[MDEV-21325] DRAFT: trx0rec.cc:230: byte* trx_undo_log_v_idx(buf_block_t*, const dict_table_t*, ulint, byte*, bool): Assertion `n_idx > 0' failed. Created: 2019-12-16  Updated: 2022-04-07

Status: Open
Project: MariaDB Server
Component/s: Storage Engine - InnoDB, Virtual Columns
Affects Version/s: 10.5.1, 10.4
Fix Version/s: 10.4, 10.5

Type: Bug Priority: Major
Reporter: Matthias Leich Assignee: Nikita Malyavin
Resolution: Unresolved Votes: 0
Labels: None

Attachments: File MDEV-21325.log    
Issue Links:
Relates
relates to MDEV-23672 Assertion `v.v_indexes.empty()' faile... Closed

 Description    

Assert hit during RQG testing
 
origin/10.5 c24253d0fa3161b0703630b0fbdcb98d235073a5 2019-12-16 compiled with debug
 
...
 
Version: '10.5.1-MariaDB-debug-log'  socket: '/dev/shm/vardir/1576514062/9/1/mysql.sock'  port: 28760  Source distribution
 
mysqld: storage/innobase/trx/trx0rec.cc:230: byte* trx_undo_log_v_idx(buf_block_t*, const dict_table_t*, ulint, byte*, bool): Assertion `n_idx > 0' failed.
 
191216 17:50:25 [ERROR] mysqld got signal 6 ;
 
...
 
Query (0x7ff120011770): INSERT INTO t3 (col1,col2, col_text_g, col_string, col_text) VALUES ( 314, 314, 314 - 1, REPEAT(SUBSTR(CAST( 314 AS CHAR),1,1), 10), REPEAT(SUBSTR(CAST( 314 AS CHAR),1,1), @fill_amount) ) /* E_R Thread3 QNO 8291 CON_ID 13 */
 
Connection ID (thread ID): 13
 
Status: NOT_KILLED
 
 
 
#3  <signal handler called>
 
#4  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
 
#5  0x00007ff18120af5d in __GI_abort () at abort.c:90
 
#6  0x00007ff181200f17 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x5558bbe0a3e8 "n_idx > 0", file=file@entry=0x5558bbe0a310 "storage/innobase/trx/trx0rec.cc", line=line@entry=230, function=function@entry=0x5558bbe0baa0 <trx_undo_log_v_idx(buf_block_t*, dict_table_t const*, unsigned long, unsigned char*, bool)::__PRETTY_FUNCTION__> "byte* trx_undo_log_v_idx(buf_block_t*, const dict_table_t*, ulint, byte*, bool)") at assert.c:92
 
#7  0x00007ff181200fc2 in __GI___assert_fail (assertion=0x5558bbe0a3e8 "n_idx > 0", file=0x5558bbe0a310 "storage/innobase/trx/trx0rec.cc", line=230, function=0x5558bbe0baa0 <trx_undo_log_v_idx(buf_block_t*, dict_table_t const*, unsigned long, unsigned char*, bool)::__PRETTY_FUNCTION__> "byte* trx_undo_log_v_idx(buf_block_t*, const dict_table_t*, ulint, byte*, bool)") at assert.c:101
 
#8  0x00005558bb69a04a in trx_undo_log_v_idx (undo_block=0x7ff15f84a320, table=0x7ff0e8069eb8, pos=0, ptr=0x7ff160aaf45e "", first_v_col=true) at storage/innobase/trx/trx0rec.cc:230
 
#9  0x00005558bb69a581 in trx_undo_report_insert_virtual (undo_block=0x7ff15f84a320, table=0x7ff0e8069eb8, row=0x7ff120060258, ptr=0x7ff17805c458) at storage/innobase/trx/trx0rec.cc:403
 
#10 0x00005558bb69ac8c in trx_undo_page_report_insert (undo_block=0x7ff15f84a320, trx=0x7ff16c21b390, index=0x7ff12c3439b8, clust_entry=0x7ff120060258, mtr=0x7ff17805c550) at storage/innobase/trx/trx0rec.cc:528
 
