Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL)
-
None
Description
We have a number of bugs with ASAN errors in my_strnncollsp_simple, but those which I've found (MDEV-16699, MDEV-18900, MDEV-20619, MDEV-22648) all seem to have specifics of the scenario which this one doesn't.
CREATE TABLE t1 (b VARCHAR(8), c TEXT AS (b), UNIQUE(c)); |
INSERT INTO t1 (b) VALUES ('foo'),('bar'); |
|
|
SELECT * INTO OUTFILE 't1.data' FROM t1; |
LOAD DATA INFILE 't1.data' REPLACE INTO TABLE t1; |
|
|
# Cleanup
|
--let $datadir= `SELECT @@datadir`
|
--remove_file $datadir/test/t1.data
|
|
|
DROP TABLE t1; |
|
10.4 74b3d4252a29 |
==3860234==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c0000212f0 at pc 0x55eff50e22bf bp 0x7ff2f77e5aa0 sp 0x7ff2f77e5a90
|
READ of size 1 at 0x60c0000212f0 thread T5
|
#0 0x55eff50e22be in my_strnncollsp_simple /data/src/10.4-bug/strings/ctype-simple.c:182
|
#1 0x55eff3bcb248 in Field_blob::cmp(unsigned char const*, unsigned int, unsigned char const*, unsigned int) /data/src/10.4-bug/sql/field.cc:8640
|
#2 0x55eff3bcb551 in Field_blob::cmp(unsigned char const*, unsigned char const*) /data/src/10.4-bug/sql/field.cc:8651
|
#3 0x55eff3beb2bb in Field::cmp_offset(long long) /data/src/10.4-bug/sql/field.h:1106
|
#4 0x55eff3c529db in check_duplicate_long_entry_key /data/src/10.4-bug/sql/handler.cc:6637
|
#5 0x55eff3c5360c in check_duplicate_long_entries /data/src/10.4-bug/sql/handler.cc:6688
|
#6 0x55eff3c53ea2 in handler::ha_write_row(unsigned char const*) /data/src/10.4-bug/sql/handler.cc:6768
|
#7 0x55eff33cb1ee in write_record(THD*, TABLE*, st_copy_info*) /data/src/10.4-bug/sql/sql_insert.cc:1747
|
#8 0x55eff3459a06 in read_sep_field /data/src/10.4-bug/sql/sql_load.cc:1164
|
#9 0x55eff3455bbc in mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) /data/src/10.4-bug/sql/sql_load.cc:669
|
#10 0x55eff3486a37 in mysql_execute_command(THD*) /data/src/10.4-bug/sql/sql_parse.cc:5008
|
#11 0x55eff349af04 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4-bug/sql/sql_parse.cc:7995
|
#12 0x55eff347168b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4-bug/sql/sql_parse.cc:1857
|
#13 0x55eff346e108 in do_command(THD*) /data/src/10.4-bug/sql/sql_parse.cc:1373
|
#14 0x55eff3868a2c in do_handle_one_connection(CONNECT*) /data/src/10.4-bug/sql/sql_connect.cc:1420
|
#15 0x55eff3868185 in handle_one_connection /data/src/10.4-bug/sql/sql_connect.cc:1316
|
#16 0x55eff44ebe74 in pfs_spawn_thread /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#17 0x7ff3015fb608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#18 0x7ff3011ce292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
|
|
0x60c0000212f0 is located 112 bytes inside of 124-byte region [0x60c000021280,0x60c0000212fc)
|
freed by thread T5 here:
|
#0 0x7ff301ca77cf in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.5+0x10d7cf)
|
#1 0x55eff507b260 in free_memory /data/src/10.4-bug/mysys/safemalloc.c:279
|
#2 0x55eff507a81c in sf_free /data/src/10.4-bug/mysys/safemalloc.c:197
|
#3 0x55eff504921a in my_free /data/src/10.4-bug/mysys/my_malloc.c:222
|
#4 0x55eff3198bc1 in Binary_string::free() /data/src/10.4-bug/sql/sql_string.h:610
|
#5 0x55eff31e246d in Binary_string::set(char const*, unsigned long) /data/src/10.4-bug/sql/sql_string.h:467
|
#6 0x55eff31e24be in String::set(char const*, unsigned long, charset_info_st const*) /data/src/10.4-bug/sql/sql_string.h:769
|
#7 0x55eff3bc317d in Field_varstring::val_str(String*, String*) /data/src/10.4-bug/sql/field.cc:7795
|
#8 0x55eff31bfc07 in Field::val_str(String*) /data/src/10.4-bug/sql/field.h:857
|
#9 0x55eff3bf6d1c in Field_blob::store_field(Field*) /data/src/10.4-bug/sql/field.h:3942
|
#10 0x55eff3c056f3 in field_conv_incompatible /data/src/10.4-bug/sql/field_conv.cc:851
