Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Duplicate
-
10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL)
-
None
-
Linux version 5.13.0-1-MANJARO (builduser@LEGION) (gcc (GCC) 11.1.0, GNU ld (GNU Binutils) 2.36.1) #1 SMP PREEMPT Mon Jun 7 06:16:10 UTC 2021 x86_64
Description
PoC:
CREATE TABLE v0 ( v1 VARCHAR ( 65 ) CHAR SET ASCII NULL DEFAULT ( 'x' IN ( 'x' , CURRENT_USER ) ) ) ; |
START TRANSACTION READ WRITE ; |
INSERT INTO v0 VALUES ( v1 ) ; |
SELECT HEX ( GREATEST ( v1 , ( 'x' ) ) ) FROM v0 ; |
INSERT INTO v0 VALUES ( REPEAT ( ( NULL + 84551986.000000 ) = 74599462.000000 , ( HEX ( 18069096.000000 ) ) / -1 = 28 ) ) ; |
DESCRIBE SELECT v0 . v1 FROM v0 , v0 WHERE v0 . v1 = v0 . v1 ; |
Log:
2021-08-16 14:41:38 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
|
2021-08-16 14:41:38 0 [Note] InnoDB: Number of pools: 1
|
2021-08-16 14:41:38 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
|
2021-08-16 14:41:38 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
|
2021-08-16 14:41:38 0 [Note] InnoDB: Using liburing
|
2021-08-16 14:41:38 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
|
2021-08-16 14:41:38 0 [Note] InnoDB: Completed initialization of buffer pool
|
2021-08-16 14:41:38 0 [Note] InnoDB: 128 rollback segments are active.
|
2021-08-16 14:41:38 0 [Note] InnoDB: Creating shared tablespace for temporary tables
|
2021-08-16 14:41:38 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
|
2021-08-16 14:41:38 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
|
2021-08-16 14:41:38 0 [Note] InnoDB: 10.7.0 started; log sequence number 42161; transaction id 14
|
2021-08-16 14:41:38 0 [Note] InnoDB: Loading buffer pool(s) from /home/fuboat/mariadb-tmp/mysql-default-data/ib_buffer_pool
|
2021-08-16 14:41:38 0 [Note] Plugin 'FEEDBACK' is disabled.
|
2021-08-16 14:41:38 0 [Note] InnoDB: Buffer pool(s) load completed at 210816 14:41:38
|
2021-08-16 14:41:38 0 [Note] Server socket created on IP: '0.0.0.0'.
|
2021-08-16 14:41:38 0 [Note] Server socket created on IP: '::'.
|
2021-08-16 14:41:38 0 [Note] /usr/local/mysql/bin//mysqld: ready for connections.
|
Version: '10.7.0-MariaDB' socket: '/tmp/0.socket' port: 3306 Source distribution
|
2021-08-16 14:41:39 0 [Note] /usr/local/mysql/bin//mysqld (initiated by: root[root] @ localhost []): Normal shutdown
|
2021-08-16 14:41:39 0 [Note] InnoDB: FTS optimize thread exiting.
|
2021-08-16 14:41:39 0 [Note] InnoDB: Starting shutdown...
|
2021-08-16 14:41:39 0 [Note] InnoDB: Dumping buffer pool(s) to /home/fuboat/mariadb-tmp/mysql-default-data/ib_buffer_pool
|
2021-08-16 14:41:39 0 [Note] InnoDB: Buffer pool(s) dump completed at 210816 14:41:39
|
2021-08-16 14:41:39 0 [Note] InnoDB: Removed temporary tablespace data file: "./ibtmp1"
|
2021-08-16 14:41:39 0 [Note] InnoDB: Shutdown completed; log sequence number 42173; transaction id 15
|
2021-08-16 14:41:39 0 [Note] /usr/local/mysql/bin//mysqld: Shutdown complete
|
 |
2021-08-16 15:00:28 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
|
2021-08-16 15:00:28 0 [Note] InnoDB: Number of pools: 1
|
2021-08-16 15:00:28 0 [Note] InnoDB: Using crc32 + pclmulqdq instructions
|
2021-08-16 15:00:28 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
|
2021-08-16 15:00:28 0 [Note] InnoDB: Using liburing
|
2021-08-16 15:00:28 0 [Note] InnoDB: Initializing buffer pool, total size = 134217728, chunk size = 134217728
|
2021-08-16 15:00:28 0 [Note] InnoDB: Completed initialization of buffer pool
|
2021-08-16 15:00:39 0 [Note] InnoDB: 128 rollback segments are active.