#11 0x00005558bb6a06d2 in trx_undo_report_row_operation (thr=0x7ff120093500, index=0x7ff12c3439b8, clust_entry=0x7ff120060258, update=0x0, cmpl_info=0, rec=0x0, offsets=0x0, roll_ptr=0x7ff17805cad0) at storage/innobase/trx/trx0rec.cc:2113
 
#12 0x00005558bb7077c6 in btr_cur_ins_lock_and_undo (flags=0, cursor=0x7ff17805cc70, entry=0x7ff120060258, thr=0x7ff120093500, mtr=0x7ff17805cfd0, inherit=0x7ff17805cb3a) at storage/innobase/btr/btr0cur.cc:3277
 
#13 0x00005558bb70927d in btr_cur_pessimistic_insert (flags=0, cursor=0x7ff17805cc70, offsets=0x7ff17805cc08, heap=0x7ff17805cc00, entry=0x7ff120060258, rec=0x7ff17805cc10, big_rec=0x7ff17805cbf8, n_ext=0, thr=0x7ff120093500, mtr=0x7ff17805cfd0) at storage/innobase/btr/btr0cur.cc:3675
 
#14 0x00005558bb5be17e in row_ins_clust_index_entry_low (flags=0, mode=33, index=0x7ff12c3439b8, n_uniq=1, entry=0x7ff120060258, n_ext=0, thr=0x7ff120093500) at storage/innobase/row/row0ins.cc:2780
 
#15 0x00005558bb5bf9fc in row_ins_clust_index_entry (index=0x7ff12c3439b8, entry=0x7ff120060258, thr=0x7ff120093500, n_ext=0) at storage/innobase/row/row0ins.cc:3251
 
#16 0x00005558bb5bfe34 in row_ins_index_entry (index=0x7ff12c3439b8, entry=0x7ff120060258, thr=0x7ff120093500) at storage/innobase/row/row0ins.cc:3359
 
#17 0x00005558bb5c06aa in row_ins_index_entry_step (node=0x7ff120093000, thr=0x7ff120093500) at storage/innobase/row/row0ins.cc:3528
 
#18 0x00005558bb5c0ace in row_ins (node=0x7ff120093000, thr=0x7ff120093500) at storage/innobase/row/row0ins.cc:3664
 
#19 0x00005558bb5c127a in row_ins_step (thr=0x7ff120093500) at storage/innobase/row/row0ins.cc:3807
 
#20 0x00005558bb5e65c7 in row_insert_for_mysql (mysql_rec=0x7ff1200895a0 "\330:\001", prebuilt=0x7ff1200929b8, ins_mode=ROW_INS_NORMAL) at storage/innobase/row/row0mysql.cc:1463
 
#21 0x00005558bb43ddd8 in ha_innobase::write_row (this=0x7ff1200797f0, record=0x7ff1200895a0 "\330:\001") at storage/innobase/handler/ha_innodb.cc:7810
 
#22 0x00005558bb0746f8 in handler::ha_write_row (this=0x7ff1200797f0, buf=0x7ff1200895a0 "\330:\001") at sql/handler.cc:6657
 
#23 0x00005558bacd3aa0 in write_record (thd=0x7ff120000ce8, table=0x7ff12008b648, info=0x7ff17805dc80, sink=0x0) at sql/sql_insert.cc:2056
 
#24 0x00005558bacd0a64 in mysql_insert (thd=0x7ff120000ce8, table_list=0x7ff1200119e0, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false, result=0x0) at sql/sql_insert.cc:1081
 
#25 0x00005558bad213da in mysql_execute_command (thd=0x7ff120000ce8) at sql/sql_parse.cc:4504
 
