[MDEV-19049] Server crashes in check_duplicate_long_entry_key, ASAN stack-buffer-overflow in Field_blob::get_key_image Created: 2019-03-26  Updated: 2019-06-26  Resolved: 2019-06-26

Status: Closed
Project: MariaDB Server
Component/s: Data Definition - Alter Table, Data types
Affects Version/s: 10.4
Fix Version/s: 10.4.7

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Sachin Setiya (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Problem/Incident
is caused by MDEV-371 Unique indexes for blobs Closed

 Description    

CREATE TABLE t1 (pk INT, a CHAR(64), b BLOB NOT NULL, PRIMARY KEY(pk));
 
INSERT INTO t1 VALUES (1,'foo','bar');
 
 
 
ALTER TABLE t1 ADD KEY (b(64));
 
ALTER TABLE t1 ADD UNIQUE (b(165));
 
ALTER TABLE t1 ADD KEY (b(1000));
 
ALTER TABLE t1 ADD KEY (b(500));
 
ALTER TABLE t1 ADD UNIQUE (a,b);
 
ALTER TABLE t1 ADD UNIQUE (b(95));
 
ALTER TABLE t1 ADD KEY (b(30));
 
ALTER TABLE t1 ADD UNIQUE (b(20));
 
ALTER TABLE t1 ADD UNIQUE (b);
 
ALTER TABLE t1 FORCE;
 
 
 
# Cleanup
 
DROP TABLE t1;

10.4 ASAN c0ba036b

 
==21094==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ff80c734e8d at pc 0x558b56c63361 bp 0x7ff80c734c20 sp 0x7ff80c734c18
 
WRITE of size 61 at 0x7ff80c734e8d thread T5
 
    #0 0x558b56c63360 in Field_blob::get_key_image(unsigned char*, unsigned int, Field::imagetype) /data/src/10.4/sql/field.cc:8483
 
    #1 0x558b56f3fb5d in key_copy(unsigned char*, unsigned char const*, st_key*, unsigned int, bool) /data/src/10.4/sql/key.cc:150
 
    #2 0x558b56cdd80b in check_duplicate_long_entry_key /data/src/10.4/sql/handler.cc:6541
 
    #3 0x558b56cdefbd in check_duplicate_long_entries /data/src/10.4/sql/handler.cc:6621
 
    #4 0x558b56cdf838 in handler::ha_write_row(unsigned char*) /data/src/10.4/sql/handler.cc:6701
 
    #5 0x558b5675c261 in copy_data_between_tables /data/src/10.4/sql/sql_table.cc:10659
 
    #6 0x558b567584dd in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /data/src/10.4/sql/sql_table.cc:10085
 
    #7 0x558b568b3e96 in Sql_cmd_alter_table::execute(THD*) /data/src/10.4/sql/sql_alter.cc:496
 
    #8 0x558b5652ae23 in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:6343
 
    #9 0x558b5653582e in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:8154
 
    #10 0x558b5650d95a in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1832
 
    #11 0x558b5650a7ab in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1365
 
    #12 0x558b5689e697 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1398
 
    #13 0x558b5689e090 in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1301
 
    #14 0x558b57466410 in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
 
    #15 0x7ff817d01493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
 
    #16 0x7ff815ecf93e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe893e)
 
 
 
Address 0x7ff80c734e8d is located in stack of thread T5 at offset 45 in frame
 
    #0 0x558b56cdd46c in check_duplicate_long_entry_key /data/src/10.4/sql/handler.cc:6527
 
 
 
  This frame has 1 object(s):
 
    [32, 41) 'ptr' <== Memory access at offset 45 overflows this variable
 
HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext
 
      (longjmp and C++ exceptions *are* supported)
 
Thread T5 created by T0 here:
 
    #0 0x7ff817f3abba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
 
    #1 0x558b574669d8 in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1912
 
    #2 0x558b56256446 in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1268
 
    #7 0x558b5626abd8 in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5876
 
    #8 0x558b562542cf in main /data/src/10.4/sql/main.cc:25
 
    #9 0x7ff815e072b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
 
 
 
