Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.2, 10.3, 10.4, 10.5, 10.6
-
None
Description
Note: Despite the simplicity of the test case below, the ASAN failure /crash is non-deterministic. Run with --repeat=N. It fails for me on 10.2-10.4 within 10-20 attempts, but it can vary on different machines and builds. The corrupt output seems to be produced reliably at the moment, whenever the server doesn't crash, but I'm not sure whether it's always going to be so.
Test case for 10.2-10.4 |
--source include/have_innodb.inc
|
--source include/have_sequence.inc
|
|
SET @stats.save= @@innodb_stats_persistent; |
SET GLOBAL innodb_stats_persistent= ON; |
|
CREATE TABLE t1 (id INT PRIMARY KEY, a VARCHAR(3000), b VARCHAR(4000) AS (a) VIRTUAL) ENGINE=InnoDB CHARACTER SET utf8; |
INSERT INTO t1 (id) SELECT seq FROM seq_1_to_1322; |
ANALYZE TABLE t1; |
|
SELECT AES_ENCRYPT(b,'secret') AS f, GROUP_CONCAT(id) FROM t1 GROUP BY f; |
|
# Cleanup
|
DROP TABLE t1; |
SET GLOBAL innodb_stats_persistent= @stats.save; |
10.2 577c970c |
SELECT AES_ENCRYPT(b,'secret') AS f, GROUP_CONCAT(id) FROM t1 GROUP BY f;
|
f GROUP_CONCAT(id)
|
�<�B�,�q�
|
l��<�B�,�q�
|
l��<�B�,�q�
|
<...>
|
l�P�jp&uw���SB 256,512,768,1024,1280,1,257,513,769,1025,1281,2,258,514,770,1026,1282,3,259,515,771,1027,1283,4,260,516,772,1028,1284,5,261,517,773,1029,1285,6,262,518,774,1030,1286,7,263,519,775,1031,1287,8,264,520,776,1032,1288,9,265,521,777,1033,1289,10,266,522,778,1034,1290,11,267,523,779,1035,1291,12,268,524,780,1036,1292,13,269,525,781,1037,1293,14,270,526,782,1038,1294,15,271,527,783,1039,1295,16,272,528,784,1040,1296,17,273,529,785,1041,1297,18,274,530,786,1042,1298,19,275,531,787,1043,1299,20,276,532,788,1044,1300,21,277,533,789,1045,1301,22,278,534,790,1046,1302,23,279,535,791,1047,1303,24,280,536,792,1048,1304,25,281,537,793,1049,1305,26,282,538,794,1050,1306,27,283,539,795,1051,1307,28,284,540,796,1052,1308,29,285,541,797,1053,1309,30,286,542,798,1054,1310,31,287,543,799,1055,1311,32,288,544,800,1056,1312,33,289,545,801,1057,1313,34,290,546,802,1058,1314,35,291,547,803,1059,1315,36,292,548,804,1060,1316,37,293,549,805,1061,1317,38,294,550,806,1062,1318,39,295,551,807,1063,1319,40,296,552,808,1064,1320,41,297,553,809,1065,1321,42,298,554,810,1066,1322,43,299,555,811,1067,44,300,556,812,1068,45,301,557,813,1069,46,302,558,814,1070,47,303,559,815,1071,48,304,560,816,1072,49,305,561,817,1073,50,306,562,818,1074,51,307,563,819,1075,52,308,564,820,1076,53,309,565,821,1077,54,310,566,822,1078,55,311,567,823,1079,56,312,568,824,1080,57,313,569,825,1081,58,314,570,826,1082,59,315,571,827,1083,60,316,572,828,1084,61,317,573,829,1085,62,318,574,830,1086,63,319,575,831,1087,64,320,576,832,1088,65,321,577,833,1089,66,322,578,834,1090,67,323,579,835,1091,68,324,580,836,1092,69,325,581,837,1093,70,326,582,838,1094,71,327,583,839,1095,72,328,584,840,1096,73,329,585,841,1097,74,330,586,842,1098,75,331,587,843,1099,76,332,588,844,1100,77,333,589,845,1101,78,334,590,846,1102,79,335,591,847,1103,80,336,592,848,1104,81,337,593,849,1105,82,338,594,850,1106,83,339,595,851,1107,84,340,596,852,1108,85,341,597,853,1109,86,342,598,854,1110,87,343,599,855,1111,88,344,600,856,1112,89,345,601,857,1113,90,346,602,858,1114,91,347,603,859,1115,92,348,604,860,1116,93,349,605,861,1117,94,350,606,862,1118,95,351,607,863,1119,96,352,608,864,1120,97,353,609,865,1121,98,354,610,866,1122,99,355,611,867,1123,100,356,612,868,1124,101,357,613,869,1125,102,358,614,870,1126,103,359,615,871,1127,104,360,616,872,1128,105,361,617,873,1129,106,362,618,874,1130,107,363,619,875,1131,108,364,620,876,1132,109,365,621,877,1133,110,366,622,878,1134,111,367,623