=put_in_cache@entry=true) at /test/10.5_dbg/sql/sql_connect.cc:1411
|
#13 0x000055872a02d357 in handle_one_connection (arg=arg@entry=0x14ce424c7808) at /test/10.5_dbg/sql/sql_connect.cc:1313
|
#14 0x000055872a490ca8 in pfs_spawn_thread (arg=0x14ce60446508) at /test/10.5_dbg/storage/perfschema/pfs.cc:2201
|
#15 0x000014ce6256f6db in start_thread (arg=0x14ce635f6700) at pthread_create.c:463
|
#16 0x000014ce6196da3f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Bug confirmed present in:
MariaDB: 10.1.46 (dbg), 10.2.33 (dbg), 10.3.24 (dbg), 10.4.14 (dbg), 10.5.5 (dbg)
Bug confirmed not present in:
MariaDB: 10.1.46 (opt), 10.2.33 (opt), 10.3.24 (opt), 10.4.14 (opt), 10.5.5 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt)
Attachments
Issue Links
- relates to
-
-
- Confirmed
-
-
-
- Confirmed
-
-
-
- Open
-
-
-
- Open
-
Activity
| Field | Original Value | New Value |
|---|---|---|
| Fix Version/s | 10.1 [ 16100 ] |
| Assignee | Varun Gupta [ varun ] | Sergei Petrunia [ psergey ] |
| Affects Version/s | 10.6 [ 24028 ] |
This somewhat longer testcase gives an assertion instead.
SET GLOBAL query_cache_type=DEMAND;
|
SET GLOBAL query_cache_size=102400;
|
SET SESSION query_cache_type=1;
|
CREATE TABLE t (a INT) ENGINE=InnoDB PARTITION BY RANGE(a) (PARTITION pa VALUES LESS THAN (0),PARTITION pb VALUES LESS THAN (2147483646));
|
SELECT * FROM t;
|
SELECT * FROM t;
|
DROP TABLE t;
|
CREATE TABLE t (a INT, c INT) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 100;
|
SELECT x FROM t;
|
SELECT a FROM t WHERE a<ANY(SELECT * FROM t);
|
Leads to:
|
10.6.1 34340fb501f97d7289c165dd6599a3942087bc41 (Debug) |
mysqld: /test/10.6_dbg/sql/sql_cache.cc:3625: void Query_cache::unlink_table(Query_cache_block_table*): Assertion `table_block_data->m_cached_query_count >= 0' failed.
|
|
10.6.1 34340fb501f97d7289c165dd6599a3942087bc41 (Debug) |
Core was generated by `/test/MD180521-mariadb-10.6.1-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
|
Program terminated with signal SIGABRT, Aborted.
|
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
[Current thread is 1 (Thread 0x150d980ae700 (LWP 1929666))]
|
(gdb) bt
|
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#1 0x0000150d99111859 in __GI_abort () at abort.c:79
|
#2 0x0000150d99111729 in __assert_fail_base (fmt=0x150d992a7588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x563e729efaf0 "table_block_data->m_cached_query_count >= 0", file=0x563e729ef3a0 "/test/10.6_dbg/sql/sql_cache.cc", line=3625, function=<optimized out>) at assert.c:92
|
#3 0x0000150d99122f36 in __GI___assert_fail (assertion=assertion@entry=0x563e729efaf0 "table_block_data->m_cached_query_count >= 0", file=file@entry=0x563e729ef3a0 "/test/10.6_dbg/sql/sql_cache.cc", line=line@entry=3625, function=function@entry=0x563e729efb20 "void Query_cache::unlink_table(Query_cache_block_table*)") at assert.c:101
|
#4 0x0000563e71cdbdee in Query_cache::unlink_table (this=this@entry=0x563e7333d520 <query_cache>, node=<optimized out>) at /test/10.6_dbg/sql/sql_cache.cc:3625
|
#5 0x0000563e71cdd5bd in Query_cache::register_all_tables (this=this@entry=0x563e7333d520 <query_cache>, thd=thd@entry=0x150d44000db8, block=block@entry=0x150d4401d998, tables_used=tables_used@entry=0x150d44014710, tables_arg=tables_arg@entry=303) at /test/10.6_dbg/sql/sql_cache.cc:3491
|
#6 0x0000563e71cdde29 in Query_cache::store_query (this=0x563e7333d520 <query_cache>, thd=thd@entry=0x150d44000db8, tables_used=tables_used@entry=0x150d44014710) at /test/10.6_dbg/sql/sql_cache.cc:1551
|
#7 0x0000563e71d53e4e in execute_sqlcom_select (thd=thd@entry=0x150d44000db8, all_tables=0x150d44014710) at /test/10.6_dbg/sql/sql_parse.cc:6244
|
#8 0x0000563e71d60d5a in mysql_execute_command (thd=thd@entry=0x150d44000db8) at /test/10.6_dbg/sql/sql_parse.cc:3940
|
#9 0x0000563e71d4cf8d in mysql_parse (thd=thd@entry=0x150d44000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x150d980ad410) at /test/10.6_dbg/sql/sql_parse.cc:8019
|
#10 0x0000563e71d5bdbf in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x150d44000db8, packet=packet@entry=0x150d4400b799 "SELECT a FROM t WHERE a<ANY(SELECT a FROM t WHERE b=2 UNION SELECT a FROM t WHERE b=2)", packet_length=packet_length@entry=86, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_class.h:1333
|
#11 0x0000563e71d5f1b2 in do_command (thd=0x150d44000db8, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_parse.cc:1406
|
#12 0x0000563e71eb9e78 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x563e74704aa8, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1410
|
#13 0x0000563e71eba47d in handle_one_connection (arg=arg@entry=0x563e74704aa8) at /test/10.6_dbg/sql/sql_connect.cc:1312
|
#14 0x0000563e7236cd98 in pfs_spawn_thread (arg=0x563e745ee3b8) at /test/10.6_dbg/storage/perfschema/pfs.cc:2201
|
#15 0x0000150d9961f609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#16 0x0000150d9920e293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
| Summary | SIGSEGV in Query_cache::unlink_table on SELECT | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in |
| Summary | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table |
| Labels | affects-tests |
The last testcase above also crashes optimized builds, as follows:
|
10.6.1 34340fb501f97d7289c165dd6599a3942087bc41 (Optimized) |
Core was generated by `/test/MD180521-mariadb-10.6.1-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000055d39694df81 in Query_cache::double_linked_list_exclude (
|
point=point@entry=0x14dc9c01b880,
|
list_pointer=list_pointer@entry=0x55d397ab0208 <query_cache+232>)
|
at /test/10.6_opt/sql/sql_cache.cc:4011
|
[Current thread is 1 (Thread 0x14dcc5dee700 (LWP 2488907))]
|
(gdb) bt
|
#0 0x000055d39694df81 in Query_cache::double_linked_list_exclude (point=point@entry=0x14dc9c01b880, list_pointer=list_pointer@entry=0x55d397ab0208 <query_cache+232>) at /test/10.6_opt/sql/sql_cache.cc:4011
|
#1 0x000055d39694e497 in Query_cache::unlink_table (this=this@entry=0x55d397ab0120 <query_cache>, node=<optimized out>) at /test/10.6_opt/sql/sql_cache.cc:3638
|
#2 0x000055d39694f513 in Query_cache::register_all_tables (this=this@entry=0x55d397ab0120 <query_cache>, thd=thd@entry=0x14dc9c000c58, block=block@entry=0x14dc9c019e80, tables_used=tables_used@entry=0x14dc9c010fc0, tables_arg=tables_arg@entry=300) at /test/10.6_opt/sql/sql_cache.cc:3491
|
#3 0x000055d3969512d5 in Query_cache::store_query (this=0x55d397ab0120 <query_cache>, thd=thd@entry=0x14dc9c000c58, tables_used=tables_used@entry=0x14dc9c010fc0) at /test/10.6_opt/sql/sql_cache.cc:1551
|
#4 0x000055d3969a51c1 in execute_sqlcom_select (thd=0x14dc9c000c58, all_tables=0x14dc9c010fc0) at /test/10.6_opt/sql/sql_parse.cc:6244
|
#5 0x000055d3969b2db7 in mysql_execute_command (thd=0x14dc9c000c58) at /test/10.6_opt/sql/sql_parse.cc:3940
|
#6 0x000055d39699ffb4 in mysql_parse (thd=0x14dc9c000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.6_opt/sql/sql_parse.cc:8019
|
#7 0x000055d3969abff5 in dispatch_command (command=COM_QUERY, thd=0x14dc9c000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.6_opt/sql/sql_class.h:1333
|
#8 0x000055d3969adf57 in do_command (thd=0x14dc9c000c58, blocking=blocking@entry=true) at /test/10.6_opt/sql/sql_parse.cc:1406
|
#9 0x000055d396ab11e7 in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /test/10.6_opt/sql/sql_connect.cc:1410
|
#10 0x000055d396ab154d in handle_one_connection (arg=arg@entry=0x55d39a2ffaf8) at /test/10.6_opt/sql/sql_connect.cc:1312
|
#11 0x000055d396e36d58 in pfs_spawn_thread (arg=0x55d39a29db98) at /test/10.6_opt/storage/perfschema/pfs.cc:2201
|
#12 0x000014dcea5a9609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#13 0x000014dcea198293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
And this now a new regression in 10.6 optimized. 10.5 Optimized does not crash:
|
10.5.10 dd07cfcecd4aabb0aeae9c4f5087f82b4080c1bd (Optimized) |
...