SUMMARY: AddressSanitizer: stack-buffer-overflow /data/src/10.4/sql/field.cc:8483 Field_blob::get_key_image(unsigned char*, unsigned int, Field::imagetype)
 
Shadow bytes around the buggy address:
 
  0x0fff818de980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 
  0x0fff818de990: f1 f1 f1 f1 00 f4 f4 f4 f2 f2 f2 f2 00 00 00 00
 
  0x0fff818de9a0: f2 f2 f2 f2 00 00 00 f4 00 00 00 00 00 00 00 00
 
  0x0fff818de9b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 
  0x0fff818de9c0: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
 
=>0x0fff818de9d0: 00[01]f4 f4 00 00 00 00 00 00 00 00 00 00 00 00
 
  0x0fff818de9e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 
  0x0fff818de9f0: f1 f1 f1 f1 00 00 00 00 f2 f2 f2 f2 00 00 00 00
 
  0x0fff818dea00: 00 00 00 00 f3 f3 f3 f3 00 00 00 00 00 00 00 00
 
  0x0fff818dea10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 
  0x0fff818dea20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 
Shadow byte legend (one shadow byte represents 8 application bytes):
 
  Addressable:           00
 
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
 
  Heap right redzone:      fb
 
  Freed heap region:       fd
 
  Stack left redzone:      f1
 
  Stack mid redzone:       f2
 
  Stack right redzone:     f3
 
  Stack partial redzone:   f4
 
  Stack after return:      f5
 
  Stack use after scope:   f8
 
  Global redzone:          f9
 
  Global init order:       f6
 
  Poisoned by user:        f7
 
  Contiguous container OOB:fc
 
  ASan internal:           fe
 
==21094==ABORTING

10.4 debug c0ba036b

 
*** stack smashing detected ***: /data/bld/10.4-debug-nightly/bin/mysqld terminated
 
======= Backtrace: =========
 
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7f63f16eabcb]
 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7f63f1773037]
 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x0)[0x7f63f1773000]
 
/data/bld/10.4-debug-nightly/bin/mysqld(+0xade720)[0x562b81bcc720]
 
======= Memory map: ========
 
562b810ee000-562b82bc8000 r-xp 00000000 08:11 36998714                   /data/bld/10.4-debug-nightly/bin/mysqld
 
562b82dc8000-562b82ef3000 r--p 01ada000 08:11 36998714                   /data/bld/10.4-debug-nightly/bin/mysqld
 
562b82ef3000-562b830f7000 rw-p 01c05000 08:11 36998714                   /data/bld/10.4-debug-nightly/bin/mysqld
 
562b830f7000-562b8399f000 rw-p 00000000 00:00 0 
562b84758000-562b84aff000 rw-p 00000000 00:00 0                          [heap]
 
7f63d0000000-7f63d01c8000 rw-p 00000000 00:00 0 
7f63d01c8000-7f63d4000000 ---p 00000000 00:00 0 
7f63d8000000-7f63d8021000 rw-p 00000000 00:00 0 
7f63d8021000-7f63dc000000 ---p 00000000 00:00 0 
7f63dc000000-7f63dc029000 rw-p 00000000 00:00 0 
7f63dc029000-7f63e0000000 ---p 00000000 00:00 0 
7f63e0000000-7f63e0021000 rw-p 00000000 00:00 0 
7f63e0021000-7f63e4000000 ---p 00000000 00:00 0 
7f63e77b5000-7f63e77b6000 ---p 00000000 00:00 0 
7f63e77b6000-7f63e77ff000 rw-p 00000000 00:00 0                          [stack:21185]
 
7f63e77ff000-7f63e7800000 ---p 00000000 00:00 0 
7f63e7800000-7f63e8000000 rw-p 00000000 00:00 0                          [stack:21180]
 
