|
Note: it might well be that other versions are also affected, but there is no good reproducer for it (yet), so I couldn't check.
Occurrence 1, in Travis (no coredump available, only the stack trace)
|
10.3 898a8c3c0ce2c56773865521c59d5ac172495978
|
Error: Freeing overrun buffer 0x7f06f05e9e10 at 0x55e12e627048, 0x55e12e614e12, mysys/safemalloc.c:194, mysys/my_malloc.c:224, mysys/my_alloc.c:421, sql/sp_head.cc:1381, sql/sp_head.cc:2295, sql/sql_parse.cc:2945
|
Allocated at sql/sql_parse.cc:3187, sql/sql_parse.cc:6281, sql/sql_class.h:1030, sql/sql_parse.cc:2679, sql/sp_head.cc:3488, sql/sp_head.cc:1355, sql/sp_head.cc:2295, sql/sql_parse.cc:2945
|
Error: ������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������������� unallocated data or underrun buffer 0x55e12ea2d3cd at sql/sql_parse.cc:3187, mysys/safemalloc.c:194, mysys/my_malloc.c:224, mysys/my_alloc.c:412, sql/sp_head.cc:511, sql/sp_head.cc:850, sql/sql_trigger.cc:339, sql/sql_trigger.cc:1191
|
180604 4:54:50 [ERROR] mysqld got signal 11 ;
|
|
#3 <signal handler called>
|
#4 0x000055e12e6084fa in free_root (root=0x7f0700a6b060, MyFlags=0) at /home/travis/src/mysys/my_alloc.c:414
|
#5 0x000055e12daa00a5 in sp_head::operator delete (ptr=0x7f06f0800ff8, size=2360) at /home/travis/src/sql/sp_head.cc:509
|
#6 0x000055e12daa1a4f in sp_head::~sp_head (this=0x7f06f0800ff8, __in_chrg=<optimized out>) at /home/travis/src/sql/sp_head.cc:850
|
#7 0x000055e12dc62b6f in Trigger::~Trigger (this=0x7f06f004b8a8, __in_chrg=<optimized out>) at /home/travis/src/sql/sql_trigger.cc:341
|
#8 0x000055e12dc64ae1 in Table_triggers_list::~Table_triggers_list (this=0x7f06f00ba168, __in_chrg=<optimized out>) at /home/travis/src/sql/sql_trigger.cc:1191
|
#9 0x000055e12dda41e6 in intern_close_table (table=0x7f06f0064270) at /home/travis/src/sql/table_cache.cc:220
|
#10 0x000055e12dda719a in tdc_remove_table (thd=0x7f06bc000c70, remove_type=TDC_RT_REMOVE_NOT_OWN, db=0x7f06bc404da0 "test", table_name=0x7f06bc404da5 "non_existing_table", kill_delayed_threads=false) at /home/travis/src/sql/table_cache.cc:1151
|
#11 0x000055e12daeb0c0 in wait_while_table_is_used (thd=0x7f06bc000c70, table=0x7f06ed1777a0, function=HA_EXTRA_FORCE_REOPEN) at /home/travis/src/sql/sql_base.cc:1245
|
#12 0x000055e12dc632e2 in mysql_create_or_drop_trigger (thd=0x7f06bc000c70, tables=0x7f06bc0164e8, create=true) at /home/travis/src/sql/sql_trigger.cc:562
|
#13 0x000055e12db85256 in mysql_execute_command (thd=0x7f06bc000c70) at /home/travis/src/sql/sql_parse.cc:6117
|
#14 0x000055e12db8ab6c in mysql_parse (thd=0x7f06bc000c70, rawbuf=0x7f06bc015bd8 "CREATE TRIGGER x BEFORE UPDATE ON `non_existing_table` FOR EACH ROW BEGIN SET @binlog_format_saved = @@binlog_format ; SET BINLOG_FORMAT = 'STATEMENT' ; DELETE FROM `non_existing_table` WHERE `non_exi"..., length=1001, parser_state=0x7f0700a6c600, is_com_multi=false, is_next_command=false) at /home/travis/src/sql/sql_parse.cc:8078