,879,1135,112,368,624,880,1136,113,369,625,881,1137,114,370,626,882,1138,115,371,627,883,1139,116,372,628,884,1140,117,373,629,885,1141,118,374,630,886,1142,119,375,631,887,1143,120,376,632,888,1144,121,377,633,889,1145,122,378,634,890,1146,123,379,635,891,1147,124,380,636,892,1148,125,381,637,893,1149,126,382,638,894,1150,127,383,639,895,1151,128,384,640,896,1152,129,385,641,897,1153,130,386,642,898,1154,131,387,643,899,1155,132,388,644,900,1156,133,389,645,901,1157,134,390,646,902,1158,135,391,647,903,1159,136,392,648,904,1160,137,393,649,905,1161,138,394,650,906,1162,139,395,651,907,1163,140,396,652,908,1164,141,397,653,909,1165,142,398,654,910,1166,143,399,655,911,1167,144,400,656,912,1168,145,401,657,913,1169,146,402,658,914,1170,147,403,659,915,1171,148,404,660,916,1172,149,405,661,917,1173,150,406,662,918,1174,151,407,663,919,1175,152,408,664,920,1176,153,409,665,921,1177,154,410,666,922,1178,155,411,667,923,1179,156,412,668,924,1180,157,413,669,925,1181,158,414,670,926,1182,159,415,671,927,1183,160,416,672,928,1184,161,417,673,929,1185,162,418,674,930,1186,163,419,675,931,1187,164,420,676,932,1188,165,421,677,933,1189,166,422,678,934,1190,167,423,679,935,1191,168,424,680,936,1192,169,425,681,937,1193,170,426,682,938,1194,171,427,683,939,1195,172,428,684,940,1196,173,429,685,941,1197,174,430,686,942,1198,175,431,687,943,1199,176,432,688,944,1200,177,433,689,945,1201,178,434,690,946,1202,179,435,691,947,1203,180,436,692,948,1204,181,437,693,949,1205,182,438,694,950,1206,183,439,695,951,1207,184,440,696,952,1208,185,441,697,953,1209,186,442,698,954,1210,187,443,699,955,1211,188,444,700,956,1212,189,445,701,957,1213,190,446,702,958,1214,191,447,703,959,1215,192,448,704,960,1216,193,449,705,961,1217,194,450,706,962,1218,195,451,707,963,1219,196,452,708,964,1220,197,453,709,965,1221,198,454,710,966,1222,199,455,711,967,1223,200,456,712,968,1224,201,457,713,969,1225,202,458,714,970,1226,203,459,715,971,1227,204,460,716,972,1228,205,461,717,973,1229,206,462,718,974,1230,207,463,719,975,1231,208,464,720,976,1232,209,465,721,977,1233,210,466,722,978,1234,211,467,723,979,1235,212,468,724,980,1236,213,469,725,981,1237,214,470,726,982,1238,215,471,727,983,1239,216,472,728,984,1240,217,473,729,985,1241,218,474,730,986,1242,219,475,731,987,1243,220,476,732,988,1244,221,477,733,989,1245,222,478,734,990,1246,223,479,735,991,1247,224,480,736,992,1248,225,481,737,993,1249,226,482,738,994,1250,227,483,739,995,1251,228,484,740,996,1252,229,485,741,997,1253,230,486,742,998,1254,231,487,743,999,1255,232,488,744,1000,1256,233,489,745,1001,1257,234,490,746,1002,1258,235,491,747,1003,1259,236,492,748,1004,1260,237,493,749,1005,1261,238,494,750,1006,1262,239,495,751,1007,1263,240,496,752,1008,1264,241,497,753,1009,1265,242,498,754,1010,1266,243,499,755,1011,1267,244,500,756,1012,1268,245,501,757,1013,1269,246,502,758,1014,1270,247,503,759,1015,1271,248,504,760,1016,1272,249,505,761,1017,1273,250,506,762,1018,1274,251,507,763,1019,1275,252,508,764,1020,1276,253,509,765,1021,1277,254,510,766,1022,1278,255,511,767,1023,1279
|
==1314977==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62e0000ccd61 at pc 0x7f3adaea0480 bp 0x7f3ac3e08330 sp 0x7f3ac3e07ad8
|
READ of size 5 at 0x62e0000ccd61 thread T27
|
#0 0x7f3adaea047f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
|
#1 0x7f3adab37482 (/lib/x86_64-linux-gnu/libcrypto.so.1.1+0x16c482)
|
#2 0x555fe8541f00 in MyCTX::update(unsigned char const*, unsigned int, unsigned char*, unsigned int*) /data/src/10.2/mysys_ssl/my_crypt.cc:67
|
#3 0x555fe8541614 in my_aes_crypt_update /data/src/10.2/mysys_ssl/my_crypt.cc:273
|