7f63e8000000-7f63e8021000 rw-p 00000000 00:00 0 
7f63e8021000-7f63ec000000 ---p 00000000 00:00 0 
7f63ec022000-7f63ec023000 ---p 00000000 00:00 0 
7f63ec023000-7f63ec06c000 rw-p 00000000 00:00 0                          [stack:21184]
 
7f63ec06c000-7f63ec06d000 ---p 00000000 00:00 0 
7f63ec06d000-7f63ecc1f000 rw-p 00000000 00:00 0                          [stack:21181]
 
7f63ecc1f000-7f63ecc20000 ---p 00000000 00:00 0 
7f63ecc20000-7f63f167a000 rw-p 00000000 00:00 0                          [stack:21179]
 
7f63f167a000-7f63f180f000 r-xp 00000000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7f63f180f000-7f63f1a0e000 ---p 00195000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7f63f1a0e000-7f63f1a12000 r--p 00194000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7f63f1a12000-7f63f1a14000 rw-p 00198000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7f63f1a14000-7f63f1a18000 rw-p 00000000 00:00 0 
7f63f1a18000-7f63f1a2e000 r-xp 00000000 08:05 3145732                    /lib/x86_64-linux-gnu/libgcc_s.so.1
 
7f63f1a2e000-7f63f1c2d000 ---p 00016000 08:05 3145732                    /lib/x86_64-linux-gnu/libgcc_s.so.1
 
7f63f1c2d000-7f63f1c2e000 rw-p 00015000 08:05 3145732                    /lib/x86_64-linux-gnu/libgcc_s.so.1
 
7f63f1c2e000-7f63f1d31000 r-xp 00000000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7f63f1d31000-7f63f1f30000 ---p 00103000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7f63f1f30000-7f63f1f31000 r--p 00102000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7f63f1f31000-7f63f1f32000 rw-p 00103000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7f63f1f32000-7f63f20a4000 r-xp 00000000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7f63f20a4000-7f63f22a4000 ---p 00172000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7f63f22a4000-7f63f22ae000 r--p 00172000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7f63f22ae000-7f63f22b0000 rw-p 0017c000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7f63f22b0000-7f63f22b4000 rw-p 00000000 00:00 0 
7f63f22b4000-7f63f22b7000 r-xp 00000000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7f63f22b7000-7f63f24b6000 ---p 00003000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7f63f24b6000-7f63f24b7000 r--p 00002000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7f63f24b7000-7f63f24b8000 rw-p 00003000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7f63f24b8000-7f63f2685000 r-xp 00000000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7f63f2685000-7f63f2884000 ---p 001cd000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7f63f2884000-7f63f28a1000 r--p 001cc000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7f63f28a1000-7f63f28b1000 rw-p 001e9000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7f63f28b1000-7f63f28b4000 rw-p 00000000 00:00 0 
7f63f28b4000-7f63f290b000 r-xp 00000000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7f63f290b000-7f63f2b0b000 ---p 00057000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7f63f2b0b000-7f63f2b0e000 r--p 00057000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7f63f2b0e000-7f63f2b14000 rw-p 0005a000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7f63f2b14000-7f63f2b15000 rw-p 00000000 00:00 0 
7f63f2b15000-7f63f2b1d000 r-xp 00000000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7f63f2b1d000-7f63f2d1d000 ---p 00008000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7f63f2d1d000-7f63f2d1e000 r--p 00008000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7f63f2d1e000-7f63f2d1f000 rw-p 00009000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7f63f2d1f000-7f63f2d4d000 rw-p 00000000 00:00 0 
7f63f2d4d000-7f63f2d67000 r-xp 00000000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7f63f2d67000-7f63f2f66000 ---p 0001a000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7f63f2f66000-7f63f2f67000 r--p 00019000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7f63f2f67000-7f63f2f68000 rw-p 0001a000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7f63f2f68000-7f63f2f72000 r-xp 00000000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7f63f2f72000-7f63f3171000 ---p 0000a000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7f63f3171000-7f63f3172000 r--p 00009000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7f63f3172000-7f63f3173000 rw-p 0000a000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7f63f3173000-7f63f3174000 r-xp 00000000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7f63f3174000-7f63f3373000 ---p 00001000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7f63f3373000-7f63f3374000 r--p 00000000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7f63f3374000-7f63f3375000 rw-p 00001000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7f63f3375000-7f63f338c000 r-xp 00000000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7f63f338c000-7f63f358b000 ---p 00017000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7f63f358b000-7f63f358c000 r--p 00016000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7f63f358c000-7f63f358d000 rw-p 00017000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7f63f358d000-7f63f35a5000 r-xp 00000000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7f63f35a5000-7f63f37a4000 ---p 00018000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7f63f37a4000-7f63f37a5000 r--p 00017000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7f63f37a5000-7f63f37a6000 rw-p 00018000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7f63f37a6000-7f63f37aa000 rw-p 00000000 00:00 0 
7f63f37aa000-7f63f37cd000 r-xp 00000000 08:05 3145795                    /lib/x86_64-linux-gnu/ld-2.24.so
 
