Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.5, 10.6, 10.7, 10.8, 10.9, 10.10, 10.11, 11.0
-
None
Description
--source include/have_partition.inc
|
|
|
CREATE TABLE t (b INT, e BINARY(8), f INT, KEY(f,e,b), KEY(b)) |
PARTITION BY HASH(f) PARTITIONS 2; |
|
|
INSERT INTO t VALUES (1,'foo',10),(2,'bar',20); |
|
|
SELECT DISTINCT * FROM t WHERE (b = 100 OR f = 1) AND e = ''; |
|
|
# Cleanup
|
DROP TABLE t; |
|
10.5 4c3ad244 |
==16134==ERROR: AddressSanitizer: use-after-poison on address 0x621000094eba at pc 0x7f9d8763a480 bp 0x7f9d81a3c970 sp 0x7f9d81a3c118
|
READ of size 8 at 0x621000094eba thread T5
|
#0 0x7f9d8763a47f (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
|
#1 0x56100412f05a in key_restore(unsigned char*, unsigned char const*, st_key*, unsigned int) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/key.cc:262
|
#2 0x56100432bb30 in get_full_part_id_from_key(TABLE const*, unsigned char*, st_key*, st_key_range const*, part_id_range*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_partition.cc:3999
|
#3 0x56100432d3aa in get_partition_set(TABLE const*, unsigned char*, unsigned int, st_key_range const*, part_id_range*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_partition.cc:4256
|
#4 0x56100468168e in ha_partition::partition_scan_set_up(unsigned char*, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/ha_partition.cc:7239
|
#5 0x561004673821 in ha_partition::common_index_read(unsigned char*, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/ha_partition.cc:5818
|
#6 0x561004675c89 in ha_partition::read_range_first(st_key_range const*, st_key_range const*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/ha_partition.cc:6154
|
#7 0x561004278efe in QUICK_RANGE_SELECT::get_next_prefix(unsigned int, unsigned int, unsigned char*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/opt_range.cc:12742
|
#8 0x56100428c52e in QUICK_GROUP_MIN_MAX_SELECT::next_prefix() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/opt_range.cc:15573
|
#9 0x56100428ac33 in QUICK_GROUP_MIN_MAX_SELECT::get_next() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/opt_range.cc:15315
|
#10 0x5610042adba5 in rr_quick /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/records.cc:403
|
#11 0x5610034a0bfd in READ_RECORD::read_record() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/records.h:80
|
#12 0x5610037ab58c in join_init_read_record(st_join_table*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:21853
|
#13 0x5610037a4666 in sub_select(JOIN*, st_join_table*, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:20885
|
#14 0x5610037a274f in do_select /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:20420
|
#15 0x56100372e09b in JOIN::exec_inner() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:4516
|
#16 0x56100372b6a5 in JOIN::exec() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:4296
|
#17 0x56100372faea in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:4773
|
#18 0x561003700fda in handle_select(THD*, LEX*, select_result*, unsigned long) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:444
|
#19 0x56100366c3c4 in execute_sqlcom_select /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:6314
|
#20 0x56100365b4f6 in mysql_execute_command(THD*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:4005
|
#21 0x5610036774bd in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:8100
|
#22 0x56100364d986 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:1891
|
#23 0x56100364a3d6 in do_command(THD*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:1370
|
#24 0x561003a8564d in do_handle_one_connection(CONNECT*, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_connect.cc:1418
|
#25 0x561003a84e66 in handle_one_connection /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_connect.cc:1312
|
#26 0x7f9d87044608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#27 0x7f9d86c19292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
|
|