#4 0x555fe8541926 in my_aes_crypt /data/src/10.2/mysys_ssl/my_crypt.cc:292
|
#5 0x555fe7597e8b in Item_aes_crypt::val_str(String*) /data/src/10.2/sql/item_strfunc.cc:336
|
#6 0x555fe7490342 in Cached_item_str::cmp() /data/src/10.2/sql/item_buff.cc:84
|
#7 0x555fe6efab18 in test_if_group_changed(List<Cached_item>&) /data/src/10.2/sql/sql_select.cc:23311
|
#8 0x555fe6ee47c0 in end_send_group(JOIN*, st_join_table*, bool) /data/src/10.2/sql/sql_select.cc:20227
|
#9 0x555fe6edb352 in evaluate_join_record /data/src/10.2/sql/sql_select.cc:19079
|
#10 0x555fe6ed9cc4 in sub_select(JOIN*, st_join_table*, bool) /data/src/10.2/sql/sql_select.cc:18859
|
#11 0x555fe6ed7dad in do_select /data/src/10.2/sql/sql_select.cc:18403
|
#12 0x555fe6e71f40 in JOIN::exec_inner() /data/src/10.2/sql/sql_select.cc:3642
|
#13 0x555fe6e6fa57 in JOIN::exec() /data/src/10.2/sql/sql_select.cc:3437
|
#14 0x555fe6e7325f in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.2/sql/sql_select.cc:3837
|
#15 0x555fe6e4fd01 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.2/sql/sql_select.cc:361
|
#16 0x555fe6dc6bec in execute_sqlcom_select /data/src/10.2/sql/sql_parse.cc:6248
|
#17 0x555fe6db3b91 in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:3559
|
#18 0x555fe6dd0169 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7763
|
#19 0x555fe6da91ae in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
|
#20 0x555fe6da5f6d in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
|
#21 0x555fe712e098 in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
|
#22 0x555fe712d95b in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
|
#23 0x555fe84ca613 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
|
#24 0x7f3ada9ab608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#25 0x7f3ada585292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
|
Address 0x62e0000ccd61 is a wild pointer.
|
SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
|
Shadow bytes around the buggy address:
|
0x0c5c80011950: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c80011960: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c80011970: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c80011980: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c80011990: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
=>0x0c5c800119a0: fa fa fa fa fa fa fa fa fa fa fa fa[fa]fa fa fa
|
0x0c5c800119b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c800119c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c800119d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c800119e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c5c800119f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
Thread T27 created by T0 here:
|
#0 0x7f3adae3f805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
|
#1 0x555fe84caa04 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
|
#2 0x555fe6b4b083 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
|
#3 0x555fe6b62c54 in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6573
|
#4 0x555fe6b633ef in create_new_thread /data/src/10.2/sql/mysqld.cc:6643
|
#5 0x555fe6b64581 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6901
|
#6 0x555fe6b61fa5 in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6192
|
#7 0x555fe6b4993c in main /data/src/10.2/sql/main.cc:25
|
#8 0x7f3ada48a0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
|
|
==1314977==ABORTING
|
10.5 does not fail with the test case above; but the problem is present in 10.5-10.6 as well. It can be reproduced using the attached dirty test case. It does the same as the one above, only on a random bigger data set. It fails on all of 10.2-10.6.