7f63f37e1000-7f63f39b2000 rw-p 00000000 00:00 0 
7f63f39c9000-7f63f39cd000 rw-p 00000000 00:00 0 
7f63f39cd000-7f63f39ce000 r--p 00023000 08:05 3145795                    /lib/x86_64-linux-gnu/ld-2.24.so
 
7f63f39ce000-7f63f39cf000 rw-p 00024000 08:05 3145795                    /lib/x86_64-linux-gnu/ld-2.24.so
 
7f63f39cf000-7f63f39d0000 rw-p 00000000 00:00 0 
7ffc1c7b5000-7ffc1c7d8000 rw-p 00000000 00:00 0                          [stack]
 
7ffc1c7ed000-7ffc1c7ef000 r-xp 00000000 00:00 0                          [vdso]
 
7ffc1c7ef000-7ffc1c7f1000 r--p 00000000 00:00 0                          [vvar]
 
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]
 
 
 
190326  3:12:55 [ERROR] mysqld got signal 6 ;
 
 
 
#3  <signal handler called>
 
#4  0x00007f63f16acfcf in raise () from /lib/x86_64-linux-gnu/libc.so.6
 
#5  0x00007f63f16ae3fa in abort () from /lib/x86_64-linux-gnu/libc.so.6
 
#6  0x00007f63f16eabd0 in __libc_message () from /lib/x86_64-linux-gnu/libc.so.6
 
#7  0x00007f63f1773037 in __fortify_fail () from /lib/x86_64-linux-gnu/libc.so.6
 
#8  0x00007f63f1773000 in __stack_chk_fail () from /lib/x86_64-linux-gnu/libc.so.6
 
#9  0x0000562b81bcc720 in check_duplicate_long_entry_key (table=0x7f63d01a2fc0, h=0x7f63d01a4288, new_rec=0x7f63d01a3e30 "\374\001", key_no=5) at /data/src/10.4/sql/handler.cc:6608
 
#10 0x0000000000000000 in ?? ()
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x7f63d00155d8): ALTER TABLE t1 FORCE
 
Connection ID (thread ID): 4
 
Status: NOT_KILLED

10.4 c0ba036b non-debug

 
#6  0x00007fb9dacb5037 in __fortify_fail () from /lib/x86_64-linux-gnu/libc.so.6
 
#7  0x00007fb9dacb5000 in __stack_chk_fail () from /lib/x86_64-linux-gnu/libc.so.6
 
#8  0x000056318120c196 in check_duplicate_long_entry_key (table=0x7fb9c4057f98, table@entry=0x0, h=0x7fb9c4059180, h@entry=0x7fb9c4050000, new_rec=0x7fb9c4058d98 "\374\001", new_rec@entry=0x0, key_no=key_no@entry=0) at /data/src/10.4/sql/handler.cc:6608
 
