Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Duplicate
-
10.5, 10.6, 10.7(EOL)
-
Linux version 5.13.0-1-MANJARO (builduser@LEGION) (gcc (GCC) 11.1.0, GNU ld (GNU Binutils) 2.36.1) #1 SMP PREEMPT Mon Jun 7 06:16:10 UTC 2021 x86_64
Description
PoC:
SELECT * FROM v0 WHERE v1 BETWEEN 'x' AND from_days ( TIME_TO_SEC ( - v1 ) ) MOD CONVERT ( 'x' , DATE ) * INET_ATON ( DEFAULT ( v1 ) ) ; |
crash log:
Server version: 10.7.0-MariaDB
key_buffer_size=134217728
read_buffer_size=131072
max_used_connections=1
max_threads=153
thread_count=1
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467956 K bytes of memory
Hope that's ok; if not, decrease some variables in the equation.
Thread pointer: 0x62b0000bd218
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 0x7f34758ad850 thread_stack 0x5fc00
sanitizer_common/sanitizer_common_interceptors.inc:4203(__interceptor_backtrace.part.0)[0x7f3495159c3e]
mysys/stacktrace.c:213(my_print_stacktrace)[0x55c1664b1747]
sql/signal_handler.cc:222(handle_fatal_signal)[0x55c165479120]
sigaction.c:0(__restore_rt)[0x7f3494b43870]
strings/ctype-utf8.c:5109(my_strcasecmp_utf8mb3)[0x55c166559417]
sql/sql_base.cc:6048(find_field_in_table(THD*, TABLE*, char const*, unsigned long, bool, unsigned short*))[0x55c164ba33c6]
sql/sql_base.cc:6185(find_field_in_table_ref(THD*, TABLE_LIST*, char const*, unsigned long, char const*, char const*, char const*, List<TABLE_LIST>, Item, bool, bool, unsigned short, bool, TABLE_LIST**))[0x55c164ba487e]
sql/sql_base.cc:6505(find_field_in_tables(THD*, Item_ident*, TABLE_LIST*, TABLE_LIST*, List<TABLE_LIST>, Item*, find_item_error_report_type, bool, bool))[0x55c164ba5b25]
sql/item.cc:5890(Item_field::fix_fields(THD*, Item**))[0x55c165508ec0]
sql/item_func.cc:347(Item_func::fix_fields(THD*, Item**))[0x55c16560d29c]
sql/item_func.cc:347(Item_func::fix_fields(THD*, Item**))[0x55c16560d29c]
sql/item_func.cc:347(Item_func::fix_fields(THD*, Item**))[0x55c16560d29c]
sql/sql_select.cc:2164(JOIN::optimize_inner())[0x55c164ea6f45]
sql/sql_select.cc:1811(JOIN::optimize())[0x55c164eaa7b1]
sql/sql_derived.cc:1064(mysql_derived_optimize(THD*, LEX*, TABLE_LIST*))[0x55c164c235a6]
sql/sql_derived.cc:200(mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int))[0x55c164c2194e]
sql/sql_select.cc:2285(JOIN::optimize_inner())[0x55c164ea8b2e]
sql/sql_select.cc:1811(JOIN::optimize())[0x55c164eaa7b1]
sql/sql_select.cc:4977(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55c164eaaa0e]
sql/sql_select.cc:545(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55c164eac655]
sql/sql_parse.cc:6256(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55c164cefd7d]
sql/sql_parse.cc:3946(mysql_execute_command(THD*, bool))[0x55c164d19421]
sql/sql_parse.cc:8047(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55c164d1e5a1]
sql/sql_parse.cc:1898(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x55c164d2460c]
sql/sql_parse.cc:1406(do_command(THD*, bool))[0x55c164d2973d]
sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x55c1650e4e57]
sql/sql_connect.cc:1312(handle_one_connection)[0x55c1650e533d]
perfschema/pfs.cc:2204(pfs_spawn_thread)[0x55c165b75c2c]
pthread_create.c:0(start_thread)[0x7f3494b39259]
:0(_GI__clone)[0x7f34946e45e3]
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0x629000087238): SELECT * FROM v0 WHERE v1 BETWEEN 'x' AND from_days ( TIME_TO_SEC ( - v1 ) ) MOD CONVERT ( 'x' , DATE ) * INET_ATON ( DEFAULT ( v1 ) )
Connection ID (thread ID): 4
Status: NOT_KILLED
Attachments
Issue Links
- duplicates
-
-
- Confirmed
-