Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24583

ASAN use-after-poison in create_tmp_table or assertion failures after failed REPLACE into table with virtual/stored column

Details

    Description

      CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
      		 
      CREATE VIEW v1 AS SELECT * FROM t1;
      		 
      INSERT INTO t1 (pk, a) VALUES (1,'foo');
      		 
      SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
      		 
       --error 0,ER_DATA_TOO_LONG
      		 
      REPLACE INTO t1 (pk,a) VALUES (1,'qux');
      		 
      SELECT * FROM v1;
      		 
       
      		 
      # Cleanup
      		 
      DROP VIEW v1;
      		 
      DROP TABLE t1;

      10.2 ab271ee7 ASAN

      		 
      ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
      		 
      READ of size 4 at 0x619000087c39 thread T5
      		 
          #0 0x7fe873e5d47f  (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
      		 
          #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
      		 
          #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
      		 
          #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
      		 
          #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
      		 
          #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
      		 
          #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
      		 
          #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
      		 
          #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
      		 
          #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
      		 
          #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
      		 
          #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
      		 
          #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
      		 
          #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
      		 
          #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
      		 
          #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
      		 
          #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
      		 
          #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
      		 
          #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
      		 
          #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
      		 
          #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
      		 
       
      		 
      0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
      		 
      allocated by thread T5 here:
      		 
          #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
      		 
          #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
      		 
          #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
      		 
          #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
      		 
          #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
      		 
          #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
      		 
          #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
      		 
          #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
      		 
          #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
      		 
          #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
      		 
          #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
      		 
          #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
      		 
          #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
      		 
          #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
      		 
          #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
      		 
          #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
      		 
          #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
      		 
          #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
      		 
          #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
      		 
          #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
      		 
          #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
      		 
          #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
      		 
       
      		 
      Thread T5 created by T0 here:
      		 
          #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
      		 
          #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
      		 
          #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
      		 
          #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
      		 
          #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
      		 
          #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
      		 
          #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
      		 
          #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
      		 
          #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
      		 
       
      		 
      SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) 
      Shadow bytes around the buggy address:
      		 
        0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
      		 
        0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
      		 
        0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
      =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
      		 
        0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
      		 
        0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
      		 
      Shadow byte legend (one shadow byte represents 8 application bytes):
      		 
        Addressable:           00
      		 
        Partially addressable: 01 02 03 04 05 06 07 
        Heap left redzone:       fa
      		 
        Freed heap region:       fd
      		 
        Stack left redzone:      f1
      		 
        Stack mid redzone:       f2
      		 
        Stack right redzone:     f3
      		 
        Stack after return:      f5
      		 
        Stack use after scope:   f8
      		 
        Global redzone:          f9
      		 
        Global init order:       f6
      		 
        Poisoned by user:        f7
      		 
        Container overflow:      fc
      		 
        Array cookie:            ac
      		 
        Intra object redzone:    bb
      		 
        ASan internal:           fe
      		 
        Left alloca redzone:     ca
      		 
        Right alloca redzone:    cb
      		 
        Shadow gap:              cc
      		 
      ==3015140==ABORTING

      More verbose stack trace on 10.5:

      10.5 8de233af ASAN

      		 
      ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
      		 
      READ of size 4 at 0x61900008cc69 thread T5
      		 
          #0 0x7feccb1e447f  (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
      		 
          #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
      		 
          #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
      		 
          #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
      		 
          #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
      		 
          #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
      		 
          #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
      		 
          #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
      		 
          #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
      		 
          #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
      		 
          #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
      		 
          #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
      		 
          #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
      		 
          #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
      		 
          #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
      		 
          #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
      		 
          #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
      		 
          #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
      		 
          #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
      		 
          #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
      		 
          #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
      		 
          #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
      		 
          #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
      		 
          #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
      		 
       
      		 
      0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
      		 
      allocated by thread T5 here:
      		 
          #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
      		 
          #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
      		 
          #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
      		 
          #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
      		 
          #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
      		 
          #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
      		 
          #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
      		 
          #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
      		 
          #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
      		 
          #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
      		 
          #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
      		 
          #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
      		 
          #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
      		 
          #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
      		 
          #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
      		 
          #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
      		 
          #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
      		 
          #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
      		 
          #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
      		 
          #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
      		 
          #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
      		 
          #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
      		 
       
      		 
      Thread T5 created by T0 here:
      		 
          #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
      		 
          #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
      		 
          #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
      		 
          #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
      		 
          #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
      		 
          #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
      		 
          #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
      		 
          #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
      		 
          #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
      		 
          #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
      		 
          #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
      		 
       
      		 
      SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) 
      Shadow bytes around the buggy address:
      		 
        0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
      		 
        0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
      		 
        0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
      =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
      		 
        0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
      		 
        0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
      		 
        0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
      		 
        0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
      		 
      Shadow byte legend (one shadow byte represents 8 application bytes):
      		 
        Addressable:           00
      		 
        Partially addressable: 01 02 03 04 05 06 07 
        Heap left redzone:       fa
      		 
        Freed heap region:       fd
      		 
        Stack left redzone:      f1
      		 
        Stack mid redzone:       f2
      		 
        Stack right redzone:     f3
      		 
        Stack after return:      f5
      		 
        Stack use after scope:   f8
      		 
        Global redzone:          f9
      		 
        Global init order:       f6
      		 
        Poisoned by user:        f7
      		 
        Container overflow:      fc
      		 
        Array cookie:            ac
      		 
        Intra object redzone:    bb
      		 
        ASan internal:           fe
      		 
        Left alloca redzone:     ca
      		 
        Right alloca redzone:    cb
      		 
        Shadow gap:              cc
      		 
      ==3015338==ABORTING
      		 
      210113 23:14:35 [ERROR] mysqld got signal 6 ;
      		 
      This could be because you hit a bug. It is also possible that this binary
      		 
      or one of the libraries it was linked against is corrupt, improperly built,
      		 
      or misconfigured. This error can also be caused by malfunctioning hardware.
      		 
       
      		 
      To report this bug, see https://mariadb.com/kb/en/reporting-bugs
      		 
       
      		 
      We will try our best to scrape up some info that will hopefully help
      		 
      diagnose the problem, but since we have already crashed, 
      something is definitely wrong and this may fail.
      		 
       
      		 
      Server version: 10.5.9-MariaDB-debug-log
      		 
      key_buffer_size=1048576
      		 
      read_buffer_size=131072
      		 
      max_used_connections=1
      		 
      max_threads=153
      		 
      thread_count=2
      		 
      It is possible that mysqld could use up to 
      key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K  bytes of memory
      		 
      Hope that's ok; if not, decrease some variables in the equation.
      		 
       
      		 
      Thread pointer: 0x62b000069288
      		 
      Attempting backtrace. You can use the following information to find out
      		 
      where mysqld died. If you see no messages after this, something went
      		 
      terribly wrong...
      		 
      stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
      		 
      ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
      		 
      mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
      		 
      sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
      		 
      sigaction.c:0(__restore_rt)[0x7feccad743c0]
      		 
      ??:0(gsignal)[0x7fecca86218b]
      		 
      ??:0(abort)[0x7fecca841859]
      		 
      ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
      		 
      ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
      		 
      ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
      		 
      ??:0(__asan_on_error)[0x7feccb260363]
      		 
      ??:0(__interceptor_getdelim)[0x7feccb1e449f]
      		 
      sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
      		 
      sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
      		 
      sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
      		 
      sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
      		 
      sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
      		 
      sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
      		 
      sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
      		 
      sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
      		 
      sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
      		 
      sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
      		 
      sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
      		 
      sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
      		 
      sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
      		 
      sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
      		 
      sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
      		 
      sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
      		 
      sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
      		 
      sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
      		 
      sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
      		 
      sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
      		 
      perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
      		 
      nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
      		 
      ??:0(clone)[0x7fecca93e293]
      		 
       
      		 
      Trying to get some variables.
      		 
      Some pointers may be invalid and cause the dump to abort.
      		 
      Query (0x62b0000382a8): SELECT * FROM v1
      		 
       
      		 
      Connection ID (thread ID): 4
      		 
      Status: NOT_KILLED

      Both debug and non-debug ASAN builds are affected.
      Reproducible on 10.2+.

      The failure appeared in 10.2 branch after this commit:

      commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
      		 
      Author: Nikita Malyavin
      		 
      Date:   Tue Aug 11 00:38:32 2020 +1000
      		 
       
      		 
          MDEV-20618 Assertion failed in row_upd_sec_index_entry

      Note: For why the initial INSERT does not fail in the test case regardless the original SQL_MODE, see MDEV-24582.

      Variation of the test case which causes InnoDB assertion failures on debug and non-debug builds:

      --source include/have_innodb.inc
      		 
       
      		 
      CREATE TABLE t1 (
      		 
        pk INT,
      		 
        a VARCHAR(1),
      		 
        v VARCHAR(1) AS (CONCAT('virt-',a)) VIRTUAL,
      		 
        PRIMARY KEY (pk)
      		 
      ) ENGINE=InnoDB;
      		 
       
      		 
      INSERT INTO t1 (pk,a) VALUES
      		 
      (1,'a'),(2,'b'),(3,'c'),(4,'d'),(5,'e'),(6,'f');
      		 
       
      		 
       --error ER_DATA_TOO_LONG
      		 
      REPLACE INTO t1 (pk) VALUES (1);
      		 
      SELECT * FROM t1;
      		 
       
      		 
      DROP TABLE t1;

      10.2 ab271ee7 debug

      		 
      mysqld: /data/src/10.2/storage/innobase/row/row0sel.cc:3828: void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*): Assertion `prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len' failed.
      		 
      210114  0:10:39 [ERROR] mysqld got signal 6 ;
      		 
       
      		 
      #7  0x00007fef277eff36 in __GI___assert_fail (assertion=0x564d55c681a0 "prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len", file=0x564d55c66770 "/data/src/10.2/storage/innobase/row/row0sel.cc", line=3828, function=0x564d55c68140 "void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*)") at assert.c:101
      		 
      #8  0x0000564d5565084f in row_sel_dequeue_cached_row_for_mysql (buf=0x7feed00068d0 "\377", prebuilt=0x7feed0036eb0) at /data/src/10.2/storage/innobase/row/row0sel.cc:3828
      		 
      #9  0x0000564d55651f0c in row_search_mvcc (buf=0x7feed00068d0 "\377", mode=PAGE_CUR_UNSUPP, prebuilt=0x7feed0036eb0, match_mode=0, direction=1) at /data/src/10.2/storage/innobase/row/row0sel.cc:4424
      		 
      #10 0x0000564d554e205a in ha_innobase::general_fetch (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377", direction=1, match_mode=0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9652
      		 
      #11 0x0000564d554e2622 in ha_innobase::rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9863
      		 
      #12 0x0000564d552d7c3d in handler::ha_rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/sql/handler.cc:2669
      		 
      #13 0x0000564d5544aaeb in rr_sequential (info=0x7feed00145a0) at /data/src/10.2/sql/records.cc:492
      		 
      #14 0x0000564d550c02c8 in sub_select (join=0x7feed0012fd8, join_tab=0x7feed00144d8, end_of_records=false) at /data/src/10.2/sql/sql_select.cc:18877
      		 
      #15 0x0000564d550bf75c in do_select (join=0x7feed0012fd8, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18402
      		 
      #16 0x0000564d550993d3 in JOIN::exec_inner (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3641
      		 
      #17 0x0000564d5509887a in JOIN::exec (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3436
      		 
      #18 0x0000564d55099a3c in mysql_select (thd=0x7feed0000d90, tables=0x7feed00128d0, wild_num=1, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7feed0012fb8, unit=0x7feed0004988, select_lex=0x7feed00050c8) at /data/src/10.2/sql/sql_select.cc:3836
      		 
      #19 0x0000564d5508dbb6 in handle_select (thd=0x7feed0000d90, lex=0x7feed00048c8, result=0x7feed0012fb8, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361
      		 
      #20 0x0000564d55058508 in execute_sqlcom_select (thd=0x7feed0000d90, all_tables=0x7feed00128d0) at /data/src/10.2/sql/sql_parse.cc:6248
      		 
      #21 0x0000564d5504eeb7 in mysql_execute_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:3559
      		 
      #22 0x0000564d5505c2b1 in mysql_parse (thd=0x7feed0000d90, rawbuf=0x7feed00126f8 "SELECT * FROM t1", length=16, parser_state=0x7fef21c565f0, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7763
      		 
      #23 0x0000564d5504a58a in dispatch_command (command=COM_QUERY, thd=0x7feed0000d90, packet=0x7feed0008b51 "", packet_length=16, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1827
      		 
      #24 0x0000564d55049085 in do_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:1381
      		 
      #25 0x0000564d551a3704 in do_handle_one_connection (connect=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1336
      		 
      #26 0x0000564d551a3469 in handle_one_connection (arg=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1241
      		 
      #27 0x0000564d559cb44a in pfs_spawn_thread (arg=0x564d578e2350) at /data/src/10.2/storage/perfschema/pfs.cc:1869
      		 
      #28 0x00007fef27cff609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #29 0x00007fef278db293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      10.2 ab271ee7 non-debug

      		 
      2021-01-14 00:11:32 0x7f36a221f700  InnoDB: Assertion failure in file /data/src/10.2/storage/innobase/row/row0mysql.cc line 1014
      		 
      InnoDB: Failing assertion: magic1 == ROW_PREBUILT_FETCH_MAGIC_N
      		 
       
      		 
      #6  0x0000558698eb1bf9 in ut_dbg_assertion_failed (expr=expr@entry=0x5586997fcbd0 "magic1 == ROW_PREBUILT_FETCH_MAGIC_N", file=file@entry=0x5586997fc758 "/data/src/10.2/storage/innobase/row/row0mysql.cc", line=line@entry=1014) at /data/src/10.2/storage/innobase/ut/ut0dbg.cc:60
      		 
      #7  0x0000558698e9dc0d in row_prebuilt_free (prebuilt=0x7f3650178f18, dict_locked=dict_locked@entry=0) at /data/src/10.2/storage/innobase/row/row0mysql.cc:1014
      		 
      #8  0x00005586992cdece in ha_innobase::close (this=0x7f36500945e0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:6597
      		 
      #9  0x0000558699042469 in closefrm (table=table@entry=0x7f3650093a48) at /data/src/10.2/sql/table.cc:3519
      		 
      #10 0x00005586990ea681 in intern_close_table (table=0x7f3650093a48) at /data/src/10.2/sql/table_cache.cc:222
      		 
      #11 tdc_remove_table (thd=thd@entry=0x7f3650000c48, remove_type=remove_type@entry=TDC_RT_REMOVE_ALL, db=<optimized out>, table_name=<optimized out>, kill_delayed_threads=kill_delayed_threads@entry=false) at /data/src/10.2/sql/table_cache.cc:1132
      		 
      #12 0x0000558699018c05 in mysql_rm_table_no_locks (thd=0x7f3650000c48, tables=<optimized out>, if_exists=<optimized out>, drop_temporary=<optimized out>, drop_view=<optimized out>, dont_log_query=<optimized out>, dont_free_locks=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2436
      		 
      #13 0x00005586990197b4 in mysql_rm_table (thd=thd@entry=0x7f3650000c48, tables=tables@entry=0x7f365000f410, if_exists=<optimized out>, drop_temporary=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2089
      		 
      #14 0x0000558698f8f70f in mysql_execute_command (thd=0x7f3650000c48) at /data/src/10.2/sql/structs.h:530
      		 
      #15 0x0000558698f95c3b in mysql_parse (thd=thd@entry=0x7f3650000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f36a221e5b0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7763
      		 
      #16 0x0000558698f98e4d in dispatch_command (command=COM_QUERY, thd=0x7f3650000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1096
      		 
      #17 0x0000558698f9a097 in do_command (thd=0x7f3650000c48) at /data/src/10.2/sql/sql_parse.cc:1381
      		 
      #18 0x0000558699072d76 in do_handle_one_connection (connect=connect@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1336
      		 
      #19 0x0000558699072eef in handle_one_connection (arg=arg@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1241
      		 
      #20 0x000055869960d946 in pfs_spawn_thread (arg=0x55869be3f1f8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
      		 
      #21 0x00007f36a8297609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #22 0x00007f36a7e8c293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      And yet another variation, it causes the same assertions as above on 10.2-10.4 debug builds and 10.2-10.5 release builds, but a different one on 10.5 debug build. The only difference is ORDER BY in SELECT.

      --source include/have_innodb.inc
      		 
       
      		 
      CREATE TABLE t1 (
      		 
        pk INT,
      		 
        a VARCHAR(1),
      		 
        v VARCHAR(1) AS (CONCAT('virt-',a)) VIRTUAL,
      		 
        PRIMARY KEY (pk)
      		 
      ) ENGINE=InnoDB;
      		 
       
      		 
      INSERT INTO t1 (pk,a) VALUES
      		 
      (1,'a'),(2,'b'),(3,'c'),(4,'d'),(5,'e'),(6,'f');
      		 
       
      		 
       --error ER_DATA_TOO_LONG
      		 
      REPLACE INTO t1 (pk) VALUES (1);
      		 
      SELECT * FROM t1 ORDER BY a;
      		 
       
      		 
      DROP TABLE t1;

      10.5 8de233af debug

      		 
      mariadbd: /data/src/10.5/sql/field.h:1155: const uchar* Field::ptr_in_record(const uchar*) const: Assertion `l_offset >= 0 && table->s->rec_buff_length - l_offset > 0' failed.
      		 
      210114  0:17:48 [ERROR] mysqld got signal 6 ;
      		 
       
      		 
      #7  0x00007f3d4dea3f36 in __GI___assert_fail (assertion=0x5644a00b21c8 "l_offset >= 0 && table->s->rec_buff_length - l_offset > 0", file=0x5644a00b20b6 "/data/src/10.5/sql/field.h", line=1155, function=0x5644a00b2208 "const uchar* Field::ptr_in_record(const uchar*) const") at assert.c:101
      		 
      #8  0x000056449f40a0bd in Field::ptr_in_record (this=0x7f3d10233360, record=0x7f3d102332f8 "\377") at /data/src/10.5/sql/field.h:1155
      		 
      #9  0x000056449f74b900 in key_copy (to_key=0x7f3d100f9d08 '\245' <repeats 16 times>, '\217' <repeats 184 times>..., from_record=0x7f3d102332f8 "\377", key_info=0x7f3d100436e0, key_length=4, with_zerofill=false) at /data/src/10.5/sql/key.cc:144
      		 
      #10 0x000056449faa0d45 in ha_innobase::position (this=0x7f3d100f8c40, record=0x7f3d102332f8 "\377") at /data/src/10.5/storage/innobase/handler/ha_innodb.cc:10076
      		 
      #11 0x000056449f60d637 in find_all_keys (thd=0x7f3d10000db8, param=0x7f3d4824b070, select=0x7f3d10017808, fs_info=0x7f3d100525b0, buffpek_pointers=0x7f3d4824b290, tempfile=0x7f3d4824b120, pq=0x0, found_rows=0x7f3d100527a0) at /data/src/10.5/sql/filesort.cc:897
      		 
      #12 0x000056449f60b7a4 in filesort (thd=0x7f3d10000db8, table=0x7f3d101b3a38, filesort=0x7f3d100179d8, tracker=0x7f3d100180c8, join=0x7f3d10015798, first_table_bit=1) at /data/src/10.5/sql/filesort.cc:352
      		 
      #13 0x000056449f33ac44 in create_sort_index (thd=0x7f3d10000db8, join=0x7f3d10015798, tab=0x7f3d10016ec8, fsort=0x7f3d100179d8) at /data/src/10.5/sql/sql_select.cc:23862
      		 
      #14 0x000056449f334d56 in st_join_table::sort_table (this=0x7f3d10016ec8) at /data/src/10.5/sql/sql_select.cc:21607
      		 
      #15 0x000056449f33492e in join_init_read_record (tab=0x7f3d10016ec8) at /data/src/10.5/sql/sql_select.cc:21546
      		 
      #16 0x000056449f33265c in sub_select (join=0x7f3d10015798, join_tab=0x7f3d10016ec8, end_of_records=false) at /data/src/10.5/sql/sql_select.cc:20620
      		 
      #17 0x000056449f331b55 in do_select (join=0x7f3d10015798, procedure=0x0) at /data/src/10.5/sql/sql_select.cc:20157
      		 
      #18 0x000056449f305602 in JOIN::exec_inner (this=0x7f3d10015798) at /data/src/10.5/sql/sql_select.cc:4462
      		 
      #19 0x000056449f304723 in JOIN::exec (this=0x7f3d10015798) at /data/src/10.5/sql/sql_select.cc:4242
      		 
      #20 0x000056449f305de5 in mysql_select (thd=0x7f3d10000db8, tables=0x7f3d100145b8, fields=..., conds=0x0, og_num=1, order=0x7f3d10015610, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f3d10015770, unit=0x7f3d10004f58, select_lex=0x7f3d10013fc8) at /data/src/10.5/sql/sql_select.cc:4658
      		 
      #21 0x000056449f2f5a33 in handle_select (thd=0x7f3d10000db8, lex=0x7f3d10004e90, result=0x7f3d10015770, setup_tables_done_option=0) at /data/src/10.5/sql/sql_select.cc:417
      		 
