Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.1.18, 5.5(EOL), 10.0(EOL), 10.1(EOL), 10.2(EOL)
-
None
-
CentOS 7 x64
Windows 7 x64
Description
I've noted that MariaDB in my production server randomly gets killed, and when I checked the error logs, I saw that it was related to the following query:
SELECT t1.id FROM replies as t1 WHERE MATCH(t1.body) AGAINST ('ciao' IN BOOLEAN MODE);
|
I checked the whole table and narrowed the cause to the following:
C͓̙̯͔̩ͅͅi̩̘̜̲a̯̲̬̳̜̖̤o͕͓̜͓̺̖̗,̠̬͚ ̺T͇̲h͈̱e ̬̜D̖o̦̖͔̗͖̩̘c̣̼t̝͉̫̮̗o͉̫̭r̙͎̗.͓̪̥
|
|
How to reproduce |
set names 'utf8mb4'; |
|
|
CREATE TABLE IF NOT EXISTS `replies_test` ( |
`id` int(10) unsigned NOT NULL AUTO_INCREMENT, |
`body` text NOT NULL, |
PRIMARY KEY (`id`), |
FULLTEXT KEY `repliesText` (`body`) |
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci; |
|
|
insert into `replies_test` VALUES (1000, 'C͓̙̯͔̩ͅͅi̩̘̜̲a̯̲̬̳̜̖̤o͕͓̜͓̺̖̗,̠̬͚ ̺T͇̲h͈̱e ̬̜D̖o̦̖͔̗͖̩̘c̣̼t̝͉̫̮̗o͉̫̭r̙͎̗.͓̪̥'); |
|
|
SELECT t1.id FROM replies_test as t1 WHERE MATCH(t1.body) AGAINST ('ciao' IN BOOLEAN MODE); |
|
Backtrace |
161105 11:38:07 [ERROR] mysqld got signal 11 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
|
|
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
|
|
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
|
|
Server version: 10.1.18-MariaDB
|
key_buffer_size=268435456
|
read_buffer_size=131072
|
max_used_connections=10
|
max_threads=182
|
thread_count=10
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 661893 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
|
Thread pointer: 0x0x7f77cbf8c008
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7f77fcbbd130 thread_stack 0x48400
|
/usr/sbin/mysqld(my_print_stacktrace+0x2e)[0x7f77fd76da6e]
|
/usr/sbin/mysqld(handle_fatal_signal+0x2d5)[0x7f77fd2938d5]
|
/lib64/libpthread.so.0(+0xf100)[0x7f77fc8ae100]
|
/usr/sbin/mysqld(+0xa520da)[0x7f77fd7310da]
|
/usr/sbin/mysqld(+0xa0b49c)[0x7f77fd6ea49c]
|
/usr/sbin/mysqld(+0x474765)[0x7f77fd153765]
|
mysys/stacktrace.c:268(my_print_stacktrace)[0x7f77fd148a99]
|
myisam/ft_boolean_search.c:842(ft_boolean_read_next)[0x7f77fd1579ad]
|
sql/sql_class.h:5418(handler::ha_ft_read(unsigned char*))[0x7f77fd169adc]
|
sql/sql_select.cc:2506(JOIN::exec())[0x7f77fd16bad4]
|
sql/sql_select.cc:3440(mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x7f77fd168172]
|
sql/sql_select.cc:384(handle_select(THD*, LEX*, select_result*, unsigned long))[0x7f77fd168c55]
|
sql/sql_parse.cc:5896(execute_sqlcom_select)[0x7f77fd107c71]
|
sql/sql_parse.cc:2961(mysql_execute_command(THD*))[0x7f77fd113faf]
|
sql/sql_parse.cc:7319(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x7f77fd117952]
|
sql/sql_parse.cc:1487(dispatch_command(enum_server_command, THD*, char*, unsigned int))[0x7f77fd11ae2b]
|
sql/sql_parse.cc:1110(do_command(THD*))[0x7f77fd11b6a9]
|
sql/sql_connect.cc:1350(do_handle_one_connection(THD*))[0x7f77fd1e219a]
|
sql/sql_connect.cc:1264(handle_one_connection)[0x7f77fd1e2370]
|
/lib64/libpthread.so.0(+0x7dc5)[0x7f77fc8a6dc5]
|
/lib64/libc.so.6(clone+0x6d)[0x7f77facc7ced]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x7f77cb756020): SELECT t1.id FROM tinychan_replies as t1 WHERE MATCH(t1.body) AGAINST ('ciao' IN BOOLEAN MODE)
|
Connection ID (thread ID): 13
|
Status: NOT_KILLED
|
Same result on both CentOS and Windows 7, but this only occurs in MyISAM & Aria tables, not InnoDB.