|
2021-08-16 15:00:39 0 [Note] InnoDB: Creating shared tablespace for temporary tables
|
2021-08-16 15:00:39 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
|
2021-08-16 15:00:39 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
|
2021-08-16 15:00:39 0 [Note] InnoDB: 10.7.0 started; log sequence number 42173; transaction id 14
|
2021-08-16 15:00:39 0 [Note] InnoDB: Loading buffer pool(s) from /home/fuboat/mariadb-tmp/9/ib_buffer_pool
|
2021-08-16 15:00:39 0 [Note] Plugin 'FEEDBACK' is disabled.
|
2021-08-16 15:00:40 0 [Note] Server socket created on IP: '0.0.0.0'.
|
2021-08-16 15:00:40 0 [Note] Server socket created on IP: '::'.
|
2021-08-16 15:00:40 0 [Note] InnoDB: Buffer pool(s) load completed at 210816 15:00:40
|
2021-08-16 15:00:41 0 [Note] /usr/local/mysql/bin//mysqld: ready for connections.
|
Version: '10.7.0-MariaDB' socket: '/tmp/9.socket' port: 10009 Source distribution
|
210816 15:00:43 [ERROR] mysqld got signal 11 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
 |
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
 |
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
 |
Server version: 10.7.0-MariaDB
|
key_buffer_size=134217728
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=1
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467956 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
 |
Thread pointer: 0x62b0000bd218
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7f987ba5b850 thread_stack 0x5fc00
|
sanitizer_common/sanitizer_common_interceptors.inc:4203(__interceptor_backtrace.part.0)[0x7f989b307c3e]
|
mysys/stacktrace.c:213(my_print_stacktrace)[0x55bb57c35747]
|
sql/signal_handler.cc:222(handle_fatal_signal)[0x55bb56bfd120]
|
sigaction.c:0(__restore_rt)[0x7f989acf1870]
|
sql/item_cmpfunc.h:2556(Item_func_in::cleanup())[0x55bb561f90ee]
|
sql/item.cc:574(Item::cleanup_processor(void*))[0x55bb56c4adbc]
|
sql/item.h:5439(Item_func_or_sum::walk(bool (Item::*)(void*), bool, void*))[0x55bb561fb774]
|
sql/table.cc:3616(fix_session_vcol_expr(THD*, Virtual_column_info*))[0x55bb567afd3a]
|
sql/sql_base.cc:5433(TABLE::fix_vcol_exprs(THD*))[0x55bb5632124f]
|
sql/sql_base.cc:5467(lock_tables(THD*, TABLE_LIST*, unsigned int, unsigned int))[0x55bb56321f93]
|
sql/sql_base.cc:5261(open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*))[0x55bb56326800]
|
sql/sql_base.h:397(open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int))[0x55bb563dcef4]
|
sql/sql_parse.cc:4565(mysql_execute_command(THD*, bool))[0x55bb56495bb8]
|
sql/sql_parse.cc:8047(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55bb564a25a1]
|
sql/sql_parse.cc:1898(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x55bb564a860c]
|
sql/sql_parse.cc:1406(do_command(THD*, bool))[0x55bb564ad73d]
|
sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x55bb56868e57]
|
sql/sql_connect.cc:1312(handle_one_connection)[0x55bb5686933d]
|
perfschema/pfs.cc:2204(pfs_spawn_thread)[0x55bb572f9c2c]
|
pthread_create.c:0(start_thread)[0x7f989ace7259]
|
:0(__GI___clone)[0x7f989a8925e3]
|
 |
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x629000087238): INSERT INTO v0 VALUES ( REPEAT ( ( NULL + 84551986.000000 ) = 74599462.000000 , ( HEX ( 18069096.000000 ) ) / -1 = 28 ) )
|
 |
Connection ID (thread ID): 4
|
Status: NOT_KILLED
|
 |
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on,not_null_range_scan=off
|
 |
The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains
|
information that should help you find out what is causing the crash.
