Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL), 11.3(EOL), 11.4, 11.5(EOL)
Description
CREATE TABLE t1 (id INT AUTO_INCREMENT PRIMARY KEY, a CHAR(200), b CHAR(200) AS (a) VIRTUAL, KEY(id,b)) ENGINE=MyISAM; |
INSERT INTO t1 (a) VALUES ('foo'),('bar'); |
ALTER TABLE t1 DROP PRIMARY KEY; |
OPTIMIZE TABLE t1; # Also fails with CHECK TABLE t1 |
DROP TABLE t1; |
|
10.2 676987c4 ASAN |
==1194116==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61300006b81c at pc 0x7f3e13c52f2d bp 0x7f3e089cfa10 sp 0x7f3e089cf1b8
|
WRITE of size 197 at 0x61300006b81c thread T5
|
#0 0x7f3e13c52f2c (/lib/x86_64-linux-gnu/libasan.so.5+0x67f2c)
|
#1 0x564ea2aaf4cd in my_fill_8bit /data/src/10.2/strings/ctype-simple.c:1117
|
#2 0x564ea27ea1f5 in _mi_put_key_in_record /data/src/10.2/storage/myisam/mi_key.c:386
|
#3 0x564ea27eaec1 in _mi_read_key_record /data/src/10.2/storage/myisam/mi_key.c:481
|
#4 0x564ea279109c in chk_key /data/src/10.2/storage/myisam/mi_check.c:506
|
#5 0x564ea277e464 in ha_myisam::repair(THD*, st_handler_check_param&, bool) /data/src/10.2/storage/myisam/ha_myisam.cc:1311
|
#6 0x564ea277ce10 in ha_myisam::optimize(THD*, st_ha_check_opt*) /data/src/10.2/storage/myisam/ha_myisam.cc:1179
|
#7 0x564ea1869af5 in handler::ha_optimize(THD*, st_ha_check_opt*) /data/src/10.2/sql/handler.cc:4270
|
#8 0x564ea15bacaf in mysql_admin_table /data/src/10.2/sql/sql_admin.cc:788
|
#9 0x564ea15c063a in Sql_cmd_optimize_table::execute(THD*) /data/src/10.2/sql/sql_admin.cc:1372
|
#10 0x564ea122398e in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:6021
|
#11 0x564ea122f217 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7790
|
#12 0x564ea120830e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
|
#13 0x564ea12050cd in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
|
#14 0x564ea158d294 in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
|
#15 0x564ea158cb57 in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
|
#16 0x564ea292b2ef in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
|
#17 0x7f3e1372d608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#18 0x7f3e13309292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
|
|
0x61300006b81c is located 0 bytes to the right of 348-byte region [0x61300006b6c0,0x61300006b81c)
|
allocated by thread T5 here:
|
#0 0x7f3e13cf8bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
|
#1 0x564ea2a47e26 in sf_malloc /data/src/10.2/mysys/safemalloc.c:118
|
#2 0x564ea2a13daf in my_malloc /data/src/10.2/mysys/my_malloc.c:101
|
#3 0x564ea2a14288 in my_realloc /data/src/10.2/mysys/my_malloc.c:156
|
#4 0x564ea2800234 in mi_alloc_rec_buff /data/src/10.2/storage/myisam/mi_open.c:762
|
#5 0x564ea27ff486 in mi_open /data/src/10.2/storage/myisam/mi_open.c:670
|
#6 0x564ea2778362 in ha_myisam::open(char const*, int, unsigned int) /data/src/10.2/storage/myisam/ha_myisam.cc:780
|
#7 0x564ea185c6e0 in handler::ha_open(TABLE*, char const*, int, unsigned int) /data/src/10.2/sql/handler.cc:2592
|
#8 0x564ea14d6300 in open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) /data/src/10.2/sql/table.cc:3422
|
#9 0x564ea10e9e5d in open_table(THD*, TABLE_LIST*, Open_table_context*) /data/src/10.2/sql/sql_base.cc:1934
|
#10 0x564ea10f1de2 in open_and_process_table /data/src/10.2/sql/sql_base.cc:3614
|
#11 0x564ea10f41bc in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4081
|
#12 0x564ea10f7d42 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /data/src/10.2/sql/sql_base.cc:4880
|
#13 0x564ea106ef11 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /data/src/10.2/sql/sql_base.h:507
|
#14 0x564ea15b7e84 in open_only_one_table /data/src/10.2/sql/sql_admin.cc:392
|
#15 0x564ea15b8bd3 in mysql_admin_table /data/src/10.2/sql/sql_admin.cc:515
|
#16 0x564ea15c063a in Sql_cmd_optimize_table::execute(THD*) /data/src/10.2/sql/sql_admin.cc:1372
|
#17 0x564ea122398e in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:6021
|
#18 0x564ea122f217 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:7790
|
#19 0x564ea120830e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1827
|
#20 0x564ea12050cd in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1381
|
#21 0x564ea158d294 in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1336
|
#22 0x564ea158cb57 in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
|
#23 0x564ea292b2ef in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1869
|
#24 0x7f3e1372d608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
|
|
Thread T5 created by T0 here:
|
#0 0x7f3e13c25805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
|
#1 0x564ea292b6e0 in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1919
|
#2 0x564ea0faa1e3 in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1246
|
#3 0x564ea0fc1db4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6573
|
#4 0x564ea0fc254f in create_new_thread /data/src/10.2/sql/mysqld.cc:6643
|
#5 0x564ea0fc36e1 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6901
|
#6 0x564ea0fc1105 in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6192
|
#7 0x564ea0fa8a9c in main /data/src/10.2/sql/main.cc:25
|
#8 0x7f3e1320e0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
|
|
|
SUMMARY: AddressSanitizer: heap-buffer-overflow (/lib/x86_64-linux-gnu/libasan.so.5+0x67f2c)
|
Shadow bytes around the buggy address:
|
0x0c26800056b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c26800056c0: 00 00 00 00 00 00 00 00 04 fa fa fa fa fa fa fa