      #22 0x000056449f2b8409 in execute_sqlcom_select (thd=0x7f3d10000db8, all_tables=0x7f3d100145b8) at /data/src/10.5/sql/sql_parse.cc:6281
      		 
      #23 0x000056449f2af495 in mysql_execute_command (thd=0x7f3d10000db8) at /data/src/10.5/sql/sql_parse.cc:3977
      		 
      #24 0x000056449f2bd2b0 in mysql_parse (thd=0x7f3d10000db8, rawbuf=0x7f3d10013f30 "SELECT * FROM t1 ORDER BY a", length=27, parser_state=0x7f3d4824c510, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:8062
      		 
      #25 0x000056449f2a9237 in dispatch_command (command=COM_QUERY, thd=0x7f3d10000db8, packet=0x7f3d100090a9 "", packet_length=27, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:1889
      		 
      #26 0x000056449f2a7a2b in do_command (thd=0x7f3d10000db8) at /data/src/10.5/sql/sql_parse.cc:1370
      		 
      #27 0x000056449f45578d in do_handle_one_connection (connect=0x5644a2180058, put_in_cache=true) at /data/src/10.5/sql/sql_connect.cc:1410
      		 
      #28 0x000056449f4554f0 in handle_one_connection (arg=0x5644a21927b8) at /data/src/10.5/sql/sql_connect.cc:1312
      		 
      #29 0x000056449f9b445d in pfs_spawn_thread (arg=0x5644a220e458) at /data/src/10.5/storage/perfschema/pfs.cc:2201
      		 
      #30 0x00007f3d4e3bb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #31 0x00007f3d4df8f293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-24656 [FATAL] InnoDB: Data field type 0, len 0, ASAN heap-buffer-overflow upon LOAD DATA with virtual columns

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-24665 ASAN errors, assertion failures, corrupt values after failed LOAD DATA into table with virtual/stored column

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-24782 ASAN use-after-poison in Field::pack_int / THD::binlog_update_row

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-24582 INSERT silently truncates too long value for a virtual column without warnings or errors

          • Major - Major loss of function.
          • Open

          Bug - A problem which impairs or prevents the functions of the product. MDEV-24655 Unexpected results or ASAN use-after-poison in Field::cmp_binary or in row_sel_store_mysql_field_func upon updating virtual column

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            elenst Elena Stepanova created issue -
            elenst Elena Stepanova made changes -
            Field Original Value New Value
            elenst Elena Stepanova made changes -
            Labels regression
            elenst Elena Stepanova made changes -
            Description {code:sql}
            CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
            CREATE VIEW v1 AS SELECT * FROM t1;
            INSERT INTO t1 (pk, a) VALUES (1,'foo');
            SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
             --error 0,ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk,a) VALUES (1,'qux');
            SELECT * FROM v1;

            # Cleanup
            DROP VIEW v1;
            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 ASAN}
            ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
            READ of size 4 at 0x619000087c39 thread T5
                #0 0x7fe873e5d47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
                #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
                #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
                #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
                #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
                #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
                #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
                #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
                #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
                #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
                #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
                #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
                #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
            allocated by thread T5 here:
                #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
                #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
                #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
                #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
                #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
                #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
                #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
                #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
                #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
                #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
                #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
                #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
                #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
                #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
                #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
                #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
                #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
                #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
                #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
                #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
                #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
                #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
              0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
              0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
              0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
              0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015140==ABORTING
            {noformat}

            More verbose stack trace on 10.5:
            {noformat:title=10.5 8de233af ASAN}
            ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
            READ of size 4 at 0x61900008cc69 thread T5
                #0 0x7feccb1e447f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
                #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
                #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
                #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
                #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
                #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
                #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
                #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
                #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
                #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
                #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
                #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
                #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
                #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
                #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
                #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            allocated by thread T5 here:
                #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
                #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
                #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
                #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
                #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
                #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
                #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
                #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
                #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
                #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
                #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
                #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
                #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
                #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
                #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
                #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
                #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
                #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
                #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
                #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
                #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
                #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
                #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
                #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
              0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015338==ABORTING
            210113 23:14:35 [ERROR] mysqld got signal 6 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.5.9-MariaDB-debug-log
            key_buffer_size=1048576
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=2
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x62b000069288
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
            ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
            mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
            sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
            sigaction.c:0(__restore_rt)[0x7feccad743c0]
            ??:0(gsignal)[0x7fecca86218b]
            ??:0(abort)[0x7fecca841859]
            ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
            ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
            ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
            ??:0(__asan_on_error)[0x7feccb260363]
            ??:0(__interceptor_getdelim)[0x7feccb1e449f]
            sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
            sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
            sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
            sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
            sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
            sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
            sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
            sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
            sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
            sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
            sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
            sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
            sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
            sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
            sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
            sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
            sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
            sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
            sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
            sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
            perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
            nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
            ??:0(clone)[0x7fecca93e293]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x62b0000382a8): SELECT * FROM v1

            Connection ID (thread ID): 4
            Status: NOT_KILLED
            {noformat}

            Both debug and non-debug ASAN builds are affected.
            Reproducible on 10.2+.

            The failure appeared in 10.2 branch after this commit:
            {noformat}
            commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
            Author: Nikita Malyavin
            Date: Tue Aug 11 00:38:32 2020 +1000

                MDEV-20618 Assertion failed in row_upd_sec_index_entry
            {noformat}

            _Note: For why the initial INSERT does not fail in the test case, see MDEV-24582._             		{code:sql}
            CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
            CREATE VIEW v1 AS SELECT * FROM t1;
            INSERT INTO t1 (pk, a) VALUES (1,'foo');
            SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
             --error 0,ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk,a) VALUES (1,'qux');
            SELECT * FROM v1;

            # Cleanup
            DROP VIEW v1;
            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 ASAN}
            ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
            READ of size 4 at 0x619000087c39 thread T5
                #0 0x7fe873e5d47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
                #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
                #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
                #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
                #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
                #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
                #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
                #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
                #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
                #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
                #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
                #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
                #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
            allocated by thread T5 here:
                #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
                #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
                #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
                #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
                #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
                #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
                #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
                #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
                #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
                #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
                #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
                #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
                #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
                #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
                #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
                #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
                #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
                #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
                #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
                #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
                #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
                #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
              0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
              0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
              0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
              0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015140==ABORTING
            {noformat}

            More verbose stack trace on 10.5:
            {noformat:title=10.5 8de233af ASAN}
            ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
            READ of size 4 at 0x61900008cc69 thread T5
                #0 0x7feccb1e447f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
                #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
                #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
                #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
                #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
                #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
                #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
                #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
                #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
                #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
                #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
                #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
                #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
                #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
                #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
                #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            allocated by thread T5 here:
                #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
                #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
                #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
                #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
                #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
                #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
                #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
                #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
                #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
                #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
                #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
                #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
                #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
                #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
                #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
                #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
                #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
                #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
                #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
                #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
                #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
                #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
                #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
                #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
              0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015338==ABORTING
            210113 23:14:35 [ERROR] mysqld got signal 6 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.5.9-MariaDB-debug-log
            key_buffer_size=1048576
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=2
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x62b000069288
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
            ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
            mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
            sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
            sigaction.c:0(__restore_rt)[0x7feccad743c0]
            ??:0(gsignal)[0x7fecca86218b]
            ??:0(abort)[0x7fecca841859]
            ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
            ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
            ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
            ??:0(__asan_on_error)[0x7feccb260363]
            ??:0(__interceptor_getdelim)[0x7feccb1e449f]
            sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
            sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
            sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
            sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
            sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
            sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
            sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
            sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
            sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
            sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
            sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
            sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
            sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
            sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
            sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
            sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
            sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
            sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
            sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
            sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
            perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
            nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
            ??:0(clone)[0x7fecca93e293]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x62b0000382a8): SELECT * FROM v1

            Connection ID (thread ID): 4
            Status: NOT_KILLED
            {noformat}

            Both debug and non-debug ASAN builds are affected.
            Reproducible on 10.2+.

            The failure appeared in 10.2 branch after this commit:
            {noformat}
            commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
            Author: Nikita Malyavin
            Date: Tue Aug 11 00:38:32 2020 +1000

                MDEV-20618 Assertion failed in row_upd_sec_index_entry
            {noformat}

            _Note: For why the initial INSERT does not fail in the test case regardless the original SQL_MODE, see MDEV-24582._
            elenst Elena Stepanova made changes -
            Summary ASAN use-after-poison in create_tmp_table after failed REPLACE into table with virtual column ASAN use-after-poison in create_tmp_table or assertion failures after failed REPLACE into table with virtual column
            elenst Elena Stepanova made changes -
            Description {code:sql}
            CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
            CREATE VIEW v1 AS SELECT * FROM t1;
            INSERT INTO t1 (pk, a) VALUES (1,'foo');
            SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
             --error 0,ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk,a) VALUES (1,'qux');
            SELECT * FROM v1;

            # Cleanup
            DROP VIEW v1;
            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 ASAN}
            ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
            READ of size 4 at 0x619000087c39 thread T5
                #0 0x7fe873e5d47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
                #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
                #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
                #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
                #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
                #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
                #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
                #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
                #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
                #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
                #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
                #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
                #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
            allocated by thread T5 here:
                #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
                #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
                #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
                #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
                #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
                #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
                #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
                #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
                #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
                #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
                #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
                #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
                #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
                #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
                #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
                #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
                #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
                #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
                #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
                #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
                #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
                #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
              0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
              0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
              0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
              0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015140==ABORTING
            {noformat}

            More verbose stack trace on 10.5:
            {noformat:title=10.5 8de233af ASAN}
            ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
            READ of size 4 at 0x61900008cc69 thread T5
                #0 0x7feccb1e447f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
                #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
                #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
                #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
                #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
                #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
                #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
                #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
                #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
                #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
                #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
                #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
                #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
                #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
                #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
                #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            allocated by thread T5 here:
                #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
                #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
                #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
                #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
                #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
                #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
                #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
                #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
                #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
                #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
                #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
                #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
                #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
                #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
                #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
                #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
                #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
                #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
                #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
                #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
                #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
                #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
                #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
                #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
              0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015338==ABORTING
            210113 23:14:35 [ERROR] mysqld got signal 6 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.5.9-MariaDB-debug-log
            key_buffer_size=1048576
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=2
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x62b000069288
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
            ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
            mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
            sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
            sigaction.c:0(__restore_rt)[0x7feccad743c0]
            ??:0(gsignal)[0x7fecca86218b]
            ??:0(abort)[0x7fecca841859]
            ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
            ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
            ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
            ??:0(__asan_on_error)[0x7feccb260363]
            ??:0(__interceptor_getdelim)[0x7feccb1e449f]
            sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
            sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
            sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
            sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
            sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
            sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
            sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
            sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
            sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
            sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
            sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
            sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
            sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
            sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
            sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
            sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
            sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
            sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
            sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
            sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
            perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
            nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
            ??:0(clone)[0x7fecca93e293]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x62b0000382a8): SELECT * FROM v1

            Connection ID (thread ID): 4
            Status: NOT_KILLED
            {noformat}

            Both debug and non-debug ASAN builds are affected.
            Reproducible on 10.2+.

            The failure appeared in 10.2 branch after this commit:
            {noformat}
            commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
            Author: Nikita Malyavin
            Date: Tue Aug 11 00:38:32 2020 +1000

                MDEV-20618 Assertion failed in row_upd_sec_index_entry
            {noformat}

            _Note: For why the initial INSERT does not fail in the test case regardless the original SQL_MODE, see MDEV-24582._             		{code:sql}
            CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
            CREATE VIEW v1 AS SELECT * FROM t1;
            INSERT INTO t1 (pk, a) VALUES (1,'foo');
            SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
             --error 0,ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk,a) VALUES (1,'qux');
            SELECT * FROM v1;

            # Cleanup
            DROP VIEW v1;
            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 ASAN}
            ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
            READ of size 4 at 0x619000087c39 thread T5
                #0 0x7fe873e5d47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
                #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
                #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
                #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
                #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
                #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
                #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
                #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
                #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
                #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
                #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
                #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
                #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
            allocated by thread T5 here:
                #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
                #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
                #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
                #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
                #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
                #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
                #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
                #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
                #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
                #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
                #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
                #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
                #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
                #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
                #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
                #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
                #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
                #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
                #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
                #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
                #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
                #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
              0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
              0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
              0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
              0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015140==ABORTING
            {noformat}

            More verbose stack trace on 10.5:
            {noformat:title=10.5 8de233af ASAN}
            ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
            READ of size 4 at 0x61900008cc69 thread T5
                #0 0x7feccb1e447f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
                #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
                #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
                #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
                #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
                #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
                #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
                #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
                #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
                #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
                #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
                #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
                #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
                #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
                #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
                #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            allocated by thread T5 here:
                #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
                #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
                #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
                #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
                #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
                #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
                #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
                #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
                #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
                #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
                #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
                #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
                #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
                #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
                #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
                #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
                #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
                #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
                #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
                #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
                #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
                #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
                #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
                #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
              0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015338==ABORTING
            210113 23:14:35 [ERROR] mysqld got signal 6 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.5.9-MariaDB-debug-log
            key_buffer_size=1048576
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=2
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x62b000069288
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
            ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
            mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
            sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
            sigaction.c:0(__restore_rt)[0x7feccad743c0]
            ??:0(gsignal)[0x7fecca86218b]
            ??:0(abort)[0x7fecca841859]
            ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
            ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
            ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
            ??:0(__asan_on_error)[0x7feccb260363]
            ??:0(__interceptor_getdelim)[0x7feccb1e449f]
            sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
            sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
            sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
            sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
            sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
            sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
            sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
            sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
            sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
            sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
            sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
            sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
            sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
            sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
            sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
            sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
            sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
            sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
            sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
            sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
            perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
            nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
            ??:0(clone)[0x7fecca93e293]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x62b0000382a8): SELECT * FROM v1

            Connection ID (thread ID): 4
            Status: NOT_KILLED
            {noformat}

            Both debug and non-debug ASAN builds are affected.
            Reproducible on 10.2+.

            The failure appeared in 10.2 branch after this commit:
            {noformat}
            commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
            Author: Nikita Malyavin
            Date: Tue Aug 11 00:38:32 2020 +1000

                MDEV-20618 Assertion failed in row_upd_sec_index_entry
            {noformat}

            _Note: For why the initial INSERT does not fail in the test case regardless the original SQL_MODE, see MDEV-24582._

            Variation of the test case which causes InnoDB assertion failures on debug and non-debug builds:

            {code:sql}
            --source include/have_innodb.inc

            CREATE TABLE t1 (
              pk INT,
              a VARCHAR(1),
              v VARCHAR(1) AS (CONCAT('virt-',a)) VIRTUAL,
              PRIMARY KEY (pk)
            ) ENGINE=InnoDB;

            INSERT INTO t1 (pk,a) VALUES
            (1,'a'),(2,'b'),(3,'c'),(4,'d'),(5,'e'),(6,'f');

             --error ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk) VALUES (1);
            SELECT * FROM t1;

            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 debug}
            mysqld: /data/src/10.2/storage/innobase/row/row0sel.cc:3828: void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*): Assertion `prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len' failed.
            210114 0:10:39 [ERROR] mysqld got signal 6 ;

            #7 0x00007fef277eff36 in __GI___assert_fail (assertion=0x564d55c681a0 "prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len", file=0x564d55c66770 "/data/src/10.2/storage/innobase/row/row0sel.cc", line=3828, function=0x564d55c68140 "void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*)") at assert.c:101
            #8 0x0000564d5565084f in row_sel_dequeue_cached_row_for_mysql (buf=0x7feed00068d0 "\377", prebuilt=0x7feed0036eb0) at /data/src/10.2/storage/innobase/row/row0sel.cc:3828
            #9 0x0000564d55651f0c in row_search_mvcc (buf=0x7feed00068d0 "\377", mode=PAGE_CUR_UNSUPP, prebuilt=0x7feed0036eb0, match_mode=0, direction=1) at /data/src/10.2/storage/innobase/row/row0sel.cc:4424
            #10 0x0000564d554e205a in ha_innobase::general_fetch (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377", direction=1, match_mode=0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9652
            #11 0x0000564d554e2622 in ha_innobase::rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9863
            #12 0x0000564d552d7c3d in handler::ha_rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/sql/handler.cc:2669
            #13 0x0000564d5544aaeb in rr_sequential (info=0x7feed00145a0) at /data/src/10.2/sql/records.cc:492
            #14 0x0000564d550c02c8 in sub_select (join=0x7feed0012fd8, join_tab=0x7feed00144d8, end_of_records=false) at /data/src/10.2/sql/sql_select.cc:18877
            #15 0x0000564d550bf75c in do_select (join=0x7feed0012fd8, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18402
            #16 0x0000564d550993d3 in JOIN::exec_inner (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3641
            #17 0x0000564d5509887a in JOIN::exec (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3436
            #18 0x0000564d55099a3c in mysql_select (thd=0x7feed0000d90, tables=0x7feed00128d0, wild_num=1, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7feed0012fb8, unit=0x7feed0004988, select_lex=0x7feed00050c8) at /data/src/10.2/sql/sql_select.cc:3836
            #19 0x0000564d5508dbb6 in handle_select (thd=0x7feed0000d90, lex=0x7feed00048c8, result=0x7feed0012fb8, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361
            #20 0x0000564d55058508 in execute_sqlcom_select (thd=0x7feed0000d90, all_tables=0x7feed00128d0) at /data/src/10.2/sql/sql_parse.cc:6248
            #21 0x0000564d5504eeb7 in mysql_execute_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:3559
            #22 0x0000564d5505c2b1 in mysql_parse (thd=0x7feed0000d90, rawbuf=0x7feed00126f8 "SELECT * FROM t1", length=16, parser_state=0x7fef21c565f0, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7763
            #23 0x0000564d5504a58a in dispatch_command (command=COM_QUERY, thd=0x7feed0000d90, packet=0x7feed0008b51 "", packet_length=16, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1827
            #24 0x0000564d55049085 in do_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:1381
            #25 0x0000564d551a3704 in do_handle_one_connection (connect=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1336
            #26 0x0000564d551a3469 in handle_one_connection (arg=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1241
            #27 0x0000564d559cb44a in pfs_spawn_thread (arg=0x564d578e2350) at /data/src/10.2/storage/perfschema/pfs.cc:1869
            #28 0x00007fef27cff609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #29 0x00007fef278db293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}

            {noformat:title=10.2 ab271ee7 non-debug}
            2021-01-14 00:11:32 0x7f36a221f700 InnoDB: Assertion failure in file /data/src/10.2/storage/innobase/row/row0mysql.cc line 1014
            InnoDB: Failing assertion: magic1 == ROW_PREBUILT_FETCH_MAGIC_N

            #6 0x0000558698eb1bf9 in ut_dbg_assertion_failed (expr=expr@entry=0x5586997fcbd0 "magic1 == ROW_PREBUILT_FETCH_MAGIC_N", file=file@entry=0x5586997fc758 "/data/src/10.2/storage/innobase/row/row0mysql.cc", line=line@entry=1014) at /data/src/10.2/storage/innobase/ut/ut0dbg.cc:60
            #7 0x0000558698e9dc0d in row_prebuilt_free (prebuilt=0x7f3650178f18, dict_locked=dict_locked@entry=0) at /data/src/10.2/storage/innobase/row/row0mysql.cc:1014
            #8 0x00005586992cdece in ha_innobase::close (this=0x7f36500945e0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:6597
            #9 0x0000558699042469 in closefrm (table=table@entry=0x7f3650093a48) at /data/src/10.2/sql/table.cc:3519
            #10 0x00005586990ea681 in intern_close_table (table=0x7f3650093a48) at /data/src/10.2/sql/table_cache.cc:222
            #11 tdc_remove_table (thd=thd@entry=0x7f3650000c48, remove_type=remove_type@entry=TDC_RT_REMOVE_ALL, db=<optimized out>, table_name=<optimized out>, kill_delayed_threads=kill_delayed_threads@entry=false) at /data/src/10.2/sql/table_cache.cc:1132
            #12 0x0000558699018c05 in mysql_rm_table_no_locks (thd=0x7f3650000c48, tables=<optimized out>, if_exists=<optimized out>, drop_temporary=<optimized out>, drop_view=<optimized out>, dont_log_query=<optimized out>, dont_free_locks=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2436
            #13 0x00005586990197b4 in mysql_rm_table (thd=thd@entry=0x7f3650000c48, tables=tables@entry=0x7f365000f410, if_exists=<optimized out>, drop_temporary=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2089
            #14 0x0000558698f8f70f in mysql_execute_command (thd=0x7f3650000c48) at /data/src/10.2/sql/structs.h:530
            #15 0x0000558698f95c3b in mysql_parse (thd=thd@entry=0x7f3650000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f36a221e5b0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7763
            #16 0x0000558698f98e4d in dispatch_command (command=COM_QUERY, thd=0x7f3650000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1096
            #17 0x0000558698f9a097 in do_command (thd=0x7f3650000c48) at /data/src/10.2/sql/sql_parse.cc:1381
            #18 0x0000558699072d76 in do_handle_one_connection (connect=connect@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1336
            #19 0x0000558699072eef in handle_one_connection (arg=arg@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1241
            #20 0x000055869960d946 in pfs_spawn_thread (arg=0x55869be3f1f8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
            #21 0x00007f36a8297609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #22 0x00007f36a7e8c293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}
            elenst Elena Stepanova made changes -
            Description {code:sql}
            CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
            CREATE VIEW v1 AS SELECT * FROM t1;
            INSERT INTO t1 (pk, a) VALUES (1,'foo');
            SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
             --error 0,ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk,a) VALUES (1,'qux');
            SELECT * FROM v1;

            # Cleanup
            DROP VIEW v1;
            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 ASAN}
            ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
            READ of size 4 at 0x619000087c39 thread T5
                #0 0x7fe873e5d47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
                #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
                #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
                #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
                #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
                #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
                #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
                #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
                #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
                #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
                #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
                #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
                #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
            allocated by thread T5 here:
                #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
                #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
                #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
                #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
                #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
                #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
                #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
                #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
                #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
                #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
                #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
                #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
                #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
                #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
                #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
                #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
                #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
                #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
                #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
                #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
                #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
                #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
              0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
              0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
              0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
              0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015140==ABORTING
            {noformat}

            More verbose stack trace on 10.5:
            {noformat:title=10.5 8de233af ASAN}
            ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
            READ of size 4 at 0x61900008cc69 thread T5
                #0 0x7feccb1e447f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
                #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
                #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
                #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
                #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
                #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
                #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
                #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
                #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
                #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
                #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
                #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
                #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
                #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
                #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
                #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            allocated by thread T5 here:
                #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
                #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
                #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
                #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
                #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
                #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
                #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
                #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
                #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
                #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
                #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
                #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
                #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
                #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
                #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
                #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
                #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
                #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
                #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
                #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
                #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
                #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
                #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
                #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
              0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015338==ABORTING
            210113 23:14:35 [ERROR] mysqld got signal 6 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.5.9-MariaDB-debug-log
            key_buffer_size=1048576
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=2
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x62b000069288
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
            ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
            mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
            sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
            sigaction.c:0(__restore_rt)[0x7feccad743c0]
            ??:0(gsignal)[0x7fecca86218b]
            ??:0(abort)[0x7fecca841859]
            ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
            ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
            ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
            ??:0(__asan_on_error)[0x7feccb260363]
            ??:0(__interceptor_getdelim)[0x7feccb1e449f]
            sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
            sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
            sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
            sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
            sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
            sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
            sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
            sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
            sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
            sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
            sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
            sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
            sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
            sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
            sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
            sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
            sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
            sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
            sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
            sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
            perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
            nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
            ??:0(clone)[0x7fecca93e293]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x62b0000382a8): SELECT * FROM v1

            Connection ID (thread ID): 4
            Status: NOT_KILLED
            {noformat}

            Both debug and non-debug ASAN builds are affected.
            Reproducible on 10.2+.