|
10.5.10-opt>SELECT x FROM t;
|
ERROR 1054 (42S22): Unknown column 'x' in 'field list'
|
10.5.10-opt>SELECT a FROM t WHERE a<ANY(SELECT * FROM t);
|
ERROR 1241 (21000): Operand should contain 1 column(s)
|
10.5.10-opt>
|
| Labels | affects-tests | affects-tests regression-10.6 |
| Priority | Major [ 3 ] | Blocker [ 1 ] |
Ticket set as blocker as there is a new regression in 10.6 optimized (sql level issue?) as per the above. Feel free to change to lower prio if deemed of no significance.
| Summary | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table | 10.6 opt regression: SIGSEGV in |
| Summary | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table | 10.6 opt regression: SIGSEGV in | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table | 10.6 opt regression: SIGSEGV in Query_cache::double_linked_list_exclude |
| Priority | Blocker [ 1 ] | Major [ 3 ] |
| Assignee | Sergei Petrunia [ psergey ] | Oleksandr Byelkin [ sanja ] |
| Fix Version/s | 10.6 [ 24028 ] |
| Workflow | MariaDB v3 [ 111569 ] | MariaDB v4 [ 142120 ] |
Additional testcase. Maybe lightly sporadic.
SET GLOBAL query_cache_type=1; |
CREATE TABLE t1 (a INT PRIMARY KEY, b TEXT) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 144; |
CREATE TABLE t4 (c1 CHAR(1)) DEFAULT CHARSET=sjis ENGINE=InnoDB; |
SET query_cache_type=ON; |
SET GLOBAL query_cache_size=81920; |
SELECT * FROM t4; |
SELECT * FROM t1 WHERE not (a !=1); |
Leads to:
|
10.9.0 4a2a9c02cd6611ef36bbb735c2b483dbc83580d4 (Debug) |
Core was generated by `/test/MD260222-mariadb-10.9.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000055849acd8803 in Query_cache::unlink_table (
|
this=this@entry=0x55849c3ac8c0 <query_cache>, node=0x14b3e017f7f8)
|
at /test/10.9_dbg/sql/sql_cache.cc:3625
|
[Current thread is 1 (Thread 0x14b42c0be700 (LWP 1934456))]
|
(gdb) bt
|
#0 0x000055849acd8803 in Query_cache::unlink_table (this=this@entry=0x55849c3ac8c0 <query_cache>, node=0x14b3e017f7f8) at /test/10.9_dbg/sql/sql_cache.cc:3625
|
#1 0x000055849acda053 in Query_cache::register_all_tables (this=this@entry=0x55849c3ac8c0 <query_cache>, thd=thd@entry=0x14b3e0000db8, block=block@entry=0x14b3e017e940, tables_used=tables_used@entry=0x14b3e0014460, tables_arg=tables_arg@entry=145) at /test/10.9_dbg/sql/sql_cache.cc:3497
|
#2 0x000055849acda8e6 in Query_cache::store_query (this=0x55849c3ac8c0 <query_cache>, thd=thd@entry=0x14b3e0000db8, tables_used=tables_used@entry=0x14b3e0014460) at /test/10.9_dbg/sql/sql_cache.cc:1554
|
#3 0x000055849ad5713f in execute_sqlcom_select (thd=thd@entry=0x14b3e0000db8, all_tables=0x14b3e0014460) at /test/10.9_dbg/sql/sql_parse.cc:6251
|
#4 0x000055849ad640b9 in mysql_execute_command (thd=thd@entry=0x14b3e0000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.9_dbg/sql/sql_parse.cc:3943
|
#5 0x000055849ad50343 in mysql_parse (thd=thd@entry=0x14b3e0000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14b42c0bd400) at /test/10.9_dbg/sql/sql_parse.cc:8027
|
#6 0x000055849ad5efdf in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b3e0000db8, packet=packet@entry=0x14b3e000b889 "SELECT * FROM t1 WHERE not (a !=1)", packet_length=packet_length@entry=34, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_class.h:1362
|
#7 0x000055849ad62426 in do_command (thd=0x14b3e0000db8, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_parse.cc:1402
|
#8 0x000055849aedd036 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55849e0ae878, put_in_cache=put_in_cache@entry=true) at /test/10.9_dbg/sql/sql_connect.cc:1418
|
#9 0x000055849aedd63b in handle_one_connection (arg=arg@entry=0x55849e0ae878) at /test/10.9_dbg/sql/sql_connect.cc:1312
|
#10 0x000055849b363d23 in pfs_spawn_thread (arg=0x55849dff12f8) at /test/10.9_dbg/storage/perfschema/pfs.cc:2201
|
#11 0x000014b443840609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#12 0x000014b44342e293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Bug confirmed present in:
MariaDB: 10.2.44 (dbg), 10.3.35 (dbg), 10.4.25 (dbg), 10.5.16 (dbg), 10.6.8 (dbg), 10.7.4 (dbg), 10.8.3 (dbg), 10.9.0 (dbg),
Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.44 (opt), 10.3.35 (opt), 10.4.25 (opt), 10.5.16 (opt), 10.6.8 (opt), 10.7.4 (opt), 10.8.3 (opt), 10.9.0 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.37 (dbg), 5.7.37 (opt), 8.0.28 (dbg), 8.0.28 (opt)
| Affects Version/s | 10.7 [ 24805 ] | |
| Affects Version/s | 10.8 [ 26121 ] | |
| Affects Version/s | 10.9 [ 26905 ] |
| Fix Version/s | 10.7 [ 24805 ] |
This testcase, when repeating it randomly (in random order, or leaving out given lines) can create a large quantity of different stacks.