|
0x0c26800056d0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c26800056e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c26800056f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
=>0x0c2680005700: 00 00 00[04]fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c2680005710: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c2680005720: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c2680005730: 00 00 00 00 00 00 00 00 04 fa fa fa fa fa fa fa
|
0x0c2680005740: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c2680005750: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
==1194116==ABORTING
|
210305 0:05:16 [ERROR] mysqld got signal 6 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
|
|
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
|
|
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
|
|
Server version: 10.2.38-MariaDB-debug-log
|
key_buffer_size=1048576
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=1
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63104 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
|
Thread pointer: 0x62a000060270
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7f3e089d3d90 thread_stack 0x5b000
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x6cd30)[0x7f3e13c57d30]
|
mysys/stacktrace.c:172(my_print_stacktrace)[0x564ea2a257dd]
|
sql/signal_handler.cc:209(handle_fatal_signal)[0x564ea184a8a7]
|
sigaction.c:0(__restore_rt)[0x7f3e137393c0]
|
/lib/x86_64-linux-gnu/libc.so.6(gsignal+0xcb)[0x7f3e1322d18b]
|
/lib/x86_64-linux-gnu/libc.so.6(abort+0x12b)[0x7f3e1320c859]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x12b6a2)[0x7f3e13d166a2]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x13624c)[0x7f3e13d2124c]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x1178ec)[0x7f3e13d028ec]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x117363)[0x7f3e13d02363]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x67f4f)[0x7f3e13c52f4f]
|
strings/ctype-simple.c:1118(my_fill_8bit)[0x564ea2aaf4ce]
|
myisam/mi_key.c:386(_mi_put_key_in_record)[0x564ea27ea1f6]
|
myisam/mi_key.c:481(_mi_read_key_record)[0x564ea27eaec2]
|
myisam/mi_check.c:507(chk_key)[0x564ea279109d]
|
myisam/ha_myisam.cc:1311(ha_myisam::repair(THD*, st_handler_check_param&, bool))[0x564ea277e465]
|
myisam/ha_myisam.cc:1179(ha_myisam::optimize(THD*, st_ha_check_opt*))[0x564ea277ce11]
|
sql/handler.cc:4271(handler::ha_optimize(THD*, st_ha_check_opt*))[0x564ea1869af6]
|
sql/sql_admin.cc:788(mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)))[0x564ea15bacb0]
|
sql/sql_admin.cc:1372(Sql_cmd_optimize_table::execute(THD*))[0x564ea15c063b]
|
sql/sql_parse.cc:6021(mysql_execute_command(THD*))[0x564ea122398f]
|
sql/sql_parse.cc:7790(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x564ea122f218]
|
sql/sql_parse.cc:1830(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x564ea120830f]
|
sql/sql_parse.cc:1381(do_command(THD*))[0x564ea12050ce]
|
sql/sql_connect.cc:1336(do_handle_one_connection(CONNECT*))[0x564ea158d295]
|
sql/sql_connect.cc:1242(handle_one_connection)[0x564ea158cb58]
|
perfschema/pfs.cc:1871(pfs_spawn_thread)[0x564ea292b2f0]
|
nptl/pthread_create.c:478(start_thread)[0x7f3e1372d609]
|
/lib/x86_64-linux-gnu/libc.so.6(clone+0x43)[0x7f3e13309293]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x62b000000290): OPTIMIZE TABLE t1
|
|
|
Connection ID (thread ID): 4
|
Status: NOT_KILLED
|
|
10.2 676987c4 debug |
Error: Freeing overrun buffer mysys/safemalloc.c:194, mysys/my_malloc.c:220, myisam/mi_close.c:63, myisam/ha_myisam.cc:907, sql/handler.cc:2657, sql/table.cc:3525, sql/table_cache.cc:223, sql/table_cache.cc:261
|
Allocated at mysys/my_malloc.c:156, myisam/mi_open.c:762, myisam/mi_open.c:670, myisam/ha_myisam.cc:780, sql/handler.cc:2592, sql/table.cc:3422, sql/sql_base.cc:1934, sql/sql_base.cc:3614
|
|
10.2 676987c4 non-debug |
#3 <signal handler called>
|
#4 0x0000564f25b93c74 in lf_alloc_new (pins=pins@entry=0x564f273d3980) at /data/src/10.2/mysys/lf_alloc-pin.c:516
|
#5 0x0000564f25b94956 in lf_hash_insert (hash=hash@entry=0x564f26b0a180 <filename_hash>, pins=0x564f273d3980, data=data@entry=0x7f19537ac558) at /data/src/10.2/mysys/lf_hash.c:403
|
#6 0x0000564f25adc16e in find_or_create_file (thread=thread@entry=0x7f195b993280, klass=klass@entry=0x564f272d9f40, filename=filename@entry=0x7f193c17a680 "./mysql/table_stats.MYD", len=<optimized out>, create=create@entry=true) at /data/src/10.2/storage/perfschema/pfs_instr.cc:1362
|
#7 0x0000564f25b01c93 in end_file_open_wait_and_bind_to_descriptor_v1 (locker=0x7f19537acc20, file=57) at /data/src/10.2/storage/perfschema/pfs.cc:4007
|
#8 0x0000564f25aae096 in inline_mysql_file_open (src_file=0x564f25d174c0 "/data/src/10.2/storage/myisam/mi_open.c", myFlags=<optimized out>, flags=524290, filename=0x7f193c17a680 "./mysql/table_stats.MYD", src_line=1272, key=<optimized out>) at /data/src/10.2/include/mysql/psi/mysql_file.h:1055
|
#9 mi_open_datafile (info=info@entry=0x7f19537ad7d0, share=<optimized out>) at /data/src/10.2/storage/myisam/mi_open.c:1272
|
#10 0x0000564f25ab000a in mi_open (name=<optimized out>, mode=<optimized out>, open_flags=open_flags@entry=82) at /data/src/10.2/storage/myisam/mi_open.c:514
|
#11 0x0000564f25a8c73a in ha_myisam::open (this=0x7f193c09b250, name=<optimized out>, mode=<optimized out>, test_if_locked=18) at /data/src/10.2/storage/myisam/ha_myisam.cc:780
|