            The failure appeared in 10.2 branch after this commit:
            {noformat}
            commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
            Author: Nikita Malyavin
            Date: Tue Aug 11 00:38:32 2020 +1000

                MDEV-20618 Assertion failed in row_upd_sec_index_entry
            {noformat}

            _Note: For why the initial INSERT does not fail in the test case regardless the original SQL_MODE, see MDEV-24582._

            Variation of the test case which causes InnoDB assertion failures on debug and non-debug builds:

            {code:sql}
            --source include/have_innodb.inc

            CREATE TABLE t1 (
              pk INT,
              a VARCHAR(1),
              v VARCHAR(1) AS (CONCAT('virt-',a)) VIRTUAL,
              PRIMARY KEY (pk)
            ) ENGINE=InnoDB;

            INSERT INTO t1 (pk,a) VALUES
            (1,'a'),(2,'b'),(3,'c'),(4,'d'),(5,'e'),(6,'f');

             --error ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk) VALUES (1);
            SELECT * FROM t1;

            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 debug}
            mysqld: /data/src/10.2/storage/innobase/row/row0sel.cc:3828: void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*): Assertion `prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len' failed.
            210114 0:10:39 [ERROR] mysqld got signal 6 ;

            #7 0x00007fef277eff36 in __GI___assert_fail (assertion=0x564d55c681a0 "prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len", file=0x564d55c66770 "/data/src/10.2/storage/innobase/row/row0sel.cc", line=3828, function=0x564d55c68140 "void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*)") at assert.c:101
            #8 0x0000564d5565084f in row_sel_dequeue_cached_row_for_mysql (buf=0x7feed00068d0 "\377", prebuilt=0x7feed0036eb0) at /data/src/10.2/storage/innobase/row/row0sel.cc:3828
            #9 0x0000564d55651f0c in row_search_mvcc (buf=0x7feed00068d0 "\377", mode=PAGE_CUR_UNSUPP, prebuilt=0x7feed0036eb0, match_mode=0, direction=1) at /data/src/10.2/storage/innobase/row/row0sel.cc:4424
            #10 0x0000564d554e205a in ha_innobase::general_fetch (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377", direction=1, match_mode=0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9652
            #11 0x0000564d554e2622 in ha_innobase::rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9863
            #12 0x0000564d552d7c3d in handler::ha_rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/sql/handler.cc:2669
            #13 0x0000564d5544aaeb in rr_sequential (info=0x7feed00145a0) at /data/src/10.2/sql/records.cc:492
            #14 0x0000564d550c02c8 in sub_select (join=0x7feed0012fd8, join_tab=0x7feed00144d8, end_of_records=false) at /data/src/10.2/sql/sql_select.cc:18877
            #15 0x0000564d550bf75c in do_select (join=0x7feed0012fd8, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18402
            #16 0x0000564d550993d3 in JOIN::exec_inner (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3641
            #17 0x0000564d5509887a in JOIN::exec (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3436
            #18 0x0000564d55099a3c in mysql_select (thd=0x7feed0000d90, tables=0x7feed00128d0, wild_num=1, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7feed0012fb8, unit=0x7feed0004988, select_lex=0x7feed00050c8) at /data/src/10.2/sql/sql_select.cc:3836
            #19 0x0000564d5508dbb6 in handle_select (thd=0x7feed0000d90, lex=0x7feed00048c8, result=0x7feed0012fb8, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361
            #20 0x0000564d55058508 in execute_sqlcom_select (thd=0x7feed0000d90, all_tables=0x7feed00128d0) at /data/src/10.2/sql/sql_parse.cc:6248
            #21 0x0000564d5504eeb7 in mysql_execute_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:3559
            #22 0x0000564d5505c2b1 in mysql_parse (thd=0x7feed0000d90, rawbuf=0x7feed00126f8 "SELECT * FROM t1", length=16, parser_state=0x7fef21c565f0, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7763
            #23 0x0000564d5504a58a in dispatch_command (command=COM_QUERY, thd=0x7feed0000d90, packet=0x7feed0008b51 "", packet_length=16, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1827
            #24 0x0000564d55049085 in do_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:1381
            #25 0x0000564d551a3704 in do_handle_one_connection (connect=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1336
            #26 0x0000564d551a3469 in handle_one_connection (arg=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1241
            #27 0x0000564d559cb44a in pfs_spawn_thread (arg=0x564d578e2350) at /data/src/10.2/storage/perfschema/pfs.cc:1869
            #28 0x00007fef27cff609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #29 0x00007fef278db293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}

            {noformat:title=10.2 ab271ee7 non-debug}
            2021-01-14 00:11:32 0x7f36a221f700 InnoDB: Assertion failure in file /data/src/10.2/storage/innobase/row/row0mysql.cc line 1014
            InnoDB: Failing assertion: magic1 == ROW_PREBUILT_FETCH_MAGIC_N

            #6 0x0000558698eb1bf9 in ut_dbg_assertion_failed (expr=expr@entry=0x5586997fcbd0 "magic1 == ROW_PREBUILT_FETCH_MAGIC_N", file=file@entry=0x5586997fc758 "/data/src/10.2/storage/innobase/row/row0mysql.cc", line=line@entry=1014) at /data/src/10.2/storage/innobase/ut/ut0dbg.cc:60
            #7 0x0000558698e9dc0d in row_prebuilt_free (prebuilt=0x7f3650178f18, dict_locked=dict_locked@entry=0) at /data/src/10.2/storage/innobase/row/row0mysql.cc:1014
            #8 0x00005586992cdece in ha_innobase::close (this=0x7f36500945e0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:6597
            #9 0x0000558699042469 in closefrm (table=table@entry=0x7f3650093a48) at /data/src/10.2/sql/table.cc:3519
            #10 0x00005586990ea681 in intern_close_table (table=0x7f3650093a48) at /data/src/10.2/sql/table_cache.cc:222
            #11 tdc_remove_table (thd=thd@entry=0x7f3650000c48, remove_type=remove_type@entry=TDC_RT_REMOVE_ALL, db=<optimized out>, table_name=<optimized out>, kill_delayed_threads=kill_delayed_threads@entry=false) at /data/src/10.2/sql/table_cache.cc:1132
            #12 0x0000558699018c05 in mysql_rm_table_no_locks (thd=0x7f3650000c48, tables=<optimized out>, if_exists=<optimized out>, drop_temporary=<optimized out>, drop_view=<optimized out>, dont_log_query=<optimized out>, dont_free_locks=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2436
            #13 0x00005586990197b4 in mysql_rm_table (thd=thd@entry=0x7f3650000c48, tables=tables@entry=0x7f365000f410, if_exists=<optimized out>, drop_temporary=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2089
            #14 0x0000558698f8f70f in mysql_execute_command (thd=0x7f3650000c48) at /data/src/10.2/sql/structs.h:530
            #15 0x0000558698f95c3b in mysql_parse (thd=thd@entry=0x7f3650000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f36a221e5b0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7763
            #16 0x0000558698f98e4d in dispatch_command (command=COM_QUERY, thd=0x7f3650000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1096
            #17 0x0000558698f9a097 in do_command (thd=0x7f3650000c48) at /data/src/10.2/sql/sql_parse.cc:1381
            #18 0x0000558699072d76 in do_handle_one_connection (connect=connect@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1336
            #19 0x0000558699072eef in handle_one_connection (arg=arg@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1241
            #20 0x000055869960d946 in pfs_spawn_thread (arg=0x55869be3f1f8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
            #21 0x00007f36a8297609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #22 0x00007f36a7e8c293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}             		{code:sql}
            CREATE TABLE t1 (pk INT, a VARCHAR(3), v VARCHAR(3) GENERATED ALWAYS AS (CONCAT('x-',a)) VIRTUAL, PRIMARY KEY(pk));
            CREATE VIEW v1 AS SELECT * FROM t1;
            INSERT INTO t1 (pk, a) VALUES (1,'foo');
            SET sql_mode=CONCAT(@@sql_mode,',STRICT_ALL_TABLES');
             --error 0,ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk,a) VALUES (1,'qux');
            SELECT * FROM v1;

            # Cleanup
            DROP VIEW v1;
            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 ASAN}
            ==3015140==ERROR: AddressSanitizer: use-after-poison on address 0x619000087c39 at pc 0x7fe873e5d480 bp 0x7fe868c0d2e0 sp 0x7fe868c0ca88
            READ of size 4 at 0x619000087c39 thread T5
                #0 0x7fe873e5d47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x561579ca1ae5 in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, char const*, bool, bool) /data/src/10.2/sql/sql_select.cc:17212
                #2 0x561579df7ead in select_union::create_result_table(THD*, List<Item>*, bool, unsigned long long, char const*, bool, bool, bool) /data/src/10.2/sql/sql_union.cc:180
                #3 0x561579b0c395 in mysql_derived_prepare(THD*, LEX*, TABLE_LIST*) /data/src/10.2/sql/sql_derived.cc:771
                #4 0x561579b08f31 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_derived.cc:198
                #5 0x561579e6e12a in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/table.cc:8118
                #6 0x561579b46db7 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.2/sql/sql_lex.h:3202
                #7 0x561579b6467e in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.2/sql/sql_lex.cc:3930
                #8 0x561579c27a2c in JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.2/sql/sql_select.cc:716
                #9 0x561579c47fae in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3814
                #10 0x561579c24c67 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
                #11 0x561579b9c046 in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
                #12 0x561579b88feb in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
                #13 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #14 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #15 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #16 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #17 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #18 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #19 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #20 0x7fe873542292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x619000087c39 is located 441 bytes inside of 1100-byte region [0x619000087a80,0x619000087ecc)
            allocated by thread T5 here:
                #0 0x7fe873ecfbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x56157b3bab48 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
                #2 0x56157b386aad in my_malloc /data/src/10.2/mysys/my_malloc.c:101
                #3 0x56157b36411f in alloc_root /data/src/10.2/mysys/my_alloc.c:243
                #4 0x56157b365b55 in memdup_root /data/src/10.2/mysys/my_alloc.c:464
                #5 0x561579e39f5d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.2/sql/table.cc:1288
                #6 0x561579e35929 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.2/sql/table.cc:684
                #7 0x56157a0874db in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.2/sql/table_cache.cc:826
                #8 0x561579a5f6b4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1797
                #9 0x561579a68208 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
                #10 0x561579a6a5e2 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
                #11 0x561579a6e168 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
                #12 0x5615799e5331 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
                #13 0x561579e21d29 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.2/sql/sql_view.cc:453
                #14 0x561579b98bde in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:5820
                #15 0x561579ba55c3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
                #16 0x561579b7e608 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
                #17 0x561579b7b3c7 in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
                #18 0x561579f032da in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
                #19 0x561579f02b9d in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
                #20 0x56157b29dff5 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
                #21 0x7fe873968608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7fe873dfc805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x56157b29e3e6 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
                #2 0x561579920083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
                #3 0x561579937c2b in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6567
                #4 0x5615799383c6 in create_new_thread /data/src/10.2/sql/mysqld.cc:6637
                #5 0x561579939558 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6895
                #6 0x561579936f7c in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6186
                #7 0x56157991e93c in main /data/src/10.2/sql/main.cc:25
                #8 0x7fe8734470b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280008f30: fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa
              0x0c3280008f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280008f50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008f60: 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 00 00 00
              0x0c3280008f70: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280008f80: 00 02 f7 00 f7 00 05[f7]01 f7 00 00 00 00 00 00
              0x0c3280008f90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fa0: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fb0: 00 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00
              0x0c3280008fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280008fd0: 00 00 00 00 00 00 00 00 f7 04 fa fa fa fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015140==ABORTING
            {noformat}

            More verbose stack trace on 10.5:
            {noformat:title=10.5 8de233af ASAN}
            ==3015338==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7feccb1e4480 bp 0x7fecc1692460 sp 0x7fecc1691c08
            READ of size 4 at 0x61900008cc69 thread T5
                #0 0x7feccb1e447f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
                #1 0x55d2d6c87b6f in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
                #2 0x55d2d6c87c75 in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
                #3 0x55d2d65e6f00 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18807
                #4 0x55d2d65ec4fc in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19183
                #5 0x55d2d678d9a1 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
                #6 0x55d2d63ca320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
                #7 0x55d2d63c6275 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_derived.cc:206
                #8 0x55d2d6823b36 in TABLE_LIST::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/table.cc:9120
                #9 0x55d2d640f3d1 in LEX::handle_list_of_derived(TABLE_LIST*, unsigned int) /data/src/10.5/sql/sql_lex.h:4425
                #10 0x55d2d6435478 in st_select_lex::handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_lex.cc:4911
                #11 0x55d2d655c0de in JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.5/sql/sql_select.cc:1158
                #12 0x55d2d6582469 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4634
                #13 0x55d2d655445f in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
                #14 0x55d2d64bda5b in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6281
                #15 0x55d2d64ac95c in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3977
                #16 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #17 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #18 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #19 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #20 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #21 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #22 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
                #23 0x7fecca93e292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            allocated by thread T5 here:
                #0 0x7feccb256bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
                #1 0x55d2d82871c7 in sf_malloc /data/src/10.5/mysys/safemalloc.c:118
                #2 0x55d2d82545e3 in my_malloc /data/src/10.5/mysys/my_malloc.c:88
                #3 0x55d2d82303f2 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
                #4 0x55d2d8231af4 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
                #5 0x55d2d67e5a4d in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1791
                #6 0x55d2d67ddf59 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
                #7 0x55d2d6af8a43 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
                #8 0x55d2d6307e09 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
                #9 0x55d2d6312b02 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
                #10 0x55d2d6315689 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
                #11 0x55d2d631a7cd in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
                #12 0x55d2d62719d9 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
                #13 0x55d2d67c8b7c in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
                #14 0x55d2d64ba0ac in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5825
                #15 0x55d2d64c8d55 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8062
                #16 0x55d2d649f04e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
                #17 0x55d2d649b977 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
                #18 0x55d2d68ddc33 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
                #19 0x55d2d68dd597 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
                #20 0x55d2d75e8ee2 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
                #21 0x7feccad68608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477

            Thread T5 created by T0 here:
                #0 0x7feccb183805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
                #1 0x55d2d75e3e86 in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
                #2 0x55d2d75e92d5 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
                #3 0x55d2d618f4fe in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
                #4 0x55d2d61a54d4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6022
                #5 0x55d2d61a5b53 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6081
                #6 0x55d2d61a5eb0 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6146
                #7 0x55d2d61a6acf in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6273
                #8 0x55d2d61a4ce1 in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5668
                #9 0x55d2d618dd9c in main /data/src/10.5/sql/main.cc:25
                #10 0x7fecca8430b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            Shadow bytes around the buggy address:
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 05[f7]01 f7
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099a0: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
              0x0c32800099c0: 00 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02
              0x0c32800099d0: f7 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable: 00
              Partially addressable: 01 02 03 04 05 06 07
              Heap left redzone: fa
              Freed heap region: fd
              Stack left redzone: f1
              Stack mid redzone: f2
              Stack right redzone: f3
              Stack after return: f5
              Stack use after scope: f8
              Global redzone: f9
              Global init order: f6
              Poisoned by user: f7
              Container overflow: fc
              Array cookie: ac
              Intra object redzone: bb
              ASan internal: fe
              Left alloca redzone: ca
              Right alloca redzone: cb
              Shadow gap: cc
            ==3015338==ABORTING
            210113 23:14:35 [ERROR] mysqld got signal 6 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.5.9-MariaDB-debug-log
            key_buffer_size=1048576
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=2
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63743 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x62b000069288
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7fecc1696950 thread_stack 0x5fc00
            ??:0(__interceptor_tcgetattr)[0x7feccb1b5d30]
            mysys/stacktrace.c:212(my_print_stacktrace)[0x55d2d8264c2b]
            sql/signal_handler.cc:211(handle_fatal_signal)[0x55d2d6ca594c]
            sigaction.c:0(__restore_rt)[0x7feccad743c0]
            ??:0(gsignal)[0x7fecca86218b]
            ??:0(abort)[0x7fecca841859]
            ??:0(__sanitizer_set_report_fd)[0x7feccb2746a2]
            ??:0(__sanitizer_get_module_and_offset_for_pc)[0x7feccb27f24c]
            ??:0(__sanitizer_ptr_cmp)[0x7feccb2608ec]
            ??:0(__asan_on_error)[0x7feccb260363]
            ??:0(__interceptor_getdelim)[0x7feccb1e449f]
            sql/field_conv.cc:833(field_conv_memcpy(Field*, Field*))[0x55d2d6c87b70]
            sql/field_conv.cc:863(field_conv(Field*, Field*))[0x55d2d6c87c76]
            sql/sql_select.cc:18808(Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool))[0x55d2d65e6f01]
            sql/sql_select.cc:19182(create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool))[0x55d2d65ec4fd]
            sql/sql_union.cc:329(select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int))[0x55d2d678d9a2]
            sql/sql_derived.cc:846(mysql_derived_prepare(THD*, LEX*, TABLE_LIST*))[0x55d2d63ca321]
            sql/sql_derived.cc:206(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55d2d63c6276]
            sql/table.cc:9120(TABLE_LIST::handle_derived(LEX*, unsigned int))[0x55d2d6823b37]
            sql/sql_lex.h:4425(LEX::handle_list_of_derived(TABLE_LIST*, unsigned int))[0x55d2d640f3d2]
            sql/sql_lex.cc:4912(st_select_lex::handle_derived(LEX*, unsigned int))[0x55d2d6435479]
            sql/sql_select.cc:1158(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55d2d655c0df]
            sql/sql_select.cc:4634(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55d2d658246a]
            sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55d2d6554460]
            sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55d2d64bda5c]
            sql/sql_parse.cc:3977(mysql_execute_command(THD*))[0x55d2d64ac95d]
            sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55d2d64c8d56]
            sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55d2d649f04f]
            sql/sql_parse.cc:1370(do_command(THD*))[0x55d2d649b978]
            sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55d2d68ddc34]
            sql/sql_connect.cc:1314(handle_one_connection)[0x55d2d68dd598]
            perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55d2d75e8ee3]
            nptl/pthread_create.c:478(start_thread)[0x7feccad68609]
            ??:0(clone)[0x7fecca93e293]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x62b0000382a8): SELECT * FROM v1

            Connection ID (thread ID): 4
            Status: NOT_KILLED
            {noformat}

            Both debug and non-debug ASAN builds are affected.
            Reproducible on 10.2+.