|
Writing a core file...
|
Working directory at /home/fuboat/mariadb-tmp/9
|
Resource Limits:
|
Limit Soft Limit Hard Limit Units
|
Max cpu time unlimited unlimited seconds
|
Max file size unlimited unlimited bytes
|
Max data size unlimited unlimited bytes
|
Max stack size 8388608 unlimited bytes
|
Max core file size unlimited unlimited bytes
|
Max resident set unlimited unlimited bytes
|
Max processes 61608 61608 processes
|
Max open files 524288 524288 files
|
Max locked memory 65536 65536 bytes
|
Max address space unlimited unlimited bytes
|
Max file locks unlimited unlimited locks
|
Max pending signals 61608 61608 signals
|
Max msgqueue size 819200 819200 bytes
|
Max nice priority 0 0
|
Max realtime priority 0 0
|
Max realtime timeout unlimited unlimited us
|
Core pattern: core
|
Coredump:
GNU gdb (GDB) 10.2
|
Copyright (C) 2021 Free Software Foundation, Inc.
|
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
|
This is free software: you are free to change and redistribute it.
|
There is NO WARRANTY, to the extent permitted by law.
|
Type "show copying" and "show warranty" for details.
|
This GDB was configured as "x86_64-pc-linux-gnu".
|
Type "show configuration" for configuration details.
|
For bug reporting instructions, please see:
|
<https://www.gnu.org/software/gdb/bugs/>.
|
Find the GDB manual and other documentation resources online at:
|
<http://www.gnu.org/software/gdb/documentation/>.
|
 |
For help, type "help".
|
Type "apropos word" to search for commands related to "word"...
|
Reading symbols from /usr/local/mysql/bin//mysqld...
|
[New LWP 321844]
|
[New LWP 272301]
|
[New LWP 315980]
|
[New LWP 272464]
|
[New LWP 272465]
|
[New LWP 272438]
|
[New LWP 313382]
|
[New LWP 313342]
|
[New LWP 315981]
|
[New LWP 315984]
|
[New LWP 315982]
|
[New LWP 321828]
|
[New LWP 331506]
|
[New LWP 331509]
|
[New LWP 272143]
|
[New LWP 315983]
|
[Thread debugging using libthread_db enabled]
|
Using host libthread_db library "/usr/lib/libthread_db.so.1".
|
Core was generated by `/usr/local/mysql/bin//mysqld --port 10009 --datadir=/home/fuboat/mariadb-tmp/9'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x00007f989acee808 in pthread_kill () from /usr/lib/libpthread.so.0
|
[Current thread is 1 (Thread 0x7f987ba5c240 (LWP 321844))]
|
(gdb) (gdb) #0 0x00007f989acee808 in pthread_kill () from /usr/lib/libpthread.so.0
|
#1 0x000055bb56bfd06b in handle_fatal_signal (sig=<optimized out>) at /experiment/mariadb-server/sql/signal_handler.cc:344
|
#2 <signal handler called>
|
#3 0x000055bb561f90ee in Item_func_in::cleanup (this=0x6190000a3dd8) at /experiment/mariadb-server/sql/item_cmpfunc.h:2556
|
#4 0x000055bb56c4adbc in Item::cleanup_processor (arg=<optimized out>, this=<optimized out>) at /experiment/mariadb-server/sql/item.cc:572
|
#5 Item::cleanup_processor (this=<optimized out>, arg=<optimized out>) at /experiment/mariadb-server/sql/item.cc:569
|
#6 0x000055bb561fb774 in Item_func_or_sum::walk (this=0x6190000a3dd8, processor=<optimized out>, walk_subquery=<optimized out>, arg=0x0) at /experiment/mariadb-server/sql/item.h:5439