#12 0x0000564f25630b27 in handler::ha_open (this=0x7f193c09b250, table_arg=table_arg@entry=0x7f193c1784f8, name=0x7f193c079760 "./mysql/table_stats", mode=mode@entry=2, test_if_locked=test_if_locked@entry=18) at /data/src/10.2/sql/handler.cc:2592
|
#13 0x0000564f255395de in open_table_from_share (thd=thd@entry=0x7f193c000c48, share=share@entry=0x7f193c079340, alias=<optimized out>, db_stat=db_stat@entry=33, prgflag=prgflag@entry=8, ha_open_flags=18, outparam=<optimized out>, is_create_table=<optimized out>) at /data/src/10.2/sql/table.cc:3422
|
#14 0x0000564f254322fc in open_table (thd=0x7f193c000c48, table_list=0x7f19537aefa0, ot_ctx=0x7f19537aecc0) at /data/src/10.2/sql/sql_base.cc:1934
|
#15 0x0000564f25435d52 in open_and_process_table (ot_ctx=0x7f19537aecc0, has_prelocking_list=false, prelocking_strategy=0x7f19537aedb8, flags=2050, counter=0x7f19537aed5c, tables=0x7f19537aefa0, thd=0x7f193c000c48) at /data/src/10.2/sql/sql_base.cc:3614
|
#16 open_tables (thd=thd@entry=0x7f193c000c48, options=..., start=start@entry=0x7f19537aed48, counter=counter@entry=0x7f19537aed5c, flags=flags@entry=2050, prelocking_strategy=prelocking_strategy@entry=0x7f19537aedb8) at /data/src/10.2/sql/sql_base.cc:4081
|
#17 0x0000564f25436277 in open_and_lock_tables (thd=thd@entry=0x7f193c000c48, options=..., tables=<optimized out>, tables@entry=0x7f19537aefa0, derived=derived@entry=false, flags=flags@entry=2050, prelocking_strategy=prelocking_strategy@entry=0x7f19537aedb8) at /data/src/10.2/sql/sql_base.cc:4880
|
#18 0x0000564f2543aaf2 in open_and_lock_tables (flags=2050, derived=false, tables=0x7f19537aefa0, thd=0x7f193c000c48) at /data/src/10.2/sql/sql_base.h:507
|
#19 open_system_tables_for_read (thd=thd@entry=0x7f193c000c48, table_list=table_list@entry=0x7f19537aefa0, backup=backup@entry=0x7f19537aef40) at /data/src/10.2/sql/sql_base.cc:8611
|
#20 0x0000564f254f79f4 in open_stat_tables (thd=thd@entry=0x7f193c000c48, tables=tables@entry=0x7f19537aefa0, backup=backup@entry=0x7f19537aef40, for_write=for_write@entry=true) at /data/src/10.2/sql/sql_statistics.cc:271
|
#21 0x0000564f254fa0cb in delete_statistics_for_table (thd=thd@entry=0x7f193c000c48, db=db@entry=0x7f19537b0ec0, tab=tab@entry=0x7f19537b0ed0) at /data/src/10.2/sql/sql_statistics.cc:3221
|
#22 0x0000564f25507921 in mysql_rm_table (thd=thd@entry=0x7f193c000c48, tables=tables@entry=0x7f193c00f410, if_exists=<optimized out>, drop_temporary=<optimized out>) at /data/src/10.2/sql/sql_table.cc:2032
|
#23 0x0000564f2547e631 in mysql_execute_command (thd=<optimized out>) at /data/src/10.2/sql/structs.h:530
|
#24 0x0000564f2548393b in mysql_parse (thd=thd@entry=0x7f193c000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f19537b25b0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7790
|
#25 0x0000564f25486b4d in dispatch_command (command=COM_QUERY, thd=0x7f193c000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1096
|
#26 0x0000564f25487d97 in do_command (thd=0x7f193c000c48) at /data/src/10.2/sql/sql_parse.cc:1381
|
#27 0x0000564f25560e36 in do_handle_one_connection (connect=connect@entry=0x564f274c32f8) at /data/src/10.2/sql/sql_connect.cc:1336
|
#28 0x0000564f25560faf in handle_one_connection (arg=arg@entry=0x564f274c32f8) at /data/src/10.2/sql/sql_connect.cc:1241
|
#29 0x0000564f25afc176 in pfs_spawn_thread (arg=0x564f274d41a8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
|
#30 0x00007f195dbae609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#31 0x00007f195d7a3293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
10.2 676987c4 valgrind |
==1189762== Thread 6:
|
==1189762== Invalid write of size 8
|
==1189762== at 0x484296F: memset (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x116ECAD: my_fill_8bit (ctype-simple.c:1117)
|
==1189762== by 0x10475FF: _mi_put_key_in_record (mi_key.c:386)
|
==1189762== by 0x10479A0: _mi_read_key_record (mi_key.c:481)
|
==1189762== by 0x10259D8: chk_key (mi_check.c:506)
|
==1189762== by 0x101EB1B: ha_myisam::repair(THD*, st_handler_check_param&, bool) (ha_myisam.cc:1311)
|
==1189762== by 0x101E229: ha_myisam::optimize(THD*, st_ha_check_opt*) (ha_myisam.cc:1179)
|
==1189762== by 0x99791E: handler::ha_optimize(THD*, st_ha_check_opt*) (handler.cc:4270)
|
==1189762== by 0x86A515: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:788)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== by 0x6F68E6: do_command(THD*) (sql_parse.cc:1381)
|
==1189762== by 0x856DD1: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
|
==1189762== by 0x856B36: handle_one_connection (sql_connect.cc:1241)
|
==1189762== Address 0xbe073d0 is 0 bytes after a block of size 240 alloc'd
|
==1189762== at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112EE8E: my_malloc (my_malloc.c:101)
|
==1189762== by 0x112F1D7: my_realloc (my_malloc.c:156)
|
==1189762== by 0x104ECF7: mi_alloc_rec_buff (mi_open.c:762)
|
==1189762== by 0x104E804: mi_open (mi_open.c:670)
|
==1189762== by 0x101C938: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:780)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== Invalid write of size 8
|
==1189762== at 0x4842964: memset (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x116ECAD: my_fill_8bit (ctype-simple.c:1117)
|
==1189762== by 0x10475FF: _mi_put_key_in_record (mi_key.c:386)
|
==1189762== by 0x10479A0: _mi_read_key_record (mi_key.c:481)
|
==1189762== by 0x10259D8: chk_key (mi_check.c:506)
|
==1189762== by 0x101EB1B: ha_myisam::repair(THD*, st_handler_check_param&, bool) (ha_myisam.cc:1311)
|