            The failure appeared in 10.2 branch after this commit:
            {noformat}
            commit 97db6c15ea3e83a21df137c222dbd5a40fbe7c82
            Author: Nikita Malyavin
            Date: Tue Aug 11 00:38:32 2020 +1000

                MDEV-20618 Assertion failed in row_upd_sec_index_entry
            {noformat}

            _Note: For why the initial INSERT does not fail in the test case regardless the original SQL_MODE, see MDEV-24582._

            Variation of the test case which causes InnoDB assertion failures on debug and non-debug builds:

            {code:sql}
            --source include/have_innodb.inc

            CREATE TABLE t1 (
              pk INT,
              a VARCHAR(1),
              v VARCHAR(1) AS (CONCAT('virt-',a)) VIRTUAL,
              PRIMARY KEY (pk)
            ) ENGINE=InnoDB;

            INSERT INTO t1 (pk,a) VALUES
            (1,'a'),(2,'b'),(3,'c'),(4,'d'),(5,'e'),(6,'f');

             --error ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk) VALUES (1);
            SELECT * FROM t1;

            DROP TABLE t1;
            {code}

            {noformat:title=10.2 ab271ee7 debug}
            mysqld: /data/src/10.2/storage/innobase/row/row0sel.cc:3828: void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*): Assertion `prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len' failed.
            210114 0:10:39 [ERROR] mysqld got signal 6 ;

            #7 0x00007fef277eff36 in __GI___assert_fail (assertion=0x564d55c681a0 "prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len", file=0x564d55c66770 "/data/src/10.2/storage/innobase/row/row0sel.cc", line=3828, function=0x564d55c68140 "void row_sel_dequeue_cached_row_for_mysql(byte*, row_prebuilt_t*)") at assert.c:101
            #8 0x0000564d5565084f in row_sel_dequeue_cached_row_for_mysql (buf=0x7feed00068d0 "\377", prebuilt=0x7feed0036eb0) at /data/src/10.2/storage/innobase/row/row0sel.cc:3828
            #9 0x0000564d55651f0c in row_search_mvcc (buf=0x7feed00068d0 "\377", mode=PAGE_CUR_UNSUPP, prebuilt=0x7feed0036eb0, match_mode=0, direction=1) at /data/src/10.2/storage/innobase/row/row0sel.cc:4424
            #10 0x0000564d554e205a in ha_innobase::general_fetch (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377", direction=1, match_mode=0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9652
            #11 0x0000564d554e2622 in ha_innobase::rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:9863
            #12 0x0000564d552d7c3d in handler::ha_rnd_next (this=0x7feed00aa6f8, buf=0x7feed00068d0 "\377") at /data/src/10.2/sql/handler.cc:2669
            #13 0x0000564d5544aaeb in rr_sequential (info=0x7feed00145a0) at /data/src/10.2/sql/records.cc:492
            #14 0x0000564d550c02c8 in sub_select (join=0x7feed0012fd8, join_tab=0x7feed00144d8, end_of_records=false) at /data/src/10.2/sql/sql_select.cc:18877
            #15 0x0000564d550bf75c in do_select (join=0x7feed0012fd8, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18402
            #16 0x0000564d550993d3 in JOIN::exec_inner (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3641
            #17 0x0000564d5509887a in JOIN::exec (this=0x7feed0012fd8) at /data/src/10.2/sql/sql_select.cc:3436
            #18 0x0000564d55099a3c in mysql_select (thd=0x7feed0000d90, tables=0x7feed00128d0, wild_num=1, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7feed0012fb8, unit=0x7feed0004988, select_lex=0x7feed00050c8) at /data/src/10.2/sql/sql_select.cc:3836
            #19 0x0000564d5508dbb6 in handle_select (thd=0x7feed0000d90, lex=0x7feed00048c8, result=0x7feed0012fb8, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361
            #20 0x0000564d55058508 in execute_sqlcom_select (thd=0x7feed0000d90, all_tables=0x7feed00128d0) at /data/src/10.2/sql/sql_parse.cc:6248
            #21 0x0000564d5504eeb7 in mysql_execute_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:3559
            #22 0x0000564d5505c2b1 in mysql_parse (thd=0x7feed0000d90, rawbuf=0x7feed00126f8 "SELECT * FROM t1", length=16, parser_state=0x7fef21c565f0, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7763
            #23 0x0000564d5504a58a in dispatch_command (command=COM_QUERY, thd=0x7feed0000d90, packet=0x7feed0008b51 "", packet_length=16, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1827
            #24 0x0000564d55049085 in do_command (thd=0x7feed0000d90) at /data/src/10.2/sql/sql_parse.cc:1381
            #25 0x0000564d551a3704 in do_handle_one_connection (connect=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1336
            #26 0x0000564d551a3469 in handle_one_connection (arg=0x564d578ff220) at /data/src/10.2/sql/sql_connect.cc:1241
            #27 0x0000564d559cb44a in pfs_spawn_thread (arg=0x564d578e2350) at /data/src/10.2/storage/perfschema/pfs.cc:1869
            #28 0x00007fef27cff609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #29 0x00007fef278db293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}

            {noformat:title=10.2 ab271ee7 non-debug}
            2021-01-14 00:11:32 0x7f36a221f700 InnoDB: Assertion failure in file /data/src/10.2/storage/innobase/row/row0mysql.cc line 1014
            InnoDB: Failing assertion: magic1 == ROW_PREBUILT_FETCH_MAGIC_N

            #6 0x0000558698eb1bf9 in ut_dbg_assertion_failed (expr=expr@entry=0x5586997fcbd0 "magic1 == ROW_PREBUILT_FETCH_MAGIC_N", file=file@entry=0x5586997fc758 "/data/src/10.2/storage/innobase/row/row0mysql.cc", line=line@entry=1014) at /data/src/10.2/storage/innobase/ut/ut0dbg.cc:60
            #7 0x0000558698e9dc0d in row_prebuilt_free (prebuilt=0x7f3650178f18, dict_locked=dict_locked@entry=0) at /data/src/10.2/storage/innobase/row/row0mysql.cc:1014
            #8 0x00005586992cdece in ha_innobase::close (this=0x7f36500945e0) at /data/src/10.2/storage/innobase/handler/ha_innodb.cc:6597
            #9 0x0000558699042469 in closefrm (table=table@entry=0x7f3650093a48) at /data/src/10.2/sql/table.cc:3519
            #10 0x00005586990ea681 in intern_close_table (table=0x7f3650093a48) at /data/src/10.2/sql/table_cache.cc:222
            #11 tdc_remove_table (thd=thd@entry=0x7f3650000c48, remove_type=remove_type@entry=TDC_RT_REMOVE_ALL, db=<optimized out>, table_name=<optimized out>, kill_delayed_threads=kill_delayed_threads@entry=false) at /data/src/10.2/sql/table_cache.cc:1132
            #12 0x0000558699018c05 in mysql_rm_table_no_locks (thd=0x7f3650000c48, tables=<optimized out>, if_exists=<optimized out>, drop_temporary=<optimized out>, drop_view=<optimized out>, dont_log_query=<optimized out>, dont_free_locks=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2436
            #13 0x00005586990197b4 in mysql_rm_table (thd=thd@entry=0x7f3650000c48, tables=tables@entry=0x7f365000f410, if_exists=<optimized out>, drop_temporary=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2089
            #14 0x0000558698f8f70f in mysql_execute_command (thd=0x7f3650000c48) at /data/src/10.2/sql/structs.h:530
            #15 0x0000558698f95c3b in mysql_parse (thd=thd@entry=0x7f3650000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f36a221e5b0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7763
            #16 0x0000558698f98e4d in dispatch_command (command=COM_QUERY, thd=0x7f3650000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1096
            #17 0x0000558698f9a097 in do_command (thd=0x7f3650000c48) at /data/src/10.2/sql/sql_parse.cc:1381
            #18 0x0000558699072d76 in do_handle_one_connection (connect=connect@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1336
            #19 0x0000558699072eef in handle_one_connection (arg=arg@entry=0x55869bb3c078) at /data/src/10.2/sql/sql_connect.cc:1241
            #20 0x000055869960d946 in pfs_spawn_thread (arg=0x55869be3f1f8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
            #21 0x00007f36a8297609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #22 0x00007f36a7e8c293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}

            And yet another variation, it causes the same assertions as above on 10.2-10.4 debug builds and 10.2-10.5 release builds, but a different one on 10.5 debug build. The only difference is {{ORDER BY}} in {{SELECT}}.
            {code:sql}
            --source include/have_innodb.inc

            CREATE TABLE t1 (
              pk INT,
              a VARCHAR(1),
              v VARCHAR(1) AS (CONCAT('virt-',a)) VIRTUAL,
              PRIMARY KEY (pk)
            ) ENGINE=InnoDB;

            INSERT INTO t1 (pk,a) VALUES
            (1,'a'),(2,'b'),(3,'c'),(4,'d'),(5,'e'),(6,'f');

             --error ER_DATA_TOO_LONG
            REPLACE INTO t1 (pk) VALUES (1);
            SELECT * FROM t1 ORDER BY a;

            DROP TABLE t1;
            {code}

            {noformat:title=10.5 8de233af debug}
            mariadbd: /data/src/10.5/sql/field.h:1155: const uchar* Field::ptr_in_record(const uchar*) const: Assertion `l_offset >= 0 && table->s->rec_buff_length - l_offset > 0' failed.
            210114 0:17:48 [ERROR] mysqld got signal 6 ;

            #7 0x00007f3d4dea3f36 in __GI___assert_fail (assertion=0x5644a00b21c8 "l_offset >= 0 && table->s->rec_buff_length - l_offset > 0", file=0x5644a00b20b6 "/data/src/10.5/sql/field.h", line=1155, function=0x5644a00b2208 "const uchar* Field::ptr_in_record(const uchar*) const") at assert.c:101
            #8 0x000056449f40a0bd in Field::ptr_in_record (this=0x7f3d10233360, record=0x7f3d102332f8 "\377") at /data/src/10.5/sql/field.h:1155
            #9 0x000056449f74b900 in key_copy (to_key=0x7f3d100f9d08 '\245' <repeats 16 times>, '\217' <repeats 184 times>..., from_record=0x7f3d102332f8 "\377", key_info=0x7f3d100436e0, key_length=4, with_zerofill=false) at /data/src/10.5/sql/key.cc:144
            #10 0x000056449faa0d45 in ha_innobase::position (this=0x7f3d100f8c40, record=0x7f3d102332f8 "\377") at /data/src/10.5/storage/innobase/handler/ha_innodb.cc:10076
            #11 0x000056449f60d637 in find_all_keys (thd=0x7f3d10000db8, param=0x7f3d4824b070, select=0x7f3d10017808, fs_info=0x7f3d100525b0, buffpek_pointers=0x7f3d4824b290, tempfile=0x7f3d4824b120, pq=0x0, found_rows=0x7f3d100527a0) at /data/src/10.5/sql/filesort.cc:897
            #12 0x000056449f60b7a4 in filesort (thd=0x7f3d10000db8, table=0x7f3d101b3a38, filesort=0x7f3d100179d8, tracker=0x7f3d100180c8, join=0x7f3d10015798, first_table_bit=1) at /data/src/10.5/sql/filesort.cc:352
            #13 0x000056449f33ac44 in create_sort_index (thd=0x7f3d10000db8, join=0x7f3d10015798, tab=0x7f3d10016ec8, fsort=0x7f3d100179d8) at /data/src/10.5/sql/sql_select.cc:23862
            #14 0x000056449f334d56 in st_join_table::sort_table (this=0x7f3d10016ec8) at /data/src/10.5/sql/sql_select.cc:21607
            #15 0x000056449f33492e in join_init_read_record (tab=0x7f3d10016ec8) at /data/src/10.5/sql/sql_select.cc:21546
            #16 0x000056449f33265c in sub_select (join=0x7f3d10015798, join_tab=0x7f3d10016ec8, end_of_records=false) at /data/src/10.5/sql/sql_select.cc:20620
            #17 0x000056449f331b55 in do_select (join=0x7f3d10015798, procedure=0x0) at /data/src/10.5/sql/sql_select.cc:20157
            #18 0x000056449f305602 in JOIN::exec_inner (this=0x7f3d10015798) at /data/src/10.5/sql/sql_select.cc:4462
            #19 0x000056449f304723 in JOIN::exec (this=0x7f3d10015798) at /data/src/10.5/sql/sql_select.cc:4242
            #20 0x000056449f305de5 in mysql_select (thd=0x7f3d10000db8, tables=0x7f3d100145b8, fields=..., conds=0x0, og_num=1, order=0x7f3d10015610, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f3d10015770, unit=0x7f3d10004f58, select_lex=0x7f3d10013fc8) at /data/src/10.5/sql/sql_select.cc:4658
            #21 0x000056449f2f5a33 in handle_select (thd=0x7f3d10000db8, lex=0x7f3d10004e90, result=0x7f3d10015770, setup_tables_done_option=0) at /data/src/10.5/sql/sql_select.cc:417
            #22 0x000056449f2b8409 in execute_sqlcom_select (thd=0x7f3d10000db8, all_tables=0x7f3d100145b8) at /data/src/10.5/sql/sql_parse.cc:6281
            #23 0x000056449f2af495 in mysql_execute_command (thd=0x7f3d10000db8) at /data/src/10.5/sql/sql_parse.cc:3977
            #24 0x000056449f2bd2b0 in mysql_parse (thd=0x7f3d10000db8, rawbuf=0x7f3d10013f30 "SELECT * FROM t1 ORDER BY a", length=27, parser_state=0x7f3d4824c510, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:8062
            #25 0x000056449f2a9237 in dispatch_command (command=COM_QUERY, thd=0x7f3d10000db8, packet=0x7f3d100090a9 "", packet_length=27, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:1889
            #26 0x000056449f2a7a2b in do_command (thd=0x7f3d10000db8) at /data/src/10.5/sql/sql_parse.cc:1370
            #27 0x000056449f45578d in do_handle_one_connection (connect=0x5644a2180058, put_in_cache=true) at /data/src/10.5/sql/sql_connect.cc:1410
            #28 0x000056449f4554f0 in handle_one_connection (arg=0x5644a21927b8) at /data/src/10.5/sql/sql_connect.cc:1312
            #29 0x000056449f9b445d in pfs_spawn_thread (arg=0x5644a220e458) at /data/src/10.5/storage/perfschema/pfs.cc:2201
            #30 0x00007f3d4e3bb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            #31 0x00007f3d4df8f293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            {noformat}
            elenst Elena Stepanova made changes -
            elenst Elena Stepanova added a comment -

            The following error happens in similar situations as `Assertion 'prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len'`, sometimes after as simple modification of a test case as a change in a table name; so I won't chase for a test case specific for this kind of error.

            10.4 b87828b6

            		 
            #3  <signal handler called>
            		 
            #4  0x00005603e1d48e06 in THD::is_error (this=0x0) at /data/src/10.4/sql/sql_class.h:3904
            		 
            #5  0x00005603e1ef4d67 in evaluate_join_record (join=0x7fc35807d2d0, join_tab=0x7fc358080078, error=0) at /data/src/10.4/sql/sql_select.cc:20483
            		 
            #6  0x00005603e1ef4bee in sub_select (join=0x7fc35807d2d0, join_tab=0x7fc358080078, end_of_records=false) at /data/src/10.4/sql/sql_select.cc:20440
            		 
            #7  0x00005603e1ef3efe in do_select (join=0x7fc35807d2d0, procedure=0x0) at /data/src/10.4/sql/sql_select.cc:19939
            		 
            #8  0x00005603e1ec8ce3 in JOIN::exec_inner (this=0x7fc35807d2d0) at /data/src/10.4/sql/sql_select.cc:4482
            		 
            #9  0x00005603e1ec7e12 in JOIN::exec (this=0x7fc35807d2d0) at /data/src/10.4/sql/sql_select.cc:4264
            		 
            #10 0x00005603e1ec9566 in mysql_select (thd=0x7fc358000d90, tables=0x7fc3580128d8, wild_num=0, fields=..., conds=0x7fc358013230, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fc358018108, unit=0x7fc358004cc0, select_lex=0x7fc3580122a0) at /data/src/10.4/sql/sql_select.cc:4699
            		 
            #11 0x00005603e1eb8f43 in handle_select (thd=0x7fc358000d90, lex=0x7fc358004c00, result=0x7fc358018108, setup_tables_done_option=0) at /data/src/10.4/sql/sql_select.cc:410
            		 
            #12 0x00005603e1e7e062 in execute_sqlcom_select (thd=0x7fc358000d90, all_tables=0x7fc3580128d8) at /data/src/10.4/sql/sql_parse.cc:6417
            		 
            #13 0x00005603e1e745e1 in mysql_execute_command (thd=0x7fc358000d90) at /data/src/10.4/sql/sql_parse.cc:3936
            		 
            #14 0x00005603e1e82087 in mysql_parse (thd=0x7fc358000d90, rawbuf=0x7fc358012198 "SELECT `vcol_varchar` FROM `view_t4_InnoDB` WHERE `col_char` BETWEEN 'bar' AND 'foo'", length=84, parser_state=0x7fc3b00ea550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958
            		 
            #15 0x00005603e1e6e3af in dispatch_command (command=COM_QUERY, thd=0x7fc358000d90, packet=0x7fc3580088b1 "", packet_length=84, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855
            		 
            #16 0x00005603e1e6cc17 in do_command (thd=0x7fc358000d90) at /data/src/10.4/sql/sql_parse.cc:1373
            		 
            #17 0x00005603e1ffbf07 in do_handle_one_connection (connect=0x5603e641efa0) at /data/src/10.4/sql/sql_connect.cc:1412
            		 
            #18 0x00005603e1ffbc50 in handle_one_connection (arg=0x5603e641efa0) at /data/src/10.4/sql/sql_connect.cc:1316
            		 
            #19 0x00005603e2a1ccf0 in pfs_spawn_thread (arg=0x5603e6363750) at /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
            #20 0x00007fc3b703c609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            		 
            #21 0x00007fc3b68a7293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

            elenst Elena Stepanova added a comment - The following error happens in similar situations as `Assertion 'prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len'`, sometimes after as simple modification of a test case as a change in a table name; so I won't chase for a test case specific for this kind of error. 10.4 b87828b6 #3 <signal handler called> #4 0x00005603e1d48e06 in THD::is_error (this=0x0) at /data/src/10.4/sql/sql_class.h:3904 #5 0x00005603e1ef4d67 in evaluate_join_record (join=0x7fc35807d2d0, join_tab=0x7fc358080078, error=0) at /data/src/10.4/sql/sql_select.cc:20483 #6 0x00005603e1ef4bee in sub_select (join=0x7fc35807d2d0, join_tab=0x7fc358080078, end_of_records=false) at /data/src/10.4/sql/sql_select.cc:20440 #7 0x00005603e1ef3efe in do_select (join=0x7fc35807d2d0, procedure=0x0) at /data/src/10.4/sql/sql_select.cc:19939 #8 0x00005603e1ec8ce3 in JOIN::exec_inner (this=0x7fc35807d2d0) at /data/src/10.4/sql/sql_select.cc:4482 #9 0x00005603e1ec7e12 in JOIN::exec (this=0x7fc35807d2d0) at /data/src/10.4/sql/sql_select.cc:4264 #10 0x00005603e1ec9566 in mysql_select (thd=0x7fc358000d90, tables=0x7fc3580128d8, wild_num=0, fields=..., conds=0x7fc358013230, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fc358018108, unit=0x7fc358004cc0, select_lex=0x7fc3580122a0) at /data/src/10.4/sql/sql_select.cc:4699 #11 0x00005603e1eb8f43 in handle_select (thd=0x7fc358000d90, lex=0x7fc358004c00, result=0x7fc358018108, setup_tables_done_option=0) at /data/src/10.4/sql/sql_select.cc:410 #12 0x00005603e1e7e062 in execute_sqlcom_select (thd=0x7fc358000d90, all_tables=0x7fc3580128d8) at /data/src/10.4/sql/sql_parse.cc:6417 #13 0x00005603e1e745e1 in mysql_execute_command (thd=0x7fc358000d90) at /data/src/10.4/sql/sql_parse.cc:3936 #14 0x00005603e1e82087 in mysql_parse (thd=0x7fc358000d90, rawbuf=0x7fc358012198 "SELECT `vcol_varchar` FROM `view_t4_InnoDB` WHERE `col_char` BETWEEN 'bar' AND 'foo'", length=84, parser_state=0x7fc3b00ea550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958 #15 0x00005603e1e6e3af in dispatch_command (command=COM_QUERY, thd=0x7fc358000d90, packet=0x7fc3580088b1 "", packet_length=84, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855 #16 0x00005603e1e6cc17 in do_command (thd=0x7fc358000d90) at /data/src/10.4/sql/sql_parse.cc:1373 #17 0x00005603e1ffbf07 in do_handle_one_connection (connect=0x5603e641efa0) at /data/src/10.4/sql/sql_connect.cc:1412 #18 0x00005603e1ffbc50 in handle_one_connection (arg=0x5603e641efa0) at /data/src/10.4/sql/sql_connect.cc:1316 #19 0x00005603e2a1ccf0 in pfs_spawn_thread (arg=0x5603e6363750) at /data/src/10.4/storage/perfschema/pfs.cc:1869 #20 0x00007fc3b703c609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #21 0x00007fc3b68a7293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
            elenst Elena Stepanova added a comment - - edited