10.5 e0ba68ba |
==1315507==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62800001cfba at pc 0x7fb43402e480 bp 0x7fb42462e390 sp 0x7fb42462db38
|
READ of size 14 at 0x62800001cfba thread T13
|
#0 0x7fb43402e47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
|
#1 0x7fb433d3a482 (/lib/x86_64-linux-gnu/libcrypto.so.1.1+0x16c482)
|
#2 0x561f0201036c in MyCTX::update(unsigned char const*, unsigned int, unsigned char*, unsigned int*) /data/src/10.5/mysys_ssl/my_crypt.cc:87
|
#3 0x561f0200f988 in my_aes_crypt_update /data/src/10.5/mysys_ssl/my_crypt.cc:296
|
#4 0x561f0200fc9a in my_aes_crypt /data/src/10.5/mysys_ssl/my_crypt.cc:315
|
#5 0x561f01928c0c in Item_aes_crypt::val_str(String*) /data/src/10.5/sql/item_strfunc.cc:352
|
#6 0x561f017ff8f9 in Cached_item_str::cmp() /data/src/10.5/sql/item_buff.cc:84
|
#7 0x561f010a95a9 in test_if_group_changed(List<Cached_item>&) /data/src/10.5/sql/sql_select.cc:25171
|
#8 0x561f01092ab4 in end_send_group(JOIN*, st_join_table*, bool) /data/src/10.5/sql/sql_select.cc:22079
|
#9 0x561f01088f86 in evaluate_join_record /data/src/10.5/sql/sql_select.cc:20910
|
#10 0x561f010878dc in sub_select(JOIN*, st_join_table*, bool) /data/src/10.5/sql/sql_select.cc:20687
|
#11 0x561f01085a03 in do_select /data/src/10.5/sql/sql_select.cc:20221
|
#12 0x561f010122ba in JOIN::exec_inner() /data/src/10.5/sql/sql_select.cc:4467
|
#13 0x561f0100f8a5 in JOIN::exec() /data/src/10.5/sql/sql_select.cc:4247
|
#14 0x561f01013c79 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.5/sql/sql_select.cc:4720
|
#15 0x561f00fe54b7 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.5/sql/sql_select.cc:417
|
#16 0x561f00f4ec25 in execute_sqlcom_select /data/src/10.5/sql/sql_parse.cc:6282
|
#17 0x561f00f3db20 in mysql_execute_command(THD*) /data/src/10.5/sql/sql_parse.cc:3978
|
#18 0x561f00f59f1f in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.5/sql/sql_parse.cc:8063
|
#19 0x561f00f30118 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.5/sql/sql_parse.cc:1889
|
#20 0x561f00f2ca41 in do_command(THD*) /data/src/10.5/sql/sql_parse.cc:1370
|
#21 0x561f0136f2dd in do_handle_one_connection(CONNECT*, bool) /data/src/10.5/sql/sql_connect.cc:1410
|
#22 0x561f0136ec41 in handle_one_connection /data/src/10.5/sql/sql_connect.cc:1312
|
#23 0x561f0207e59a in pfs_spawn_thread /data/src/10.5/storage/perfschema/pfs.cc:2201
|
#24 0x7fb433bb2608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#25 0x7fb433788292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
|
Address 0x62800001cfba is a wild pointer.
|
SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
|
Shadow bytes around the buggy address:
|
0x0c507fffb9a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffb9b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffb9c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffb9d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffb9e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
=>0x0c507fffb9f0: fa fa fa fa fa fa fa[fa]fa fa fa fa fa fa fa fa
|
0x0c507fffba00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffba10: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffba20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffba30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c507fffba40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
Thread T13 created by T0 here:
|
#0 0x7fb433fcd805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
|
#1 0x561f0207953e in my_thread_create /data/src/10.5/storage/perfschema/my_thread.h:38
|
#2 0x561f0207e98d in pfs_spawn_thread_v1 /data/src/10.5/storage/perfschema/pfs.cc:2252
|
#3 0x561f00c212d2 in inline_mysql_thread_create /data/src/10.5/include/mysql/psi/mysql_thread.h:1323
|
#4 0x561f00c370c2 in create_thread_to_handle_connection(CONNECT*) /data/src/10.5/sql/mysqld.cc:6012
|
#5 0x561f00c37741 in create_new_thread(CONNECT*) /data/src/10.5/sql/mysqld.cc:6071
|
#6 0x561f00c37a9e in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.5/sql/mysqld.cc:6136
|
#7 0x561f00c386bd in handle_connections_sockets() /data/src/10.5/sql/mysqld.cc:6263
|
#8 0x561f00c368cf in mysqld_main(int, char**) /data/src/10.5/sql/mysqld.cc:5658
|
#9 0x561f00c1fd9c in main /data/src/10.5/sql/main.cc:25
|