SET GLOBAL query_cache_type=DEMAND; |
SET GLOBAL query_cache_size=81920; |
SET SESSION query_cache_type=1; |
DROP TABLE nonexisting; |
SHOW DATABASES LIKE 'ó'; |
CREATE TEMPORARY TABLE t14169459_1 (a INT, b TEXT) ENGINE=InnoDB; |
CREATE TABLE t1 (c1 INT NOT NULL, c2 CHAR(5)) ENGINE=InnoDB PARTITION BY LINEAR KEY(c1) PARTITIONS 99; |
INSERT INTO t1 VALUES (10428); |
INSERT INTO t1 VALUES (765,208113,37,'freest','teem','denounces',''); |
INSERT INTO ti VALUES (22902,2992917996,'BPHh4R7GkgjKWQtPXXPm9L4BMXcWZ6NozCdZLfOHSPoIqSR1qDa1fhPjPqquzx4RTbZDidRRI5','GaJCoXAYP8gY8Pu5BbynAC7','8e33e8dOlRTo','TmGsB5DbqW','2j','hg',11); |
SELECT * FROM t1 WHERE c1 <='1998-12-29 00:00:00' ORDER BY c1,c2; |
SELECT GROUP_CONCAT(a SEPARATOR '###') AS NAMES FROM t1 HAVING LEFT (NAMES, 1)='J'; |
SELECT * FROM t1; |
SELECT COUNT(*) FROM t1; |
SELECT C.a, c.a FROM t1 c, t1 C; |
SELECT COUNT(c1) AS VALUE FROM t1 WHERE c1 IS NOT NULL; |
SELECT * FROM t1 WHERE c1 <> 0 ORDER BY c1,c6 DESC; |
SELECT SLEEP (3); |
A non-exhaustive sample:
SIGABRT|__libc_message|malloc_printerr|_int_malloc|__GI___libc_malloc
|
SIGSEGV|Item_field::Item_field|Field_iterator_table::create_item|Field_iterator_table_ref::create_item|insert_fields
|
SIGSEGV|TABLE::mark_virtual_column_deps|TABLE::mark_column_with_deps|TABLE::mark_column_with_deps|insert_fields
|
SIGSEGV|__strlen_avx2|Lex_cstring_strlen::Lex_cstring_strlen|Item_field::Item_field|Field_iterator_table::create_item
|
SIGSEGV|ha_partition::register_query_cache_dependant_tables|Query_cache::register_tables_from_list|Query_cache::register_all_tables|Query_cache::store_query
|
SIGSEGV|setup_table_map|setup_tables|setup_tables_and_check_access|JOIN::prepare
|
prebuilt->magic_n == ROW_PREBUILT_ALLOCATED|SIGABRT|ut_dbg_assertion_failed|row_update_prebuilt_trx|ha_innobase::update_thd|ha_innobase::external_lock
|
table_block_data->m_cached_query_count == 0|SIGABRT|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query|execute_sqlcom_select
|
SIGSEGV|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query|execute_sqlcom_select
|
This makes this bug very difficult to handle from a test perspective as constantly new stacks spring up which in essence are this bug.
Please fix this bug as it continues to affects testing significantly.
| Priority | Major [ 3 ] | Critical [ 2 ] |
correct test suite (including partition) fails due to syntax error:
--source include/have_partition.inc
|
|
|
SET GLOBAL query_cache_type=ON;
|
SET GLOBAL query_cache_size=1024*64;
|
USE test;
|
CREATE TABLE t (a INT) PARTITION BY KEY(a) PARTITIONS 99;
|
SET SESSION query_cache_type=DEFAULT;
|
SELECT COUNT(*) FROM t WHERE c1=2;
|
SET GLOBAL query_cache_type=ON;
|
SET GLOBAL query_cache_size=1024*64;
|
USE test;
|
CREATE TABLE t (a INT) PARTITION BY KEY(a) PARTITIONS 99;
|
SET SESSION query_cache_type=DEFAULT;
|
SELECT COUNT(*) FROM t WHERE c1=2;
|
main.test [ fail ]
|
Test ended at 2022-06-23 13:05:20
|
|
|
CURRENT_TEST: main.test
|
mysqltest: At line 9: query 'SELECT COUNT(*) FROM t WHERE c1=2' failed: 1054: Unknown column 'c1' in 'where clause'
|
I am not sure is it typo or it was the cause of the bug
| Assignee | Oleksandr Byelkin [ sanja ] | Roel Van de Paar [ roel ] |
The default for the CLI is InnoDB, the default for MTR is MyISAM. If I test at the CLI with MyISAM, I too get the unknown column c1 error. Please change table to InnoDB and it will likely crash fine in MTR as well. This may be an InnoDB issue?
SET GLOBAL query_cache_type=ON; |
SET GLOBAL query_cache_size=1024*64; |
USE test; |
CREATE TABLE t (a INT) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 99; |
SET SESSION query_cache_type=DEFAULT; |
SELECT COUNT(*) FROM t WHERE c1=2; |
| Assignee | Roel Van de Paar [ roel ] | Oleksandr Byelkin [ sanja ] |
| Description |
{noformat}
SET GLOBAL query_cache_type=ON; SET GLOBAL query_cache_size=1024*64; USE test; CREATE TABLE t (a INT) PARTITION BY KEY(a) PARTITIONS 99; SET SESSION query_cache_type=DEFAULT; SELECT COUNT(*) FROM t WHERE c1=2; {noformat} Leads to: {noformat:title=10.5.5 30e7a0a866dce530d8328c6d614e48d39a264f9b (Debug)} Core was generated by `/test/MD140720-mariadb-10.5.5-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'. Program terminated with signal SIGSEGV, Segmentation fault. #0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57 [Current thread is 1 (Thread 0x14ce635f6700 (LWP 2425768))] (gdb) bt #0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57 #1 0x000055872a9ca4d7 in my_write_core (sig=sig@entry=11) at /test/10.5_dbg/mysys/stacktrace.c:518 #2 0x000055872a1849ba in handle_fatal_signal (sig=11) at /test/10.5_dbg/sql/signal_handler.cc:330 #3 <signal handler called> #4 0x0000558729e65bfb in Query_cache::unlink_table (this=this@entry=0x55872b714920 <query_cache>, node=0x14ce3f880c78) at /test/10.5_dbg/sql/sql_cache.cc:3618 #5 0x0000558729e67431 in Query_cache::register_all_tables (this=this@entry=0x55872b714920 <query_cache>, thd=thd@entry=0x14ce3f815088, block=block@entry=0x14ce3f880160, tables_used=tables_used@entry=0x14ce3f8747e8, tables_arg=tables_arg@entry=100) at /test/10.5_dbg/sql/sql_cache.cc:3490 #6 0x0000558729e67ba3 in Query_cache::store_query (this=0x55872b714920 <query_cache>, thd=thd@entry=0x14ce3f815088, tables_used=tables_used@entry=0x14ce3f8747e8) at /test/10.5_dbg/sql/sql_cache.cc:1551 #7 0x0000558729edf7cf in execute_sqlcom_select (thd=thd@entry=0x14ce3f815088, all_tables=0x14ce3f8747e8) at /test/10.5_dbg/sql/sql_parse.cc:6208 #8 0x0000558729ed88b6 in mysql_execute_command (thd=thd@entry=0x14ce3f815088) at /test/10.5_dbg/sql/sql_parse.cc:3931 #9 0x0000558729ee5752 in mysql_parse (thd=thd@entry=0x14ce3f815088, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14ce635f5350, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:7993 #10 0x0000558729ed2204 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14ce3f815088, packet=packet@entry=0x14ce3f867089 "SELECT COUNT(*) FROM t WHERE c1=2", packet_length=packet_length@entry=33, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:1866 #11 0x0000558729ed09de in do_command (thd=0x14ce3f815088) at /test/10.5_dbg/sql/sql_parse.cc:1347 #12 0x000055872a02cc3b in do_handle_one_connection (connect=<optimized out>, connect@entry=0x14ce424c7808, put_in_cache=put_in_cache@entry=true) at /test/10.5_dbg/sql/sql_connect.cc:1411 #13 0x000055872a02d357 in handle_one_connection (arg=arg@entry=0x14ce424c7808) at /test/10.5_dbg/sql/sql_connect.cc:1313 #14 0x000055872a490ca8 in pfs_spawn_thread (arg=0x14ce60446508) at /test/10.5_dbg/storage/perfschema/pfs.cc:2201 #15 0x000014ce6256f6db in start_thread (arg=0x14ce635f6700) at pthread_create.c:463 #16 0x000014ce6196da3f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 {noformat} Bug confirmed present in: MariaDB: 10.1.46 (dbg), 10.2.33 (dbg), 10.3.24 (dbg), 10.4.14 (dbg), 10.5.5 (dbg) Bug confirmed not present in: MariaDB: 10.1.46 (opt), 10.2.33 (opt), 10.3.24 (opt), 10.4.14 (opt), 10.5.5 (opt) MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt) |