#9  0x0000563181210a03 in check_duplicate_long_entries (new_rec=0x0, h=0x7fb9c4050000, table=0x0) at /data/src/10.4/sql/handler.cc:6621
 
#10 handler::ha_write_row (this=0x0, buf=0x0) at /data/src/10.4/sql/handler.cc:6701
 
#11 0x0000563180f0f7aa in copy_data_between_tables (thd=thd@entry=0x7fb9c40009a8, from=from@entry=0x7fb9c4082b78, to=to@entry=0x7fb9c4057f98, create=..., ignore=ignore@entry=false, order_num=order_num@entry=0, order=0x0, copied=0x7fb9d4d5abc0, deleted=0x7fb9d4d5abc8, keys_onoff=Alter_info::LEAVE_AS_IS, alter_ctx=0x7fb9d4d5b4a0) at /data/src/10.4/sql/sql_table.cc:10659
 
#12 0x000056318109c809 in mysql_alter_table (thd=<optimized out>, new_db=<optimized out>, new_name=<optimized out>, create_info=<optimized out>, table_list=0x7fb9c4012028, alter_info=<optimized out>, order_num=0, order=0x0, ignore=false) at /data/src/10.4/sql/sql_table.cc:10085
 
#13 0x00005631810ece3a in Sql_cmd_alter_table::execute (this=0x2, thd=0x7fb9c40009a8) at /data/src/10.4/sql/sql_alter.cc:496
 
#14 0x00005631810018f8 in mysql_execute_command (thd=thd@entry=0x7fb9c40009a8) at /data/src/10.4/sql/sql_parse.cc:6343
 
#15 0x00005631810094cb in mysql_parse (thd=thd@entry=0x7fb9c40009a8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7fb9d4d5f170, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.4/sql/sql_parse.cc:8154
 
#16 0x000056318100c549 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7fb9c40009a8, packet=packet@entry=0x7fb9c4009be9 "ALTER TABLE t1 FORCE", packet_length=packet_length@entry=20, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.4/sql/sql_parse.cc:1832
 
#17 0x000056318100dc69 in do_command (thd=0x7fb9c40009a8) at /data/src/10.4/sql/sql_parse.cc:1365
 
#18 0x00005631810e8a4c in do_handle_one_connection (connect=connect@entry=0x5631834a9858) at /data/src/10.4/sql/sql_connect.cc:1398
 
#19 0x00005631810e8bb4 in handle_one_connection (arg=arg@entry=0x5631834a9858) at /data/src/10.4/sql/sql_connect.cc:1301
 
#20 0x00005631814050d4 in pfs_spawn_thread (arg=0x56318349d798) at /data/src/10.4/storage/perfschema/pfs.cc:1862
 
#21 0x00007fb9dcad6494 in start_thread (arg=0x7fb9d4d60700) at pthread_create.c:333
 
#22 0x00007fb9daca493f in clone () from /lib/x86_64-linux-gnu/libc.so.6
 
 
 
*** stack smashing detected ***: /data/bld/10.4-rel-nightly/bin/mysqld terminated
 
======= Backtrace: =========
 
/lib/x86_64-linux-gnu/libc.so.6(+0x70bcb)[0x7fb9dac2cbcb]
 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x37)[0x7fb9dacb5037]
 
/lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x0)[0x7fb9dacb5000]
 
/data/bld/10.4-rel-nightly/bin/mysqld(+0x817196)[0x56318120c196]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_ZN7handler12ha_write_rowEPh+0xc3)[0x563181210a03]
 
/data/bld/10.4-rel-nightly/bin/mysqld(+0x51a7aa)[0x563180f0f7aa]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_Z17mysql_alter_tableP3THDPK25st_mysql_const_lex_stringS3_P14HA_CREATE_INFOP10TABLE_LISTP10Alter_infojP8st_orderb+0x4089)[0x56318109c809]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_ZN19Sql_cmd_alter_table7executeEP3THD+0x3ca)[0x5631810ece3a]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_Z21mysql_execute_commandP3THD+0x2348)[0x5631810018f8]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x2cb)[0x5631810094cb]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x1f29)[0x56318100c549]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_Z10do_commandP3THD+0x119)[0x56318100dc69]
 