            More random aftermaths:

            10.4 ce141d07

            		 
            2021-01-24 17:15:12 0x7f60262c2700  InnoDB: Assertion failure in file /data/src/10.4/storage/innobase/que/que0que.cc line 828
            		 
            InnoDB: Failing assertion: thr->magic_n == QUE_THR_MAGIC_N
            		 
             
            		 
            #6  0x00005598579832b1 in ut_dbg_assertion_failed (expr=0x5598580918e8 "thr->magic_n == QUE_THR_MAGIC_N", file=0x5598580916f0 "/data/src/10.4/storage/innobase/que/que0que.cc", line=828) at /data/src/10.4/storage/innobase/ut/ut0dbg.cc:60
            		 
            #7  0x000055985783be57 in que_thr_move_to_run_state_for_mysql (thr=0x7f5fd00aeb50, trx=0x7f6026c5b228) at /data/src/10.4/storage/innobase/que/que0que.cc:828
            		 
            #8  0x00005598578a7611 in row_update_for_mysql (prebuilt=0x7f5fd0072980) at /data/src/10.4/storage/innobase/row/row0mysql.cc:1831
            		 
            #9  0x00005598576fbfc4 in ha_innobase::delete_row (this=0x7f5fd002a2c8, record=0x7f5fd00414d8 "\377\001\341\027`") at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:8915
            		 
            #10 0x00005598574ad7b6 in handler::ha_delete_row (this=0x7f5fd002a2c8, buf=0x7f5fd00414d8 "\377\001\341\027`") at /data/src/10.4/sql/handler.cc:6861
            		 
            #11 0x00005598576755e3 in TABLE::delete_row (this=0x7f5fd0032890) at /data/src/10.4/sql/sql_delete.cc:292
            		 
            #12 0x0000559857672361 in mysql_delete (thd=0x7f5fd4000e30, table_list=0x7f5fd4012298, conds=0x0, order_list=0x7f5fd40057f0, limit=9, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:815
            		 
            #13 0x000055985713241d in mysql_execute_command (thd=0x7f5fd4000e30) at /data/src/10.4/sql/sql_parse.cc:4770
            		 
            #14 0x000055985713d087 in mysql_parse (thd=0x7f5fd4000e30, rawbuf=0x7f5fd4012138 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", length=61, parser_state=0x7f60262c1550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958
            		 
            #15 0x00005598571293af in dispatch_command (command=COM_QUERY, thd=0x7f5fd4000e30, packet=0x7f5fd4008851 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", packet_length=61, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855
            		 
            #16 0x0000559857127c17 in do_command (thd=0x7f5fd4000e30) at /data/src/10.4/sql/sql_parse.cc:1373
            		 
            #17 0x00005598572b6f07 in do_handle_one_connection (connect=0x55985a874190) at /data/src/10.4/sql/sql_connect.cc:1412
            		 
            #18 0x00005598572b6c50 in handle_one_connection (arg=0x55985a874190) at /data/src/10.4/sql/sql_connect.cc:1316
            		 
            #19 0x0000559857cd8302 in pfs_spawn_thread (arg=0x55985a7aea70) at /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
            #20 0x00007f6031a07609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            		 
            #21 0x00007f6031272293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95


            #3  <signal handler called>
            		 
            #4  0x000055ff43d41370 in Index_statistics::avg_frequency_is_inited (this=0x0) at /data/src/10.4/sql/sql_statistics.h:459
            		 
            #5  0x000055ff43d3f559 in set_statistics_for_table (thd=0x7f4a58000e30, table=0x7f4a58075960) at /data/src/10.4/sql/sql_statistics.cc:3655
            		 
            #6  0x000055ff441b109d in mysql_delete (thd=0x7f4a58000e30, table_list=0x7f4a58012298, conds=0x0, order_list=0x7f4a580057f0, limit=9, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:519
            		 
            #7  0x000055ff43c7241d in mysql_execute_command (thd=0x7f4a58000e30) at /data/src/10.4/sql/sql_parse.cc:4770
            		 
            #8  0x000055ff43c7d087 in mysql_parse (thd=0x7f4a58000e30, rawbuf=0x7f4a58012138 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", length=61, parser_state=0x7f4aaa8e5550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958
            		 
            #9  0x000055ff43c693af in dispatch_command (command=COM_QUERY, thd=0x7f4a58000e30, packet=0x7f4a58008851 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", packet_length=61, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855
            		 
            #10 0x000055ff43c67c17 in do_command (thd=0x7f4a58000e30) at /data/src/10.4/sql/sql_parse.cc:1373
            		 
            #11 0x000055ff43df6f07 in do_handle_one_connection (connect=0x55ff47b65190) at /data/src/10.4/sql/sql_connect.cc:1412
            		 
            #12 0x000055ff43df6c50 in handle_one_connection (arg=0x55ff47b65190) at /data/src/10.4/sql/sql_connect.cc:1316
            		 
            #13 0x000055ff44818302 in pfs_spawn_thread (arg=0x55ff47a9fa70) at /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
            #14 0x00007f4ab6007609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            		 
            #15 0x00007f4ab5872293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95


            ==4134862==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61e000052801 at pc 0x7f65413d5480 bp 0x7f6529cc1e80 sp 0x7f6529cc1628
            		 
            READ of size 3 at 0x61e000052801 thread T28
            		 
                #0 0x7f65413d547f  (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            		 
                #1 0x55fc02cd6353 in Field::set_default() /data/src/10.4/sql/field.cc:2491
            		 
                #2 0x55fc02d29fd4 in Field::save_in_field_default_value(bool) /data/src/10.4/sql/field.cc:11455
            		 
                #3 0x55fc02c365c3 in Item_default_specification::save_in_field(Field*, bool) /data/src/10.4/sql/item.h:6515
            		 
                #4 0x55fc023fb64c in fill_record(THD*, TABLE*, List<Item>&, List<Item>&, bool, bool) /data/src/10.4/sql/sql_base.cc:8562
            		 
                #5 0x55fc023fc867 in fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type) /data/src/10.4/sql/sql_base.cc:8734
            		 
                #6 0x55fc02830f7c in mysql_update(THD*, TABLE_LIST*, List<Item>&, List<Item>&, Item*, unsigned int, st_order*, unsigned long long, bool, unsigned long long*, unsigned long long*) /data/src/10.4/sql/sql_update.cc:1009
            		 
                #7 0x55fc0256c3a7 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:4407
            		 
                #8 0x55fc025853a2 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7958
            		 
                #9 0x55fc0255bf93 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855
            		 
                #10 0x55fc02558a42 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373
            		 
                #11 0x55fc0294ac2b in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
            		 
                #12 0x55fc0294a4cf in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
            		 
                #13 0x55fc0400418a in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
                #14 0x7f6541251608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
            		 
                #15 0x7f6540aba292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
            		 
             
            		 
            0x61e000052801 is located 5 bytes to the right of 2940-byte region [0x61e000051c80,0x61e0000527fc)
            		 
            allocated by thread T28 here:
            		 
                #0 0x7f6541447bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
            		 
                #1 0x55fc041528b4 in sf_malloc /data/src/10.4/mysys/safemalloc.c:118
            		 
                #2 0x55fc041206f4 in my_malloc /data/src/10.4/mysys/my_malloc.c:101
            		 
                #3 0x55fc040fc1a2 in alloc_root /data/src/10.4/mysys/my_alloc.c:251
            		 
                #4 0x55fc0286850c in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.4/sql/table.cc:1975
            		 
                #5 0x55fc0285e235 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.4/sql/table.cc:706
            		 
                #6 0x55fc02bac3d5 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.4/sql/table_cache.cc:837
            		 
                #7 0x55fc023d3b05 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.4/sql/sql_base.cc:1952
            		 
                #8 0x55fc023de399 in open_and_process_table /data/src/10.4/sql/sql_base.cc:3905
            		 
                #9 0x55fc023e0eed in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:4377
            		 
                #10 0x55fc023e6015 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:5313
            		 
                #11 0x55fc023409e5 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.4/sql/sql_base.h:503
            		 
                #12 0x55fc0257b49f in execute_sqlcom_select /data/src/10.4/sql/sql_parse.cc:6338
            		 
                #13 0x55fc025696a1 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:3936
            		 
                #14 0x55fc025853a2 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7958
            		 
                #15 0x55fc0255bf93 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855
            		 
                #16 0x55fc02558a42 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373
            		 
                #17 0x55fc0294ac2b in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
            		 
                #18 0x55fc0294a4cf in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
            		 
                #19 0x55fc0400418a in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
                #20 0x7f6541251608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
            		 
             
            		 
            Thread T28 created by T0 here:
            		 
                #0 0x7f6541374805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
            		 
                #1 0x55fc0400457b in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1919
            		 
                #2 0x55fc02261c78 in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1275
            		 
                #3 0x55fc02279851 in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6259
            		 
                #4 0x55fc02279fec in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6329
            		 
                #5 0x55fc0227a4d2 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6427
            		 
                #6 0x55fc0227b36b in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6585
            		 
                #7 0x55fc02278f56 in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5917
            		 
                #8 0x55fc0225fbec in main /data/src/10.4/sql/main.cc:25
            		 
                #9 0x7f65409bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
            		 
             
            		 
            SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) 
            Shadow bytes around the buggy address:
            		 
              0x0c3c800024b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3c800024c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3c800024d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3c800024e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3c800024f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 04
            		 
            =>0x0c3c80002500:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
            		 
              0x0c3c80002510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3c80002520: f7 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00
            		 
              0x0c3c80002530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3c80002540: 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00
            		 
              0x0c3c80002550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
            Shadow byte legend (one shadow byte represents 8 application bytes):
            		 
              Addressable:           00
            		 
              Partially addressable: 01 02 03 04 05 06 07 
              Heap left redzone:       fa
            		 
              Freed heap region:       fd
            		 
              Stack left redzone:      f1
            		 
              Stack mid redzone:       f2
            		 
              Stack right redzone:     f3
            		 
              Stack after return:      f5
            		 
              Stack use after scope:   f8
            		 
              Global redzone:          f9
            		 
              Global init order:       f6
            		 
              Poisoned by user:        f7
            		 
              Container overflow:      fc
            		 
              Array cookie:            ac
            		 
              Intra object redzone:    bb
            		 
              ASan internal:           fe
            		 
              Left alloca redzone:     ca
            		 
              Right alloca redzone:    cb
            		 
              Shadow gap:              cc
            		 
            ==4134862==ABORTING


            #3  <signal handler called>
            		 
            #4  0x0000560c454ba52a in Field::set_notnull (this=0x7ff124074a18, row_offset=0) at /data/src/10.4/sql/field.h:1195
            		 
            #5  0x0000560c45972366 in save_field_in_field (from=0x7ff124074940, null_value=0x7ff12407f84e, to=0x7ff124074a18, no_conversions=false) at /data/src/10.4/sql/item.cc:6423
            		 
            #6  0x0000560c459725f2 in Item_field::save_in_field (this=0x7ff12407f7d8, to=0x7ff124074a18, no_conversions=false) at /data/src/10.4/sql/item.cc:6486
            		 
            #7  0x0000560c45716436 in TABLE::update_virtual_field (this=0x7ff12407c250, vf=0x7ff124074a18) at /data/src/10.4/sql/table.cc:8415
            		 
            #8  0x0000560c45bb8c22 in innobase_get_computed_value (row=0x7ff12408ace0, col=0x7ff1301b65d0, index=0x7ff1300580d0, local_heap=0x7ff17b11a350, heap=0x7ff12c01d320, ifield=0x0, thd=0x7ff124000d90, mysql_table=0x7ff12407c250, mysql_rec=0x7ff12408ef20 "\217", old_table=0x0, parent_update=0x0, foreign=0x0) at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:20808
            		 
            #9  0x0000560c45dab6dd in row_upd_store_v_row (node=0x7ff12408cf08, update=0x0, thd=0x7ff124000d90, mysql_table=0x7ff12407c250) at /data/src/10.4/storage/innobase/row/row0upd.cc:2157
            		 
            #10 0x0000560c45dab9aa in row_upd_store_row (node=0x7ff12408cf08, thd=0x7ff124000d90, mysql_table=0x7ff12407c250) at /data/src/10.4/storage/innobase/row/row0upd.cc:2226
            		 
            #11 0x0000560c45daeada in row_upd_del_mark_clust_rec (node=0x7ff12408cf08, index=0x7ff1300580d0, offsets=0x7ff17b11a8d0, thr=0x7ff12408d390, referenced=0, foreign=false, mtr=0x7ff17b11ab30) at /data/src/10.4/storage/innobase/row/row0upd.cc:2974
            		 
            #12 0x0000560c45daf61a in row_upd_clust_step (node=0x7ff12408cf08, thr=0x7ff12408d390) at /data/src/10.4/storage/innobase/row/row0upd.cc:3164
            		 
            #13 0x0000560c45dafc08 in row_upd (node=0x7ff12408cf08, thr=0x7ff12408d390) at /data/src/10.4/storage/innobase/row/row0upd.cc:3296
            		 
            #14 0x0000560c45db01d0 in row_upd_step (thr=0x7ff12408d390) at /data/src/10.4/storage/innobase/row/row0upd.cc:3440
            		 
            #15 0x0000560c45d4e746 in row_update_for_mysql (prebuilt=0x7ff124082950) at /data/src/10.4/storage/innobase/row/row0mysql.cc:1848
            		 
            #16 0x0000560c45ba2fc4 in ha_innobase::delete_row (this=0x7ff124074d38, record=0x7ff124075528 "\377\001\341\027`") at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:8915
            		 
            #17 0x0000560c459547b6 in handler::ha_delete_row (this=0x7ff124074d38, buf=0x7ff124075528 "\377\001\341\027`") at /data/src/10.4/sql/handler.cc:6861
            		 
            #18 0x0000560c45b1c5e3 in TABLE::delete_row (this=0x7ff12407c250) at /data/src/10.4/sql/sql_delete.cc:292
            		 
            #19 0x0000560c45b19361 in mysql_delete (thd=0x7ff124000d90, table_list=0x7ff1240121f8, conds=0x0, order_list=0x7ff124005750, limit=9, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:815
            		 
            #20 0x0000560c455d941d in mysql_execute_command (thd=0x7ff124000d90) at /data/src/10.4/sql/sql_parse.cc:4770
            		 
            #21 0x0000560c455e4087 in mysql_parse (thd=0x7ff124000d90, rawbuf=0x7ff124012098 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", length=61, parser_state=0x7ff17b11c550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958
            		 
            #22 0x0000560c455d03af in dispatch_command (command=COM_QUERY, thd=0x7ff124000d90, packet=0x7ff1240087b1 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", packet_length=61, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855
            		 
            #23 0x0000560c455cec17 in do_command (thd=0x7ff124000d90) at /data/src/10.4/sql/sql_parse.cc:1373
            		 
            #24 0x0000560c4575df07 in do_handle_one_connection (connect=0x560c47d9a610) at /data/src/10.4/sql/sql_connect.cc:1412
            		 
            #25 0x0000560c4575dc50 in handle_one_connection (arg=0x560c47d9a610) at /data/src/10.4/sql/sql_connect.cc:1316
            		 
            #26 0x0000560c4617f302 in pfs_spawn_thread (arg=0x560c47dd8930) at /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
            #27 0x00007ff186823609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            		 
            #28 0x00007ff18608e293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

            10.4 a6c6c4f4

            		 
            ==2485939==ERROR: AddressSanitizer: use-after-poison on address 0x61f00001903a at pc 0x7f93a7cbc57d bp 0x7f939da9c150 sp 0x7f939da9b8f8
            		 
            WRITE of size 4 at 0x61f00001903a thread T5
            		 
                #0 0x7f93a7cbc57c  (/lib/x86_64-linux-gnu/libasan.so.5+0x9b57c)
            		 
                #1 0x557a0819d908 in Field::update_max(Field*, bool) /data/src/10.4/sql/field.h:1135
            		 
                #2 0x557a07bf9597 in Column_statistics_collected::add() (/data/bld/10.4-asan-nightly/bin/mysqld+0x14f2597)
            		 
                #3 0x557a07be609b in collect_statistics_for_table(THD*, TABLE*) /data/src/10.4/sql/sql_statistics.cc:2690
            		 
                #4 0x557a07de92f0 in mysql_admin_table /data/src/10.4/sql/sql_admin.cc:961
            		 
                #5 0x557a07ded429 in Sql_cmd_analyze_table::execute(THD*) /data/src/10.4/sql/sql_admin.cc:1390
            		 
                #6 0x557a079e3a97 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:6161
            		 
                #7 0x557a079ef874 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7959
            		 
                #8 0x557a079c6371 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855
            		 
                #9 0x557a079c2e20 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373
            		 
                #10 0x557a07db5517 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
            		 
                #11 0x557a07db4dbb in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
            		 
                #12 0x557a094732ba in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
                #13 0x7f93a7ad4608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
            		 
                #14 0x7f93a733f292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
            		 
             
            		 
            0x61f00001903a is located 1978 bytes inside of 3068-byte region [0x61f000018880,0x61f00001947c)
            		 
            allocated by thread T5 here:
            		 
                #0 0x7f93a7d2ebc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
            		 
                #1 0x557a095c185a in sf_malloc /data/src/10.4/mysys/safemalloc.c:118
            		 
                #2 0x557a0958f6be in my_malloc /data/src/10.4/mysys/my_malloc.c:101
            		 
                #3 0x557a0956b16c in alloc_root /data/src/10.4/mysys/my_alloc.c:251
            		 
                #4 0x557a0773c465 in Query_arena::calloc(unsigned long) /data/src/10.4/sql/sql_class.h:1055
            		 
                #5 0x557a079f1304 in st_select_lex::add_table_to_list(THD*, Table_ident*, st_mysql_const_lex_string*, unsigned long, thr_lock_type, enum_mdl_type, List<Index_hint>*, List<String>*, st_mysql_lex_string*) /data/src/10.4/sql/sql_parse.cc:8147
            		 
                #6 0x557a0794ba83 in init_lex_with_single_table(THD*, TABLE*, LEX*) /data/src/10.4/sql/sql_lex.cc:197
            		 
                #7 0x557a07ce157f in unpack_vcol_info_from_frm /data/src/10.4/sql/table.cc:3452
            		 
                #8 0x557a07ccc583 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /data/src/10.4/sql/table.cc:1174
            		 
                #9 0x557a07ce5114 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /data/src/10.4/sql/table.cc:3845
            		 
                #10 0x557a0783f063 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.4/sql/sql_base.cc:2095
            		 
                #11 0x557a07848ad9 in open_and_process_table /data/src/10.4/sql/sql_base.cc:3905
            		 
                #12 0x557a0784b62d in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:4377
            		 
                #13 0x557a07850755 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:5313
            		 
                #14 0x557a077aadad in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.4/sql/sql_base.h:503
            		 
                #15 0x557a079198fd in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /data/src/10.4/sql/sql_insert.cc:764
            		 
                #16 0x557a079d785f in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:4572
            		 
                #17 0x557a079ef874 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7959
            		 
                #18 0x557a079c6371 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855
            		 
                #19 0x557a079c2e20 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373
            		 
                #20 0x557a07db5517 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412
            		 
                #21 0x557a07db4dbb in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316
            		 
                #22 0x557a094732ba in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
                #23 0x7f93a7ad4608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
            		 
             
            		 
            Thread T5 created by T0 here:
            		 
                #0 0x7f93a7c5b805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
            		 
                #1 0x557a094736ab in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1919
            		 
                #2 0x557a076ccaff in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1275
            		 
                #3 0x557a076e44b5 in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6243
            		 
                #4 0x557a076e4c50 in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6313
            		 
                #5 0x557a076e5136 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6411
            		 
                #6 0x557a076e5fcf in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6569
            		 
                #7 0x557a076e3bba in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5901
            		 
                #8 0x557a076cad4c in main /data/src/10.4/sql/main.cc:25
            		 
                #9 0x7f93a72440b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
            		 
             
            		 
            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b57c) 
            Shadow bytes around the buggy address:
            		 
              0x0c3e7fffb1b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb1c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb1d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb1e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb1f0: 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00 00
            		 
            =>0x0c3e7fffb200: 00 00 00 00 00 00 00[f7]00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb220: 00 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f7
            		 
              0x0c3e7fffb240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3e7fffb250: 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00
            		 
            Shadow byte legend (one shadow byte represents 8 application bytes):
            		 
              Addressable:           00
            		 
              Partially addressable: 01 02 03 04 05 06 07 
              Heap left redzone:       fa
            		 