{noformat}
SET GLOBAL query_cache_type=ON; SET GLOBAL query_cache_size=1024*64; USE test; CREATE TABLE t (a INT) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 99; SET SESSION query_cache_type=DEFAULT; SELECT COUNT(*) FROM t WHERE c1=2; {noformat} Leads to: {noformat:title=10.5.5 30e7a0a866dce530d8328c6d614e48d39a264f9b (Debug)} Core was generated by `/test/MD140720-mariadb-10.5.5-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'. Program terminated with signal SIGSEGV, Segmentation fault. #0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57 [Current thread is 1 (Thread 0x14ce635f6700 (LWP 2425768))] (gdb) bt #0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57 #1 0x000055872a9ca4d7 in my_write_core (sig=sig@entry=11) at /test/10.5_dbg/mysys/stacktrace.c:518 #2 0x000055872a1849ba in handle_fatal_signal (sig=11) at /test/10.5_dbg/sql/signal_handler.cc:330 #3 <signal handler called> #4 0x0000558729e65bfb in Query_cache::unlink_table (this=this@entry=0x55872b714920 <query_cache>, node=0x14ce3f880c78) at /test/10.5_dbg/sql/sql_cache.cc:3618 #5 0x0000558729e67431 in Query_cache::register_all_tables (this=this@entry=0x55872b714920 <query_cache>, thd=thd@entry=0x14ce3f815088, block=block@entry=0x14ce3f880160, tables_used=tables_used@entry=0x14ce3f8747e8, tables_arg=tables_arg@entry=100) at /test/10.5_dbg/sql/sql_cache.cc:3490 #6 0x0000558729e67ba3 in Query_cache::store_query (this=0x55872b714920 <query_cache>, thd=thd@entry=0x14ce3f815088, tables_used=tables_used@entry=0x14ce3f8747e8) at /test/10.5_dbg/sql/sql_cache.cc:1551 #7 0x0000558729edf7cf in execute_sqlcom_select (thd=thd@entry=0x14ce3f815088, all_tables=0x14ce3f8747e8) at /test/10.5_dbg/sql/sql_parse.cc:6208 #8 0x0000558729ed88b6 in mysql_execute_command (thd=thd@entry=0x14ce3f815088) at /test/10.5_dbg/sql/sql_parse.cc:3931 #9 0x0000558729ee5752 in mysql_parse (thd=thd@entry=0x14ce3f815088, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14ce635f5350, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:7993 #10 0x0000558729ed2204 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14ce3f815088, packet=packet@entry=0x14ce3f867089 "SELECT COUNT(*) FROM t WHERE c1=2", packet_length=packet_length@entry=33, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:1866 #11 0x0000558729ed09de in do_command (thd=0x14ce3f815088) at /test/10.5_dbg/sql/sql_parse.cc:1347 #12 0x000055872a02cc3b in do_handle_one_connection (connect=<optimized out>, connect@entry=0x14ce424c7808, put_in_cache=put_in_cache@entry=true) at /test/10.5_dbg/sql/sql_connect.cc:1411 #13 0x000055872a02d357 in handle_one_connection (arg=arg@entry=0x14ce424c7808) at /test/10.5_dbg/sql/sql_connect.cc:1313 #14 0x000055872a490ca8 in pfs_spawn_thread (arg=0x14ce60446508) at /test/10.5_dbg/storage/perfschema/pfs.cc:2201 #15 0x000014ce6256f6db in start_thread (arg=0x14ce635f6700) at pthread_create.c:463 #16 0x000014ce6196da3f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 {noformat} Bug confirmed present in: MariaDB: 10.1.46 (dbg), 10.2.33 (dbg), 10.3.24 (dbg), 10.4.14 (dbg), 10.5.5 (dbg) Bug confirmed not present in: MariaDB: 10.1.46 (opt), 10.2.33 (opt), 10.3.24 (opt), 10.4.14 (opt), 10.5.5 (opt) MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt) |
| Component/s | Storage Engine - InnoDB [ 10129 ] |
| Affects Version/s | 10.10 [ 27530 ] | |
| Affects Version/s | 10.2 [ 14601 ] |
| Fix Version/s | 10.8 [ 26121 ] |
| Fix Version/s | 10.2 [ 14601 ] |
| Status | Open [ 1 ] | Confirmed [ 10101 ] |
| Link | This issue relates to MDEV-23127 [ MDEV-23127 ] |
| Summary | SIGSEGV in Query_cache::unlink_table on SELECT | Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table | 10.6 opt regression: SIGSEGV in Query_cache::double_linked_list_exclude | SIGSEGV in Query_cache::unlink_table and my_hash_delete | Assertion `table_block_data->m_cached_query_count >= 0' failed, | optimized regression: SIGSEGV in Query_cache::double_linked_list_exclude |
| Summary | SIGSEGV in Query_cache::unlink_table and my_hash_delete | Assertion `table_block_data->m_cached_query_count >= 0' failed, | optimized regression: SIGSEGV in Query_cache::double_linked_list_exclude | SIGSEGV in Query_cache::unlink_table and my_hash_delete | Assertion `table_block_data->m_cached_query_count >= 0' failed | InnoDB: Failing assertion: table->foreign_set.empty() | optimized regression: SIGSEGV in Query_cache::double_linked_list_exclude |
| Affects Version/s | 10.11 [ 27614 ] |
| Fix Version/s | 10.9 [ 26905 ] | |
| Fix Version/s | 10.10 [ 27530 ] |
With this testcase (sporadic; may require multiple executions at the CLI and server restarts in between or in between every few attempts):
CREATE TABLE t3 (c1 VARCHAR(2049) BINARY CHARACTER SET 'latin1' COLLATE 'latin1_bin',c2 YEAR,c3 DATETIME(5)) ENGINE=InnoDB PARTITION BY LINEAR HASH ((c2)) PARTITIONS 523; |
CREATE TABLE t4 (c1 MEDIUMINT SIGNED NOT NULL AUTO_INCREMENT, c2 MEDIUMINT UNSIGNED NULL, c3 MEDIUMINT UNSIGNED NOT NULL, c4 TINYINT, c5 SMALLINT, c6 INT, c7 INT, c8 BIGINT, PRIMARY KEY(c1), UNIQUE INDEX idx (c2,c3)) ENGINE=InnoDB; |
SET GLOBAL query_cache_type=DEMAND; |
SET query_cache_type=ON; |
SET GLOBAL query_cache_size=81920; |
SELECT MAX(c1) AS VALUE FROM t4 WHERE c1 <> 0; |
SELECT * FROM t3 WHERE c2 <='9999-12-31' ORDER BY c1,c2 DESC LIMIT 2; |
SELECT * FROM t3 WHERE c2 <='9999-12-31' ORDER BY c1,c2 DESC LIMIT 2; |