==1189762== by 0x101E229: ha_myisam::optimize(THD*, st_ha_check_opt*) (ha_myisam.cc:1179)
|
==1189762== by 0x99791E: handler::ha_optimize(THD*, st_ha_check_opt*) (handler.cc:4270)
|
==1189762== by 0x86A515: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:788)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== by 0x6F68E6: do_command(THD*) (sql_parse.cc:1381)
|
==1189762== by 0x856DD1: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
|
==1189762== by 0x856B36: handle_one_connection (sql_connect.cc:1241)
|
==1189762== Address 0xbe073d8 is 8 bytes after a block of size 240 alloc'd
|
==1189762== at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112EE8E: my_malloc (my_malloc.c:101)
|
==1189762== by 0x112F1D7: my_realloc (my_malloc.c:156)
|
==1189762== by 0x104ECF7: mi_alloc_rec_buff (mi_open.c:762)
|
==1189762== by 0x104E804: mi_open (mi_open.c:670)
|
==1189762== by 0x101C938: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:780)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== Invalid write of size 8
|
==1189762== at 0x4842967: memset (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x116ECAD: my_fill_8bit (ctype-simple.c:1117)
|
==1189762== by 0x10475FF: _mi_put_key_in_record (mi_key.c:386)
|
==1189762== by 0x10479A0: _mi_read_key_record (mi_key.c:481)
|
==1189762== by 0x10259D8: chk_key (mi_check.c:506)
|
==1189762== by 0x101EB1B: ha_myisam::repair(THD*, st_handler_check_param&, bool) (ha_myisam.cc:1311)
|
==1189762== by 0x101E229: ha_myisam::optimize(THD*, st_ha_check_opt*) (ha_myisam.cc:1179)
|
==1189762== by 0x99791E: handler::ha_optimize(THD*, st_ha_check_opt*) (handler.cc:4270)
|
==1189762== by 0x86A515: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:788)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== by 0x6F68E6: do_command(THD*) (sql_parse.cc:1381)
|
==1189762== by 0x856DD1: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
|
==1189762== by 0x856B36: handle_one_connection (sql_connect.cc:1241)
|
==1189762== Address 0xbe073e0 is 16 bytes after a block of size 240 alloc'd
|
==1189762== at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112EE8E: my_malloc (my_malloc.c:101)
|
==1189762== by 0x112F1D7: my_realloc (my_malloc.c:156)
|
==1189762== by 0x104ECF7: mi_alloc_rec_buff (mi_open.c:762)
|
==1189762== by 0x104E804: mi_open (mi_open.c:670)
|
==1189762== by 0x101C938: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:780)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== Invalid write of size 8
|
==1189762== at 0x484296B: memset (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x116ECAD: my_fill_8bit (ctype-simple.c:1117)
|
==1189762== by 0x10475FF: _mi_put_key_in_record (mi_key.c:386)
|
==1189762== by 0x10479A0: _mi_read_key_record (mi_key.c:481)
|
==1189762== by 0x10259D8: chk_key (mi_check.c:506)
|
==1189762== by 0x101EB1B: ha_myisam::repair(THD*, st_handler_check_param&, bool) (ha_myisam.cc:1311)
|
==1189762== by 0x101E229: ha_myisam::optimize(THD*, st_ha_check_opt*) (ha_myisam.cc:1179)
|
==1189762== by 0x99791E: handler::ha_optimize(THD*, st_ha_check_opt*) (handler.cc:4270)
|
==1189762== by 0x86A515: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:788)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== by 0x6F68E6: do_command(THD*) (sql_parse.cc:1381)
|
==1189762== by 0x856DD1: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
|
==1189762== by 0x856B36: handle_one_connection (sql_connect.cc:1241)
|
==1189762== Address 0xbe073e8 is 24 bytes after a block of size 240 in arena "client"
|
==1189762== Invalid write of size 1
|
==1189762== at 0x48429D0: memset (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x116ECAD: my_fill_8bit (ctype-simple.c:1117)
|
==1189762== by 0x10475FF: _mi_put_key_in_record (mi_key.c:386)
|
==1189762== by 0x10479A0: _mi_read_key_record (mi_key.c:481)
|
==1189762== by 0x10259D8: chk_key (mi_check.c:506)
|
==1189762== by 0x101EB1B: ha_myisam::repair(THD*, st_handler_check_param&, bool) (ha_myisam.cc:1311)
|
==1189762== by 0x101E229: ha_myisam::optimize(THD*, st_ha_check_opt*) (ha_myisam.cc:1179)
|
==1189762== by 0x99791E: handler::ha_optimize(THD*, st_ha_check_opt*) (handler.cc:4270)
|
==1189762== by 0x86A515: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:788)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== by 0x6F68E6: do_command(THD*) (sql_parse.cc:1381)
|
==1189762== by 0x856DD1: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
|
==1189762== by 0x856B36: handle_one_connection (sql_connect.cc:1241)
|
==1189762== Address 0xbe07478 is 104 bytes inside a block of size 600 free'd
|
==1189762== at 0x483CA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112F48D: my_free (my_malloc.c:218)
|
==1189762== by 0x101D111: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:897)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== Block was alloc'd at
|
==1189762== at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112EE8E: my_malloc (my_malloc.c:101)
|
==1189762== by 0x111E8B8: my_multi_malloc (mulalloc.c:51)
|
==1189762== by 0x101A613: table2myisam(TABLE*, st_mi_keydef**, st_columndef**, unsigned int*) (ha_myisam.cc:233)
|
==1189762== by 0x101CA2D: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:790)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== Invalid write of size 1
|
==1189762== at 0x48429DA: memset (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x116ECAD: my_fill_8bit (ctype-simple.c:1117)
|