|
#11 0x55eff3c05794 in field_conv(Field*, Field*) /data/src/10.4-bug/sql/field_conv.cc:864
|
#12 0x55eff3ca0f6e in save_field_in_field /data/src/10.4-bug/sql/item.cc:6571
|
#13 0x55eff3ca173a in Item_field::save_in_field(Field*, bool) /data/src/10.4-bug/sql/item.cc:6622
|
#14 0x55eff37bb147 in TABLE::update_virtual_fields(handler*, enum_vcol_update_mode) /data/src/10.4-bug/sql/table.cc:8427
|
#15 0x55eff3c34c86 in handler::ha_index_read_map(unsigned char*, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.4-bug/sql/handler.cc:2944
|
#16 0x55eff3c52253 in check_duplicate_long_entry_key /data/src/10.4-bug/sql/handler.cc:6616
|
#17 0x55eff3c5360c in check_duplicate_long_entries /data/src/10.4-bug/sql/handler.cc:6688
|
#18 0x55eff3c53ea2 in handler::ha_write_row(unsigned char const*) /data/src/10.4-bug/sql/handler.cc:6768
|
#19 0x55eff33cb1ee in write_record(THD*, TABLE*, st_copy_info*) /data/src/10.4-bug/sql/sql_insert.cc:1747
|
#20 0x55eff3459a06 in read_sep_field /data/src/10.4-bug/sql/sql_load.cc:1164
|
#21 0x55eff3455bbc in mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) /data/src/10.4-bug/sql/sql_load.cc:669
|
#22 0x55eff3486a37 in mysql_execute_command(THD*) /data/src/10.4-bug/sql/sql_parse.cc:5008
|
#23 0x55eff349af04 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4-bug/sql/sql_parse.cc:7995
|
#24 0x55eff347168b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4-bug/sql/sql_parse.cc:1857
|
#25 0x55eff346e108 in do_command(THD*) /data/src/10.4-bug/sql/sql_parse.cc:1373
|
#26 0x55eff3868a2c in do_handle_one_connection(CONNECT*) /data/src/10.4-bug/sql/sql_connect.cc:1420
|
#27 0x55eff3868185 in handle_one_connection /data/src/10.4-bug/sql/sql_connect.cc:1316
|
#28 0x55eff44ebe74 in pfs_spawn_thread /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#29 0x7ff3015fb608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
|
|
previously allocated by thread T5 here:
|
#0 0x7ff301ca7bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
|
#1 0x55eff507a1d0 in sf_malloc /data/src/10.4-bug/mysys/safemalloc.c:118
|
#2 0x55eff5048723 in my_malloc /data/src/10.4-bug/mysys/my_malloc.c:101
|
#3 0x55eff36aa7e1 in Binary_string::realloc_raw(unsigned long) /data/src/10.4-bug/sql/sql_string.cc:101
|
#4 0x55eff3198c8a in Binary_string::realloc(unsigned long) /data/src/10.4-bug/sql/sql_string.h:625
|
#5 0x55eff36ab649 in Binary_string::copy() /data/src/10.4-bug/sql/sql_string.cc:220
|
#6 0x55eff3be4c7f in String::copy() /data/src/10.4-bug/sql/sql_string.h:823
|
#7 0x55eff3bf6e25 in Field_blob::store_field(Field*) /data/src/10.4-bug/sql/field.h:3945
|
#8 0x55eff3c056f3 in field_conv_incompatible /data/src/10.4-bug/sql/field_conv.cc:851
|
#9 0x55eff3c05794 in field_conv(Field*, Field*) /data/src/10.4-bug/sql/field_conv.cc:864
|
#10 0x55eff3ca0f6e in save_field_in_field /data/src/10.4-bug/sql/item.cc:6571
|
#11 0x55eff3ca173a in Item_field::save_in_field(Field*, bool) /data/src/10.4-bug/sql/item.cc:6622
|
#12 0x55eff37bb147 in TABLE::update_virtual_fields(handler*, enum_vcol_update_mode) /data/src/10.4-bug/sql/table.cc:8427
|
#13 0x55eff330f28d in fill_record(THD*, TABLE*, List<Item>&, List<Item>&, bool, bool) /data/src/10.4-bug/sql/sql_base.cc:8626
|
#14 0x55eff330fef4 in fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type) /data/src/10.4-bug/sql/sql_base.cc:8754
|
#15 0x55eff34598f6 in read_sep_field /data/src/10.4-bug/sql/sql_load.cc:1149
|
#16 0x55eff3455bbc in mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool) /data/src/10.4-bug/sql/sql_load.cc:669
|
#17 0x55eff3486a37 in mysql_execute_command(THD*) /data/src/10.4-bug/sql/sql_parse.cc:5008
|
#18 0x55eff349af04 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4-bug/sql/sql_parse.cc:7995
|