              Freed heap region:       fd
            		 
              Stack left redzone:      f1
            		 
              Stack mid redzone:       f2
            		 
              Stack right redzone:     f3
            		 
              Stack after return:      f5
            		 
              Stack use after scope:   f8
            		 
              Global redzone:          f9
            		 
              Global init order:       f6
            		 
              Poisoned by user:        f7
            		 
              Container overflow:      fc
            		 
              Array cookie:            ac
            		 
              Intra object redzone:    bb
            		 
              ASan internal:           fe
            		 
              Left alloca redzone:     ca
            		 
              Right alloca redzone:    cb
            		 
              Shadow gap:              cc
            		 
            ==2485939==ABORTING

            elenst Elena Stepanova added a comment - - edited More random aftermaths: 10.4 ce141d07 2021-01-24 17:15:12 0x7f60262c2700 InnoDB: Assertion failure in file /data/src/10.4/storage/innobase/que/que0que.cc line 828 InnoDB: Failing assertion: thr->magic_n == QUE_THR_MAGIC_N   #6 0x00005598579832b1 in ut_dbg_assertion_failed (expr=0x5598580918e8 "thr->magic_n == QUE_THR_MAGIC_N", file=0x5598580916f0 "/data/src/10.4/storage/innobase/que/que0que.cc", line=828) at /data/src/10.4/storage/innobase/ut/ut0dbg.cc:60 #7 0x000055985783be57 in que_thr_move_to_run_state_for_mysql (thr=0x7f5fd00aeb50, trx=0x7f6026c5b228) at /data/src/10.4/storage/innobase/que/que0que.cc:828 #8 0x00005598578a7611 in row_update_for_mysql (prebuilt=0x7f5fd0072980) at /data/src/10.4/storage/innobase/row/row0mysql.cc:1831 #9 0x00005598576fbfc4 in ha_innobase::delete_row (this=0x7f5fd002a2c8, record=0x7f5fd00414d8 "\377\001\341\027`") at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:8915 #10 0x00005598574ad7b6 in handler::ha_delete_row (this=0x7f5fd002a2c8, buf=0x7f5fd00414d8 "\377\001\341\027`") at /data/src/10.4/sql/handler.cc:6861 #11 0x00005598576755e3 in TABLE::delete_row (this=0x7f5fd0032890) at /data/src/10.4/sql/sql_delete.cc:292 #12 0x0000559857672361 in mysql_delete (thd=0x7f5fd4000e30, table_list=0x7f5fd4012298, conds=0x0, order_list=0x7f5fd40057f0, limit=9, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:815 #13 0x000055985713241d in mysql_execute_command (thd=0x7f5fd4000e30) at /data/src/10.4/sql/sql_parse.cc:4770 #14 0x000055985713d087 in mysql_parse (thd=0x7f5fd4000e30, rawbuf=0x7f5fd4012138 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", length=61, parser_state=0x7f60262c1550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958 #15 0x00005598571293af in dispatch_command (command=COM_QUERY, thd=0x7f5fd4000e30, packet=0x7f5fd4008851 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", packet_length=61, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855 #16 0x0000559857127c17 in do_command (thd=0x7f5fd4000e30) at /data/src/10.4/sql/sql_parse.cc:1373 #17 0x00005598572b6f07 in do_handle_one_connection (connect=0x55985a874190) at /data/src/10.4/sql/sql_connect.cc:1412 #18 0x00005598572b6c50 in handle_one_connection (arg=0x55985a874190) at /data/src/10.4/sql/sql_connect.cc:1316 #19 0x0000559857cd8302 in pfs_spawn_thread (arg=0x55985a7aea70) at /data/src/10.4/storage/perfschema/pfs.cc:1869 #20 0x00007f6031a07609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #21 0x00007f6031272293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 #3 <signal handler called> #4 0x000055ff43d41370 in Index_statistics::avg_frequency_is_inited (this=0x0) at /data/src/10.4/sql/sql_statistics.h:459 #5 0x000055ff43d3f559 in set_statistics_for_table (thd=0x7f4a58000e30, table=0x7f4a58075960) at /data/src/10.4/sql/sql_statistics.cc:3655 #6 0x000055ff441b109d in mysql_delete (thd=0x7f4a58000e30, table_list=0x7f4a58012298, conds=0x0, order_list=0x7f4a580057f0, limit=9, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:519 #7 0x000055ff43c7241d in mysql_execute_command (thd=0x7f4a58000e30) at /data/src/10.4/sql/sql_parse.cc:4770 #8 0x000055ff43c7d087 in mysql_parse (thd=0x7f4a58000e30, rawbuf=0x7f4a58012138 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", length=61, parser_state=0x7f4aaa8e5550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958 #9 0x000055ff43c693af in dispatch_command (command=COM_QUERY, thd=0x7f4a58000e30, packet=0x7f4a58008851 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", packet_length=61, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855 #10 0x000055ff43c67c17 in do_command (thd=0x7f4a58000e30) at /data/src/10.4/sql/sql_parse.cc:1373 #11 0x000055ff43df6f07 in do_handle_one_connection (connect=0x55ff47b65190) at /data/src/10.4/sql/sql_connect.cc:1412 #12 0x000055ff43df6c50 in handle_one_connection (arg=0x55ff47b65190) at /data/src/10.4/sql/sql_connect.cc:1316 #13 0x000055ff44818302 in pfs_spawn_thread (arg=0x55ff47a9fa70) at /data/src/10.4/storage/perfschema/pfs.cc:1869 #14 0x00007f4ab6007609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #15 0x00007f4ab5872293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 ==4134862==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61e000052801 at pc 0x7f65413d5480 bp 0x7f6529cc1e80 sp 0x7f6529cc1628 READ of size 3 at 0x61e000052801 thread T28 #0 0x7f65413d547f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) #1 0x55fc02cd6353 in Field::set_default() /data/src/10.4/sql/field.cc:2491 #2 0x55fc02d29fd4 in Field::save_in_field_default_value(bool) /data/src/10.4/sql/field.cc:11455 #3 0x55fc02c365c3 in Item_default_specification::save_in_field(Field*, bool) /data/src/10.4/sql/item.h:6515 #4 0x55fc023fb64c in fill_record(THD*, TABLE*, List<Item>&, List<Item>&, bool, bool) /data/src/10.4/sql/sql_base.cc:8562 #5 0x55fc023fc867 in fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type) /data/src/10.4/sql/sql_base.cc:8734 #6 0x55fc02830f7c in mysql_update(THD*, TABLE_LIST*, List<Item>&, List<Item>&, Item*, unsigned int, st_order*, unsigned long long, bool, unsigned long long*, unsigned long long*) /data/src/10.4/sql/sql_update.cc:1009 #7 0x55fc0256c3a7 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:4407 #8 0x55fc025853a2 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7958 #9 0x55fc0255bf93 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855 #10 0x55fc02558a42 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373 #11 0x55fc0294ac2b in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412 #12 0x55fc0294a4cf in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316 #13 0x55fc0400418a in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869 #14 0x7f6541251608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477 #15 0x7f6540aba292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)   0x61e000052801 is located 5 bytes to the right of 2940-byte region [0x61e000051c80,0x61e0000527fc) allocated by thread T28 here: #0 0x7f6541447bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8) #1 0x55fc041528b4 in sf_malloc /data/src/10.4/mysys/safemalloc.c:118 #2 0x55fc041206f4 in my_malloc /data/src/10.4/mysys/my_malloc.c:101 #3 0x55fc040fc1a2 in alloc_root /data/src/10.4/mysys/my_alloc.c:251 #4 0x55fc0286850c in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long) /data/src/10.4/sql/table.cc:1975 #5 0x55fc0285e235 in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.4/sql/table.cc:706 #6 0x55fc02bac3d5 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.4/sql/table_cache.cc:837 #7 0x55fc023d3b05 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.4/sql/sql_base.cc:1952 #8 0x55fc023de399 in open_and_process_table /data/src/10.4/sql/sql_base.cc:3905 #9 0x55fc023e0eed in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:4377 #10 0x55fc023e6015 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:5313 #11 0x55fc023409e5 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.4/sql/sql_base.h:503 #12 0x55fc0257b49f in execute_sqlcom_select /data/src/10.4/sql/sql_parse.cc:6338 #13 0x55fc025696a1 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:3936 #14 0x55fc025853a2 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7958 #15 0x55fc0255bf93 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855 #16 0x55fc02558a42 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373 #17 0x55fc0294ac2b in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412 #18 0x55fc0294a4cf in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316 #19 0x55fc0400418a in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869 #20 0x7f6541251608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477   Thread T28 created by T0 here: #0 0x7f6541374805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805) #1 0x55fc0400457b in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1919 #2 0x55fc02261c78 in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1275 #3 0x55fc02279851 in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6259 #4 0x55fc02279fec in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6329 #5 0x55fc0227a4d2 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6427 #6 0x55fc0227b36b in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6585 #7 0x55fc02278f56 in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5917 #8 0x55fc0225fbec in main /data/src/10.4/sql/main.cc:25 #9 0x7f65409bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)   SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) Shadow bytes around the buggy address: 0x0c3c800024b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3c800024c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3c800024d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3c800024e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3c800024f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02 04 =>0x0c3c80002500:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c3c80002510: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3c80002520: f7 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00 0x0c3c80002530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3c80002540: 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00 0x0c3c80002550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==4134862==ABORTING #3 <signal handler called> #4 0x0000560c454ba52a in Field::set_notnull (this=0x7ff124074a18, row_offset=0) at /data/src/10.4/sql/field.h:1195 #5 0x0000560c45972366 in save_field_in_field (from=0x7ff124074940, null_value=0x7ff12407f84e, to=0x7ff124074a18, no_conversions=false) at /data/src/10.4/sql/item.cc:6423 #6 0x0000560c459725f2 in Item_field::save_in_field (this=0x7ff12407f7d8, to=0x7ff124074a18, no_conversions=false) at /data/src/10.4/sql/item.cc:6486 #7 0x0000560c45716436 in TABLE::update_virtual_field (this=0x7ff12407c250, vf=0x7ff124074a18) at /data/src/10.4/sql/table.cc:8415 #8 0x0000560c45bb8c22 in innobase_get_computed_value (row=0x7ff12408ace0, col=0x7ff1301b65d0, index=0x7ff1300580d0, local_heap=0x7ff17b11a350, heap=0x7ff12c01d320, ifield=0x0, thd=0x7ff124000d90, mysql_table=0x7ff12407c250, mysql_rec=0x7ff12408ef20 "\217", old_table=0x0, parent_update=0x0, foreign=0x0) at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:20808 #9 0x0000560c45dab6dd in row_upd_store_v_row (node=0x7ff12408cf08, update=0x0, thd=0x7ff124000d90, mysql_table=0x7ff12407c250) at /data/src/10.4/storage/innobase/row/row0upd.cc:2157 #10 0x0000560c45dab9aa in row_upd_store_row (node=0x7ff12408cf08, thd=0x7ff124000d90, mysql_table=0x7ff12407c250) at /data/src/10.4/storage/innobase/row/row0upd.cc:2226 #11 0x0000560c45daeada in row_upd_del_mark_clust_rec (node=0x7ff12408cf08, index=0x7ff1300580d0, offsets=0x7ff17b11a8d0, thr=0x7ff12408d390, referenced=0, foreign=false, mtr=0x7ff17b11ab30) at /data/src/10.4/storage/innobase/row/row0upd.cc:2974 #12 0x0000560c45daf61a in row_upd_clust_step (node=0x7ff12408cf08, thr=0x7ff12408d390) at /data/src/10.4/storage/innobase/row/row0upd.cc:3164 #13 0x0000560c45dafc08 in row_upd (node=0x7ff12408cf08, thr=0x7ff12408d390) at /data/src/10.4/storage/innobase/row/row0upd.cc:3296 #14 0x0000560c45db01d0 in row_upd_step (thr=0x7ff12408d390) at /data/src/10.4/storage/innobase/row/row0upd.cc:3440 #15 0x0000560c45d4e746 in row_update_for_mysql (prebuilt=0x7ff124082950) at /data/src/10.4/storage/innobase/row/row0mysql.cc:1848 #16 0x0000560c45ba2fc4 in ha_innobase::delete_row (this=0x7ff124074d38, record=0x7ff124075528 "\377\001\341\027`") at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:8915 #17 0x0000560c459547b6 in handler::ha_delete_row (this=0x7ff124074d38, buf=0x7ff124075528 "\377\001\341\027`") at /data/src/10.4/sql/handler.cc:6861 #18 0x0000560c45b1c5e3 in TABLE::delete_row (this=0x7ff12407c250) at /data/src/10.4/sql/sql_delete.cc:292 #19 0x0000560c45b19361 in mysql_delete (thd=0x7ff124000d90, table_list=0x7ff1240121f8, conds=0x0, order_list=0x7ff124005750, limit=9, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:815 #20 0x0000560c455d941d in mysql_execute_command (thd=0x7ff124000d90) at /data/src/10.4/sql/sql_parse.cc:4770 #21 0x0000560c455e4087 in mysql_parse (thd=0x7ff124000d90, rawbuf=0x7ff124012098 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", length=61, parser_state=0x7ff17b11c550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7958 #22 0x0000560c455d03af in dispatch_command (command=COM_QUERY, thd=0x7ff124000d90, packet=0x7ff1240087b1 "DELETE FROM `view_t4_InnoDB` ORDER BY `col_timestamp` LIMIT 9", packet_length=61, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855 #23 0x0000560c455cec17 in do_command (thd=0x7ff124000d90) at /data/src/10.4/sql/sql_parse.cc:1373 #24 0x0000560c4575df07 in do_handle_one_connection (connect=0x560c47d9a610) at /data/src/10.4/sql/sql_connect.cc:1412 #25 0x0000560c4575dc50 in handle_one_connection (arg=0x560c47d9a610) at /data/src/10.4/sql/sql_connect.cc:1316 #26 0x0000560c4617f302 in pfs_spawn_thread (arg=0x560c47dd8930) at /data/src/10.4/storage/perfschema/pfs.cc:1869 #27 0x00007ff186823609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #28 0x00007ff18608e293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 10.4 a6c6c4f4 ==2485939==ERROR: AddressSanitizer: use-after-poison on address 0x61f00001903a at pc 0x7f93a7cbc57d bp 0x7f939da9c150 sp 0x7f939da9b8f8 WRITE of size 4 at 0x61f00001903a thread T5 #0 0x7f93a7cbc57c (/lib/x86_64-linux-gnu/libasan.so.5+0x9b57c) #1 0x557a0819d908 in Field::update_max(Field*, bool) /data/src/10.4/sql/field.h:1135 #2 0x557a07bf9597 in Column_statistics_collected::add() (/data/bld/10.4-asan-nightly/bin/mysqld+0x14f2597) #3 0x557a07be609b in collect_statistics_for_table(THD*, TABLE*) /data/src/10.4/sql/sql_statistics.cc:2690 #4 0x557a07de92f0 in mysql_admin_table /data/src/10.4/sql/sql_admin.cc:961 #5 0x557a07ded429 in Sql_cmd_analyze_table::execute(THD*) /data/src/10.4/sql/sql_admin.cc:1390 #6 0x557a079e3a97 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:6161 #7 0x557a079ef874 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7959 #8 0x557a079c6371 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855 #9 0x557a079c2e20 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373 #10 0x557a07db5517 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412 #11 0x557a07db4dbb in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316 #12 0x557a094732ba in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869 #13 0x7f93a7ad4608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477 #14 0x7f93a733f292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)   0x61f00001903a is located 1978 bytes inside of 3068-byte region [0x61f000018880,0x61f00001947c) allocated by thread T5 here: #0 0x7f93a7d2ebc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8) #1 0x557a095c185a in sf_malloc /data/src/10.4/mysys/safemalloc.c:118 #2 0x557a0958f6be in my_malloc /data/src/10.4/mysys/my_malloc.c:101 #3 0x557a0956b16c in alloc_root /data/src/10.4/mysys/my_alloc.c:251 #4 0x557a0773c465 in Query_arena::calloc(unsigned long) /data/src/10.4/sql/sql_class.h:1055 #5 0x557a079f1304 in st_select_lex::add_table_to_list(THD*, Table_ident*, st_mysql_const_lex_string*, unsigned long, thr_lock_type, enum_mdl_type, List<Index_hint>*, List<String>*, st_mysql_lex_string*) /data/src/10.4/sql/sql_parse.cc:8147 #6 0x557a0794ba83 in init_lex_with_single_table(THD*, TABLE*, LEX*) /data/src/10.4/sql/sql_lex.cc:197 #7 0x557a07ce157f in unpack_vcol_info_from_frm /data/src/10.4/sql/table.cc:3452 #8 0x557a07ccc583 in parse_vcol_defs(THD*, st_mem_root*, TABLE*, bool*, vcol_init_mode) /data/src/10.4/sql/table.cc:1174 #9 0x557a07ce5114 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /data/src/10.4/sql/table.cc:3845 #10 0x557a0783f063 in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.4/sql/sql_base.cc:2095 #11 0x557a07848ad9 in open_and_process_table /data/src/10.4/sql/sql_base.cc:3905 #12 0x557a0784b62d in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:4377 #13 0x557a07850755 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.4/sql/sql_base.cc:5313 #14 0x557a077aadad in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.4/sql/sql_base.h:503 #15 0x557a079198fd in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /data/src/10.4/sql/sql_insert.cc:764 #16 0x557a079d785f in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:4572 #17 0x557a079ef874 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:7959 #18 0x557a079c6371 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1855 #19 0x557a079c2e20 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1373 #20 0x557a07db5517 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1412 #21 0x557a07db4dbb in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1316 #22 0x557a094732ba in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1869 #23 0x7f93a7ad4608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477   Thread T5 created by T0 here: #0 0x7f93a7c5b805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805) #1 0x557a094736ab in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1919 #2 0x557a076ccaff in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1275 #3 0x557a076e44b5 in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6243 #4 0x557a076e4c50 in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6313 #5 0x557a076e5136 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6411 #6 0x557a076e5fcf in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6569 #7 0x557a076e3bba in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5901 #8 0x557a076cad4c in main /data/src/10.4/sql/main.cc:25 #9 0x7f93a72440b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)   SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b57c) Shadow bytes around the buggy address: 0x0c3e7fffb1b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb1c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb1d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb1e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb1f0: 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 =>0x0c3e7fffb200: 00 00 00 00 00 00 00[f7]00 00 00 00 00 00 00 00 0x0c3e7fffb210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb220: 00 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb230: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f7 0x0c3e7fffb240: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3e7fffb250: 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==2485939==ABORTING
            alice Alice Sherepa made changes -
            elenst Elena Stepanova added a comment -

            Stored (persistent) columns are also affected:

            CREATE TABLE t1 (pk INT PRIMARY KEY, a VARCHAR(3),b VARCHAR(2) AS (a) STORED);
            		 
            CREATE VIEW v1 AS SELECT * FROM t1;
            		 
             
            		 
            INSERT IGNORE INTO t1 (pk,a) VALUES (30,'foo');
            		 
            --error ER_DATA_TOO_LONG
            		 
            REPLACE INTO t1 (pk,a) VALUES (30,NULL);
            		 
             
            		 
            SHOW CREATE VIEW v1;
            		 
             
            		 
            # Cleanup
            		 
            DROP VIEW v1;
            		 
            DROP TABLE t1;

            10.5 16388f39

            		 
            ==2843658==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7f3b126a9480 bp 0x7f3b08b54c50 sp 0x7f3b08b543f8
            		 
            READ of size 4 at 0x61900008cc69 thread T5
            		 
                #0 0x7f3b126a947f  (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
            		 
                #1 0x556f9e797617 in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832
            		 
                #2 0x556f9e79771d in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862
            		 
                #3 0x556f9e0f6225 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18867
            		 
                #4 0x556f9e0fb81e in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19243
            		 
                #5 0x556f9e29d141 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329
            		 
                #6 0x556f9ded9320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846
            		 
                #7 0x556f9ded49c4 in mysql_handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_derived.cc:126
            		 
                #8 0x556f9e16fdd3 in mysqld_show_create_get_fields(THD*, TABLE_LIST*, List<Item>*, String*) /data/src/10.5/sql/sql_show.cc:1186
            		 
                #9 0x556f9e170bc3 in mysqld_show_create(THD*, TABLE_LIST*) /data/src/10.5/sql/sql_show.cc:1291
            		 
                #10 0x556f9dfbdc65 in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:4402
            		 
                #11 0x556f9dfd7bdb in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8063
            		 
                #12 0x556f9dfaddd4 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
            		 
                #13 0x556f9dfaa6fd in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
            		 
                #14 0x556f9e3ed593 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
            		 
                #15 0x556f9e3ecef7 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
            		 
                #16 0x556f9f0fc436 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
            		 
                #17 0x7f3b1222d608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
            		 
                #18 0x7f3b11e03292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
            		 
             
            		 
            0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4)
            		 
            allocated by thread T5 here:
            		 
                #0 0x7f3b1271bbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
            		 
                #1 0x556f9fd9c52a in sf_malloc /data/src/10.5/mysys/safemalloc.c:121
            		 
                #2 0x556f9fd6992f in my_malloc /data/src/10.5/mysys/my_malloc.c:90
            		 
                #3 0x556f9fd45726 in alloc_root /data/src/10.5/mysys/my_alloc.c:244
            		 
                #4 0x556f9fd46e28 in memdup_root /data/src/10.5/mysys/my_alloc.c:479
            		 
                #5 0x556f9e2f5325 in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1792
            		 
                #6 0x556f9e2ed82d in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714
            		 
                #7 0x556f9e6083c7 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831
            		 
                #8 0x556f9de1717f in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852
            		 
                #9 0x556f9de21e78 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801
            		 
                #10 0x556f9de249ff in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275
            		 
                #11 0x556f9de29b43 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211
            		 
                #12 0x556f9dd80d1b in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507
            		 
                #13 0x556f9e2d83c2 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452
            		 
                #14 0x556f9dfc8f32 in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5826
            		 
                #15 0x556f9dfd7bdb in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8063
            		 
                #16 0x556f9dfaddd4 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
            		 
                #17 0x556f9dfaa6fd in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
            		 
                #18 0x556f9e3ed593 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
            		 
                #19 0x556f9e3ecef7 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
            		 
                #20 0x556f9f0fc436 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
            		 
                #21 0x7f3b1222d608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
            		 
             
            		 