==1189762== by 0x10475FF: _mi_put_key_in_record (mi_key.c:386)
|
==1189762== by 0x10479A0: _mi_read_key_record (mi_key.c:481)
|
==1189762== by 0x10259D8: chk_key (mi_check.c:506)
|
==1189762== by 0x101EB1B: ha_myisam::repair(THD*, st_handler_check_param&, bool) (ha_myisam.cc:1311)
|
==1189762== by 0x101E229: ha_myisam::optimize(THD*, st_ha_check_opt*) (ha_myisam.cc:1179)
|
==1189762== by 0x99791E: handler::ha_optimize(THD*, st_ha_check_opt*) (handler.cc:4270)
|
==1189762== by 0x86A515: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:788)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== by 0x6F68E6: do_command(THD*) (sql_parse.cc:1381)
|
==1189762== by 0x856DD1: do_handle_one_connection(CONNECT*) (sql_connect.cc:1336)
|
==1189762== by 0x856B36: handle_one_connection (sql_connect.cc:1241)
|
==1189762== Address 0xbe0747a is 106 bytes inside a block of size 600 free'd
|
==1189762== at 0x483CA3F: free (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112F48D: my_free (my_malloc.c:218)
|
==1189762== by 0x101D111: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:897)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
==1189762== by 0x709BAE: mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) (sql_parse.cc:7790)
|
==1189762== by 0x6F7DEB: dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) (sql_parse.cc:1827)
|
==1189762== Block was alloc'd at
|
==1189762== at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
|
==1189762== by 0x112EE8E: my_malloc (my_malloc.c:101)
|
==1189762== by 0x111E8B8: my_multi_malloc (mulalloc.c:51)
|
==1189762== by 0x101A613: table2myisam(TABLE*, st_mi_keydef**, st_columndef**, unsigned int*) (ha_myisam.cc:233)
|
==1189762== by 0x101CA2D: ha_myisam::open(char const*, int, unsigned int) (ha_myisam.cc:790)
|
==1189762== by 0x992D5B: handler::ha_open(TABLE*, char const*, int, unsigned int) (handler.cc:2592)
|
==1189762== by 0x80C690: open_table_from_share(THD*, TABLE_SHARE*, char const*, unsigned int, unsigned int, unsigned int, TABLE*, bool) (table.cc:3422)
|
==1189762== by 0x68702D: open_table(THD*, TABLE_LIST*, Open_table_context*) (sql_base.cc:1934)
|
==1189762== by 0x68A0FD: open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) (sql_base.cc:3614)
|
==1189762== by 0x68B006: open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) (sql_base.cc:4081)
|
==1189762== by 0x68C65B: open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) (sql_base.cc:4880)
|
==1189762== by 0x6513E2: open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) (sql_base.h:507)
|
==1189762== by 0x86908B: open_only_one_table(THD*, TABLE_LIST*, bool, bool) (sql_admin.cc:392)
|
==1189762== by 0x86966C: mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*)) (sql_admin.cc:515)
|
==1189762== by 0x86CA45: Sql_cmd_optimize_table::execute(THD*) (sql_admin.cc:1372)
|
==1189762== by 0x704D5C: mysql_execute_command(THD*) (sql_parse.cc:6021)
|
^ Found warnings in /data/bld/10.2-valgrind-nightly/mysql-test/var/log/mysqld.1.err
|
|
11.3 67a0224a3e0073c4e083a6f7e24380251bcb2361 |
corrupted size vs. prev_size
|
231212 21:25:38 [ERROR] mysqld got signal 6 ;
|
and a variety of other problems.
Reproducible on all kinds of builds as described above, on 10.2-10.6 with slight variations in the stack traces.
Sometimes it also hangs.
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
Raising the priority in hope to get it fixed.
It's a nasty issue which affects release builds. The usual argument that real users don't encounter it, or they would have complained, doesn't apply here, as it isn't recognizable on non-ASAN builds. If it ends with a crash, MariaDB crash reporting doesn't handle well such errors, so there will be no stack trace or crashing query in the error log; and in addition to crashes, it can also lead to all kinds of confusing functional problems which are impossible to connect to this issue. For example, the last one I spent quite some time on was this:
|
10.5 |
MariaDB [(none)]> SELECT c.TABLE_SCHEMA, c.TABLE_NAME, c.COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS c WHERE c.TABLE_NAME = 't8_Aria' AND c.TABLE_SCHEMA IN ('advanced_db') ; |
+--------------+------------+----------------+ |
| TABLE_SCHEMA | TABLE_NAME | COLUMN_NAME |
|
+--------------+------------+----------------+ |
| advanced_db | t8_Aria | id |
|
| advanced_db | t8_Aria | |
|
| advanced_db | t8_Aria | col_varchar |
|
| advanced_db | t8_Aria | vcol_char |
|
| advanced_db | t8_Aria | vcol_varchar |
|
| advanced_db | t8_Aria | vcol_year |
|
| advanced_db | t8_Aria | vcol_timestamp |
|
| advanced_db | t8_Aria | col_datetime |
|
| advanced_db | t8_Aria | vcol_int |
|
| advanced_db | t8_Aria | col_char |
|
| advanced_db | t8_Aria | col_int |
|
| advanced_db | t8_Aria | col_year |
|
+--------------+------------+----------------+ |
12 rows in set (0.001 sec) |
Note the empty column name in I_S output. It is an unrelated table, not even a MyISAM table, but this would start happening after CHECK or OPTIMIZE on an unfortunate MyISAM table similar to one in the description. I've seen many other weird effects.
Same testcase on 11.5, CLI:
|
11.5.0 e4afa610539ae01164485554e2de839bea9de816 (Debug) |
SIGSEGV|my_hash_iterate|safe_mutex_free_deadlock_data|safe_mutex_destroy|inline_mysql_mutex_destroy
|
|
11.5.0 e4afa610539ae01164485554e2de839bea9de816 (Optimized) |
SIGSEGV|l_find|l_search|lf_hash_search_using_hash_value|MDL_map::find_or_insert
|
Agreed this is a high prio bug.