#26 0x00005558bad2de54 in mysql_parse (thd=0x7ff120000ce8, rawbuf=0x7ff120011770 "INSERT INTO t3 (col1,col2, col_text_g, col_string, col_text) VALUES ( 314, 314, 314 - 1, REPEAT(SUBSTR(CAST( 314 AS CHAR),1,1), 10), REPEAT(SUBSTR(CAST( 314 AS CHAR),1,1), @fill_amount) ) /* E_R Thread3 QNO 8291 CON_ID 13 */", length=224, parser_state=0x7ff17805e5b0, is_com_multi=false, is_next_command=false) at sql/sql_parse.cc:7988
 
#27 0x00005558bad18efa in dispatch_command (command=COM_QUERY, thd=0x7ff120000ce8, packet=0x7ff120008419 "INSERT INTO t3 (col1,col2, col_text_g, col_string, col_text) VALUES ( 314, 314, 314 - 1, REPEAT(SUBSTR(CAST( 314 AS CHAR),1,1), 10), REPEAT(SUBSTR(CAST( 314 AS CHAR),1,1), @fill_amount) ) /* E_R Thread3 QNO 8291 CON_ID 13 */ ", packet_length=225, is_com_multi=false, is_next_command=false) at sql/sql_parse.cc:1845
 
#28 0x00005558bad17653 in do_command (thd=0x7ff120000ce8) at sql/sql_parse.cc:1363
 
#29 0x00005558baeb6f12 in do_handle_one_connection (connect=0x5558c04f9028, put_in_cache=true) at sql/sql_connect.cc:1422
 
#30 0x00005558baeb6c46 in handle_one_connection (arg=0x5558c05ea888) at sql/sql_connect.cc:1319
 
 
 
The RQG test simplifier is already running.
 
In the moment its unknown if the problem affects versions < 10.5 too,



 Comments   
Comment by Alice Sherepa [ 2020-10-22 ]

it looks like http://buildbot.askmonty.org/buildbot/builders/kvm-asan/builds/4561/steps/mtr_nm/logs/stdio

innodb.instant_alter_bugs 'innodb'       w1 [ fail ]
 
        Test ended at 2020-10-22 04:35:57
 
 
 
CURRENT_TEST: innodb.instant_alter_bugs
 
mysqltest: At line 451: query 'insert into t1 values (1, null, default, default)' failed: 2013: Lost connection to MySQL server during query
 
 
 
The result from queries just before the failure was:
 
< snip >
 
DROP TABLE t;
 
#
 
# MDEV-23499 Assertion c.same_type(*o) failed
 
#
 
CREATE TABLE t (pk SERIAL, b TEXT CHARACTER SET utf8) ENGINE=InnoDB;
 
ALTER TABLE t MODIFY b TEXT CHARACTER SET utf8mb4 FIRST;
 
DROP TABLE t;
 
#
 
# MDEV-23672 Assertion `v.v_indexes.empty()' failed in dict_table_t::instant_column
 
#
 
create table t1 (
 
col_int integer,
 
col_text text not null,
 
col_int_g integer generated always as (col_int) unique,
 
col_text_g text generated always as (substr(col_text,1,499)) )
 
engine innodb row_format = redundant;
 
insert into t1 values (0, 'a', default, default);
 
insert into t1 values (null, 'b', default, default);
 
alter table t1 modify column col_text text null, algorithm = instant;
 
insert into t1 values (1, null, default, default);
 
 
 
More results from queries before failure can be found in /dev/shm/var/1/log/instant_alter_bugs.log
 
 
 
 
 
Server [mysqld.1 - pid: 153192, winpid: 153192, exit: 256] failed during test run
 
Server log from this test:
 
----------SERVER LOG START-----------
 
2020-10-22  4:35:56 28 [Note] InnoDB: Sync to disk of `test`.`t1` started.
 