SELECT * FROM t3 WHERE c2 <='9999-12-31' ORDER BY c1,c2 DESC LIMIT 2; |
SELECT * FROM t3 WHERE c2 <='9999-12-31' ORDER BY c1,c2 DESC LIMIT 2; |
SELECT * FROM t3 WHERE c2 <='9999-12-31' ORDER BY c1,c2 DESC LIMIT 2; |
I observed a fair number of new stacks in optimized builds:
|
10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Optimized) |
Core was generated by `/test/MD190922-mariadb-10.11.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 my_hash_delete (hash=hash@entry=0x5611bdc34960 <query_cache+256>,
|
record=record@entry=0x152f7413e140 "\310B")
|
at /test/10.11_opt/mysys/hash.c:577
|
[Current thread is 1 (Thread 0x152f9c0c3700 (LWP 3465446))]
|
(gdb) bt
|
#0 my_hash_delete (hash=hash@entry=0x5611bdc34960 <query_cache+256>, record=record@entry=0x152f7413e140 "\310B") at /test/10.11_opt/mysys/hash.c:577
|
#1 0x00005611bca53afb in Query_cache::store_query (this=0x5611bdc34860 <query_cache>, thd=thd@entry=0x152f74000c58, tables_used=tables_used@entry=0x152f74010ef0) at /test/10.11_opt/sql/sql_cache.cc:1561
|
#2 0x00005611bcaae041 in execute_sqlcom_select (thd=0x152f74000c58, all_tables=0x152f74010ef0) at /test/10.11_opt/sql/sql_parse.cc:6260
|
#3 0x00005611bcabbd48 in mysql_execute_command (thd=0x152f74000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:3945
|
#4 0x00005611bcaa9205 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x152f74000c58) at /test/10.11_opt/sql/sql_parse.cc:8037
|
#5 mysql_parse (thd=0x152f74000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:7959
|
#6 0x00005611bcab4d6a in dispatch_command (command=COM_QUERY, thd=0x152f74000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.11_opt/sql/sql_class.h:1345
|
#7 0x00005611bcab6cb2 in do_command (thd=0x152f74000c58, blocking=blocking@entry=true) at /test/10.11_opt/sql/sql_parse.cc:1407
|
#8 0x00005611bcbd017f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x5611bf27c078, put_in_cache=put_in_cache@entry=true) at /test/10.11_opt/sql/sql_connect.cc:1416
|
#9 0x00005611bcbd045d in handle_one_connection (arg=0x5611bf27c078) at /test/10.11_opt/sql/sql_connect.cc:1318
|
#10 0x0000152fc8daf609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#11 0x0000152fc899b133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Optimized) |
InnoDB: Failing assertion: table->foreign_set.empty()
|
|
10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Optimized) |
Core was generated by `/test/MD190922-mariadb-10.11.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGABRT, Aborted.
|
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
[Current thread is 1 (Thread 0x146c92c2f700 (LWP 3436802))]
|
(gdb) bt
|
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#1 0x0000146caed73859 in __GI_abort () at abort.c:79
|
#2 0x000055720da35589 in ut_dbg_assertion_failed (expr=expr@entry=0x55720e5fb466 "table->foreign_set.empty()", file=file@entry=0x55720e5fb6e0 "/test/10.11_opt/storage/innobase/dict/dict0dict.cc", line=line@entry=1240) at /test/10.11_opt/storage/innobase/ut/ut0dbg.cc:60
|
#3 0x000055720da3d8db in dict_table_can_be_evicted (table=0x146c4c74f6b8) at /test/10.11_opt/storage/innobase/dict/dict0dict.cc:1240
|
#4 0x000055720e1bbb49 in dict_sys_t::evict_table_LRU (this=0x55720ec4a680 <dict_sys>, half=half@entry=false) at /test/10.11_opt/storage/innobase/dict/dict0dict.cc:1372
|
#5 0x000055720e13e47a in srv_master_do_idle_tasks (counter_time=2001193585111) at /test/10.11_opt/storage/innobase/srv/srv0srv.cc:1402
|
#6 srv_master_callback () at /test/10.11_opt/storage/innobase/srv/srv0srv.cc:1459
|
#7 0x000055720e234a3d in tpool::thread_pool_generic::timer_generic::run (this=0x5572101530d0) at /test/10.11_opt/tpool/tpool_generic.cc:343
|
#8 tpool::thread_pool_generic::timer_generic::execute (arg=0x5572101530d0) at /test/10.11_opt/tpool/tpool_generic.cc:363
|
#9 0x000055720e2357aa in tpool::task::execute (this=0x557210153110) at /test/10.11_opt/tpool/task.cc:37
|
#10 tpool::task::execute (this=0x557210153110) at /test/10.11_opt/tpool/task.cc:27
|
#11 0x000055720e233197 in tpool::thread_pool_generic::worker_main (this=0x5572100a9c60, thread_var=0x5572100aa290) at /test/10.11_opt/tpool/tpool_generic.cc:580
|
#12 0x0000146caf16ade4 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
|
#13 0x0000146caf284609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#14 0x0000146caee70133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Optimized) |
Core was generated by `/test/MD190922-mariadb-10.11.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 Query_cache::double_linked_list_exclude (point=point@entry=0x14823598a408,
|
list_pointer=list_pointer@entry=0x56268c443948 <query_cache+232>)
|
at /test/10.11_opt/sql/sql_cache.cc:4016
|
[Current thread is 1 (Thread 0x14897c08b700 (LWP 3524209))]
|
(gdb) bt
|
#0 Query_cache::double_linked_list_exclude (point=point@entry=0x14823598a408, list_pointer=list_pointer@entry=0x56268c443948 <query_cache+232>) at /test/10.11_opt/sql/sql_cache.cc:4016
|
#1 0x000056268b25fdc7 in Query_cache::unlink_table (this=this@entry=0x56268c443860 <query_cache>, node=node@entry=0x14893813e1b8) at /test/10.11_opt/sql/sql_cache.cc:3647
|
#2 0x000056268b25fe82 in Query_cache::free_query_internal (this=this@entry=0x56268c443860 <query_cache>, query_block=0x14893813e140) at /test/10.11_opt/sql/sql_cache.cc:2961
|
#3 0x000056268b25fffe in Query_cache::free_query (this=this@entry=0x56268c443860 <query_cache>, query_block=<optimized out>) at /test/10.11_opt/sql/sql_cache.cc:3018
|
#4 0x000056268b262442 in Query_cache::insert (thd=<optimized out>, pkt_nr=7, length=141, packet=0x148938008508 "\002", query_cache_tls=<optimized out>, this=0x56268c443860 <query_cache>) at /test/10.11_opt/sql/sql_cache.cc:1116
|
#5 Query_cache::insert (this=0x56268c443860 <query_cache>, thd=<optimized out>, query_cache_tls=<optimized out>, packet=0x148938008508 "\002", length=141, pkt_nr=7) at /test/10.11_opt/sql/sql_cache.cc:1068
|
#6 0x000056268b64ff37 in net_real_write (net=net@entry=0x148938000f08, packet=0x148938008508 "\002", len=<optimized out>) at /test/10.11_opt/sql/net_serv.cc:658
|
#7 0x000056268b650327 in net_flush (net=net@entry=0x148938000f08) at /test/10.11_opt/sql/net_serv.cc:402
|