/data/bld/10.4-rel-nightly/bin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x23c)[0x5631810e8a4c]
 
/data/bld/10.4-rel-nightly/bin/mysqld(handle_one_connection+0x34)[0x5631810e8bb4]
 
/data/bld/10.4-rel-nightly/bin/mysqld(+0xa100d4)[0x5631814050d4]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0x7494)[0x7fb9dcad6494]
 
/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7fb9daca493f]
 
======= Memory map: ========
 
5631809f5000-563181d20000 r-xp 00000000 08:11 37504739                   /data/bld/10.4-rel-nightly/bin/mysqld
 
563181f1f000-56318203d000 r--p 0132a000 08:11 37504739                   /data/bld/10.4-rel-nightly/bin/mysqld
 
56318203d000-5631820f9000 rw-p 01448000 08:11 37504739                   /data/bld/10.4-rel-nightly/bin/mysqld
 
5631820f9000-56318299b000 rw-p 00000000 00:00 0 
5631831bd000-5631834cb000 rw-p 00000000 00:00 0                          [heap]
 
7fb9c0000000-7fb9c0021000 rw-p 00000000 00:00 0 
7fb9c0021000-7fb9c4000000 ---p 00000000 00:00 0 
7fb9c4000000-7fb9c4190000 rw-p 00000000 00:00 0 
7fb9c4190000-7fb9c8000000 ---p 00000000 00:00 0 
7fb9c8000000-7fb9c8021000 rw-p 00000000 00:00 0 
7fb9c8021000-7fb9cc000000 ---p 00000000 00:00 0 
7fb9cc000000-7fb9cc021000 rw-p 00000000 00:00 0 
7fb9cc021000-7fb9d0000000 ---p 00000000 00:00 0 
7fb9d0000000-7fb9d0021000 rw-p 00000000 00:00 0 
7fb9d0021000-7fb9d4000000 ---p 00000000 00:00 0 
7fb9d4d17000-7fb9d4d18000 ---p 00000000 00:00 0 
7fb9d4d18000-7fb9d4d61000 rw-p 00000000 00:00 0                          [stack:21302]
 
7fb9d4d61000-7fb9d4d62000 ---p 00000000 00:00 0 
7fb9d4d62000-7fb9d4dab000 rw-p 00000000 00:00 0                          [stack:21299]
 
7fb9d4dab000-7fb9d4dac000 ---p 00000000 00:00 0 
7fb9d4dac000-7fb9d4df5000 rw-p 00000000 00:00 0                          [stack:21298]
 
7fb9d4df5000-7fb9d4df6000 ---p 00000000 00:00 0 
7fb9d4df6000-7fb9d6161000 rw-p 00000000 00:00 0                          [stack:21297]
 
7fb9d6161000-7fb9d6162000 ---p 00000000 00:00 0 
7fb9d6162000-7fb9dabbc000 rw-p 00000000 00:00 0                          [stack:21296]
 
7fb9dabbc000-7fb9dad51000 r-xp 00000000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7fb9dad51000-7fb9daf50000 ---p 00195000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7fb9daf50000-7fb9daf54000 r--p 00194000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7fb9daf54000-7fb9daf56000 rw-p 00198000 08:05 3152648                    /lib/x86_64-linux-gnu/libc-2.24.so
 
7fb9daf56000-7fb9daf5a000 rw-p 00000000 00:00 0 
7fb9daf5a000-7fb9daf70000 r-xp 00000000 08:05 3145732                    /lib/x86_64-linux-gnu/libgcc_s.so.1
 
7fb9daf70000-7fb9db16f000 ---p 00016000 08:05 3145732                    /lib/x86_64-linux-gnu/libgcc_s.so.1
 
7fb9db16f000-7fb9db170000 rw-p 00015000 08:05 3145732                    /lib/x86_64-linux-gnu/libgcc_s.so.1
 