2020-10-22  4:35:56 28 [Note] InnoDB: Stopping purge
 
2020-10-22  4:35:56 28 [Note] InnoDB: Writing table metadata to './test/t1.cfg'
 
2020-10-22  4:35:56 28 [Note] InnoDB: Table `test`.`t1` flushed to disk
 
2020-10-22  4:35:56 28 [Note] InnoDB: Deleting the meta-data file './test/t1.cfg'
 
2020-10-22  4:35:56 28 [Note] InnoDB: Resuming purge
 
2020-10-22  4:35:56 28 [Note] InnoDB: Importing tablespace for table 'test/t1' that was exported from host 'ubuntu-focal-amd64'
 
2020-10-22  4:35:56 28 [Note] InnoDB: Phase I - Update all pages
 
2020-10-22  4:35:56 28 [Note] InnoDB: Sync to disk
 
2020-10-22  4:35:56 28 [Note] InnoDB: Sync to disk - done!
 
2020-10-22  4:35:56 28 [Note] InnoDB: Phase III - Flush changes to disk
 
2020-10-22  4:35:56 28 [Note] InnoDB: Phase IV - Flush complete
 
=================================================================
 
==153194==ERROR: AddressSanitizer: heap-use-after-free on address 0x61600033c3f0 at pc 0x56266c74a949 bp 0x7f05d21eaaf0 sp 0x7f05d21eaae0
 
READ of size 8 at 0x61600033c3f0 thread T27
 
    #0 0x56266c74a948 in trx_undo_log_v_idx /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/trx/trx0rec.cc:252
 
    #1 0x56266c762a5f in trx_undo_report_insert_virtual /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/trx/trx0rec.cc:425
 
    #2 0x56266c762a5f in trx_undo_page_report_insert /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/trx/trx0rec.cc:553
 
    #3 0x56266c762a5f in trx_undo_report_row_operation(que_thr_t*, dict_index_t*, dtuple_t const*, upd_t const*, unsigned long, unsigned char const*, unsigned short const*, unsigned long*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/trx/trx0rec.cc:2135
 
    #4 0x56266c84ecf8 in btr_cur_ins_lock_and_undo /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/btr/btr0cur.cc:3343
 
    #5 0x56266c84ecf8 in btr_cur_optimistic_insert(unsigned long, btr_cur_t*, unsigned short**, mem_block_info_t**, dtuple_t*, unsigned char**, big_rec_t**, unsigned long, que_thr_t*, mtr_t*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/btr/btr0cur.cc:3560
 
    #6 0x56266c5fe1f3 in row_ins_clust_index_entry_low(unsigned long, unsigned long, dict_index_t*, unsigned long, dtuple_t*, unsigned long, que_thr_t*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0ins.cc:2762
 
    #7 0x56266c603dc4 in row_ins_clust_index_entry(dict_index_t*, dtuple_t*, que_thr_t*, unsigned long) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0ins.cc:3236
 
    #8 0x56266c605943 in row_ins_index_entry /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0ins.cc:3361
 
    #9 0x56266c605943 in row_ins_index_entry_step /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0ins.cc:3530
 
    #10 0x56266c605943 in row_ins /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0ins.cc:3667
 
    #11 0x56266c605943 in row_ins_step(que_thr_t*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0ins.cc:3806
 
    #12 0x56266c63c7d9 in row_insert_for_mysql(unsigned char const*, row_prebuilt_t*, ins_mode_t) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/row/row0mysql.cc:1422
 
    #13 0x56266c3a7d1b in ha_innobase::write_row(unsigned char const*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/handler/ha_innodb.cc:7970
 
    #14 0x56266bd307c2 in handler::ha_write_row(unsigned char const*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/handler.cc:6747
 
    #15 0x56266b4b3c6b in write_record(THD*, TABLE*, st_copy_info*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_insert.cc:2058
 
    #16 0x56266b4dd0d1 in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_insert.cc:1078
 
    #17 0x56266b57d571 in mysql_execute_command(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:4519
 
    #18 0x56266b59542f in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:7903
 
    #19 0x56266b59dfd6 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:1834
 
    #20 0x56266b5a3d9a in do_command(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:1352
 