#19 0x55eff347168b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4-bug/sql/sql_parse.cc:1857
|
#20 0x55eff346e108 in do_command(THD*) /data/src/10.4-bug/sql/sql_parse.cc:1373
|
#21 0x55eff3868a2c in do_handle_one_connection(CONNECT*) /data/src/10.4-bug/sql/sql_connect.cc:1420
|
#22 0x55eff3868185 in handle_one_connection /data/src/10.4-bug/sql/sql_connect.cc:1316
|
#23 0x55eff44ebe74 in pfs_spawn_thread /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#24 0x7ff3015fb608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
|
|
Thread T5 created by T0 here:
|
#0 0x7ff301bd4805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
|
#1 0x55eff44ec265 in spawn_thread_v1 /data/src/10.4-bug/storage/perfschema/pfs.cc:1919
|
#2 0x55eff3173bdf in inline_mysql_thread_create /data/src/10.4-bug/include/mysql/psi/mysql_thread.h:1275
|
#3 0x55eff318bae4 in create_thread_to_handle_connection(CONNECT*) /data/src/10.4-bug/sql/mysqld.cc:6241
|
#4 0x55eff318c27f in create_new_thread(CONNECT*) /data/src/10.4-bug/sql/mysqld.cc:6311
|
#5 0x55eff318c765 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4-bug/sql/mysqld.cc:6409
|
#6 0x55eff318d632 in handle_connections_sockets() /data/src/10.4-bug/sql/mysqld.cc:6567
|
#7 0x55eff318b1d8 in mysqld_main(int, char**) /data/src/10.4-bug/sql/mysqld.cc:5899
|
#8 0x55eff3171e2c in main /data/src/10.4-bug/sql/main.cc:25
|
#9 0x7ff3010d30b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
|
|
|
SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.4-bug/strings/ctype-simple.c:182 in my_strnncollsp_simple
|
Shadow bytes around the buggy address:
|
0x0c187fffc200: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
|
0x0c187fffc210: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
|
0x0c187fffc220: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c187fffc230: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
|
0x0c187fffc240: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
|
=>0x0c187fffc250: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
|
0x0c187fffc260: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c187fffc270: 00 00 00 00 00 00 00 04 fa fa fa fa fa fa fa fa
|
0x0c187fffc280: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c187fffc290: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c187fffc2a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
==3860234==ABORTING
|
211211 0:57:13 [ERROR] mysqld got signal 6 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
|
|
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
|
|
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
|
|
Server version: 10.4.23-MariaDB-debug-log
|
key_buffer_size=1048576
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=1
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63649 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
|
Thread pointer: 0x62b00005b270
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7ff2f77e9910 thread_stack 0x5fc00
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x6cd30)[0x7ff301c06d30]
|
mysys/stacktrace.c:174(my_print_stacktrace)[0x55eff50585c5]
|
sql/signal_handler.cc:222(handle_fatal_signal)[0x55eff3c1b03b]
|
sigaction.c:0(__restore_rt)[0x7ff3016073c0]
|
/lib/x86_64-linux-gnu/libc.so.6(gsignal+0xcb)[0x7ff3010f218b]
|
/lib/x86_64-linux-gnu/libc.so.6(abort+0x12b)[0x7ff3010d1859]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x12b6a2)[0x7ff301cc56a2]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x13624c)[0x7ff301cd024c]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x1178ec)[0x7ff301cb18ec]
|
/lib/x86_64-linux-gnu/libasan.so.5(+0x117363)[0x7ff301cb1363]
|
/lib/x86_64-linux-gnu/libasan.so.5(__asan_report_load1+0x3b)[0x7ff301cb1e4b]
|
strings/ctype-simple.c:182(my_strnncollsp_simple)[0x55eff50e22bf]
|