0x621000094eba is located 442 bytes inside of 4196-byte region [0x621000094d00,0x621000095d64)
|
allocated by thread T5 here:
|
#0 0x7f9d876acbc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
|
#1 0x5610051d3f26 in sf_malloc /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/mysys/safemalloc.c:121
|
#2 0x5610051a4683 in my_malloc /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/mysys/my_malloc.c:90
|
#3 0x561005180cac in alloc_root /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/mysys/my_alloc.c:244
|
#4 0x561004288398 in QUICK_GROUP_MIN_MAX_SELECT::init() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/opt_range.cc:14973
|
#5 0x5610042871e5 in TRP_GROUP_MIN_MAX::make_quick(PARAM*, bool, st_mem_root*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/opt_range.cc:14814
|
#6 0x561004236517 in SQL_SELECT::test_quick_select(THD*, Bitmap<64u>, unsigned long long, unsigned long long, bool, bool, bool, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/opt_range.cc:3055
|
#7 0x5610037301f0 in get_quick_record_count /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:4817
|
#8 0x5610037370be in make_join_statistics /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:5544
|
#9 0x561003715b59 in JOIN::optimize_inner() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:2296
|
#10 0x56100370f055 in JOIN::optimize() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:1668
|
#11 0x56100372f8f5 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:4759
|
#12 0x561003700fda in handle_select(THD*, LEX*, select_result*, unsigned long) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_select.cc:444
|
#13 0x56100366c3c4 in execute_sqlcom_select /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:6314
|
#14 0x56100365b4f6 in mysql_execute_command(THD*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:4005
|
#15 0x5610036774bd in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:8100
|
#16 0x56100364d986 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:1891
|
#17 0x56100364a3d6 in do_command(THD*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_parse.cc:1370
|
#18 0x561003a8564d in do_handle_one_connection(CONNECT*, bool) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_connect.cc:1418
|
#19 0x561003a84e66 in handle_one_connection /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/sql_connect.cc:1312
|
#20 0x7f9d87044608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
|
|
Thread T5 created by T0 here:
|
#0 0x7f9d875d9805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
|
#1 0x561003360bff in create_thread_to_handle_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/mysqld.cc:6012
|
#2 0x56100336127e in create_new_thread(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/mysqld.cc:6071
|
#3 0x5610033615db in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/mysqld.cc:6136
|
#4 0x561003362200 in handle_connections_sockets() /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/mysqld.cc:6263
|
#5 0x561003360430 in mysqld_main(int, char**) /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/mysqld.cc:5658
|
#6 0x56100334e05c in main /home/jenkins/workspace/sandbox-elenst/Reproduce/buildtype/ASAN/node/ubuntu-2004-amd64-build/version/10.5/src/sql/main.cc:25
|
#7 0x7f9d86b1e0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
|
|
|
SUMMARY: AddressSanitizer: use-after-poison (/lib/x86_64-linux-gnu/libasan.so.5+0x9b47f)
|
Shadow bytes around the buggy address:
|
0x0c428000a980: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c428000a990: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c428000a9a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c428000a9b0: 00 00 00 00 f7 00 00 04 f7 00 00 04 f7 00 00 00
|
0x0c428000a9c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 f7 04 f7
|
=>0x0c428000a9d0: 00 00 00 00 00 f7 00[02]f7 00 02 f7 00 00 00 00
|
0x0c428000a9e0: 00 00 00 00 00 00 00 00 f7 f7 f7 f7 f7 f7 f7 f7
|
0x0c428000a9f0: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