#8 0x000056268b1f1803 in Protocol::net_send_eof (statement_warn_count=<optimized out>, server_status=<optimized out>, thd=0x148938000c58, this=<optimized out>) at /test/10.11_opt/sql/protocol.cc:349
|
#9 Protocol::send_eof (this=<optimized out>, server_status=<optimized out>, statement_warn_count=<optimized out>) at /test/10.11_opt/sql/protocol.cc:656
|
#10 0x000056268b1f1aa6 in Protocol::end_statement (this=0x1489380011d8) at /test/10.11_opt/sql/sql_error.h:1075
|
#11 0x000056268b2c30bd in dispatch_command (command=COM_QUERY, thd=0x148938000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:2401
|
#12 0x000056268b2c5cb2 in do_command (thd=0x148938000c58, blocking=blocking@entry=true) at /test/10.11_opt/sql/sql_parse.cc:1407
|
#13 0x000056268b3df17f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x56268d0fa598, put_in_cache=put_in_cache@entry=true) at /test/10.11_opt/sql/sql_connect.cc:1416
|
#14 0x000056268b3df45d in handle_one_connection (arg=0x56268d0fa598) at /test/10.11_opt/sql/sql_connect.cc:1318
|
#15 0x0000148994ad0609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#16 0x00001489946bc133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Modifying the testcase a bit:
CREATE TABLE t3 (c1 VARCHAR(2049) BINARY CHARACTER SET 'latin1' COLLATE 'latin1_bin',c2 YEAR,c3 DATETIME(5)) ENGINE=InnoDB PARTITION BY LINEAR HASH ((c2)) PARTITIONS 523; |
CREATE TABLE t4 (c1 MEDIUMINT SIGNED NOT NULL AUTO_INCREMENT, c2 MEDIUMINT UNSIGNED NULL, c3 MEDIUMINT UNSIGNED NOT NULL, c4 TINYINT, c5 SMALLINT, c6 INT, c7 INT, c8 BIGINT, PRIMARY KEY(c1), UNIQUE INDEX idx (c2,c3)) ENGINE=InnoDB; |
SET GLOBAL query_cache_type=DEMAND; |
SET query_cache_type=ON; |
SET GLOBAL query_cache_size=81920; |
SELECT MAX(c1) AS VALUE FROM t4 WHERE c1 <> 0; |
SELECT MAX(c1) AS VALUE FROM t4 WHERE c1 <> 0; |
SELECT * FROM t3 WHERE c2 <='9999-12-31' ORDER BY c1,c2 DESC LIMIT 2; |
SELECT * FROM t3 WHERE c2 < '9999-12-31' ORDER BY c1,c2 LIMIT 2; |
We get another additional stack:
|
10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Optimized) |
Core was generated by `/test/MD190922-mariadb-10.11.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x00005557ab1138b1 in Query_cache::double_linked_list_exclude (
|
point=point@entry=0x153858148320,
|
list_pointer=list_pointer@entry=0x5557ac2f7948 <query_cache+232>)
|
at /test/10.11_opt/sql/sql_cache.cc:4020
|
[Current thread is 1 (Thread 0x15388c726700 (LWP 3766140))]
|
(gdb) bt
|
#0 0x00005557ab1138b1 in Query_cache::double_linked_list_exclude (point=point@entry=0x153858148320, list_pointer=list_pointer@entry=0x5557ac2f7948 <query_cache+232>) at /test/10.11_opt/sql/sql_cache.cc:4020
|
#1 0x00005557ab113dc7 in Query_cache::unlink_table (this=this@entry=0x5557ac2f7860 <query_cache>, node=<optimized out>) at /test/10.11_opt/sql/sql_cache.cc:3647
|
#2 0x00005557ab114db3 in Query_cache::register_all_tables (this=this@entry=0x5557ac2f7860 <query_cache>, thd=thd@entry=0x153858000c58, block=block@entry=0x15385813e140, tables_used=tables_used@entry=0x153858010ef0, tables_arg=tables_arg@entry=524) at /test/10.11_opt/sql/sql_cache.cc:3500
|
#3 0x00005557ab116a60 in Query_cache::store_query (this=0x5557ac2f7860 <query_cache>, thd=thd@entry=0x153858000c58, tables_used=tables_used@entry=0x153858010ef0) at /test/10.11_opt/sql/sql_cache.cc:1557
|
#4 0x00005557ab171041 in execute_sqlcom_select (thd=0x153858000c58, all_tables=0x153858010ef0) at /test/10.11_opt/sql/sql_parse.cc:6260
|
#5 0x00005557ab17ed48 in mysql_execute_command (thd=0x153858000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:3945
|
#6 0x00005557ab16c205 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x153858000c58) at /test/10.11_opt/sql/sql_parse.cc:8037
|
#7 mysql_parse (thd=0x153858000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:7959
|
#8 0x00005557ab177d6a in dispatch_command (command=COM_QUERY, thd=0x153858000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.11_opt/sql/sql_class.h:1345
|
#9 0x00005557ab179cb2 in do_command (thd=0x153858000c58, blocking=blocking@entry=true) at /test/10.11_opt/sql/sql_parse.cc:1407
|
#10 0x00005557ab29317f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x5557adf946d8, put_in_cache=put_in_cache@entry=true) at /test/10.11_opt/sql/sql_connect.cc:1416
|
#11 0x00005557ab29345d in handle_one_connection (arg=0x5557adf946d8) at /test/10.11_opt/sql/sql_connect.cc:1318
|
#12 0x00001538a556a609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#13 0x00001538a5156133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
| Summary | SIGSEGV in Query_cache::unlink_table and my_hash_delete | Assertion `table_block_data->m_cached_query_count >= 0' failed | InnoDB: Failing assertion: table->foreign_set.empty() | optimized regression: SIGSEGV in Query_cache::double_linked_list_exclude | SIGSEGV's in Query_cache::unlink_table and my_hash_delete | Assertion `table_block_data->m_cached_query_count >= 0' failed | InnoDB: Failing assertion: table->foreign_set.empty() | optimized regression: SIGSEGV in Query_cache::double_linked_list_exclude |
marko FYI re: InnoDB: Failing assertion: table->foreign_set.empty() in dict_table_can_be_evicted, as listed in the last comment - it may be a separate bug (with the same testcase).
All UniqueID's observed thus far
table_block_data->m_cached_query_count >= 0|SIGABRT|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query|execute_sqlcom_select
|
table->foreign_set.empty()|SIGABRT|ut_dbg_assertion_failed|dict_table_can_be_evicted|dict_sys_t::evict_table_LRU|srv_master_do_idle_tasks
|
SIGSEGV|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query|execute_sqlcom_select
|
SIGSEGV|Query_cache::double_linked_list_exclude|Query_cache::unlink_table|Query_cache::free_query_internal|Query_cache::free_query
|
SIGSEGV|Query_cache::double_linked_list_exclude|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query
|
SIGSEGV|my_hash_delete|Query_cache::store_query|execute_sqlcom_select|mysql_execute_command
|
Roel, because I do not see any occurrence of FOREIGN or REFERENCES in any of the test cases, I assume that the assertion on dict_table_t::foreign_set may only fail due to a buffer overflow somewhere. I would suggest to test this with AddressSanitizer.
