Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Duplicate
-
10.6.0, 10.6.1, 10.6.2, 10.6.3
-
None
-
Linux 5.4.0-39-generic #43-Ubuntu SMP Fri Jun 19 10:28:31 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Description
build MariaDB server with asan
Steps to reproduce:
CREATE TABLE v0 ( v1 BIGINT ) ;
|
ALTER TABLE v0 ADD CONSTRAINT v0 CHECK ( v1 IN ( 'x' , 'x' , 'x' ) ) ; |
backtrace report:
Program terminated with signal SIGABRT, Aborted.
|
#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=0x6)
|
at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
[Current thread is 1 (Thread 0x7ff5e2d03300 (LWP 1913678))]
|
gdb-peda$ #0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=0x6)
|
at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
#1 0x000055ba276da98f in my_write_core (sig=sig@entry=0x6)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/mysys/stacktrace.c:424
|
#2 0x000055ba26147583 in handle_fatal_signal (sig=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/signal_handler.cc:344
|
#3 <signal handler called>
|
#4 __GI_raise (sig=sig@entry=0x6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#5 0x00007ff60188c859 in __GI_abort () at abort.c:79
|
#6 0x00007ff60235e6a2 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#7 0x00007ff60236924c in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#8 0x00007ff60234a8ec in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#9 0x00007ff60234a363 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#10 0x00007ff60234b74e in __asan_report_store8 ()
|
from /lib/x86_64-linux-gnu/libasan.so.5
|
#11 0x000055ba256b43fc in base_ilist::append (a=0x61d000beb540,
|
this=0x62b00007e2d8)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_list.h:750
|
#12 I_List<Item_change_record>::append (a=0x61d000beb540, this=0x62b00007e2d8)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_list.h:825
|
#13 Item_change_list::nocheck_register_item_tree_change (this=0x62b00007e2d8,
|
place=0x6190004202b0, old_value=0x619000420800,
|
runtime_memroot=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_class.cc:2917
|
#14 0x000055ba25a1e5e9 in THD::change_item_tree (this=0x62b00007e218,
|
place=0x6190004202b0, new_value=0x61d000beb4b8)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_class.h:4368
|
#15 0x000055ba26260da6 in convert_const_to_int (thd=<optimized out>,
|
field_item=<optimized out>, item=0x6190004202b0)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/item_cmpfunc.cc:358
|
#16 0x000055ba26278c56 in Item_func_in::value_list_convert_const_to_int (
|
this=this@entry=0x619000420178, thd=thd@entry=0x62b00007e218)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/item_cmpfunc.cc:4493
|
#17 0x000055ba25e7b490 in Type_handler_real_result::Item_func_in_fix_comparator_compatible_types (this=<optimized out>, func=0x619000420178,
|
thd=0x62b00007e218)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_type.cc:5881
|
#18 Type_handler_real_result::Item_func_in_fix_comparator_compatible_types (
|
this=<optimized out>, thd=0x62b00007e218, func=0x619000420178)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_type.cc:5881
|
#19 0x000055ba2628ec2c in Item_func_in::fix_length_and_dec (
|
this=0x619000420178)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_type.h:7434
|
#20 0x000055ba26320f32 in Item_func::fix_fields (this=0x619000420178,
|
thd=<optimized out>, ref=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/item_func.cc:359
|
#21 0x000055ba262778c3 in Item_func_in::fix_fields (this=<optimized out>,
|
thd=<optimized out>, ref=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/item_cmpfunc.cc:4326
|
#22 0x000055ba25bf8197 in fix_vcol_expr (thd=<optimized out>,
|
vcol=0x619000420320)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/table.cc:3583
|
#23 0x000055ba25bf964d in fix_and_check_vcol_expr (table=0x7ff5e2cfba20,
|
vcol=0x619000420320, thd=0x62b00007e218)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/table.cc:3668
|
#24 unpack_vcol_info_from_frm (thd=<optimized out>, table=<optimized out>,
|
expr_str=<optimized out>, vcol_ptr=<optimized out>,
|
error_reported=<optimized out>, mem_root=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/table.cc:3794
|
#25 0x000055ba25c02c46 in parse_vcol_defs (thd=<optimized out>,
|
mem_root=<optimized out>, table=0x7ff5e2cfba20,
|
error_reported=<optimized out>, mode=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/table.cc:1251
|
#26 0x000055ba25c1da70 in open_table_from_share (thd=thd@entry=0x62b00007e218,
|
share=share@entry=0x7ff5e2cfbe70, alias=<optimized out>,
|
db_stat=db_stat@entry=0x0, prgflag=prgflag@entry=0x1,
|
ha_open_flags=ha_open_flags@entry=0x0, outparam=<optimized out>,
|
is_create_table=<optimized out>, partitions_to_open=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/table.cc:4174
|
#27 0x000055ba261743ab in ha_create_table (thd=thd@entry=0x62b00007e218,
|
path=path@entry=0x7ff5e2cff41e "./test1972/#sql-alter-1d32c6-f69",
|
db=<optimized out>, table_name=<optimized out>,
|
create_info=create_info@entry=0x7ff5e2cfffa0,
|
frm=frm@entry=0x7ff5e2cfc960, skip_frm_file=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/handler.cc:5862
|
#28 0x000055ba25b4ca01 in mysql_alter_table (thd=thd@entry=0x62b00007e218,
|
new_db=new_db@entry=0x62b000082c68,
|
new_name=new_name@entry=0x62b000083080,
|
create_info=create_info@entry=0x7ff5e2cfffa0, table_list=<optimized out>,
|
table_list@entry=0x62b0000868c0,
|
alter_info=alter_info@entry=0x7ff5e2cffe70, order_num=<optimized out>,
|
order=<optimized out>, ignore=<optimized out>, if_exists=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_alter.h:295
|
#29 0x000055ba25d0dd1b in Sql_cmd_alter_table::execute (this=<optimized out>,
|
thd=0x62b00007e218)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/structs.h:568
|
#30 0x000055ba2583da67 in mysql_execute_command (thd=<optimized out>,
|
is_called_from_prepared_stmt=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_parse.cc:5995
|
#31 0x000055ba257fc8dd in mysql_parse (thd=0x62b00007e218,
|
rawbuf=<optimized out>, length=<optimized out>,
|
parser_state=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_parse.cc:8028
|
#32 0x000055ba25832db9 in dispatch_command (command=COM_QUERY,
|
thd=0x62b00007e218, packet=<optimized out>, packet_length=<optimized out>,
|
blocking=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_parse.cc:1995
|
#33 0x000055ba25837704 in do_command (thd=0x62b00007e218,
|
blocking=blocking@entry=0x1)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_parse.cc:1406
|
#34 0x000055ba25cf714d in do_handle_one_connection (connect=<optimized out>,
|
put_in_cache=<optimized out>)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_connect.cc:1410
|
#35 0x000055ba25cf8807 in handle_one_connection (arg=arg@entry=0x60800ccab738)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/sql/sql_connect.cc:1312
|
#36 0x000055ba26b43ef0 in pfs_spawn_thread (arg=0x617000005f18)
|
at /home/supersix/fuzz/security/MariaDB/mariadb-10.6.2/storage/perfschema/pfs.cc:2201
|
#37 0x00007ff601db5609 in start_thread (arg=<optimized out>)
|
at pthread_create.c:477
|
#38 0x00007ff601989293 in clone ()
|
at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
 |
gdb-peda$ quit
|
Attachments
Issue Links
- duplicates
-
-
- Closed
-