sql/field.cc:8642(Field_blob::cmp(unsigned char const*, unsigned int, unsigned char const*, unsigned int))[0x55eff3bcb249]
|
sql/field.cc:8651(Field_blob::cmp(unsigned char const*, unsigned char const*))[0x55eff3bcb552]
|
sql/field.h:1106(Field::cmp_offset(long long))[0x55eff3beb2bc]
|
sql/handler.cc:6637(check_duplicate_long_entry_key(TABLE*, handler*, unsigned char const*, unsigned int))[0x55eff3c529dc]
|
sql/handler.cc:6688(check_duplicate_long_entries(TABLE*, handler*, unsigned char const*))[0x55eff3c5360d]
|
sql/handler.cc:6768(handler::ha_write_row(unsigned char const*))[0x55eff3c53ea3]
|
sql/sql_insert.cc:1747(write_record(THD*, TABLE*, st_copy_info*))[0x55eff33cb1ef]
|
sql/sql_load.cc:1164(read_sep_field(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, String&, unsigned long, bool))[0x55eff3459a07]
|
sql/sql_load.cc:669(mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool))[0x55eff3455bbd]
|
sql/sql_parse.cc:5008(mysql_execute_command(THD*))[0x55eff3486a38]
|
sql/sql_parse.cc:7995(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55eff349af05]
|
sql/sql_parse.cc:1860(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55eff347168c]
|
sql/sql_parse.cc:1373(do_command(THD*))[0x55eff346e109]
|
sql/sql_connect.cc:1420(do_handle_one_connection(CONNECT*))[0x55eff3868a2d]
|
sql/sql_connect.cc:1317(handle_one_connection)[0x55eff3868186]
|
perfschema/pfs.cc:1871(pfs_spawn_thread)[0x55eff44ebe75]
|
nptl/pthread_create.c:478(start_thread)[0x7ff3015fb609]
|
/lib/x86_64-linux-gnu/libc.so.6(clone+0x43)[0x7ff3011ce293]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x62b000062290): LOAD DATA INFILE 't1.data' REPLACE INTO TABLE t1
|
|
|
Connection ID (thread ID): 4
|
Status: NOT_KILLED
|
|
|
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on
|
|
|
The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains
|
information that should help you find out what is causing the crash.
|
Writing a core file...
|
Working directory at /dev/shm/var_auto_o3Af/mysqld.1/data
|
Resource Limits:
|
Limit Soft Limit Hard Limit Units
|
Max cpu time unlimited unlimited seconds
|
Max file size unlimited unlimited bytes
|
Max data size unlimited unlimited bytes
|
Max stack size 8388608 unlimited bytes
|
Max core file size unlimited unlimited bytes
|
Max resident set unlimited unlimited bytes
|
Max processes 385674 385674 processes
|
Max open files 1024 1024 files
|
Max locked memory 67108864 67108864 bytes
|
Max address space unlimited unlimited bytes
|
Max file locks unlimited unlimited locks
|
Max pending signals 385674 385674 signals
|
Max msgqueue size 819200 819200 bytes
|
Max nice priority 0 0
|
Max realtime priority 0 0
|
Max realtime timeout unlimited unlimited us
|
Core pattern: core
|
|
|
----------SERVER LOG END-------------
|
|
|
|
|
- found 'core' (0/5)
|
|
|
Trying 'dbx' to get a backtrace
|
|
|
Trying 'gdb' to get a backtrace from coredump /mnt-hd8t/src/10.4-bug/mysql-test/var/log/bug.dtuple2/mysqld.1/data/core
|
Core generated by '/mnt-hd8t/src/10.4-bug/sql/mysqld'
|
Output from gdb follows. The first stack trace is from the failing thread.
|
The following stack traces are from all threads (so the failing one is
|
duplicated).
|
--------------------------
|
[New LWP 3860241]
|
[New LWP 3860237]
|
[New LWP 3860235]
|
[New LWP 3860236]
|
[New LWP 3860234]
|
[New LWP 3860238]
|
[Thread debugging using libthread_db enabled]
|
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
|
Core was generated by `/mnt-hd8t/src/10.4-bug/sql/mysqld --defaults-group-suffix=.1 --defaults-file=/m'.
|
Program terminated with signal SIGABRT, Aborted.
|
#0 __pthread_kill (threadid=<optimized out>, signo=6) at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
56 ../sysdeps/unix/sysv/linux/pthread_kill.c: No such file or directory.
