Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL)
-
None
Description
INSTALL SONAME 'ha_rocksdb'; |
|
|
CREATE TABLE t (id INT, f VARCHAR(128), PRIMARY KEY(id), UNIQUE(f(64))) ENGINE=RocksDB CHARACTER SET cp1250 COLLATE cp1250_czech_cs; |
INSERT INTO t VALUES (1,REPEAT('a',128)); |
Create succeeds, although with a warning:
|
10.3 9de37e07 |
Warning 1815 Internal error: Indexed column test.t.f uses a collation that does not allow index-only access in secondary key and has reduced disk space efficiency in primary key.
|
Insert fails with ASAN errors:
|
10.3 9de37e07 |
==4002483==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60f000008608 at pc 0x7f7a008808a1 bp 0x7f79f526a290 sp 0x7f79f5269a40
|
WRITE of size 8 at 0x60f000008608 thread T5
|
#0 0x7f7a008808a0 in __interceptor_memcpy ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:806
|
#1 0x7f79f3e4b0d0 in myrocks::Rdb_key_def::pack_variable_format(unsigned char const*, unsigned long, unsigned char**) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/rdb_datadic.cc:2216
|
#2 0x7f79f3e4b617 in myrocks::Rdb_key_def::pack_with_varchar_encoding(myrocks::Rdb_field_packing*, Field*, unsigned char*, unsigned char**, myrocks::Rdb_pack_field_context*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/rdb_datadic.cc:2263
|
#3 0x7f79f3e45843 in myrocks::Rdb_key_def::pack_field(Field*, myrocks::Rdb_field_packing*, unsigned char*, unsigned char*, unsigned char*, myrocks::Rdb_string_writer*, unsigned int*) const /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/rdb_datadic.cc:1231
|
#4 0x7f79f3e4654a in myrocks::Rdb_key_def::pack_record(TABLE const*, unsigned char*, unsigned char const*, unsigned char*, myrocks::Rdb_string_writer*, bool, long long, unsigned int, unsigned int*, char const*) const /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/rdb_datadic.cc:1379
|
#5 0x7f79f3d12ab4 in myrocks::ha_rocksdb::check_and_lock_sk(unsigned int, myrocks::ha_rocksdb::update_row_info const&, bool*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/ha_rocksdb.cc:9814
|
#6 0x7f79f3d137a7 in myrocks::ha_rocksdb::check_uniqueness_and_lock(myrocks::ha_rocksdb::update_row_info const&, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/ha_rocksdb.cc:9938
|
#7 0x7f79f3d16e35 in myrocks::ha_rocksdb::update_write_row(unsigned char const*, unsigned char const*, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/ha_rocksdb.cc:10379
|
#8 0x7f79f3d11878 in myrocks::ha_rocksdb::write_row(unsigned char*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/ha_rocksdb.cc:9602
|
#9 0x555eee364c3b in handler::ha_write_row(unsigned char*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/handler.cc:6495
|
#10 0x555eedbc51c0 in write_record(THD*, TABLE*, st_copy_info*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_insert.cc:2054
|
#11 0x555eedbbe597 in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_insert.cc:1077
|
#12 0x555eedc5a5ec in mysql_execute_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:4505
|
#13 0x555eedc71017 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:7855
|
#14 0x555eedc4a291 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1852
|
#15 0x555eedc474d6 in do_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1398
|
#16 0x555eedfbcf98 in do_handle_one_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1403
|
#17 0x555eedfbc894 in handle_one_connection /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1308
|
#18 0x555eef473e6c in pfs_spawn_thread /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/perfschema/pfs.cc:1869
|
#19 0x7f79fffeaea6 in start_thread nptl/pthread_create.c:477
|
#20 0x7f79fff0aaee in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xfcaee)
|
|
|
0x60f000008608 is located 0 bytes to the right of 168-byte region [0x60f000008560,0x60f000008608)