marko Thank you for the quick and effective input. Indeed you were correct. Using the first testcase from this comment, we see:
|
10.11.0 fe1f8f2c6b6f3b8e3383168225f9ae7853028947 (Optimized, UBASAN) |
Version: '10.11.0-MariaDB' socket: '/test/UBASAN_MD010922-mariadb-10.11.0-linux-x86_64-opt/socket.sock' port: 11690 MariaDB Server
|
=================================================================
|
==2821247==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x63100009c788 at pc 0x563c18de1d1b bp 0x14d63da584f0 sp 0x14d63da584e0
|
WRITE of size 8 at 0x63100009c788 thread T15
|
#0 0x563c18de1d1a in Query_cache_block::init(unsigned long) /test/10.11_opt_san/sql/sql_cache.cc:824
|
#1 0x563c18de83a8 in Query_cache::split_block(Query_cache_block*, unsigned long) /test/10.11_opt_san/sql/sql_cache.cc:3791
|
#2 0x563c18de9e59 in Query_cache::allocate_block(unsigned long, char, unsigned long) /test/10.11_opt_san/sql/sql_cache.cc:3683
|
#3 0x563c18de9e59 in Query_cache::allocate_block(unsigned long, char, unsigned long) /test/10.11_opt_san/sql/sql_cache.cc:3659
|
#4 0x563c18de9f73 in Query_cache::write_block_data(unsigned long, unsigned char*, unsigned long, Query_cache_block::block_type, unsigned int) /test/10.11_opt_san/sql/sql_cache.cc:3038
|
#5 0x563c18dec309 in Query_cache::insert_table(THD*, unsigned long, char const*, Query_cache_block_table*, unsigned long, unsigned char, unsigned char, char (*)(THD*, char const*, unsigned int, unsigned long long*), unsigned long long, char) /test/10.11_opt_san/sql/sql_cache.cc:3554
|
#6 0x563c1ba73f0a in ha_partition::reg_query_cache_dependant_table(THD*, char*, unsigned int, char*, unsigned int, unsigned char, Query_cache*, Query_cache_block_table**, handler*, unsigned int*) /test/10.11_opt_san/sql/ha_partition.cc:2618
|
#7 0x563c1ba753d0 in ha_partition::register_query_cache_dependant_tables(THD*, Query_cache*, Query_cache_block_table**, unsigned int*) /test/10.11_opt_san/sql/ha_partition.cc:2709
|
#8 0x563c18ded3e8 in Query_cache::register_tables_from_list(THD*, TABLE_LIST*, unsigned int, Query_cache_block_table**) /test/10.11_opt_san/sql/sql_cache.cc:3447
|
#9 0x563c18dede24 in Query_cache::register_all_tables(THD*, Query_cache_block*, TABLE_LIST*, unsigned int) /test/10.11_opt_san/sql/sql_cache.cc:3482
|
#10 0x563c18dfd0b7 in Query_cache::store_query(THD*, TABLE_LIST*) /test/10.11_opt_san/sql/sql_cache.cc:1554
|
#11 0x563c19163c1b in execute_sqlcom_select /test/10.11_opt_san/sql/sql_parse.cc:6260
|
#12 0x563c191b453b in mysql_execute_command(THD*, bool) /test/10.11_opt_san/sql/sql_parse.cc:3945
|
#13 0x563c19134500 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.11_opt_san/sql/sql_parse.cc:8035
|
#14 0x563c191890ff in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.11_opt_san/sql/sql_parse.cc:1894
|
#15 0x563c191943fd in do_command(THD*, bool) /test/10.11_opt_san/sql/sql_parse.cc:1407
|
#16 0x563c19a7d4cd in do_handle_one_connection(CONNECT*, bool) /test/10.11_opt_san/sql/sql_connect.cc:1418
|
#17 0x563c19a7fb3c in handle_one_connection /test/10.11_opt_san/sql/sql_connect.cc:1312
|
#18 0x14d660a69608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477
|
#19 0x14d65fcde132 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11f132)
|
|
|
0x63100009c788 is located 416 bytes to the right of 65000-byte region [0x63100008c800,0x63100009c5e8)
|
allocated by thread T15 here:
|
#0 0x563c18908a08 in __interceptor_malloc (/test/UBASAN_MD010922-mariadb-10.11.0-linux-x86_64-opt/bin/mariadbd+0x79c3a08)
|
#1 0x563c1cdf8824 in my_malloc /test/10.11_opt_san/mysys/my_malloc.c:90
|
#2 0x563c18de4b90 in Query_cache::init_cache() /test/10.11_opt_san/sql/sql_cache.cc:2662
|
#3 0x563c18de6383 in Query_cache::resize(unsigned long) /test/10.11_opt_san/sql/sql_cache.cc:1333
|
#4 0x563c19b0a163 in fix_query_cache_size /test/10.11_opt_san/sql/sys_vars.cc:3188
|
#5 0x563c18b3b31f in sys_var::update(THD*, set_var*) /test/10.11_opt_san/sql/set_var.cc:208
|
#6 0x563c18b3ed71 in set_var::update(THD*) /test/10.11_opt_san/sql/set_var.cc:863
|
#7 0x563c18b47479 in sql_set_variables(THD*, List<set_var_base>*, bool) /test/10.11_opt_san/sql/set_var.cc:745
|
#8 0x563c191a3e64 in mysql_execute_command(THD*, bool) /test/10.11_opt_san/sql/sql_parse.cc:5034
|
#9 0x563c19134500 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.11_opt_san/sql/sql_parse.cc:8035
|
#10 0x563c191890ff in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.11_opt_san/sql/sql_parse.cc:1894
|
#11 0x563c191943fd in do_command(THD*, bool) /test/10.11_opt_san/sql/sql_parse.cc:1407
|
#12 0x563c19a7d4cd in do_handle_one_connection(CONNECT*, bool) /test/10.11_opt_san/sql/sql_connect.cc:1418
|
#13 0x563c19a7fb3c in handle_one_connection /test/10.11_opt_san/sql/sql_connect.cc:1312
|
#14 0x14d660a69608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477
|
|
|
Thread T15 created by T0 here:
|
#0 0x563c18835a45 in pthread_create (/test/UBASAN_MD010922-mariadb-10.11.0-linux-x86_64-opt/bin/mariadbd+0x78f0a45)
|
#1 0x563c18958f83 in create_thread_to_handle_connection(CONNECT*) /test/10.11_opt_san/sql/mysqld.cc:6018
|
#2 0x563c1896a00f in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /test/10.11_opt_san/sql/mysqld.cc:6139
|
#3 0x563c1896b037 in handle_connections_sockets() /test/10.11_opt_san/sql/mysqld.cc:6263
|
#4 0x563c1896df94 in mysqld_main(int, char**) /test/10.11_opt_san/sql/mysqld.cc:5913
|
#5 0x14d65fbe3082 in __libc_start_main ../csu/libc-start.c:308
|
|
|
SUMMARY: AddressSanitizer: heap-buffer-overflow /test/10.11_opt_san/sql/sql_cache.cc:824 in Query_cache_block::init(unsigned long)
|
Shadow bytes around the buggy address:
|
0x0c628000b8a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c628000b8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa fa
|
0x0c628000b8c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b8d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b8e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
=>0x0c628000b8f0: fa[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b900: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b910: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b920: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b930: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c628000b940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
==2821247==ABORTING
|
| Summary | SIGSEGV's in Query_cache::unlink_table and my_hash_delete | Assertion `table_block_data->m_cached_query_count >= 0' failed | InnoDB: Failing assertion: table->foreign_set.empty() | optimized regression: SIGSEGV in Query_cache::double_linked_list_exclude | SIGSEGV's in Query_cache::unlink_table, my_hash_delete, Query_cache::double_linked_list_exclude, Assertion `table_block_data->m_cached_query_count >= 0', InnoDB assertion: table->foreign_set.empty(), ASAN: heap-buffer-overflow in Query_cache_block::init |
| Labels | affects-tests regression-10.6 | affects-tests memory_overflow regression-10.6 |
| Labels | affects-tests memory_overflow regression-10.6 | affects-tests memory_overflow regression-10.6 stack-smashing |
The second testcase in the same comment does not produce an ASAN issue, but possibly due to crash interference. Idem for other testcases in this bug.