|
0x0c428000aa00: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
|
0x0c428000aa10: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
|
0x0c428000aa20: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
==16134==ABORTING
|
220105 18:48:56 [ERROR] mysqld got signal 6 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
|
|
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
|
|
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
|
|
Server version: 10.5.14-MariaDB-debug-log
|
key_buffer_size=1048576
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=1
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 63676 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
|
Thread pointer: 0x62b00005b288
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7f9d81a3fd20 thread_stack 0x100000
|
??:0(__interceptor_tcgetattr)[0x7f9d8760bd30]
|
mysys/stacktrace.c:212(my_print_stacktrace)[0x5610051b3e6e]
|
sql/signal_handler.cc:225(handle_fatal_signal)[0x561003e47567]
|
sigaction.c:0(__restore_rt)[0x7f9d870503c0]
|
??:0(gsignal)[0x7f9d86b3d18b]
|
??:0(abort)[0x7f9d86b1c859]
|
??:0(__sanitizer_set_report_fd)[0x7f9d876ca6a2]
|
??:0(__sanitizer_get_module_and_offset_for_pc)[0x7f9d876d524c]
|
??:0(__sanitizer_ptr_cmp)[0x7f9d876b68ec]
|
??:0(__asan_on_error)[0x7f9d876b6363]
|
??:0(__interceptor_getdelim)[0x7f9d8763a49f]
|
sql/key.cc:191(key_restore(unsigned char*, unsigned char const*, st_key*, unsigned int))[0x56100412f05b]
|
sql/sql_partition.cc:4000(get_full_part_id_from_key(TABLE const*, unsigned char*, st_key*, st_key_range const*, part_id_range*))[0x56100432bb31]
|
sql/sql_partition.cc:4257(get_partition_set(TABLE const*, unsigned char*, unsigned int, st_key_range const*, part_id_range*))[0x56100432d3ab]
|
sql/ha_partition.cc:7239(ha_partition::partition_scan_set_up(unsigned char*, bool))[0x56100468168f]
|
sql/ha_partition.cc:5818(ha_partition::common_index_read(unsigned char*, bool))[0x561004673822]
|
sql/ha_partition.cc:6154(ha_partition::read_range_first(st_key_range const*, st_key_range const*, bool, bool))[0x561004675c8a]
|
sql/opt_range.cc:12742(QUICK_RANGE_SELECT::get_next_prefix(unsigned int, unsigned int, unsigned char*))[0x561004278eff]
|
sql/opt_range.cc:15573(QUICK_GROUP_MIN_MAX_SELECT::next_prefix())[0x56100428c52f]
|
sql/opt_range.cc:15315(QUICK_GROUP_MIN_MAX_SELECT::get_next())[0x56100428ac34]
|
sql/records.cc:403(rr_quick(READ_RECORD*))[0x5610042adba6]
|
sql/records.h:80(READ_RECORD::read_record())[0x5610034a0bfe]
|
sql/sql_select.cc:21853(join_init_read_record(st_join_table*))[0x5610037ab58d]
|
sql/sql_select.cc:20885(sub_select(JOIN*, st_join_table*, bool))[0x5610037a4667]
|
sql/sql_select.cc:20420(do_select(JOIN*, Procedure*))[0x5610037a2750]
|
sql/sql_select.cc:4516(JOIN::exec_inner())[0x56100372e09c]
|
sql/sql_select.cc:4297(JOIN::exec())[0x56100372b6a6]
|
sql/sql_select.cc:4775(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x56100372faeb]
|
sql/sql_select.cc:444(handle_select(THD*, LEX*, select_result*, unsigned long))[0x561003700fdb]
|
sql/sql_parse.cc:6314(execute_sqlcom_select(THD*, TABLE_LIST*))[0x56100366c3c5]
|
sql/sql_parse.cc:4005(mysql_execute_command(THD*))[0x56100365b4f7]
|
sql/sql_parse.cc:8100(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x5610036774be]
|
sql/sql_parse.cc:1894(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x56100364d987]
|
sql/sql_parse.cc:1370(do_command(THD*))[0x56100364a3d7]
|
sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x561003a8564e]
|
sql/sql_connect.cc:1314(handle_one_connection)[0x561003a84e67]
|
nptl/pthread_create.c:478(start_thread)[0x7f9d87044609]
|
??:0(clone)[0x7f9d86c19293]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x62b0000622a8): SELECT DISTINCT * FROM t WHERE (b = 100 OR f = 1) AND e = ''
|
|
|
Connection ID (thread ID): 4
|
Status: NOT_KILLED
|
Reproducible with at least InnoDB, MyISAM, Aria.
Reproducible on 10.5+, including older 10.5 versions.
Not reproducible on 10.4.
No obvious immediate problem with a non-ASAN build.