            Thread T5 created by T0 here:
            		 
                #0 0x7f3b12648805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
            		 
                #1 0x556f9f0f73da in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
            		 
                #2 0x556f9f0fc829 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
            		 
                #3 0x556f9dc9f2d2 in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
            		 
                #4 0x556f9dcb50c2 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6012
            		 
                #5 0x556f9dcb5741 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6071
            		 
                #6 0x556f9dcb5a9e in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6136
            		 
                #7 0x556f9dcb66bd in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6263
            		 
                #8 0x556f9dcb48cf in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5658
            		 
                #9 0x556f9dc9dd9c in main /data/src/10.5/sql/main.cc:25
            		 
                #10 0x7f3b11d080b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
            		 
             
            		 
            SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) 
            Shadow bytes around the buggy address:
            		 
              0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa
            		 
              0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
            		 
              0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00
            		 
              0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
            =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 04[f7]01 f7
            		 
              0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c32800099a0: 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00 00
            		 
              0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
            		 
              0x0c32800099c0: 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02 f7
            		 
              0x0c32800099d0: 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa
            		 
            Shadow byte legend (one shadow byte represents 8 application bytes):
            		 
              Addressable:           00
            		 
              Partially addressable: 01 02 03 04 05 06 07 
              Heap left redzone:       fa
            		 
              Freed heap region:       fd
            		 
              Stack left redzone:      f1
            		 
              Stack mid redzone:       f2
            		 
              Stack right redzone:     f3
            		 
              Stack after return:      f5
            		 
              Stack use after scope:   f8
            		 
              Global redzone:          f9
            		 
              Global init order:       f6
            		 
              Poisoned by user:        f7
            		 
              Container overflow:      fc
            		 
              Array cookie:            ac
            		 
              Intra object redzone:    bb
            		 
              ASan internal:           fe
            		 
              Left alloca redzone:     ca
            		 
              Right alloca redzone:    cb
            		 
              Shadow gap:              cc
            		 
            ==2843658==ABORTING

            elenst Elena Stepanova added a comment - Stored (persistent) columns are also affected: CREATE TABLE t1 (pk INT PRIMARY KEY , a VARCHAR (3),b VARCHAR (2) AS (a) STORED); CREATE VIEW v1 AS SELECT * FROM t1;   INSERT IGNORE INTO t1 (pk,a) VALUES (30, 'foo' ); --error ER_DATA_TOO_LONG REPLACE INTO t1 (pk,a) VALUES (30, NULL );   SHOW CREATE VIEW v1;   # Cleanup DROP VIEW v1; DROP TABLE t1; 10.5 16388f39 ==2843658==ERROR: AddressSanitizer: use-after-poison on address 0x61900008cc69 at pc 0x7f3b126a9480 bp 0x7f3b08b54c50 sp 0x7f3b08b543f8 READ of size 4 at 0x61900008cc69 thread T5 #0 0x7f3b126a947f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) #1 0x556f9e797617 in field_conv_memcpy /data/src/10.5/sql/field_conv.cc:832 #2 0x556f9e79771d in field_conv(Field*, Field*) /data/src/10.5/sql/field_conv.cc:862 #3 0x556f9e0f6225 in Create_tmp_table::finalize(THD*, TABLE*, TMP_TABLE_PARAM*, bool, bool) /data/src/10.5/sql/sql_select.cc:18867 #4 0x556f9e0fb81e in create_tmp_table(THD*, TMP_TABLE_PARAM*, List<Item>&, st_order*, bool, bool, unsigned long long, unsigned long long, st_mysql_const_lex_string const*, bool, bool) /data/src/10.5/sql/sql_select.cc:19243 #5 0x556f9e29d141 in select_unit::create_result_table(THD*, List<Item>*, bool, unsigned long long, st_mysql_const_lex_string const*, bool, bool, bool, unsigned int) /data/src/10.5/sql/sql_union.cc:329 #6 0x556f9ded9320 in mysql_derived_prepare /data/src/10.5/sql/sql_derived.cc:846 #7 0x556f9ded49c4 in mysql_handle_derived(LEX*, unsigned int) /data/src/10.5/sql/sql_derived.cc:126 #8 0x556f9e16fdd3 in mysqld_show_create_get_fields(THD*, TABLE_LIST*, List<Item>*, String*) /data/src/10.5/sql/sql_show.cc:1186 #9 0x556f9e170bc3 in mysqld_show_create(THD*, TABLE_LIST*) /data/src/10.5/sql/sql_show.cc:1291 #10 0x556f9dfbdc65 in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:4402 #11 0x556f9dfd7bdb in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8063 #12 0x556f9dfaddd4 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889 #13 0x556f9dfaa6fd in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370 #14 0x556f9e3ed593 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410 #15 0x556f9e3ecef7 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312 #16 0x556f9f0fc436 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201 #17 0x7f3b1222d608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477 #18 0x7f3b11e03292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)   0x61900008cc69 is located 489 bytes inside of 1124-byte region [0x61900008ca80,0x61900008cee4) allocated by thread T5 here: #0 0x7f3b1271bbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8) #1 0x556f9fd9c52a in sf_malloc /data/src/10.5/mysys/safemalloc.c:121 #2 0x556f9fd6992f in my_malloc /data/src/10.5/mysys/my_malloc.c:90 #3 0x556f9fd45726 in alloc_root /data/src/10.5/mysys/my_alloc.c:244 #4 0x556f9fd46e28 in memdup_root /data/src/10.5/mysys/my_alloc.c:479 #5 0x556f9e2f5325 in TABLE_SHARE::init_from_binary_frm_image(THD*, bool, unsigned char const*, unsigned long, unsigned char const*, unsigned long) /data/src/10.5/sql/table.cc:1792 #6 0x556f9e2ed82d in open_table_def(THD*, TABLE_SHARE*, unsigned int) /data/src/10.5/sql/table.cc:714 #7 0x556f9e6083c7 in tdc_acquire_share(THD*, TABLE_LIST*, unsigned int, TABLE**) /data/src/10.5/sql/table_cache.cc:831 #8 0x556f9de1717f in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.5/sql/sql_base.cc:1852 #9 0x556f9de21e78 in open_and_process_table /data/src/10.5/sql/sql_base.cc:3801 #10 0x556f9de249ff in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:4275 #11 0x556f9de29b43 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.5/sql/sql_base.cc:5211 #12 0x556f9dd80d1b in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.5/sql/sql_base.h:507 #13 0x556f9e2d83c2 in mysql_create_view(THD*, TABLE_LIST*, enum_view_create_mode) /data/src/10.5/sql/sql_view.cc:452 #14 0x556f9dfc8f32 in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:5826 #15 0x556f9dfd7bdb in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8063 #16 0x556f9dfaddd4 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889 #17 0x556f9dfaa6fd in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370 #18 0x556f9e3ed593 in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410 #19 0x556f9e3ecef7 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312 #20 0x556f9f0fc436 in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201 #21 0x7f3b1222d608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477   Thread T5 created by T0 here: #0 0x7f3b12648805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805) #1 0x556f9f0f73da in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38 #2 0x556f9f0fc829 in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252 #3 0x556f9dc9f2d2 in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323 #4 0x556f9dcb50c2 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6012 #5 0x556f9dcb5741 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6071 #6 0x556f9dcb5a9e in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6136 #7 0x556f9dcb66bd in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6263 #8 0x556f9dcb48cf in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5658 #9 0x556f9dc9dd9c in main /data/src/10.5/sql/main.cc:25 #10 0x7f3b11d080b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)   SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f) Shadow bytes around the buggy address: 0x0c3280009930: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa 0x0c3280009940: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa 0x0c3280009950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c3280009960: 00 00 00 00 f7 00 00 f7 01 f7 00 00 00 00 00 00 0x0c3280009970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x0c3280009980: 00 00 00 00 00 00 00 02 f7 00 f7 00 04[f7]01 f7 0x0c3280009990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c32800099a0: 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00 00 0x0c32800099b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x0c32800099c0: 00 00 00 f7 00 00 f7 00 00 00 00 00 00 f7 02 f7 0x0c32800099d0: 04 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 04 fa fa fa Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==2843658==ABORTING
            elenst Elena Stepanova made changes -
            Summary ASAN use-after-poison in create_tmp_table or assertion failures after failed REPLACE into table with virtual column ASAN use-after-poison in create_tmp_table or assertion failures after failed REPLACE into table with virtual/stored column
            elenst Elena Stepanova made changes -
            Labels regression affects-tests regression
            Priority Major [ 3 ] Critical [ 2 ]
            elenst Elena Stepanova made changes -
            Attachment mdev24583-hang-threads.txt [ 56573 ]
            elenst Elena Stepanova added a comment - - edited

            Adding a hang and long semaphore wait abort to the endless list of effects.
            Dirty test case (don't add it to the regression suite like this, clean up):

            --source include/have_innodb.inc
            		 
             
            		 
            CREATE TABLE t1 (col_datetime DATETIME INVISIBLE, vcol_varchar VARBINARY(715) AS (col_varchar) STORED, vcol_int INT AS (col_int) STORED, col_varchar VARBINARY(2608) NULL, col_int INT, col_char BINARY(92), vcol_char CHAR(238) AS (col_char) STORED, id SERIAL, PRIMARY KEY (col_int)) ENGINE=InnoDB;
            		 
            ALTER TABLE t1 ADD UNIQUE(col_datetime,vcol_varchar,col_varchar,vcol_char(64));
            		 
            INSERT INTO t1 (col_char,col_datetime,col_int,col_varchar,id) VALUES
            		 
            ('x','1968-11-18 02:48:34',9,'k',1),
            		 
            ('f','1900-01-01 00:00:00',2,'t',2);
            		 
            SELECT * INTO OUTFILE 'load_t1' FROM t1;
            		 
            --error ER_DATA_TOO_LONG
            		 
            LOAD DATA INFILE 'load_t1' REPLACE INTO TABLE t1;
            		 
            --connect (con1,localhost,root,,test)
            		 
            INSERT IGNORE INTO t1 () VALUES (),();

            Stack trace from the running (hanging) server (all threasds are attached as mdev24583-hang-threads.txt ):

            10.4 1d762ee8

            		 
            Thread 28 (Thread 0x7f54cee1d700 (LWP 955373)):
            		 
            #0  futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x563c97a86528) at ../sysdeps/nptl/futex-internal.h:183
            		 
            #1  __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x563c97a864d8, cond=0x563c97a86500) at pthread_cond_wait.c:508
            		 
            #2  __pthread_cond_wait (cond=0x563c97a86500, mutex=0x563c97a864d8) at pthread_cond_wait.c:638
            		 
            #3  0x0000563c94cb2b40 in os_event::wait (this=0x563c97a864c0) at /data/src/10.4/storage/innobase/os/os0event.cc:158
            		 
            #4  0x0000563c94cb2600 in os_event::wait_low (this=0x563c97a864c0, reset_sig_count=1) at /data/src/10.4/storage/innobase/os/os0event.cc:325
            		 
            #5  0x0000563c94cb290f in os_event_wait_low (event=0x563c97a864c0, reset_sig_count=1) at /data/src/10.4/storage/innobase/os/os0event.cc:502
            		 
            #6  0x0000563c94dda607 in sync_array_wait_event (arr=0x563c979398c0, cell=@0x7f54cee19650: 0x563c97939a30) at /data/src/10.4/storage/innobase/sync/sync0arr.cc:471
            		 
            #7  0x0000563c94dde492 in rw_lock_sx_lock_func (lock=0x7f54cf02c628, pass=0, file_name=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629) at /data/src/10.4/storage/innobase/sync/sync0rw.cc:833
            		 
            #8  0x0000563c94eaaf7b in pfs_rw_lock_sx_lock_func (lock=0x7f54cf02c628, pass=0, file_name=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629) at /data/src/10.4/storage/innobase/include/sync0rw.ic:674
            		 
            #9  0x0000563c94ebd6f9 in buf_page_mtr_lock (block=0x7f54cf02c570, rw_latch=4, mtr=0x7f54cee1ae40, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629) at /data/src/10.4/storage/innobase/buf/buf0buf.cc:4141
            		 
            #10 0x0000563c94ebfc5b in buf_page_get_low (page_id=..., zip_size=0, rw_latch=4, guess=0x7f54cf02c570, mode=10, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, mtr=0x7f54cee1ae40, err=0x7f54cee19ab0) at /data/src/10.4/storage/innobase/buf/buf0buf.cc:4821
            		 
            #11 0x0000563c94ebfea5 in buf_page_get_gen (page_id=..., zip_size=0, rw_latch=4, guess=0x7f54cf02c570, mode=10, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, mtr=0x7f54cee1ae40, err=0x7f54cee19ab0) at /data/src/10.4/storage/innobase/buf/buf0buf.cc:4869
            		 
            #12 0x0000563c94e6fee3 in btr_cur_search_to_nth_level_func (index=0x7f547c09ff30, level=0, tuple=0x7f547c046a90, mode=PAGE_CUR_LE, latch_mode=2, cursor=0x7f54cee1aae0, ahi_latch=0x0, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, mtr=0x7f54cee1ae40, autoinc=3) at /data/src/10.4/storage/innobase/btr/btr0cur.cc:1624
            		 
            #13 0x0000563c94d28778 in btr_pcur_open_low (index=0x7f547c09ff30, level=0, tuple=0x7f547c046a90, mode=PAGE_CUR_LE, latch_mode=2, cursor=0x7f54cee1aae0, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, autoinc=3, mtr=0x7f54cee1ae40) at /data/src/10.4/storage/innobase/include/btr0pcur.ic:441
            		 
            #14 0x0000563c94d30315 in row_ins_clust_index_entry_low (flags=0, mode=2, index=0x7f547c09ff30, n_uniq=1, entry=0x7f547c046a90, n_ext=0, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:2628
            		 
            #15 0x0000563c94d323f3 in row_ins_clust_index_entry (index=0x7f547c09ff30, entry=0x7f547c046a90, thr=0x7f547c0675f0, n_ext=0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3211
            		 
            #16 0x0000563c94d32923 in row_ins_index_entry (index=0x7f547c09ff30, entry=0x7f547c046a90, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3336
            		 
            #17 0x0000563c94d331f5 in row_ins_index_entry_step (node=0x7f547c1b0b88, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3505
            		 
            #18 0x0000563c94d33715 in row_ins (node=0x7f547c1b0b88, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3664
            		 
            #19 0x0000563c94d34035 in row_ins_step (thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3810
            		 
            #20 0x0000563c94d59cf6 in row_insert_for_mysql (mysql_rec=0x7f547c0c54d8 <incomplete sequence \373\200>, prebuilt=0x7f547c1b0280, ins_mode=ROW_INS_NORMAL) at /data/src/10.4/storage/innobase/row/row0mysql.cc:1419
            		 
            #21 0x0000563c94babb0a in ha_innobase::write_row (this=0x7f547c041678, record=0x7f547c0c54d8 <incomplete sequence \373\200>) at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:7997
            		 
            #22 0x0000563c9495ea60 in handler::ha_write_row (this=0x7f547c041678, buf=0x7f547c0c54d8 <incomplete sequence \373\200>) at /data/src/10.4/sql/handler.cc:6755
            		 
            #23 0x0000563c9459697b in write_record (thd=0x7f5480000d90, table=0x7f547c044200, info=0x7f54cee1bad0) at /data/src/10.4/sql/sql_insert.cc:2060
            		 
            #24 0x0000563c945937e5 in mysql_insert (thd=0x7f5480000d90, table_list=0x7f54800134b8, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=true) at /data/src/10.4/sql/sql_insert.cc:1078
            		 
            #25 0x0000563c945e272c in mysql_execute_command (thd=0x7f5480000d90) at /data/src/10.4/sql/sql_parse.cc:4598
            		 
            #26 0x0000563c945edfa1 in mysql_parse (thd=0x7f5480000d90, rawbuf=0x7f54800133c8 "INSERT IGNORE INTO t1 () VALUES (),()", length=37, parser_state=0x7f54cee1c550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7985
            		 
            #27 0x0000563c945da20d in dispatch_command (command=COM_QUERY, thd=0x7f5480000d90, packet=0x7f548000abe1 "INSERT IGNORE INTO t1 () VALUES (),()", packet_length=37, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855
            		 
            #28 0x0000563c945d8a75 in do_command (thd=0x7f5480000d90) at /data/src/10.4/sql/sql_parse.cc:1373
            		 
            #29 0x0000563c94768613 in do_handle_one_connection (connect=0x563c97cd3130) at /data/src/10.4/sql/sql_connect.cc:1412
            		 
            #30 0x0000563c9476835c in handle_one_connection (arg=0x563c97cd3130) at /data/src/10.4/sql/sql_connect.cc:1316
            		 
            #31 0x0000563c9518d0fc in pfs_spawn_thread (arg=0x563c97d10fb0) at /data/src/10.4/storage/perfschema/pfs.cc:1869
            		 
            #32 0x00007f54da55f609 in start_thread (arg=<optimized out>) at pthread_create.c:477
            		 
            #33 0x00007f54d9dca293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95


            2021-03-09 14:51:45 0 [Warning] InnoDB: A long semaphore wait:
            		 
            --Thread 140002224887552 has waited at row0ins.cc line 2629 for 241.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            2021-03-09 14:51:45 0 [Note] InnoDB: A semaphore wait:
            		 
            --Thread 140002224887552 has waited at row0ins.cc line 2629 for 241.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            2021-03-09 14:51:45 0 [Note] InnoDB: A semaphore wait:
            		 
            --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 240.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            InnoDB: ###### Starts InnoDB Monitor for 30 secs to print diagnostic info:
            		 
            InnoDB: Pending reads 0, writes 0
            		 
             
            		 
            =====================================
            		 
            2021-03-09 14:52:00 0x7f54c57fa700 INNODB MONITOR OUTPUT
            		 
            =====================================
            		 
            Per second averages calculated from the last 65 seconds
            		 
            -----------------
            		 
            BACKGROUND THREAD
            		 
            -----------------
            		 
            srv_master_thread loops: 1 srv_active, 0 srv_shutdown, 253 srv_idle
            		 
            srv_master_thread log flush and writes: 254
            		 
            ----------
            		 
            SEMAPHORES
            		 
            ----------
            		 
            -------------
            		 
            RW-LATCH INFO
            		 
            -------------
            		 
            RW-LOCK: 0x7f547c0a00a0 
            Locked: thread 140002224887552 file btr0cur.cc line 1527  S-LOCK
            		 
            RW-LOCK: 0x563c97a86420 
            Locked: thread 140002224887552 file row0ins.cc line 2629  S-LOCK
            		 
            Locked: thread 140002225194752 file buf0block_hint.cc line 72  S-LOCK
            		 
            RW-LOCK: 0x7f54cf02c628  (1 waiters)
            		 
            Locked: thread 140002225194752 file btr0pcur.cc line 253  X-LOCK
            		 
            Total number of rw-locks 1039
            		 
            OS WAIT ARRAY INFO: reservation count 56
            		 
            --Thread 140002224887552 has waited at row0ins.cc line 2629 for 256.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 255.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            OS WAIT ARRAY INFO: signal count 54
            		 
            RW-shared spins 78, rounds 1653, OS waits 30
            		 
            RW-excl spins 47, rounds 1151, OS waits 17
            		 
            RW-sx spins 2, rounds 0, OS waits 0
            		 
            Spin rounds per wait: 21.19 RW-shared, 24.49 RW-excl, 0.00 RW-sx
            		 
            ------------
            		 
            TRANSACTIONS
            		 
            ------------
            		 
            Trx id counter 53
            		 
            Purge done for trx's n:o < 51 undo n:o < 0 state: running but idle
            		 
            History list length 21
            		 
            Total number of lock structs in row lock hash table 0
            		 
            LIST OF TRANSACTIONS FOR EACH SESSION:
            		 
            ---TRANSACTION 52, ACTIVE 256 sec inserting
            		 
            mysql tables in use 1, locked 1
            		 
            1 lock struct(s), heap size 1152, 0 row lock(s)
            		 
            MySQL thread id 10, OS thread handle 140002224887552, query id 27 localhost root Update
            		 
            INSERT IGNORE INTO t1 () VALUES (),()
            		 
            ---TRANSACTION 421477288804640, not started
            		 
            0 lock struct(s), heap size 1152, 0 row lock(s)
            		 
            --------
            		 
            FILE I/O
            		 
            --------
            		 
            I/O thread 0 state: waiting for completed aio requests (insert buffer thread)
            		 
            I/O thread 1 state: waiting for completed aio requests (log thread)
            		 
            I/O thread 2 state: waiting for completed aio requests (read thread)
            		 