|
allocated by thread T5 here:
|
#0 0x7f7a008f0e8f in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
|
#1 0x555eef563357 in my_malloc /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/mysys/my_malloc.c:101
|
#2 0x7f79f3cfa48f in myrocks::ha_rocksdb::alloc_key_buffers(TABLE const*, myrocks::Rdb_tbl_def const*, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/ha_rocksdb.cc:6594
|
#3 0x7f79f3cfbb7b in myrocks::ha_rocksdb::open(char const*, int, unsigned int) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/rocksdb/ha_rocksdb.cc:6761
|
#4 0x555eee34972a in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/handler.cc:2778
|
#5 0x555eedf0a8b4 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/table.cc:3690
|
#6 0x555eedb0633d in open_table(THD*, TABLE_LIST*, Open_table_context*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_base.cc:2005
|
#7 0x555eedb0e7de in open_and_process_table /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_base.cc:3733
|
#8 0x555eedb10a15 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_base.cc:4208
|
#9 0x555eedb14ef8 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_base.cc:5148
|
#10 0x555eeda87e82 in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_base.h:503
|
#11 0x555eedbbc49c in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_insert.cc:760
|
#12 0x555eedc5a5ec in mysql_execute_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:4505
|
#13 0x555eedc71017 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:7855
|
#14 0x555eedc4a291 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1852
|
#15 0x555eedc474d6 in do_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1398
|
#16 0x555eedfbcf98 in do_handle_one_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1403
|
#17 0x555eedfbc894 in handle_one_connection /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1308
|
#18 0x555eef473e6c in pfs_spawn_thread /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/perfschema/pfs.cc:1869
|
#19 0x7f79fffeaea6 in start_thread nptl/pthread_create.c:477
|
|
|
Thread T5 created by T0 here:
|
#0 0x7f7a0089c2a2 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:214
|
#1 0x555eef474259 in spawn_thread_v1 /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/perfschema/pfs.cc:1919
|
#2 0x555eed9bed76 in inline_mysql_thread_create /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/include/mysql/psi/mysql_thread.h:1275
|
#3 0x555eed9d4d43 in create_thread_to_handle_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:6678
|
#4 0x555eed9d52df in create_new_thread /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:6748
|
#5 0x555eed9d634c in handle_connections_sockets() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:7006
|
#6 0x555eed9d44bd in mysqld_main(int, char**) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:6300
|
#7 0x555eed9bd604 in main /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/main.cc:25
|
#8 0x7f79ffe31d09 in __libc_start_main ../csu/libc-start.c:308
|
|
|
SUMMARY: AddressSanitizer: heap-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:806 in __interceptor_memcpy
|
Shadow bytes around the buggy address:
|
0x0c1e7fff9070: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c1e7fff9080: fd fd fd fd fd fa fa fa fa fa fa fa fa fa fd fd
|
0x0c1e7fff9090: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c1e7fff90a0: fd fd fd fa fa fa fa fa fa fa fa fa 00 00 00 00
|
0x0c1e7fff90b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
=>0x0c1e7fff90c0: 00[fa]fa fa fa fa fa fa fa fa 00 00 00 00 00 00
|
0x0c1e7fff90d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
|
0x0c1e7fff90e0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c1e7fff90f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 fa fa fa
|