The 11.5 ASAN stack shows memset / my_fill_8bit before the rest of the _mi_put_key_in_record etc. stack, and also shows some different offsets:
|
11.5.0 e4afa610539ae01164485554e2de839bea9de816 (Debug, UBASAN) |
==3122097==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x61100001ab80 at pc 0x55bd0137caf2 bp 0x14db216e8710 sp 0x14db216e7eb8
|
WRITE of size 197 at 0x61100001ab80 thread T12
|
#0 0x55bd0137caf1 in memset (/test/UBASAN_MD240524-mariadb-11.5.0-linux-x86_64-dbg/bin/mariadbd+0x74a6af1) (BuildId: 23e873fe3647d42f288d0fe359d4ccb36545a8c5)
|
#1 0x55bd053c8315 in my_fill_8bit /test/11.5_dbg_san/strings/ctype-simple.c:1178
|
#2 0x55bd051c9476 in my_ci_fill /test/11.5_dbg_san/include/m_ctype.h:1254
|
#3 0x55bd051c9476 in _mi_put_key_in_record /test/11.5_dbg_san/storage/myisam/mi_key.c:389
|
#4 0x55bd051ce019 in _mi_read_key_record /test/11.5_dbg_san/storage/myisam/mi_key.c:483
|
#5 0x55bd051987bb in chk_key /test/11.5_dbg_san/storage/myisam/mi_check.c:506
|
#6 0x55bd05163f10 in ha_myisam::repair(THD*, st_handler_check_param&, bool) /test/11.5_dbg_san/storage/myisam/ha_myisam.cc:1407
|
#7 0x55bd05167faa in ha_myisam::optimize(THD*, st_ha_check_opt*) /test/11.5_dbg_san/storage/myisam/ha_myisam.cc:1275
|
#8 0x55bd0319e90c in handler::ha_optimize(THD*, st_ha_check_opt*) /test/11.5_dbg_san/sql/handler.cc:5367
|
#9 0x55bd025e5825 in mysql_admin_table /test/11.5_dbg_san/sql/sql_admin.cc:917
|
#10 0x55bd025f4685 in Sql_cmd_optimize_table::execute(THD*) /test/11.5_dbg_san/sql/sql_admin.cc:1617
|
#11 0x55bd01c805f9 in mysql_execute_command(THD*, bool) /test/11.5_dbg_san/sql/sql_parse.cc:5802
|
#12 0x55bd01c86aac in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.5_dbg_san/sql/sql_parse.cc:7815
|
#13 0x55bd01c94ba2 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.5_dbg_san/sql/sql_parse.cc:1892
|
#14 0x55bd01ca14cd in do_command(THD*, bool) /test/11.5_dbg_san/sql/sql_parse.cc:1405
|
#15 0x55bd0256de49 in do_handle_one_connection(CONNECT*, bool) /test/11.5_dbg_san/sql/sql_connect.cc:1445
|
#16 0x55bd0256f471 in handle_one_connection /test/11.5_dbg_san/sql/sql_connect.cc:1347
|
#17 0x14db5da97ad9 in start_thread nptl/pthread_create.c:444
|
#18 0x14db5db2847b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
|
0x61100001ab80 is located 0 bytes after 256-byte region [0x61100001aa80,0x61100001ab80)
|
allocated by thread T12 here:
|
#0 0x55bd0140017f in malloc (/test/UBASAN_MD240524-mariadb-11.5.0-linux-x86_64-dbg/bin/mariadbd+0x752a17f) (BuildId: 23e873fe3647d42f288d0fe359d4ccb36545a8c5)
|
#1 0x55bd052fae7e in my_malloc /test/11.5_dbg_san/mysys/my_malloc.c:93
|
#2 0x55bd052fb559 in my_realloc /test/11.5_dbg_san/mysys/my_malloc.c:149
|
#3 0x55bd051d7da0 in mi_alloc_rec_buff /test/11.5_dbg_san/storage/myisam/mi_open.c:763
|
#4 0x55bd051ea4ed in mi_open /test/11.5_dbg_san/storage/myisam/mi_open.c:671
|
#5 0x55bd0515c87e in ha_myisam::open(char const*, int, unsigned int) /test/11.5_dbg_san/storage/myisam/ha_myisam.cc:856
|
#6 0x55bd0317a957 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /test/11.5_dbg_san/sql/handler.cc:3513
|
#7 0x55bd02419135 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /test/11.5_dbg_san/sql/table.cc:4582
|
#8 0x55bd0187b5d4 in open_table(THD*, TABLE_LIST*, Open_table_context*) /test/11.5_dbg_san/sql/sql_base.cc:2232
|
#9 0x55bd018b47a0 in open_and_process_table /test/11.5_dbg_san/sql/sql_base.cc:4165
|
#10 0x55bd018b47a0 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /test/11.5_dbg_san/sql/sql_base.cc:4651
|
#11 0x55bd018ba1ae in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /test/11.5_dbg_san/sql/sql_base.cc:5625
|
#12 0x55bd025dc527 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /test/11.5_dbg_san/sql/sql_base.h:530
|
#13 0x55bd025dc527 in open_only_one_table /test/11.5_dbg_san/sql/sql_admin.cc:424
|
#14 0x55bd025e1dd8 in mysql_admin_table /test/11.5_dbg_san/sql/sql_admin.cc:637
|
#15 0x55bd025f4685 in Sql_cmd_optimize_table::execute(THD*) /test/11.5_dbg_san/sql/sql_admin.cc:1617
|
#16 0x55bd01c805f9 in mysql_execute_command(THD*, bool) /test/11.5_dbg_san/sql/sql_parse.cc:5802
|
#17 0x55bd01c86aac in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.5_dbg_san/sql/sql_parse.cc:7815
|
#18 0x55bd01c94ba2 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.5_dbg_san/sql/sql_parse.cc:1892
|
#19 0x55bd01ca14cd in do_command(THD*, bool) /test/11.5_dbg_san/sql/sql_parse.cc:1405
|
#20 0x55bd0256de49 in do_handle_one_connection(CONNECT*, bool) /test/11.5_dbg_san/sql/sql_connect.cc:1445
|
#21 0x55bd0256f471 in handle_one_connection /test/11.5_dbg_san/sql/sql_connect.cc:1347
|
#22 0x14db5da97ad9 in start_thread nptl/pthread_create.c:444
|
|
|
Thread T12 created by T0 here:
|
#0 0x55bd0136a355 in __interceptor_pthread_create (/test/UBASAN_MD240524-mariadb-11.5.0-linux-x86_64-dbg/bin/mariadbd+0x7494355) (BuildId: 23e873fe3647d42f288d0fe359d4ccb36545a8c5)
|
#1 0x55bd01466572 in create_thread_to_handle_connection(CONNECT*) /test/11.5_dbg_san/sql/mysqld.cc:6079
|
#2 0x55bd01477607 in create_new_thread(CONNECT*) /test/11.5_dbg_san/sql/mysqld.cc:6141
|
#3 0x55bd01477e13 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /test/11.5_dbg_san/sql/mysqld.cc:6203
|
#4 0x55bd01479102 in handle_connections_sockets() /test/11.5_dbg_san/sql/mysqld.cc:6316
|
#5 0x55bd0147dc0b in mysqld_main(int, char**) /test/11.5_dbg_san/sql/mysqld.cc:5974
|
#6 0x55bd01454b3c in main /test/11.5_dbg_san/sql/main.cc:34
|
#7 0x14db5da280cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
|
|
|
SUMMARY: AddressSanitizer: heap-buffer-overflow (/test/UBASAN_MD240524-mariadb-11.5.0-linux-x86_64-dbg/bin/mariadbd+0x74a6af1) (BuildId: 23e873fe3647d42f288d0fe359d4ccb36545a8c5) in memset
|
Shadow bytes around the buggy address:
|
0x61100001a900: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
|
0x61100001a980: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x61100001aa00: fd fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x61100001aa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x61100001ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
=>0x61100001ab80:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x61100001ac00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x61100001ac80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x61100001ad00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x61100001ad80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x61100001ae00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
==3122097==ABORTING
|
One small note that it might make sense to initialize only a newly added part of the realloc'ed buffer. Otherwise it's ok to push.