|
#15 0x000055e12db77d85 in dispatch_command (command=COM_QUERY, thd=0x7f06bc000c70, packet=0x7f06bc2ce031 "CREATE TRIGGER x BEFORE UPDATE ON `non_existing_table` FOR EACH ROW BEGIN SET @binlog_format_saved = @@binlog_format ; SET BINLOG_FORMAT = 'STATEMENT' ; DELETE FROM `non_existing_table` WHERE `non_exi"..., packet_length=1002, is_com_multi=false, is_next_command=false) at /home/travis/src/sql/sql_parse.cc:1847
|
#16 0x000055e12db767b6 in do_command (thd=0x7f06bc000c70) at /home/travis/src/sql/sql_parse.cc:1392
|
#17 0x000055e12dcdd2e1 in do_handle_one_connection (connect=0x55e1308753a0) at /home/travis/src/sql/sql_connect.cc:1402
|
#18 0x000055e12dcdd065 in handle_one_connection (arg=0x55e1308753a0) at /home/travis/src/sql/sql_connect.cc:1308
|
#19 0x00007f0712e14184 in start_thread (arg=0x7f0700a6d700) at pthread_create.c:312
|
#20 0x00007f071232103d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
|
All threads are attached as threads1 .
|
10.3 b50685af82508ca1cc83e1743dff527770e6e64b
|
Error: Freeing overrun buffer 0x7f9e291320c0 at 180604 21:34:50 [ERROR] mysqld got signal 11 ;
|
|
#3 <signal handler called>
|
#4 strlen () at ../sysdeps/x86_64/strlen.S:106
|
#5 0x00007f9eb1808e1f in MDL_key::mdl_key_init (this=0x7f9ea0263cd0, mdl_namespace_arg=MDL_key::TRIGGER, db=0xa5a5a5a5a5a5a5a5 <error: Cannot access memory at address 0xa5a5a5a5a5a5a5a5>, name_arg=0xa5a5a5a5a5a5a5a5 <error: Cannot access memory at address 0xa5a5a5a5a5a5a5a5>) at /data/src/10.3/sql/mdl.h:342
|
#6 0x00007f9eb1808ff8 in MDL_key::MDL_key (this=0x7f9ea0263cd0, namespace_arg=MDL_key::TRIGGER, db_arg=0xa5a5a5a5a5a5a5a5 <error: Cannot access memory at address 0xa5a5a5a5a5a5a5a5>, name_arg=0xa5a5a5a5a5a5a5a5 <error: Cannot access memory at address 0xa5a5a5a5a5a5a5a5>) at /data/src/10.3/sql/mdl.h:385
|
#7 0x00007f9eb18083e7 in Table_triggers_list::add_tables_and_routines_for_triggers (this=0x7f9e29036588, thd=0x7f9e1c000b00, prelocking_ctx=0x7f9e1c0048b8, table_list=0x7f9e1c018328) at /data/src/10.3/sql/sql_trigger.cc:2260
|
#8 0x00007f9eb1691a54 in DML_prelocking_strategy::handle_table (this=0x7f9ea0264210, thd=0x7f9e1c000b00, prelocking_ctx=0x7f9e1c0048b8, table_list=0x7f9e1c018328, need_prelocking=0x7f9ea0263ff0) at /data/src/10.3/sql/sql_base.cc:4405
|
#9 0x00007f9eb168fead in open_and_process_table (thd=0x7f9e1c000b00, lex=0x7f9e1c0048b0, tables=0x7f9e1c018328, counter=0x7f9ea0264194, flags=0, prelocking_strategy=0x7f9ea0264210, has_prelocking_list=false, ot_ctx=0x7f9ea0264100) at /data/src/10.3/sql/sql_base.cc:3620
|
#10 0x00007f9eb1690e6d in open_tables (thd=0x7f9e1c000b00, options=..., start=0x7f9ea0264178, counter=0x7f9ea0264194, flags=0, prelocking_strategy=0x7f9ea0264210) at /data/src/10.3/sql/sql_base.cc:4062
|