| Fix Version/s | 10.7 [ 24805 ] |
| Fix Version/s | 10.3 [ 22126 ] |
| Fix Version/s | 10.8 [ 26121 ] |
| Fix Version/s | 10.9 [ 26905 ] | |
| Fix Version/s | 10.10 [ 27530 ] |
| Attachment | in.sql [ 72697 ] |
| Attachment | MDEV-23256_additional.sql [ 72698 ] |
Set of new stacks (to be expected given the stack smashing) seen with the attached additional testcase MDEV-23256_additional.sql
(loop the testcase at the CLI till it crashes)
SIGSEGV|_int_malloc|__GI___libc_malloc|my_malloc|root_alloc
|
SIGSEGV|handler::ha_thd|ha_innobase::info_low|ha_partition::info|make_join_statistics
|
SIGSEGV|I_P_List<TABLE, I_P_List_adapter<TABLE, &TABLE::global_free_next, &TABLE::global_free_prev>, I_P_List_null_counter, I_P_List_fast_push_back<TABLE> >::remove|tc_acquire_table|tdc_acquire_share|open_table
|
SIGSEGV|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query|execute_sqlcom_select
|
The last one is already listed above.
Given that this can lead to many different stacks, a fix for this bug would be great.
| Assignee | Oleksandr Byelkin [ sanja ] | Yuchen Pei [ JIRAUSER52627 ] |
| Comment | [ Reassigning to [~ycp] as this is a partitioning issue. ] |
| Assignee | Yuchen Pei [ JIRAUSER52627 ] | Oleksandr Byelkin [ sanja ] |
Another testcase which sporadically gives a different assert:
--source include/have_innodb.inc
|
--source include/have_partition.inc
|
SET GLOBAL query_cache_type=DEMAND; |
SET GLOBAL query_cache_size=81920; |
SET SESSION query_cache_type=1; |
CREATE TABLE t1 (c1 INT NOT NULL, c2 CHAR(5)) ENGINE=InnoDB PARTITION BY LINEAR KEY(c1) PARTITIONS 99; |
SELECT * FROM t1 WHERE c1 <='1998-12-29 00:00:00' ORDER BY c1,c2; |
--error ER_BAD_FIELD_ERROR
|
SELECT GROUP_CONCAT(a SEPARATOR '###') AS NAMES FROM t1 HAVING LEFT(NAMES, 1)='J'; |
SELECT * FROM t1; |
SELECT COUNT(*) FROM t1; |
--error ER_BAD_FIELD_ERROR
|
SELECT C.a, c.a FROM t1 c, t1 C; |
table_block_data->m_cached_query_count == 0|SIGABRT|Query_cache::unlink_table|Query_cache::register_all_tables|Query_cache::store_query|execute_sqlcom_select
|
| Fix Version/s | 10.11 [ 27614 ] | |
| Fix Version/s | 11.0 [ 28320 ] | |
| Fix Version/s | 11.1 [ 28549 ] | |
| Fix Version/s | 11.2 [ 28603 ] | |
| Fix Version/s | 11.3 [ 28565 ] | |
| Fix Version/s | 11.4 [ 29301 ] | |
| Affects Version/s | 11.0 [ 28320 ] | |
| Affects Version/s | 11.1 [ 28549 ] | |
| Affects Version/s | 11.2 [ 28603 ] | |
| Affects Version/s | 11.3 [ 28565 ] | |
| Affects Version/s | 11.4 [ 29301 ] | |
| Affects Version/s | 11.5 [ 29506 ] | |
| Affects Version/s | 10.7 [ 24805 ] | |
| Affects Version/s | 10.8 [ 26121 ] | |
| Affects Version/s | 10.9 [ 26905 ] | |
| Affects Version/s | 10.10 [ 27530 ] |
| Fix Version/s | 11.0 [ 28320 ] | |
| Fix Version/s | 11.3 [ 28565 ] |
| Link | This issue relates to MDEV-34075 [ MDEV-34075 ] |
| Fix Version/s | 10.4 [ 22408 ] |
| Fix Version/s | 11.1 [ 28549 ] |
| Fix Version/s | 11.2(EOL) [ 28603 ] |
| Labels | affects-tests memory_overflow regression-10.6 stack-smashing | affects-tests memory_overflow stack-smashing |
| Link | This issue relates to MDEV-35671 [ MDEV-35671 ] |
| Link | This issue relates to MDEV-36097 [ MDEV-36097 ] |
Additional testcase. Execute the testcase from the CLI.
SET GLOBAL query_cache_type=DEMAND;SET GLOBAL query_cache_size=102400;SET SESSION query_cache_type=1;CREATE TABLE t (a INT) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 100;SELECT * FROM t WHERE a<ANY(SELECT * FROM t);Leads to:
10.6.1 34340fb501f97d7289c165dd6599a3942087bc41 (Debug)
Core was generated by `/test/MD180521-mariadb-10.6.1-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.Program terminated with signal SIGSEGV, Segmentation fault.#0 0x000055d94b735d6d in Query_cache::unlink_table (this=this@entry=0x55d94cd97520 <query_cache>, node=0x14b62401ed10)at /test/10.6_dbg/sql/sql_cache.cc:3619[Current thread is 1 (Thread 0x14b6740a0700 (LWP 283539))](gdb) bt#0 0x000055d94b735d6d in Query_cache::unlink_table (this=this@entry=0x55d94cd97520 <query_cache>, node=0x14b62401ed10) at /test/10.6_dbg/sql/sql_cache.cc:3619#1 0x000055d94b7375bd in Query_cache::register_all_tables (this=this@entry=0x55d94cd97520 <query_cache>, thd=thd@entry=0x14b624000db8, block=block@entry=0x14b62401d998, tables_used=tables_used@entry=0x14b6240146b8, tables_arg=tables_arg@entry=202) at /test/10.6_dbg/sql/sql_cache.cc:3491#2 0x000055d94b737e29 in Query_cache::store_query (this=0x55d94cd97520 <query_cache>, thd=thd@entry=0x14b624000db8, tables_used=tables_used@entry=0x14b6240146b8) at /test/10.6_dbg/sql/sql_cache.cc:1551#3 0x000055d94b7ade4e in execute_sqlcom_select (thd=thd@entry=0x14b624000db8, all_tables=0x14b6240146b8) at /test/10.6_dbg/sql/sql_parse.cc:6244#4 0x000055d94b7bad5a in mysql_execute_command (thd=thd@entry=0x14b624000db8) at /test/10.6_dbg/sql/sql_parse.cc:3940#5 0x000055d94b7a6f8d in mysql_parse (thd=thd@entry=0x14b624000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14b67409f410) at /test/10.6_dbg/sql/sql_parse.cc:8019#6 0x000055d94b7b5dbf in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b624000db8, packet=packet@entry=0x14b62400b799 "SELECT * FROM t WHERE a<ANY(SELECT * FROM t)", packet_length=packet_length@entry=44, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_class.h:1333#7 0x000055d94b7b91b2 in do_command (thd=0x14b624000db8, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_parse.cc:1406#8 0x000055d94b913e78 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55d94ed7aaa8, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1410#9 0x000055d94b91447d in handle_one_connection (arg=arg@entry=0x55d94ed7aaa8) at /test/10.6_dbg/sql/sql_connect.cc:1312#10 0x000055d94bdc6d98 in pfs_spawn_thread (arg=0x55d94ec643b8) at /test/10.6_dbg/storage/perfschema/pfs.cc:2201#11 0x000014b676f6b609 in start_thread (arg=<optimized out>) at pthread_create.c:477#12 0x000014b676b5a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95