7fb9db170000-7fb9db273000 r-xp 00000000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7fb9db273000-7fb9db472000 ---p 00103000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7fb9db472000-7fb9db473000 r--p 00102000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7fb9db473000-7fb9db474000 rw-p 00103000 08:05 3152660                    /lib/x86_64-linux-gnu/libm-2.24.so
 
7fb9db474000-7fb9db5e6000 r-xp 00000000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7fb9db5e6000-7fb9db7e6000 ---p 00172000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7fb9db7e6000-7fb9db7f0000 r--p 00172000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7fb9db7f0000-7fb9db7f2000 rw-p 0017c000 08:05 1577675                    /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.22
 
7fb9db7f2000-7fb9db7f6000 rw-p 00000000 00:00 0 
7fb9db7f6000-7fb9db7f9000 r-xp 00000000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7fb9db7f9000-7fb9db9f8000 ---p 00003000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7fb9db9f8000-7fb9db9f9000 r--p 00002000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7fb9db9f9000-7fb9db9fa000 rw-p 00003000 08:05 3152657                    /lib/x86_64-linux-gnu/libdl-2.24.so
 
7fb9db9fa000-7fb9dbbc7000 r-xp 00000000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7fb9dbbc7000-7fb9dbdc6000 ---p 001cd000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7fb9dbdc6000-7fb9dbde3000 r--p 001cc000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7fb9dbde3000-7fb9dbdf3000 rw-p 001e9000 08:05 1576357                    /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
 
7fb9dbdf3000-7fb9dbdf6000 rw-p 00000000 00:00 0 
7fb9dbdf6000-7fb9dbe4d000 r-xp 00000000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7fb9dbe4d000-7fb9dc04d000 ---p 00057000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7fb9dc04d000-7fb9dc050000 r--p 00057000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7fb9dc050000-7fb9dc056000 rw-p 0005a000 08:05 1576361                    /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
 
7fb9dc056000-7fb9dc057000 rw-p 00000000 00:00 0 
7fb9dc057000-7fb9dc05f000 r-xp 00000000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7fb9dc05f000-7fb9dc25f000 ---p 00008000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7fb9dc25f000-7fb9dc260000 r--p 00008000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7fb9dc260000-7fb9dc261000 rw-p 00009000 08:05 3152654                    /lib/x86_64-linux-gnu/libcrypt-2.24.so
 
7fb9dc261000-7fb9dc28f000 rw-p 00000000 00:00 0 
7fb9dc28f000-7fb9dc2a9000 r-xp 00000000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7fb9dc2a9000-7fb9dc4a8000 ---p 0001a000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7fb9dc4a8000-7fb9dc4a9000 r--p 00019000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7fb9dc4a9000-7fb9dc4aa000 rw-p 0001a000 08:05 3145828                    /lib/x86_64-linux-gnu/libz.so.1.2.8
 
7fb9dc4aa000-7fb9dc4b4000 r-xp 00000000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7fb9dc4b4000-7fb9dc6b3000 ---p 0000a000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7fb9dc6b3000-7fb9dc6b4000 r--p 00009000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7fb9dc6b4000-7fb9dc6b5000 rw-p 0000a000 08:05 1586559                    /usr/lib/x86_64-linux-gnu/libnuma.so.1.0.0
 
7fb9dc6b5000-7fb9dc6b6000 r-xp 00000000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7fb9dc6b6000-7fb9dc8b5000 ---p 00001000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7fb9dc8b5000-7fb9dc8b6000 r--p 00000000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7fb9dc8b6000-7fb9dc8b7000 rw-p 00001000 08:05 3152558                    /lib/x86_64-linux-gnu/libaio.so.1.0.1
 
7fb9dc8b7000-7fb9dc8ce000 r-xp 00000000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7fb9dc8ce000-7fb9dcacd000 ---p 00017000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7fb9dcacd000-7fb9dcace000 r--p 00016000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7fb9dcace000-7fb9dcacf000 rw-p 00017000 08:05 1707492                    /usr/local/lib/liblz4.so.1.8.3
 