|
[Current thread is 1 (Thread 0x7ff2f77ea300 (LWP 3860241))]
|
#0 __pthread_kill (threadid=<optimized out>, signo=6) at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
#1 0x000055eff5058747 in my_write_core (sig=6) at /data/src/10.4-bug/mysys/stacktrace.c:386
|
#2 0x000055eff3c1b632 in handle_fatal_signal (sig=6) at /data/src/10.4-bug/sql/signal_handler.cc:356
|
#3 <signal handler called>
|
#4 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#5 0x00007ff3010d1859 in __GI_abort () at abort.c:79
|
#6 0x00007ff301cc56a2 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#7 0x00007ff301cd024c in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#8 0x00007ff301cb18ec in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#9 0x00007ff301cb1363 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#10 0x00007ff301cb1e4b in __asan_report_load1 () from /lib/x86_64-linux-gnu/libasan.so.5
|
#11 0x000055eff50e22bf in my_strnncollsp_simple (cs=0x55eff69ad7e0 <my_charset_latin1>, a=0x60c0000213b1 "oo", a_length=3, b=0x60c0000212f1 "oo", b_length=3) at /data/src/10.4-bug/strings/ctype-simple.c:182
|
#12 0x000055eff3bcb249 in Field_blob::cmp (this=0x61900008d180, a=0x60c0000213b0 "foo", a_length=3, b=0x60c0000212f0 "foo", b_length=3) at /data/src/10.4-bug/sql/field.cc:8640
|
#13 0x000055eff3bcb552 in Field_blob::cmp (this=0x61900008d180, a_ptr=0x61900008d02a "\003", b_ptr=0x61d0001ef33a "\003") at /data/src/10.4-bug/sql/field.cc:8651
|
#14 0x000055eff3beb2bc in Field::cmp_offset (this=0x61900008d180, row_offset=274879357712) at /data/src/10.4-bug/sql/field.h:1106
|
#15 0x000055eff3c529dc in check_duplicate_long_entry_key (table=0x62000003d0f0, h=0x62b000062e48, new_rec=0x61900008d020 "\370\003foo", key_no=0) at /data/src/10.4-bug/sql/handler.cc:6637
|
#16 0x000055eff3c5360d in check_duplicate_long_entries (table=0x62000003d0f0, h=0x62b000062e48, new_rec=0x61900008d020 "\370\003foo") at /data/src/10.4-bug/sql/handler.cc:6688
|
#17 0x000055eff3c53ea3 in handler::ha_write_row (this=0x61d0001ee710, buf=0x61900008d020 "\370\003foo") at /data/src/10.4-bug/sql/handler.cc:6768
|
#18 0x000055eff33cb1ef in write_record (thd=0x62b00005b270, table=0x62000003d0f0, info=0x7ff2f77e6440) at /data/src/10.4-bug/sql/sql_insert.cc:1747
|
#19 0x000055eff3459a07 in read_sep_field (thd=0x62b00005b270, info=..., table_list=0x62b000062430, fields_vars=..., set_fields=..., set_values=..., read_info=..., enclosed=..., skip_lines=0, ignore_check_option_errors=false) at /data/src/10.4-bug/sql/sql_load.cc:1164
|
#20 0x000055eff3455bbd in mysql_load (thd=0x62b00005b270, ex=0x62b000062388, table_list=0x62b000062430, fields_vars=..., set_fields=..., set_values=..., handle_duplicates=DUP_REPLACE, ignore=false, read_file_from_client=false) at /data/src/10.4-bug/sql/sql_load.cc:669
|
#21 0x000055eff3486a38 in mysql_execute_command (thd=0x62b00005b270) at /data/src/10.4-bug/sql/sql_parse.cc:5008
|
#22 0x000055eff349af05 in mysql_parse (thd=0x62b00005b270, rawbuf=0x62b000062290 "LOAD DATA INFILE 't1.data' REPLACE INTO TABLE t1", length=48, parser_state=0x7ff2f77e8780, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:7995
|
#23 0x000055eff347168c in dispatch_command (command=COM_QUERY, thd=0x62b00005b270, packet=0x62900023f271 "LOAD DATA INFILE 't1.data' REPLACE INTO TABLE t1", packet_length=48, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:1857
|
#24 0x000055eff346e109 in do_command (thd=0x62b00005b270) at /data/src/10.4-bug/sql/sql_parse.cc:1373
|