0x0c1e7fff9100: fa fa fa fa fa fa 00 00 00 00 00 00 00 00 00 00
|
0x0c1e7fff9110: 00 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
==4002483==ABORTING
|
On a release build, a crash occurs upon shutdown:
|
10.6 eae037c2 |
munmap_chunk(): invalid pointer
|
221023 22:09:49 [ERROR] mysqld got signal 6 ;
|
|
|
#3 <signal handler called>
|
#4 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#5 0x00007fe6a92b7537 in __GI_abort () at abort.c:79
|
#6 0x00007fe6a9310768 in __libc_message (action=action@entry=do_abort, fmt=fmt@entry=0x7fe6a942e3a5 "%s\n") at ../sysdeps/posix/libc_fatal.c:155
|
#7 0x00007fe6a9317a5a in malloc_printerr (str=str@entry=0x7fe6a9430300 "munmap_chunk(): invalid pointer") at malloc.c:5347
|
#8 0x00007fe6a9317d2c in munmap_chunk (p=<optimized out>) at malloc.c:2830
|
#9 0x00007fe69f5f6814 in rocksdb::ReadableWriteBatch::~ReadableWriteBatch (this=0x7fe6881b7410, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/rocksdb/utilities/write_batch_with_index/write_batch_with_index_internal.h:86
|
#10 rocksdb::WriteBatchWithIndex::Rep::~Rep (this=0x7fe6881b7410, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/rocksdb/utilities/write_batch_with_index/write_batch_with_index.cc:434
|
#11 std::default_delete<rocksdb::WriteBatchWithIndex::Rep>::operator() (__ptr=0x7fe6881b7410, this=<optimized out>) at /usr/include/c++/10/bits/unique_ptr.h:85
|
#12 std::unique_ptr<rocksdb::WriteBatchWithIndex::Rep, std::default_delete<rocksdb::WriteBatchWithIndex::Rep> >::~unique_ptr (this=<optimized out>, __in_chrg=<optimized out>) at /usr/include/c++/10/bits/unique_ptr.h:361
|
#13 rocksdb::WriteBatchWithIndex::~WriteBatchWithIndex (this=<optimized out>, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/rocksdb/utilities/write_batch_with_index/write_batch_with_index.cc:639
|
#14 0x00007fe69f68ac04 in rocksdb::TransactionBaseImpl::~TransactionBaseImpl (this=0x7fe688033ff0, __in_chrg=<optimized out>) at /usr/include/c++/10/ext/new_allocator.h:89
|
#15 0x00007fe69f687420 in rocksdb::WriteCommittedTxn::~WriteCommittedTxn (this=0x7fe688033ff0, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/rocksdb/utilities/transactions/pessimistic_transaction.h:209
|
#16 rocksdb::WriteCommittedTxn::~WriteCommittedTxn (this=0x7fe688033ff0, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/rocksdb/utilities/transactions/pessimistic_transaction.h:209
|
#17 0x00007fe69f317226 in myrocks::Rdb_transaction_impl::~Rdb_transaction_impl (this=0x7fe6881fa7d0, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/ha_rocksdb.cc:3533
|
#18 myrocks::Rdb_transaction_impl::~Rdb_transaction_impl (this=0x7fe6881fa7d0, __in_chrg=<optimized out>) at /data/src/10.6/storage/rocksdb/ha_rocksdb.cc:3535
|
#19 0x00007fe69f30319a in myrocks::rocksdb_close_connection (hton=<optimized out>, thd=<optimized out>) at /data/src/10.6/storage/rocksdb/ha_rocksdb.cc:3833
|
#20 0x000055c92878016d in ha_close_connection (thd=thd@entry=0x7fe688000c58) at /data/src/10.6/sql/handler.cc:917
|
#21 0x000055c9284f9017 in THD::free_connection (this=0x7fe688000c58) at /data/src/10.6/sql/sql_class.cc:1620
|
#22 0x000055c9284741e1 in unlink_thd (thd=<optimized out>) at /data/src/10.6/sql/mysqld.cc:2741
|
#23 0x000055c9286613b1 in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /data/src/10.6/sql/sql_connect.cc:1427
|
#24 0x000055c92866195d in handle_one_connection (arg=arg@entry=0x55c92c4226a8) at /data/src/10.6/sql/sql_connect.cc:1318
|
#25 0x000055c9289e3a32 in pfs_spawn_thread (arg=0x55c92c3d7e78) at /data/src/10.6/storage/perfschema/pfs.cc:2201
|
#26 0x00007fe6a978aea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#27 0x00007fe6a9391aef in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Attachments
Issue Links
- relates to
-
MDEV-30610 Update RocksDB to the latest upstream version
-
- Open
-
-
-
- Confirmed
-