            I/O thread 3 state: waiting for completed aio requests (read thread)
            		 
            I/O thread 4 state: waiting for completed aio requests (write thread)
            		 
            I/O thread 5 state: waiting for completed aio requests (write thread)
            		 
            Pending normal aio reads: [0, 0] , aio writes: [0, 0] ,
            		 
             ibuf aio reads:, log i/o's:, sync i/o's:
            		 
            Pending flushes (fsync) log: 0; buffer pool: 0
            		 
            194 OS file reads, 162 OS file writes, 23 OS fsyncs
            		 
            0.00 reads/s, 0 avg bytes/read, 0.00 writes/s, 0.00 fsyncs/s
            		 
            -------------------------------------
            		 
            INSERT BUFFER AND ADAPTIVE HASH INDEX
            		 
            -------------------------------------
            		 
            Ibuf: size 1, free list len 0, seg size 2, 0 merges
            		 
            merged operations:
            		 
             insert 0, delete mark 0, delete 0
            		 
            discarded operations:
            		 
             insert 0, delete mark 0, delete 0
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            Hash table size 2267, node heap has 0 buffer(s)
            		 
            0.00 hash searches/s, 0.00 non-hash searches/s
            		 
            ---
            		 
            LOG
            		 
            ---
            		 
            Log sequence number 80104
            		 
            Log flushed up to   80104
            		 
            Pages flushed up to 73774
            		 
            Last checkpoint at  73774
            		 
            0 pending log flushes, 0 pending chkp writes
            		 
            19 log i/o's done, 0.00 log i/o's/second
            		 
            ----------------------
            		 
            BUFFER POOL AND MEMORY
            		 
            ----------------------
            		 
            Total large memory allocated 10485760
            		 
            Dictionary memory allocated 31200
            		 
            Buffer pool size   493
            		 
            Free buffers       171
            		 
            Database pages     322
            		 
            Old database pages 0
            		 
            Modified db pages  14
            		 
            Percent of dirty pages(LRU & free pages): 2.834
            		 
            Max dirty pages percent: 75.000
            		 
            Pending reads 0
            		 
            Pending writes: LRU 0, flush list 2, single page 0
            		 
            Pages made young 0, not young 0
            		 
            0.00 youngs/s, 0.00 non-youngs/s
            		 
            Pages read 179, created 143, written 146
            		 
            0.00 reads/s, 0.00 creates/s, 0.00 writes/s
            		 
            No buffer pool page gets since the last printout
            		 
            Pages read ahead 0.00/s, evicted without access 0.00/s, Random read ahead 0.00/s
            		 
            LRU len: 322, unzip_LRU len: 0
            		 
            I/O sum[0]:cur[0], unzip sum[0]:cur[0]
            		 
            --------------
            		 
            ROW OPERATIONS
            		 
            --------------
            		 
            0 queries inside InnoDB, 0 queries in queue
            		 
            0 read views open inside InnoDB
            		 
            Process ID=955341, Main thread ID=140002092635904, state: sleeping
            		 
            Number of rows inserted 2, updated 0, deleted 0, read 3
            		 
            0.00 inserts/s, 0.00 updates/s, 0.00 deletes/s, 0.00 reads/s
            		 
            Number of system rows inserted 0, updated 0, deleted 0, read 0
            		 
            0.00 inserts/s, 0.00 updates/s, 0.00 deletes/s, 0.00 reads/s
            		 
            ----------------------------
            		 
            END OF INNODB MONITOR OUTPUT
            		 
            ============================
            		 
            InnoDB: ###### Diagnostic info printed to the standard error stream
            		 
            2021-03-09 14:52:16 0 [Warning] InnoDB: A long semaphore wait:
            		 
            --Thread 140002224887552 has waited at row0ins.cc line 2629 for 272.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            2021-03-09 14:52:16 0 [Warning] InnoDB: A long semaphore wait:
            		 
            --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 271.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            2021-03-09 14:52:16 0 [Note] InnoDB: A semaphore wait:
            		 
            --Thread 140002224887552 has waited at row0ins.cc line 2629 for 272.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            2021-03-09 14:52:16 0 [Note] InnoDB: A semaphore wait:
            		 
            --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 271.00 seconds the semaphore:
            		 
            SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568
            		 
            a writer (thread id 140002225194752) has reserved it in mode  exclusive
            		 
            number of readers 0, waiters flag 1, lock_word: 0
            		 
            Last time write locked in file btr0pcur.cc line 253
            		 
            InnoDB: ###### Starts InnoDB Monitor for 30 secs to print diagnostic info:
            		 
            InnoDB: Pending reads 0, writes 0
            		 
            ...

            elenst Elena Stepanova added a comment - - edited Adding a hang and long semaphore wait abort to the endless list of effects. Dirty test case (don't add it to the regression suite like this, clean up): --source include/have_innodb.inc   CREATE TABLE t1 (col_datetime DATETIME INVISIBLE, vcol_varchar VARBINARY(715) AS (col_varchar) STORED, vcol_int INT AS (col_int) STORED, col_varchar VARBINARY(2608) NULL , col_int INT , col_char BINARY (92), vcol_char CHAR (238) AS (col_char) STORED, id SERIAL, PRIMARY KEY (col_int)) ENGINE=InnoDB; ALTER TABLE t1 ADD UNIQUE (col_datetime,vcol_varchar,col_varchar,vcol_char(64)); INSERT INTO t1 (col_char,col_datetime,col_int,col_varchar,id) VALUES ( 'x' , '1968-11-18 02:48:34' ,9, 'k' ,1), ( 'f' , '1900-01-01 00:00:00' ,2, 't' ,2); SELECT * INTO OUTFILE 'load_t1' FROM t1; --error ER_DATA_TOO_LONG LOAD DATA INFILE 'load_t1' REPLACE INTO TABLE t1; --connect (con1,localhost,root,,test) INSERT IGNORE INTO t1 () VALUES (),(); Stack trace from the running (hanging) server (all threasds are attached as mdev24583-hang-threads.txt ): 10.4 1d762ee8 Thread 28 (Thread 0x7f54cee1d700 (LWP 955373)): #0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x563c97a86528) at ../sysdeps/nptl/futex-internal.h:183 #1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x563c97a864d8, cond=0x563c97a86500) at pthread_cond_wait.c:508 #2 __pthread_cond_wait (cond=0x563c97a86500, mutex=0x563c97a864d8) at pthread_cond_wait.c:638 #3 0x0000563c94cb2b40 in os_event::wait (this=0x563c97a864c0) at /data/src/10.4/storage/innobase/os/os0event.cc:158 #4 0x0000563c94cb2600 in os_event::wait_low (this=0x563c97a864c0, reset_sig_count=1) at /data/src/10.4/storage/innobase/os/os0event.cc:325 #5 0x0000563c94cb290f in os_event_wait_low (event=0x563c97a864c0, reset_sig_count=1) at /data/src/10.4/storage/innobase/os/os0event.cc:502 #6 0x0000563c94dda607 in sync_array_wait_event (arr=0x563c979398c0, cell=@0x7f54cee19650: 0x563c97939a30) at /data/src/10.4/storage/innobase/sync/sync0arr.cc:471 #7 0x0000563c94dde492 in rw_lock_sx_lock_func (lock=0x7f54cf02c628, pass=0, file_name=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629) at /data/src/10.4/storage/innobase/sync/sync0rw.cc:833 #8 0x0000563c94eaaf7b in pfs_rw_lock_sx_lock_func (lock=0x7f54cf02c628, pass=0, file_name=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629) at /data/src/10.4/storage/innobase/include/sync0rw.ic:674 #9 0x0000563c94ebd6f9 in buf_page_mtr_lock (block=0x7f54cf02c570, rw_latch=4, mtr=0x7f54cee1ae40, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629) at /data/src/10.4/storage/innobase/buf/buf0buf.cc:4141 #10 0x0000563c94ebfc5b in buf_page_get_low (page_id=..., zip_size=0, rw_latch=4, guess=0x7f54cf02c570, mode=10, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, mtr=0x7f54cee1ae40, err=0x7f54cee19ab0) at /data/src/10.4/storage/innobase/buf/buf0buf.cc:4821 #11 0x0000563c94ebfea5 in buf_page_get_gen (page_id=..., zip_size=0, rw_latch=4, guess=0x7f54cf02c570, mode=10, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, mtr=0x7f54cee1ae40, err=0x7f54cee19ab0) at /data/src/10.4/storage/innobase/buf/buf0buf.cc:4869 #12 0x0000563c94e6fee3 in btr_cur_search_to_nth_level_func (index=0x7f547c09ff30, level=0, tuple=0x7f547c046a90, mode=PAGE_CUR_LE, latch_mode=2, cursor=0x7f54cee1aae0, ahi_latch=0x0, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, mtr=0x7f54cee1ae40, autoinc=3) at /data/src/10.4/storage/innobase/btr/btr0cur.cc:1624 #13 0x0000563c94d28778 in btr_pcur_open_low (index=0x7f547c09ff30, level=0, tuple=0x7f547c046a90, mode=PAGE_CUR_LE, latch_mode=2, cursor=0x7f54cee1aae0, file=0x563c95559250 "/data/src/10.4/storage/innobase/row/row0ins.cc", line=2629, autoinc=3, mtr=0x7f54cee1ae40) at /data/src/10.4/storage/innobase/include/btr0pcur.ic:441 #14 0x0000563c94d30315 in row_ins_clust_index_entry_low (flags=0, mode=2, index=0x7f547c09ff30, n_uniq=1, entry=0x7f547c046a90, n_ext=0, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:2628 #15 0x0000563c94d323f3 in row_ins_clust_index_entry (index=0x7f547c09ff30, entry=0x7f547c046a90, thr=0x7f547c0675f0, n_ext=0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3211 #16 0x0000563c94d32923 in row_ins_index_entry (index=0x7f547c09ff30, entry=0x7f547c046a90, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3336 #17 0x0000563c94d331f5 in row_ins_index_entry_step (node=0x7f547c1b0b88, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3505 #18 0x0000563c94d33715 in row_ins (node=0x7f547c1b0b88, thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3664 #19 0x0000563c94d34035 in row_ins_step (thr=0x7f547c0675f0) at /data/src/10.4/storage/innobase/row/row0ins.cc:3810 #20 0x0000563c94d59cf6 in row_insert_for_mysql (mysql_rec=0x7f547c0c54d8 <incomplete sequence \373\200>, prebuilt=0x7f547c1b0280, ins_mode=ROW_INS_NORMAL) at /data/src/10.4/storage/innobase/row/row0mysql.cc:1419 #21 0x0000563c94babb0a in ha_innobase::write_row (this=0x7f547c041678, record=0x7f547c0c54d8 <incomplete sequence \373\200>) at /data/src/10.4/storage/innobase/handler/ha_innodb.cc:7997 #22 0x0000563c9495ea60 in handler::ha_write_row (this=0x7f547c041678, buf=0x7f547c0c54d8 <incomplete sequence \373\200>) at /data/src/10.4/sql/handler.cc:6755 #23 0x0000563c9459697b in write_record (thd=0x7f5480000d90, table=0x7f547c044200, info=0x7f54cee1bad0) at /data/src/10.4/sql/sql_insert.cc:2060 #24 0x0000563c945937e5 in mysql_insert (thd=0x7f5480000d90, table_list=0x7f54800134b8, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=true) at /data/src/10.4/sql/sql_insert.cc:1078 #25 0x0000563c945e272c in mysql_execute_command (thd=0x7f5480000d90) at /data/src/10.4/sql/sql_parse.cc:4598 #26 0x0000563c945edfa1 in mysql_parse (thd=0x7f5480000d90, rawbuf=0x7f54800133c8 "INSERT IGNORE INTO t1 () VALUES (),()", length=37, parser_state=0x7f54cee1c550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7985 #27 0x0000563c945da20d in dispatch_command (command=COM_QUERY, thd=0x7f5480000d90, packet=0x7f548000abe1 "INSERT IGNORE INTO t1 () VALUES (),()", packet_length=37, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1855 #28 0x0000563c945d8a75 in do_command (thd=0x7f5480000d90) at /data/src/10.4/sql/sql_parse.cc:1373 #29 0x0000563c94768613 in do_handle_one_connection (connect=0x563c97cd3130) at /data/src/10.4/sql/sql_connect.cc:1412 #30 0x0000563c9476835c in handle_one_connection (arg=0x563c97cd3130) at /data/src/10.4/sql/sql_connect.cc:1316 #31 0x0000563c9518d0fc in pfs_spawn_thread (arg=0x563c97d10fb0) at /data/src/10.4/storage/perfschema/pfs.cc:1869 #32 0x00007f54da55f609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #33 0x00007f54d9dca293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 2021-03-09 14:51:45 0 [Warning] InnoDB: A long semaphore wait: --Thread 140002224887552 has waited at row0ins.cc line 2629 for 241.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 2021-03-09 14:51:45 0 [Note] InnoDB: A semaphore wait: --Thread 140002224887552 has waited at row0ins.cc line 2629 for 241.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 2021-03-09 14:51:45 0 [Note] InnoDB: A semaphore wait: --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 240.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 InnoDB: ###### Starts InnoDB Monitor for 30 secs to print diagnostic info: InnoDB: Pending reads 0, writes 0   ===================================== 2021-03-09 14:52:00 0x7f54c57fa700 INNODB MONITOR OUTPUT ===================================== Per second averages calculated from the last 65 seconds ----------------- BACKGROUND THREAD ----------------- srv_master_thread loops: 1 srv_active, 0 srv_shutdown, 253 srv_idle srv_master_thread log flush and writes: 254 ---------- SEMAPHORES ---------- ------------- RW-LATCH INFO ------------- RW-LOCK: 0x7f547c0a00a0 Locked: thread 140002224887552 file btr0cur.cc line 1527 S-LOCK RW-LOCK: 0x563c97a86420 Locked: thread 140002224887552 file row0ins.cc line 2629 S-LOCK Locked: thread 140002225194752 file buf0block_hint.cc line 72 S-LOCK RW-LOCK: 0x7f54cf02c628 (1 waiters) Locked: thread 140002225194752 file btr0pcur.cc line 253 X-LOCK Total number of rw-locks 1039 OS WAIT ARRAY INFO: reservation count 56 --Thread 140002224887552 has waited at row0ins.cc line 2629 for 256.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 255.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 OS WAIT ARRAY INFO: signal count 54 RW-shared spins 78, rounds 1653, OS waits 30 RW-excl spins 47, rounds 1151, OS waits 17 RW-sx spins 2, rounds 0, OS waits 0 Spin rounds per wait: 21.19 RW-shared, 24.49 RW-excl, 0.00 RW-sx ------------ TRANSACTIONS ------------ Trx id counter 53 Purge done for trx's n:o < 51 undo n:o < 0 state: running but idle History list length 21 Total number of lock structs in row lock hash table 0 LIST OF TRANSACTIONS FOR EACH SESSION: ---TRANSACTION 52, ACTIVE 256 sec inserting mysql tables in use 1, locked 1 1 lock struct(s), heap size 1152, 0 row lock(s) MySQL thread id 10, OS thread handle 140002224887552, query id 27 localhost root Update INSERT IGNORE INTO t1 () VALUES (),() ---TRANSACTION 421477288804640, not started 0 lock struct(s), heap size 1152, 0 row lock(s) -------- FILE I/O -------- I/O thread 0 state: waiting for completed aio requests (insert buffer thread) I/O thread 1 state: waiting for completed aio requests (log thread) I/O thread 2 state: waiting for completed aio requests (read thread) I/O thread 3 state: waiting for completed aio requests (read thread) I/O thread 4 state: waiting for completed aio requests (write thread) I/O thread 5 state: waiting for completed aio requests (write thread) Pending normal aio reads: [0, 0] , aio writes: [0, 0] , ibuf aio reads:, log i/o's:, sync i/o's: Pending flushes (fsync) log: 0; buffer pool: 0 194 OS file reads, 162 OS file writes, 23 OS fsyncs 0.00 reads/s, 0 avg bytes/read, 0.00 writes/s, 0.00 fsyncs/s ------------------------------------- INSERT BUFFER AND ADAPTIVE HASH INDEX ------------------------------------- Ibuf: size 1, free list len 0, seg size 2, 0 merges merged operations: insert 0, delete mark 0, delete 0 discarded operations: insert 0, delete mark 0, delete 0 Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) Hash table size 2267, node heap has 0 buffer(s) 0.00 hash searches/s, 0.00 non-hash searches/s --- LOG --- Log sequence number 80104 Log flushed up to 80104 Pages flushed up to 73774 Last checkpoint at 73774 0 pending log flushes, 0 pending chkp writes 19 log i/o's done, 0.00 log i/o's/second ---------------------- BUFFER POOL AND MEMORY ---------------------- Total large memory allocated 10485760 Dictionary memory allocated 31200 Buffer pool size 493 Free buffers 171 Database pages 322 Old database pages 0 Modified db pages 14 Percent of dirty pages(LRU & free pages): 2.834 Max dirty pages percent: 75.000 Pending reads 0 Pending writes: LRU 0, flush list 2, single page 0 Pages made young 0, not young 0 0.00 youngs/s, 0.00 non-youngs/s Pages read 179, created 143, written 146 0.00 reads/s, 0.00 creates/s, 0.00 writes/s No buffer pool page gets since the last printout Pages read ahead 0.00/s, evicted without access 0.00/s, Random read ahead 0.00/s LRU len: 322, unzip_LRU len: 0 I/O sum[0]:cur[0], unzip sum[0]:cur[0] -------------- ROW OPERATIONS -------------- 0 queries inside InnoDB, 0 queries in queue 0 read views open inside InnoDB Process ID=955341, Main thread ID=140002092635904, state: sleeping Number of rows inserted 2, updated 0, deleted 0, read 3 0.00 inserts/s, 0.00 updates/s, 0.00 deletes/s, 0.00 reads/s Number of system rows inserted 0, updated 0, deleted 0, read 0 0.00 inserts/s, 0.00 updates/s, 0.00 deletes/s, 0.00 reads/s ---------------------------- END OF INNODB MONITOR OUTPUT ============================ InnoDB: ###### Diagnostic info printed to the standard error stream 2021-03-09 14:52:16 0 [Warning] InnoDB: A long semaphore wait: --Thread 140002224887552 has waited at row0ins.cc line 2629 for 272.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 2021-03-09 14:52:16 0 [Warning] InnoDB: A long semaphore wait: --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 271.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 2021-03-09 14:52:16 0 [Note] InnoDB: A semaphore wait: --Thread 140002224887552 has waited at row0ins.cc line 2629 for 272.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 2021-03-09 14:52:16 0 [Note] InnoDB: A semaphore wait: --Thread 140002101028608 has waited at buf0flu.cc line 1186 for 271.00 seconds the semaphore: SX-lock on RW-latch at 0x7f54cf02c628 created in file buf0buf.cc line 1568 a writer (thread id 140002225194752) has reserved it in mode exclusive number of readers 0, waiters flag 1, lock_word: 0 Last time write locked in file btr0pcur.cc line 253 InnoDB: ###### Starts InnoDB Monitor for 30 secs to print diagnostic info: InnoDB: Pending reads 0, writes 0 ...
            nikitamalyavin Nikita Malyavin made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            nikitamalyavin Nikita Malyavin added a comment -

            elenst the latter looks more like MDEV-24786, or a separate bug. My fix doesn't eliminate it

            nikitamalyavin Nikita Malyavin added a comment - elenst the latter looks more like MDEV-24786 , or a separate bug. My fix doesn't eliminate it
            nikitamalyavin Nikita Malyavin made changes -
            Assignee Nikita Malyavin [ nikitamalyavin ] Oleksandr Byelkin [ sanja ]
            Status In Progress [ 3 ] In Review [ 10002 ]
            sanja Oleksandr Byelkin added a comment -

            OK to push

            sanja Oleksandr Byelkin added a comment - OK to push
            sanja Oleksandr Byelkin made changes -
            Assignee Oleksandr Byelkin [ sanja ] Nikita Malyavin [ nikitamalyavin ]
            Status In Review [ 10002 ] Stalled [ 10000 ]
            nikitamalyavin Nikita Malyavin made changes -
            nikitamalyavin Nikita Malyavin made changes -
            nikitamalyavin Nikita Malyavin made changes -
            nikitamalyavin Nikita Malyavin made changes -
            nikitamalyavin Nikita Malyavin made changes -
            nikitamalyavin Nikita Malyavin made changes -
            Fix Version/s 10.2.38 [ 25207 ]
            Fix Version/s 10.3.29 [ 25206 ]
            Fix Version/s 10.4.19 [ 25205 ]
            Fix Version/s 10.5.10 [ 25204 ]
            Fix Version/s 10.2 [ 14601 ]
            Fix Version/s 10.3 [ 22126 ]
            Fix Version/s 10.4 [ 22408 ]
            Fix Version/s 10.5 [ 23123 ]
            Resolution Fixed [ 1 ]
            Status Stalled [ 10000 ] Closed [ 6 ]
            elenst Elena Stepanova made changes -
            serg Sergei Golubchik made changes -
            Workflow MariaDB v3 [ 118096 ] MariaDB v4 [ 158771 ]

            People

              nikitamalyavin Nikita Malyavin
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.