#25 0x000055eff3868a2d in do_handle_one_connection (connect=0x611000008170) at /data/src/10.4-bug/sql/sql_connect.cc:1420
|
#26 0x000055eff3868186 in handle_one_connection (arg=0x611000008170) at /data/src/10.4-bug/sql/sql_connect.cc:1316
|
#27 0x000055eff44ebe75 in pfs_spawn_thread (arg=0x61600000b7f0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#28 0x00007ff3015fb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#29 0x00007ff3011ce293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Thread 6 (Thread 0x7ff2f7862300 (LWP 3860238)):
|
#0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x55eff6b1e708 <COND_manager+40>) at ../sysdeps/nptl/futex-internal.h:183
|
#1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x55eff6b1e628 <LOCK_manager+40>, cond=0x55eff6b1e6e0 <COND_manager>) at pthread_cond_wait.c:508
|
#2 __pthread_cond_wait (cond=0x55eff6b1e6e0 <COND_manager>, mutex=0x55eff6b1e628 <LOCK_manager+40>) at pthread_cond_wait.c:638
|
#3 0x000055eff5066213 in safe_cond_wait (cond=0x55eff6b1e6e0 <COND_manager>, mp=0x55eff6b1e600 <LOCK_manager>, file=0x55eff52e1be0 "/data/src/10.4-bug/include/mysql/psi/mysql_thread.h", line=1174) at /data/src/10.4-bug/mysys/thr_mutex.c:492
|
#4 0x000055eff3462dd0 in inline_mysql_cond_wait (that=0x55eff6b1e6e0 <COND_manager>, mutex=0x55eff6b1e600 <LOCK_manager>, src_file=0x55eff52e2620 "/data/src/10.4-bug/sql/sql_manager.cc", src_line=102) at /data/src/10.4-bug/include/mysql/psi/mysql_thread.h:1174
|
#5 0x000055eff34638b6 in handle_manager (arg=0x0) at /data/src/10.4-bug/sql/sql_manager.cc:102
|
#6 0x000055eff44ebe75 in pfs_spawn_thread (arg=0x616000009ff0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#7 0x00007ff3015fb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#8 0x00007ff3011ce293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Thread 5 (Thread 0x7ff300f59840 (LWP 3860234)):
|
#0 0x00007ff3011c1aff in __GI___poll (fds=0x7ffce5cb5df0, nfds=2, timeout=-1) at ../sysdeps/unix/sysv/linux/poll.c:29
|
#1 0x00007ff301bd65ba in poll () from /lib/x86_64-linux-gnu/libasan.so.5
|
#2 0x000055eff318cef3 in handle_connections_sockets () at /data/src/10.4-bug/sql/mysqld.cc:6463
|
#3 0x000055eff318b1d9 in mysqld_main (argc=<error reading variable: Cannot access memory at address 0x3d60>, argv=<error reading variable: Cannot access memory at address 0x3d70>) at /data/src/10.4-bug/sql/mysqld.cc:5899
|
#4 0x000055eff3171e2d in main (argc=6, argv=0x7ffce5cb6238) at /data/src/10.4-bug/sql/main.cc:25
|
|
|
Thread 4 (Thread 0x7ff2f8119700 (LWP 3860236)):
|
#0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7ff2f8118c00, clockid=<optimized out>, expected=0, futex_word=0x55eff7378ee8 <COND_checkpoint+40>) at ../sysdeps/nptl/futex-internal.h:320
|
#1 __pthread_cond_wait_common (abstime=0x7ff2f8118c00, clockid=<optimized out>, mutex=0x55eff7378e08 <LOCK_checkpoint+40>, cond=0x55eff7378ec0 <COND_checkpoint>) at pthread_cond_wait.c:520
|
#2 __pthread_cond_timedwait (cond=0x55eff7378ec0 <COND_checkpoint>, mutex=0x55eff7378e08 <LOCK_checkpoint+40>, abstime=0x7ff2f8118c00) at pthread_cond_wait.c:656
|
#3 0x000055eff5066b4c in safe_cond_timedwait (cond=0x55eff7378ec0 <COND_checkpoint>, mp=0x55eff7378de0 <LOCK_checkpoint>, abstime=0x7ff2f8118c00, file=0x55eff5790e20 "/data/src/10.4-bug/include/mysql/psi/mysql_thread.h", line=1211) at /data/src/10.4-bug/mysys/thr_mutex.c:546
|
#4 0x000055eff4281627 in inline_mysql_cond_timedwait (that=0x55eff7378ec0 <COND_checkpoint>, mutex=0x55eff7378de0 <LOCK_checkpoint>, abstime=0x7ff2f8118c00, src_file=0x55eff5790ea0 "/data/src/10.4-bug/storage/maria/ma_servicethread.c", src_line=115) at /data/src/10.4-bug/include/mysql/psi/mysql_thread.h:1211