Attachments
Issue Links
- relates to
-
-
- Closed
-
Joseph, thanks for the report and the test case. Reproducible as described.
5.5 96b62b55149a9297f32c3aad99ece613cc3f788f
#3 <signal handler called>#4 0x0000000000c62031 in ft_boolean_read_next (ftb=0x7f3a5ece7460, record=0x7f3a5eca8b78 '\217' <repeats 14 times>, '\245' <repeats 18 times>, "\260\213\312^:\177") at /data/src/5.5/storage/myisam/ft_boolean_search.c:842#5 0x0000000000c09dc0 in ha_myisam::ft_read (this=0x7f3a5ec88078, buf=0x7f3a5eca8b78 '\217' <repeats 14 times>, '\245' <repeats 18 times>, "\260\213\312^:\177") at /data/src/5.5/storage/myisam/ha_myisam.cc:2137#6 0x000000000067058c in handler::ha_ft_read (this=0x7f3a5ec88078, buf=0x7f3a5eca8b78 '\217' <repeats 14 times>, '\245' <repeats 18 times>, "\260\213\312^:\177") at /data/src/5.5/sql/sql_class.h:4339#7 0x000000000065dae8 in join_ft_read_first (tab=0x7f3a5ec4bce0) at /data/src/5.5/sql/sql_select.cc:17983#8 0x000000000065b49f in sub_select (join=0x7f3a5ec4ad70, join_tab=0x7f3a5ec4bce0, end_of_records=false) at /data/src/5.5/sql/sql_select.cc:16965#9 0x000000000065ad6d in do_select (join=0x7f3a5ec4ad70, fields=0x7f3a74322b88, table=0x0, procedure=0x0) at /data/src/5.5/sql/sql_select.cc:16630#10 0x00000000006395cb in JOIN::exec (this=0x7f3a5ec4ad70) at /data/src/5.5/sql/sql_select.cc:2873#11 0x0000000000639d96 in mysql_select (thd=0x7f3a7431f060, rref_pointer_array=0x7f3a74322ce0, tables=0x7f3a5ec4a360, wild_num=0, fields=..., conds=0x7f3a5ec4ab60, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f3a5ec4ad50, unit=0x7f3a74322390, select_lex=0x7f3a74322a70) at /data/src/5.5/sql/sql_select.cc:3094#12 0x000000000063067c in handle_select (thd=0x7f3a7431f060, lex=0x7f3a743222e0, result=0x7f3a5ec4ad50, setup_tables_done_option=0) at /data/src/5.5/sql/sql_select.cc:319#13 0x0000000000609be3 in execute_sqlcom_select (thd=0x7f3a7431f060, all_tables=0x7f3a5ec4a360) at /data/src/5.5/sql/sql_parse.cc:4689#14 0x0000000000602f34 in mysql_execute_command (thd=0x7f3a7431f060) at /data/src/5.5/sql/sql_parse.cc:2234#15 0x000000000060c7ae in mysql_parse (thd=0x7f3a7431f060, rawbuf=0x7f3a5ec4a078 "SELECT t1.id FROM replies_test as t1 WHERE MATCH(t1.body) AGAINST ('ciao' IN BOOLEAN MODE)", length=90, parser_state=0x7f3a897fe6a0) at /data/src/5.5/sql/sql_parse.cc:5934#16 0x00000000006004c3 in dispatch_command (command=COM_QUERY, thd=0x7f3a7431f060, packet=0x7f3a747f6061 "", packet_length=90) at /data/src/5.5/sql/sql_parse.cc:1079#17 0x00000000005ff67d in do_command (thd=0x7f3a7431f060) at /data/src/5.5/sql/sql_parse.cc:793#18 0x0000000000701889 in do_handle_one_connection (thd_arg=0x7f3a7431f060) at /data/src/5.5/sql/sql_connect.cc:1270#19 0x0000000000701616 in handle_one_connection (arg=0x7f3a7431f060) at /data/src/5.5/sql/sql_connect.cc:1186#20 0x00007f3a8945a0a4 in start_thread (arg=0x7f3a897ff700) at pthread_create.c:309#21 0x00007f3a8788087d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111Reproducible on MariaDB 5.5-10.2 with MyISAM and Aria.
Could not reproduce on MYSQL 5.6, 5.7.