|
#7 0x000055bb567afd3a in fix_session_vcol_expr (vcol=0x6190000a3f58, thd=0x62b0000bd218) at /experiment/mariadb-server/sql/table.cc:3614
|
#8 fix_session_vcol_expr (thd=0x62b0000bd218, vcol=0x6190000a3f58) at /experiment/mariadb-server/sql/table.cc:3608
|
#9 0x000055bb5632124f in TABLE::fix_vcol_exprs (thd=0x62b0000bd218, this=0x6190000a3298) at /experiment/mariadb-server/sql/sql_base.cc:5434
|
#10 TABLE::fix_vcol_exprs (this=0x6190000a3298, thd=0x62b0000bd218) at /experiment/mariadb-server/sql/sql_base.cc:5426
|
#11 0x000055bb56321f93 in fix_all_session_vcol_exprs (tables=0x629000087408, thd=0x62b0000bd218) at /experiment/mariadb-server/sql/sql_base.cc:5465
|
#12 lock_tables (thd=thd@entry=0x62b0000bd218, tables=0x629000087408, count=<optimized out>, flags=flags@entry=0) at /experiment/mariadb-server/sql/sql_base.cc:5649
|
#13 0x000055bb56326800 in open_and_lock_tables (thd=thd@entry=0x62b0000bd218, options=..., tables=<optimized out>, tables@entry=0x629000087408, derived=derived@entry=true, flags=flags@entry=0, prelocking_strategy=prelocking_strategy@entry=0x7f987ba592d0) at /experiment/mariadb-server/sql/sql_base.cc:5261
|
#14 0x000055bb563dcef4 in open_and_lock_tables (flags=0, derived=true, tables=0x629000087408, thd=0x62b0000bd218) at /experiment/mariadb-server/sql/sql_base.h:509
|
#15 mysql_insert (thd=thd@entry=0x62b0000bd218, table_list=0x629000087408, fields=..., values_list=..., update_fields=..., update_values=..., duplic=<optimized out>, ignore=<optimized out>, result=<optimized out>) at /experiment/mariadb-server/sql/sql_insert.cc:757
|
#16 0x000055bb56495bb8 in mysql_execute_command (thd=0x62b0000bd218, is_called_from_prepared_stmt=<optimized out>) at /experiment/mariadb-server/sql/sql_parse.cc:4565
|
#17 0x000055bb564a25a1 in mysql_parse (thd=0x62b0000bd218, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /experiment/mariadb-server/sql/sql_parse.cc:8030
|
#18 0x000055bb564a860c in dispatch_command (command=<optimized out>, thd=0x62b0000bd218, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /experiment/mariadb-server/sql/sql_parse.cc:1896
|
#19 0x000055bb564ad73d in do_command (thd=0x62b0000bd218, blocking=blocking@entry=true) at /experiment/mariadb-server/sql/sql_parse.cc:1404
|
#20 0x000055bb56868e57 in do_handle_one_connection (connect=<optimized out>, put_in_cache=<optimized out>) at /experiment/mariadb-server/sql/sql_connect.cc:1418
|
#21 0x000055bb5686933d in handle_one_connection (arg=arg@entry=0x6080000023b8) at /experiment/mariadb-server/sql/sql_connect.cc:1312
|
#22 0x000055bb572f9c2c in pfs_spawn_thread (arg=0x617000005f18) at /experiment/mariadb-server/storage/perfschema/pfs.cc:2201
|
#23 0x00007f989ace7259 in start_thread () from /usr/lib/libpthread.so.0
|
#24 0x00007f989a8925e3 in clone () from /usr/lib/libc.so.6
|
(gdb) quit
|
|
Attachments
Issue Links
- duplicates
-
-
- Closed
-
-
-
- Closed
-
- is duplicated by
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-
- links to
(9 is duplicated by, 5 relates to, 1 links to)