#11 0x00007f9eb1692be7 in open_and_lock_tables (thd=0x7f9e1c000b00, options=..., tables=0x7f9e1c013a88, derived=true, flags=0, prelocking_strategy=0x7f9ea0264210) at /data/src/10.3/sql/sql_base.cc:4937
|
#12 0x00007f9eb16532fd in open_and_lock_tables (thd=0x7f9e1c000b00, tables=0x7f9e1c013a88, derived=true, flags=0) at /data/src/10.3/sql/sql_base.h:497
|
#13 0x00007f9eb16de311 in mysql_insert (thd=0x7f9e1c000b00, table_list=0x7f9e1c013a88, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at /data/src/10.3/sql/sql_insert.cc:760
|
#14 0x00007f9eb17201ba in mysql_execute_command (thd=0x7f9e1c000b00) at /data/src/10.3/sql/sql_parse.cc:4723
|
#15 0x00007f9eb172ae77 in mysql_parse (thd=0x7f9e1c000b00, rawbuf=0x7f9e1c0138a8 "INSERT INTO `non_existing_table` ( `non_existing_column` ) VALUES ( LAST_INSERT_ID() ) /* QNO 6347 CON_ID 15 */", length=111, parser_state=0x7f9ea0265640, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:8078
|
#16 0x00007f9eb171804e in dispatch_command (command=COM_QUERY, thd=0x7f9e1c000b00, packet=0x7f9e1c00b0e1 "INSERT INTO `non_existing_table` ( `non_existing_column` ) VALUES ( LAST_INSERT_ID() ) /* QNO 6347 CON_ID 15 */ ", packet_length=112, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1847
|
#17 0x00007f9eb1716a72 in do_command (thd=0x7f9e1c000b00) at /data/src/10.3/sql/sql_parse.cc:1392
|
#18 0x00007f9eb187c735 in do_handle_one_connection (connect=0x7f9eb4d50dc0) at /data/src/10.3/sql/sql_connect.cc:1402
|
#19 0x00007f9eb187c4b9 in handle_one_connection (arg=0x7f9eb4d50dc0) at /data/src/10.3/sql/sql_connect.cc:1308
|
#20 0x00007f9eb0c2d064 in start_thread (arg=0x7f9ea0266700) at pthread_create.c:309
|
#21 0x00007f9eaf08062d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
|
All threads attached as threads2
Both failures happened while executing this
|
travis-workarounds 5d277d41ffc2630887a1349f0f90d5c66a88dda0
|
perl ./runall-new.pl --duration=350 --threads=6 --seed=1528088001 --reporters=Backtrace,ErrorLog,Deadlock --validators=TransformerNoComparator --views --redefine=conf/mariadb/versioning.yy --redefine=conf/mariadb/alter_table.yy --redefine=conf/mariadb/bulk_insert.yy --redefine=conf/mariadb/sequences.yy --basedir=/data/bld/10.3 --mysqld=--log_output=FILE --mysqld=--max-statement-time=30 --mysqld=--lock-wait-timeout=10 --mysqld=--loose-innodb-lock-wait-timeout=5 --mysqld=--loose-debug_assert_on_not_freed_memory=0 --mysqld=--default-storage-engine=RocksDB --mysqld=--plugin-load-add=ha_rocksdb --mysqld=--binlog-format=row --grammar=conf/replication/replication.yy --gendata=conf/replication/replication-5.1.zz --skip-gendata --gendata-advanced --vcols --transformers=ExecuteAsCTE,ExecuteAsDeleteReturning,ExecuteAsExcept,ExecuteAsExecuteImmediate,ExecuteAsInsertSelect,ExecuteAsIntersect,ExecuteAsUnion,ExecuteAsUpdateDelete,ExecuteAsView,ExecuteAsPreparedTwice,ExecuteAsSPTwice --vardir=/dev/shm/vardir
|
But it's not easily reproducible.
|
threads1