|
#5 0x000055eff4282502 in my_service_thread_sleep (control=0x55eff65659a0 <checkpoint_control>, sleep_time=29000000000) at /data/src/10.4-bug/storage/maria/ma_servicethread.c:115
|
#6 0x000055eff4263fe6 in ma_checkpoint_background (arg=0x1e) at /data/src/10.4-bug/storage/maria/ma_checkpoint.c:707
|
#7 0x000055eff44ebe75 in pfs_spawn_thread (arg=0x6160000066f0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#8 0x00007ff3015fb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#9 0x00007ff3011ce293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Thread 3 (Thread 0x7ff2f982b700 (LWP 3860235)):
|
#0 futex_abstimed_wait_cancelable (private=<optimized out>, abstime=0x7ff2f982ad50, clockid=<optimized out>, expected=0, futex_word=0x55eff7412028 <COND_timer+40>) at ../sysdeps/nptl/futex-internal.h:320
|
#1 __pthread_cond_wait_common (abstime=0x7ff2f982ad50, clockid=<optimized out>, mutex=0x55eff7411f48 <LOCK_timer+40>, cond=0x55eff7412000 <COND_timer>) at pthread_cond_wait.c:520
|
#2 __pthread_cond_timedwait (cond=0x55eff7412000 <COND_timer>, mutex=0x55eff7411f48 <LOCK_timer+40>, abstime=0x7ff2f982ad50) at pthread_cond_wait.c:656
|
#3 0x000055eff5066b4c in safe_cond_timedwait (cond=0x55eff7412000 <COND_timer>, mp=0x55eff7411f20 <LOCK_timer>, abstime=0x7ff2f982ad50, file=0x55eff5c87120 "/data/src/10.4-bug/include/mysql/psi/mysql_thread.h", line=1211) at /data/src/10.4-bug/mysys/thr_mutex.c:546
|
#4 0x000055eff5069999 in inline_mysql_cond_timedwait (that=0x55eff7412000 <COND_timer>, mutex=0x55eff7411f20 <LOCK_timer>, abstime=0x7ff2f982ad50, src_file=0x55eff5c871c0 "/data/src/10.4-bug/mysys/thr_timer.c", src_line=292) at /data/src/10.4-bug/include/mysql/psi/mysql_thread.h:1211
|
#5 0x000055eff506b91d in timer_handler (arg=0x0) at /data/src/10.4-bug/mysys/thr_timer.c:292
|
#6 0x000055eff44ebe75 in pfs_spawn_thread (arg=0x616000001ef0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#7 0x00007ff3015fb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#8 0x00007ff3011ce293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Thread 2 (Thread 0x7ff2f78fa300 (LWP 3860237)):
|
#0 0x00007ff3010f3322 in __GI___sigtimedwait (set=0x7ff2f78f98b0, info=0x7ff2f78f96e0, timeout=0x0) at ../sysdeps/unix/sysv/linux/sigtimedwait.c:29
|
#1 0x00007ff301c21111 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#2 0x000055eff3171f29 in my_sigwait (set=0x7ff2f78f98b0, sig=0x7ff2f78f9820, code=0x7ff2f78f9830) at /data/src/10.4-bug/include/my_pthread.h:196
|
#3 0x000055eff3181c6a in signal_hand (arg=0x0) at /data/src/10.4-bug/sql/mysqld.cc:3219
|
#4 0x000055eff44ebe75 in pfs_spawn_thread (arg=0x6160000087f0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#5 0x00007ff3015fb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#6 0x00007ff3011ce293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Thread 1 (Thread 0x7ff2f77ea300 (LWP 3860241)):
|
#0 __pthread_kill (threadid=<optimized out>, signo=6) at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
#1 0x000055eff5058747 in my_write_core (sig=6) at /data/src/10.4-bug/mysys/stacktrace.c:386
|
#2 0x000055eff3c1b632 in handle_fatal_signal (sig=6) at /data/src/10.4-bug/sql/signal_handler.cc:356
|
#3 <signal handler called>
|
#4 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#5 0x00007ff3010d1859 in __GI_abort () at abort.c:79
|