#10 0x7fb43368d0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
|
|
==1315507==ABORTING
|
210225 20:27:49 [ERROR] mysqld got signal 6 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
|
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
|
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
|
Server version: 10.5.10-MariaDB-debug-log
|
key_buffer_size=1048576
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=1
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63744 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
Thread pointer: 0x62b00009a288
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7fb424631950 thread_stack 0x5fc00
|
??:0(__interceptor_tcgetattr)[0x7fb433fffd30]
|
mysys/stacktrace.c:212(my_print_stacktrace)[0x561f02cfc6e3]
|
sql/signal_handler.cc:212(handle_fatal_signal)[0x561f017372f3]
|
sigaction.c:0(__restore_rt)[0x7fb433bbe3c0]
|
??:0(gsignal)[0x7fb4336ac18b]
|
??:0(abort)[0x7fb43368b859]
|
??:0(__sanitizer_set_report_fd)[0x7fb4340be6a2]
|
??:0(__sanitizer_get_module_and_offset_for_pc)[0x7fb4340c924c]
|
??:0(__sanitizer_ptr_cmp)[0x7fb4340aa8ec]
|
??:0(__asan_on_error)[0x7fb4340aa363]
|
??:0(__interceptor_getdelim)[0x7fb43402e49f]
|
??:0(EVP_CIPHER_CTX_free)[0x7fb433d3a483]
|
mysys_ssl/my_crypt.cc:87(MyCTX::update(unsigned char const*, unsigned int, unsigned char*, unsigned int*))[0x561f0201036d]
|
mysys_ssl/my_crypt.cc:297(my_aes_crypt_update)[0x561f0200f989]
|
mysys_ssl/my_crypt.cc:315(my_aes_crypt)[0x561f0200fc9b]
|
sql/item_strfunc.cc:352(Item_aes_crypt::val_str(String*))[0x561f01928c0d]
|
sql/item_buff.cc:84(Cached_item_str::cmp())[0x561f017ff8fa]
|
sql/sql_select.cc:25171(test_if_group_changed(List<Cached_item>&))[0x561f010a95aa]
|
sql/sql_select.cc:22079(end_send_group(JOIN*, st_join_table*, bool))[0x561f01092ab5]
|
sql/sql_select.cc:20910(evaluate_join_record(JOIN*, st_join_table*, int))[0x561f01088f87]
|
sql/sql_select.cc:20687(sub_select(JOIN*, st_join_table*, bool))[0x561f010878dd]
|
sql/sql_select.cc:20221(do_select(JOIN*, Procedure*))[0x561f01085a04]
|
sql/sql_select.cc:4467(JOIN::exec_inner())[0x561f010122bb]
|
sql/sql_select.cc:4248(JOIN::exec())[0x561f0100f8a6]
|
sql/sql_select.cc:4722(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x561f01013c7a]
|
sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x561f00fe54b8]
|
sql/sql_parse.cc:6282(execute_sqlcom_select(THD*, TABLE_LIST*))[0x561f00f4ec26]
|
sql/sql_parse.cc:3978(mysql_execute_command(THD*))[0x561f00f3db21]
|
sql/sql_parse.cc:8063(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x561f00f59f20]
|
sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x561f00f30119]
|
sql/sql_parse.cc:1370(do_command(THD*))[0x561f00f2ca42]
|
sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x561f0136f2de]
|
sql/sql_connect.cc:1314(handle_one_connection)[0x561f0136ec42]
|
perfschema/pfs.cc:2203(pfs_spawn_thread)[0x561f0207e59b]
|
nptl/pthread_create.c:478(start_thread)[0x7fb433bb2609]
|
??:0(clone)[0x7fb433788293]
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x62b0000a12a8): SELECT AES_ENCRYPT( vcol_varchar, 't' ) AS f, GROUP_CONCAT( id ) AS field1 FROM t5 GROUP BY f
|
|
Connection ID (thread ID): 4
|
Status: NOT_KILLED
|
|
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on,not_null_range_scan=off
|
|
The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains
|
information that should help you find out what is causing the crash.
|
Writing a core file...
|
Working directory at /dev/shm/var_auto_ctmT/mysqld.1/data
|
Resource Limits:
|
Limit Soft Limit Hard Limit Units
|
Max cpu time unlimited unlimited seconds
|
Max file size unlimited unlimited bytes
|
Max data size unlimited unlimited bytes
|
Max stack size 8388608 unlimited bytes
|
Max core file size 0 0 bytes
|
Max resident set unlimited unlimited bytes
|
Max processes 385874 385874 processes
|
Max open files 1024 1024 files
|
Max locked memory 67108864 67108864 bytes
|
Max address space unlimited unlimited bytes
|
Max file locks unlimited unlimited locks
|
Max pending signals 385874 385874 signals
|
Max msgqueue size 819200 819200 bytes
|
Max nice priority 0 0
|
Max realtime priority 0 0
|
Max realtime timeout unlimited unlimited us
|
Core pattern: |/usr/share/apport/apport %p %s %c %d %P %E
|