    #21 0x56266b920d56 in do_handle_one_connection(CONNECT*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_connect.cc:1412
 
    #22 0x56266b9212de in handle_one_connection /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_connect.cc:1316
 
    #23 0x56266cea4898 in pfs_spawn_thread /home/buildbot/buildbot/build/mariadb-10.4.16/storage/perfschema/pfs.cc:1869
 
    #24 0x7f05e8e88608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x9608)
 
    #25 0x7f05e89ca102 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122102)
 
 
 
0x61600033c3f0 is located 112 bytes inside of 568-byte region [0x61600033c380,0x61600033c5b8)
 
freed by thread T27 here:
 
    #0 0x7f05e90107cf in __interceptor_free (/lib/x86_64-linux-gnu/libasan.so.5+0x10d7cf)
 
    #1 0x56266c516f56 in mem_heap_block_free(mem_block_info_t*, mem_block_info_t*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/mem/mem0mem.cc:416
 
    #2 0x56266c98e0f6 in mem_heap_free /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/include/mem0mem.ic:417
 
    #3 0x56266c98e0f6 in dict_mem_index_free(dict_index_t*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/dict/dict0mem.cc:1112
 
    #4 0x56266c4095ce in ha_innobase_inplace_ctx::~ha_innobase_inplace_ctx() /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/handler/handler0alter.cc:1042
 
    #5 0x56266c4095ce in ha_innobase_inplace_ctx::~ha_innobase_inplace_ctx() /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/handler/handler0alter.cc:1053
 
    #6 0x56266b7f338d in Alter_inplace_info::~Alter_inplace_info() /home/buildbot/buildbot/build/mariadb-10.4.16/sql/handler.h:2471
 
    #7 0x56266b7f338d in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/handler.h:2469
 
    #8 0x56266b931223 in Sql_cmd_alter_table::execute(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_alter.cc:514
 
    #9 0x56266b57b386 in mysql_execute_command(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:6105
 
    #10 0x56266b59542f in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:7903
 
    #11 0x56266b59dfd6 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:1834
 
    #12 0x56266b5a3d9a in do_command(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:1352
 
    #13 0x56266b920d56 in do_handle_one_connection(CONNECT*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_connect.cc:1412
 
    #14 0x56266b9212de in handle_one_connection /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_connect.cc:1316
 
    #15 0x56266cea4898 in pfs_spawn_thread /home/buildbot/buildbot/build/mariadb-10.4.16/storage/perfschema/pfs.cc:1869
 
    #16 0x7f05e8e88608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x9608)
 
 
 
previously allocated by thread T27 here:
 
    #0 0x7f05e9010bc8 in malloc (/lib/x86_64-linux-gnu/libasan.so.5+0x10dbc8)
 
    #1 0x56266c516385 in mem_heap_create_block_func(mem_block_info_t*, unsigned long, unsigned long) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/mem/mem0mem.cc:277
 
    #2 0x56266c51674c in mem_heap_add_block(mem_block_info_t*, unsigned long) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/mem/mem0mem.cc:378
 
    #3 0x56266c99173b in mem_heap_alloc /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/include/mem0mem.ic:191
 
    #4 0x56266c99173b in mem_heap_zalloc /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/include/mem0mem.ic:160
 
    #5 0x56266c99173b in dict_mem_index_create(dict_table_t*, char const*, unsigned long, unsigned long) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/dict/dict0mem.cc:786
 
    #6 0x56266c9525c0 in dict_index_build_internal_non_clust /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/dict/dict0dict.cc:2479
 
    #7 0x56266c9525c0 in dict_index_add_to_cache(dict_index_t*&, unsigned long, dict_add_v_col_t const*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/dict/dict0dict.cc:1865
 
    #8 0x56266c3ee282 in prepare_inplace_alter_table_dict /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/handler/handler0alter.cc:6663
 
    #9 0x56266c407f4e in ha_innobase::prepare_inplace_alter_table(TABLE*, Alter_inplace_info*) /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/handler/handler0alter.cc:8270
 