#6 0x00007ff301cc56a2 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#7 0x00007ff301cd024c in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#8 0x00007ff301cb18ec in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#9 0x00007ff301cb1363 in ?? () from /lib/x86_64-linux-gnu/libasan.so.5
|
#10 0x00007ff301cb1e4b in __asan_report_load1 () from /lib/x86_64-linux-gnu/libasan.so.5
|
#11 0x000055eff50e22bf in my_strnncollsp_simple (cs=0x55eff69ad7e0 <my_charset_latin1>, a=0x60c0000213b1 "oo", a_length=3, b=0x60c0000212f1 "oo", b_length=3) at /data/src/10.4-bug/strings/ctype-simple.c:182
|
#12 0x000055eff3bcb249 in Field_blob::cmp (this=0x61900008d180, a=0x60c0000213b0 "foo", a_length=3, b=0x60c0000212f0 "foo", b_length=3) at /data/src/10.4-bug/sql/field.cc:8640
|
#13 0x000055eff3bcb552 in Field_blob::cmp (this=0x61900008d180, a_ptr=0x61900008d02a "\003", b_ptr=0x61d0001ef33a "\003") at /data/src/10.4-bug/sql/field.cc:8651
|
#14 0x000055eff3beb2bc in Field::cmp_offset (this=0x61900008d180, row_offset=274879357712) at /data/src/10.4-bug/sql/field.h:1106
|
#15 0x000055eff3c529dc in check_duplicate_long_entry_key (table=0x62000003d0f0, h=0x62b000062e48, new_rec=0x61900008d020 "\370\003foo", key_no=0) at /data/src/10.4-bug/sql/handler.cc:6637
|
#16 0x000055eff3c5360d in check_duplicate_long_entries (table=0x62000003d0f0, h=0x62b000062e48, new_rec=0x61900008d020 "\370\003foo") at /data/src/10.4-bug/sql/handler.cc:6688
|
#17 0x000055eff3c53ea3 in handler::ha_write_row (this=0x61d0001ee710, buf=0x61900008d020 "\370\003foo") at /data/src/10.4-bug/sql/handler.cc:6768
|
#18 0x000055eff33cb1ef in write_record (thd=0x62b00005b270, table=0x62000003d0f0, info=0x7ff2f77e6440) at /data/src/10.4-bug/sql/sql_insert.cc:1747
|
#19 0x000055eff3459a07 in read_sep_field (thd=0x62b00005b270, info=..., table_list=0x62b000062430, fields_vars=..., set_fields=..., set_values=..., read_info=..., enclosed=..., skip_lines=0, ignore_check_option_errors=false) at /data/src/10.4-bug/sql/sql_load.cc:1164
|
#20 0x000055eff3455bbd in mysql_load (thd=0x62b00005b270, ex=0x62b000062388, table_list=0x62b000062430, fields_vars=..., set_fields=..., set_values=..., handle_duplicates=DUP_REPLACE, ignore=false, read_file_from_client=false) at /data/src/10.4-bug/sql/sql_load.cc:669
|
#21 0x000055eff3486a38 in mysql_execute_command (thd=0x62b00005b270) at /data/src/10.4-bug/sql/sql_parse.cc:5008
|
#22 0x000055eff349af05 in mysql_parse (thd=0x62b00005b270, rawbuf=0x62b000062290 "LOAD DATA INFILE 't1.data' REPLACE INTO TABLE t1", length=48, parser_state=0x7ff2f77e8780, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:7995
|
#23 0x000055eff347168c in dispatch_command (command=COM_QUERY, thd=0x62b00005b270, packet=0x62900023f271 "LOAD DATA INFILE 't1.data' REPLACE INTO TABLE t1", packet_length=48, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:1857
|
#24 0x000055eff346e109 in do_command (thd=0x62b00005b270) at /data/src/10.4-bug/sql/sql_parse.cc:1373
|
#25 0x000055eff3868a2d in do_handle_one_connection (connect=0x611000008170) at /data/src/10.4-bug/sql/sql_connect.cc:1420
|
#26 0x000055eff3868186 in handle_one_connection (arg=0x611000008170) at /data/src/10.4-bug/sql/sql_connect.cc:1316
|
#27 0x000055eff44ebe75 in pfs_spawn_thread (arg=0x61600000b7f0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
|
#28 0x00007ff3015fb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#29 0x00007ff3011ce293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Reproducible on 10.4-10.7, with at least MyISAM and InnoDB.
No obvious immediate problem on a non-ASAN build.
Attachments
Issue Links
- relates to
-
-
- Closed
-