7fb9dcacf000-7fb9dcae7000 r-xp 00000000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7fb9dcae7000-7fb9dcce6000 ---p 00018000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7fb9dcce6000-7fb9dcce7000 r--p 00017000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7fb9dcce7000-7fb9dcce8000 rw-p 00018000 08:05 3152800                    /lib/x86_64-linux-gnu/libpthread-2.24.so
 
7fb9dcce8000-7fb9dccec000 rw-p 00000000 00:00 0 
7fb9dccec000-7fb9dcd0f000 r-xp 00000000 08:05 3145795                    /lib/x86_64-linux-gnu/ld-2.24.so
 
7fb9dcd23000-7fb9dcef4000 rw-p 00000000 00:00 0 
7fb9dcf0b000-7fb9dcf0f000 rw-p 00000000 00:00 0 
7fb9dcf0f000-7fb9dcf10000 r--p 00023000 08:05 3145795                    /lib/x86_64-linux-gnu/ld-2.24.so
 
7fb9dcf10000-7fb9dcf11000 rw-p 00024000 08:05 3145795                    /lib/x86_64-linux-gnu/ld-2.24.so
 
7fb9dcf11000-7fb9dcf12000 rw-p 00000000 00:00 0 
7ffe5fb01000-7ffe5fb24000 rw-p 00000000 00:00 0                          [stack]
 
7ffe5fb47000-7ffe5fb49000 r-xp 00000000 00:00 0                          [vdso]
 
7ffe5fb49000-7ffe5fb4b000 r--p 00000000 00:00 0                          [vvar]
 
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]



 Comments   
Comment by Sachin Setiya (Inactive) [ 2019-03-26 ]

This last alter changes the keys order

ALTER TABLE t1 ADD UNIQUE (b);
 
show create table t1;
 
Table	Create Table
 
t1	CREATE TABLE `t1` (
 
  `pk` int(11) NOT NULL,
 
  `a` char(5) DEFAULT NULL,
 
  `b` blob NOT NULL,
 
  PRIMARY KEY (`pk`),
 
  UNIQUE KEY `a` (`a`,`b`) USING HASH,
 
  UNIQUE KEY `b_8` (`b`) USING HASH,
 
  UNIQUE KEY `b_2` (`b`(165)),
 
  UNIQUE KEY `b_5` (`b`(95)),
 
  UNIQUE KEY `b_7` (`b`(21)),
 
  KEY `b` (`b`(64)),
 
  KEY `b_3` (`b`(1000)),
 
  KEY `b_4` (`b`(500)),
 
  KEY `b_6` (`b`(30))
 
) ENGINE=MyISAM DEFAULT CHARSET=latin1

Before this alter the keys order.

show create table t1;
 
Table	Create Table
 
t1	CREATE TABLE `t1` (
 
  `pk` int(11) NOT NULL,
 
  `a` char(5) DEFAULT NULL,
 
  `b` blob NOT NULL,
 
  PRIMARY KEY (`pk`),
 
  UNIQUE KEY `b_2` (`b`(165)),
 
  UNIQUE KEY `b_5` (`b`(95)),
 
  UNIQUE KEY `b_7` (`b`(21)),
 
  UNIQUE KEY `a` (`a`,`b`) USING HASH,
 
  KEY `b` (`b`(64)),
 
  KEY `b_3` (`b`(1000)),
 
  KEY `b_4` (`b`(500)),
 
  KEY `b_6` (`b`(30))
 
) ENGINE=MyISAM DEFAULT CHARSET=latin1

Comment by Sachin Setiya (Inactive) [ 2019-03-27 ]

bb-10.4-sachin

Comment by Sergei Golubchik [ 2019-06-13 ]

Well done! This was a tricky one.

ok to push http://lists.askmonty.org/pipermail/commits/2019-May/013829.html

Generated at Thu Feb 08 08:48:41 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.