nikitamalyavin The buffer may be realloced at different location. Impairing code readability without any win (this is initialization stage, non-critical performance area) makes no sense to me.
==9685==ERROR: AddressSanitizer: heap-use-after-free on address 0x6140000de24e at pc 0x556d71ab410f bp 0x7f3f00e1c500 sp 0x7f3f00e1c4f8WRITE of size 1 at 0x6140000de24e thread T24#0 0x556d71ab410e in _mi_put_key_in_record /10.9/storage/myisam/mi_key.c:452#1 0x556d71ab4478 in _mi_read_key_record /10.9/storage/myisam/mi_key.c:483#2 0x556d71a5c4bd in chk_key /10.9/storage/myisam/mi_check.c:506#3 0x556d71a47079 in ha_myisam::analyze(THD*, st_ha_check_opt*) /10.9/storage/myisam/ha_myisam.cc:1131#4 0x556d707b4b7d in handler::ha_analyze(THD*, st_ha_check_opt*) /10.9/sql/handler.cc:5098#5 0x556d703ad2f1 in mysql_admin_table /10.9/sql/sql_admin.cc:874#6 0x556d703b239c in Sql_cmd_analyze_table::execute(THD*) /10.9/sql/sql_admin.cc:1461#7 0x556d6feffb19 in mysql_execute_command(THD*, bool) /10.9/sql/sql_parse.cc:5990#8 0x556d6ff0cd7a in mysql_parse(THD*, char*, unsigned int, Parser_state*) /10.9/sql/sql_parse.cc:8030#9 0x556d6fee4022 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /10.9/sql/sql_parse.cc:1992#10 0x556d6fee02fc in do_command(THD*, bool) /10.9/sql/sql_parse.cc:1403#11 0x556d70373721 in do_handle_one_connection(CONNECT*, bool) /10.9/sql/sql_connect.cc:1418#12 0x556d70372fa6 in handle_one_connection /10.9/sql/sql_connect.cc:1312#13 0x556d70ff5488 in pfs_spawn_thread /10.9/storage/perfschema/pfs.cc:2201#14 0x7f3f2a543fa2 in start_thread /build/glibc-fWwxX8/glibc-2.28/nptl/pthread_create.c:486#15 0x7f3f2a14cefe in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf8efe)0x6140000de24e is located 14 bytes inside of 396-byte region [0x6140000de240,0x6140000de3cc)freed by thread T23 here:#0 0x7f3f2aa56fb0 in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.5+0xe8fb0)#1 0x556d71c0f315 in free_memory /10.9/mysys/safemalloc.c:297#2 0x556d71c0e7c4 in sf_free /10.9/mysys/safemalloc.c:203#3 0x556d71bdd957 in my_free /10.9/mysys/my_malloc.c:211#4 0x556d71a8a663 in mi_create /10.9/storage/myisam/mi_create.c:838#5 0x556d71a51980 in ha_myisam::create(char const*, TABLE*, HA_CREATE_INFO*) /10.9/storage/myisam/ha_myisam.cc:2283#6 0x556d707b728f in handler::ha_create(char const*, TABLE*, HA_CREATE_INFO*) /10.9/sql/handler.cc:5425#7 0x556d707bb8af in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*, bool) /10.9/sql/handler.cc:5890#8 0x556d701aeb4b in create_table_impl(THD*, st_ddl_log_state*, st_ddl_log_state*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /10.9/sql/sql_table.cc:4611#9 0x556d701af5b2 in mysql_create_table_no_lock(THD*, st_ddl_log_state*, st_ddl_log_state*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /10.9/sql/sql_table.cc:4710#10 0x556d701b02a5 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /10.9/sql/sql_table.cc:4822#11 0x556d701e7360 in Sql_cmd_create_table_like::execute(THD*) /10.9/sql/sql_table.cc:12323#12 0x556d6feffb19 in mysql_execute_command(THD*, bool) /10.9/sql/sql_parse.cc:5990#13 0x556d6ff0cd7a in mysql_parse(THD*, char*, unsigned int, Parser_state*) /10.9/sql/sql_parse.cc:8030#14 0x556d6fee3607 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /10.9/sql/sql_parse.cc:1895#15 0x556d6fee02fc in do_command(THD*, bool) /10.9/sql/sql_parse.cc:1403#16 0x556d70373721 in do_handle_one_connection(CONNECT*, bool) /10.9/sql/sql_connect.cc:1418#17 0x556d70372fa6 in handle_one_connection /10.9/sql/sql_connect.cc:1312#18 0x556d70ff5488 in pfs_spawn_thread /10.9/storage/perfschema/pfs.cc:2201#19 0x7f3f2a543fa2 in start_thread /build/glibc-fWwxX8/glibc-2.28/nptl/pthread_create.c:486previously allocated by thread T23 here:#0 0x7f3f2aa57330 in __interceptor_malloc (/lib/x86_64-linux-gnu/libasan.so.5+0xe9330)#1 0x556d71c0e1aa in sf_malloc /10.9/mysys/safemalloc.c:126#2 0x556d71bdcba9 in my_malloc /10.9/mysys/my_malloc.c:90#3 0x556d71a85653 in mi_create /10.9/storage/myisam/mi_create.c:97#4 0x556d71a51980 in ha_myisam::create(char const*, TABLE*, HA_CREATE_INFO*) /10.9/storage/myisam/ha_myisam.cc:2283#5 0x556d707b728f in handler::ha_create(char const*, TABLE*, HA_CREATE_INFO*) /10.9/sql/handler.cc:5425#6 0x556d707bb8af in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*, bool) /10.9/sql/handler.cc:5890#7 0x556d701aeb4b in