    #10 0x56266b7c6180 in mysql_inplace_alter_table /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_table.cc:7711
 
    #11 0x56266b7f411f in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_table.cc:10156
 
    #12 0x56266b931223 in Sql_cmd_alter_table::execute(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_alter.cc:514
 
    #13 0x56266b57b386 in mysql_execute_command(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:6105
 
    #14 0x56266b59542f in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:7903
 
    #15 0x56266b59dfd6 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:1834
 
    #16 0x56266b5a3d9a in do_command(THD*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_parse.cc:1352
 
    #17 0x56266b920d56 in do_handle_one_connection(CONNECT*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_connect.cc:1412
 
    #18 0x56266b9212de in handle_one_connection /home/buildbot/buildbot/build/mariadb-10.4.16/sql/sql_connect.cc:1316
 
    #19 0x56266cea4898 in pfs_spawn_thread /home/buildbot/buildbot/build/mariadb-10.4.16/storage/perfschema/pfs.cc:1869
 
    #20 0x7f05e8e88608 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x9608)
 
 
 
Thread T27 created by T0 here:
 
    #0 0x7f05e8f3d805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
 
    #1 0x56266ceabfee in spawn_thread_v1 /home/buildbot/buildbot/build/mariadb-10.4.16/storage/perfschema/pfs.cc:1919
 
    #2 0x56266b2e2a7e in inline_mysql_thread_create /home/buildbot/buildbot/build/mariadb-10.4.16/include/mysql/psi/mysql_thread.h:1275
 
    #3 0x56266b2e2a7e in create_thread_to_handle_connection(CONNECT*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/mysqld.cc:6259
 
    #4 0x56266b2eed72 in create_new_thread(CONNECT*) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/mysqld.cc:6329
 
    #5 0x56266b2ef382 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/mysqld.cc:6427
 
    #6 0x56266b2f059f in handle_connections_sockets() /home/buildbot/buildbot/build/mariadb-10.4.16/sql/mysqld.cc:6585
 
    #7 0x56266b2f2032 in mysqld_main(int, char**) /home/buildbot/buildbot/build/mariadb-10.4.16/sql/mysqld.cc:5917
 
    #8 0x7f05e88cf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
 
 
 
SUMMARY: AddressSanitizer: heap-use-after-free /home/buildbot/buildbot/build/mariadb-10.4.16/storage/innobase/trx/trx0rec.cc:252 in trx_undo_log_v_idx
 
Shadow bytes around the buggy address:
 
  0x0c2c8005f820: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
 
  0x0c2c8005f830: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
 
  0x0c2c8005f840: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
 
  0x0c2c8005f850: fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa
 
  0x0c2c8005f860: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
 
=>0x0c2c8005f870: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
 
  0x0c2c8005f880: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
 
  0x0c2c8005f890: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
 
  0x0c2c8005f8a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
 
  0x0c2c8005f8b0: fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa fa
 
  0x0c2c8005f8c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
 
Shadow byte legend (one shadow byte represents 8 application bytes):
 
  Addressable:           00
 
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
 
  Freed heap region:       fd
 
  Stack left redzone:      f1
 
  Stack mid redzone:       f2
 
  Stack right redzone:     f3
 
  Stack after return:      f5
 
  Stack use after scope:   f8
 
  Global redzone:          f9
 
  Global init order:       f6
 
  Poisoned by user:        f7
 
  Container overflow:      fc
 
  Array cookie:            ac
 
  Intra object redzone:    bb
 
  ASan internal:           fe
 
  Left alloca redzone:     ca
 
  Right alloca redzone:    cb
 
  Shadow gap:              cc
 
==153194==ABORTING
 
----------SERVER LOG END-------------

Comment by Matthias Leich [ 2021-04-27 ]

The RQG test mentioned on top does not use any system versioned tables.
I will try to replay the failure with RQG again.

Generated at Thu Feb 08 09:06:16 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.