create_table_impl(THD*, st_ddl_log_state*, st_ddl_log_state*, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /10.9/sql/sql_table.cc:4611#8 0x556d701af5b2 in mysql_create_table_no_lock(THD*, st_ddl_log_state*, st_ddl_log_state*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /10.9/sql/sql_table.cc:4710#9 0x556d701b02a5 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /10.9/sql/sql_table.cc:4822#10 0x556d701e7360 in Sql_cmd_create_table_like::execute(THD*) /10.9/sql/sql_table.cc:12323#11 0x556d6feffb19 in mysql_execute_command(THD*, bool) /10.9/sql/sql_parse.cc:5990#12 0x556d6ff0cd7a in mysql_parse(THD*, char*, unsigned int, Parser_state*) /10.9/sql/sql_parse.cc:8030#13 0x556d6fee3607 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /10.9/sql/sql_parse.cc:1895#14 0x556d6fee02fc in do_command(THD*, bool) /10.9/sql/sql_parse.cc:1403#15 0x556d70373721 in do_handle_one_connection(CONNECT*, bool) /10.9/sql/sql_connect.cc:1418#16 0x556d70372fa6 in handle_one_connection /10.9/sql/sql_connect.cc:1312#17 0x556d70ff5488 in pfs_spawn_thread /10.9/storage/perfschema/pfs.cc:2201#18 0x7f3f2a543fa2 in start_thread /build/glibc-fWwxX8/glibc-2.28/nptl/pthread_create.c:486Thread T24 created by T0 here:#0 0x7f3f2a9bedb0 in __interceptor_pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x50db0)#1 0x556d70ff0fa8 in my_thread_create /10.9/storage/perfschema/my_thread.h:52#2 0x556d70ff5877 in pfs_spawn_thread_v1 /10.9/storage/perfschema/pfs.cc:2252#3 0x556d6fb3c546 in inline_mysql_thread_create /10.9/include/mysql/psi/mysql_thread.h:1139#4 0x556d6fb539d4 in create_thread_to_handle_connection(CONNECT*) /10.9/sql/mysqld.cc:5975#5 0x556d6fb5403f in create_new_thread(CONNECT*) /10.9/sql/mysqld.cc:6034#6 0x556d6fb543b1 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /10.9/sql/mysqld.cc:6096#7 0x556d6fb54db0 in handle_connections_sockets() /10.9/sql/mysqld.cc:6220#8 0x556d6fb5323b in mysqld_main(int, char**) /10.9/sql/mysqld.cc:5870#9 0x556d6fb3b794 in main /10.9/sql/main.cc:34#10 0x7f3f2a07809a in __libc_start_main ../csu/libc-start.c:308Thread T23 created by T0 here:#0 0x7f3f2a9bedb0 in __interceptor_pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x50db0)#1 0x556d70ff0fa8 in my_thread_create /10.9/storage/perfschema/my_thread.h:52#2 0x556d70ff5877 in pfs_spawn_thread_v1 /10.9/storage/perfschema/pfs.cc:2252#3 0x556d6fb3c546 in inline_mysql_thread_create /10.9/include/mysql/psi/mysql_thread.h:1139#4 0x556d6fb539d4 in create_thread_to_handle_connection(CONNECT*) /10.9/sql/mysqld.cc:5975#5 0x556d6fb5403f in create_new_thread(CONNECT*) /10.9/sql/mysqld.cc:6034#6 0x556d6fb543b1 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /10.9/sql/mysqld.cc:6096#7 0x556d6fb54db0 in handle_connections_sockets() /10.9/sql/mysqld.cc:6220#8 0x556d6fb5323b in mysqld_main(int, char**) /10.9/sql/mysqld.cc:5870#9 0x556d6fb3b794 in main /10.9/sql/main.cc:34#10 0x7f3f2a07809a in __libc_start_main ../csu/libc-start.c:308SUMMARY: AddressSanitizer: heap-use-after-free /10.9/storage/myisam/mi_key.c:452 in _mi_put_key_in_recordShadow bytes around the buggy address:0x0c2880013bf0: 00 00 00 00 00 00 00 00 00 04 fa fa fa fa fa fa0x0c2880013c00: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd0x0c2880013c10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd0x0c2880013c20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd0x0c2880013c30: fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa=>0x0c2880013c40: fa fa fa fa fa fa fa fa fd[fd]fd fd fd fd fd fd0x0c2880013c50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd0x0c2880013c60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd0x0c2880013c70: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa0x0c2880013c80: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 000x0c2880013c90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00Shadow byte legend (one shadow byte represents 8 application bytes):Addressable: 00Partially addressable: 01 02 03 04 05 06 07Heap left redzone: faFreed heap region: fdStack left redzone: f1Stack mid redzone: f2Stack right redzone: f3Stack after return: f5Stack use after scope: f8Global redzone: f9Global init order: f6Poisoned by user: f7Container overflow: fcArray cookie: acIntra object redzone: bbASan internal: feLeft alloca redzone: caRight alloca redzone: cb==9685==ABORTING