[MDEV-18148] Server crashes in ha_maria::end_bulk_insert - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Duplicate
Affects Version/s: 5.5(EOL), 10.0(EOL), 10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL)
Fix Version/s: N/A
Component/s: Storage Engine - Aria
Labels:
None

Description

10.4 2465d3e00b2f18c7d4967f9bb10438883682787d
#3 <signal handler called>
#4 0x00005569c8469094 in ha_maria::end_bulk_insert (this=0x7fa484647f18) at /home/travis/src/storage/maria/ha_maria.cc:2278
#5 0x00005569c7b2767f in handler::ha_end_bulk_insert (this=0x7fa484647f18) at /home/travis/src/sql/handler.h:3174
#6 0x00005569c7b24dfa in select_insert::abort_result_set (this=0x7fa4845c3810) at /home/travis/src/sql/sql_insert.cc:4054
#7 0x00005569c7b9f7f9 in handle_select (thd=0x7fa4841d58a0, lex=0x7fa4841d9698, result=0x7fa4845c3810, setup_tables_done_option=1073741824) at /home/travis/src/sql/sql_select.cc:391
#8 0x00005569c7b62ee0 in mysql_execute_command (thd=0x7fa4841d58a0) at /home/travis/src/sql/sql_parse.cc:4837
#9 0x00005569c7b6d6f4 in mysql_parse (thd=0x7fa4841d58a0, rawbuf=0x7fa4841e3808 "REPLACE INTO view5 ( field1, field2, field3, field4 ) SELECT a1.field1 AS field1, a2.field2 AS field2, a1.field3 AS field3, a1.field4 AS field4 FROM table_multipart AS a1, table_virtual AS a2 WHERE a1"..., length=314, parser_state=0x7fa46a210650, is_com_multi=false, is_next_command=false) at /home/travis/src/sql/sql_parse.cc:8104
#10 0x00005569c7b5a5de in dispatch_command (command=COM_QUERY, thd=0x7fa4841d58a0, packet=0x7fa4841db6d1 "REPLACE INTO view5 ( field1, field2, field3, field4 ) SELECT a1.field1 AS field1, a2.field2 AS field2, a1.field3 AS field3, a1.field4 AS field4 FROM table_multipart AS a1, table_virtual AS a2 WHERE a1"..., packet_length=315, is_com_multi=false, is_next_command=false) at /home/travis/src/sql/sql_parse.cc:1851
#11 0x00005569c7b58ffb in do_command (thd=0x7fa4841d58a0) at /home/travis/src/sql/sql_parse.cc:1396
#12 0x00005569c7cc4f58 in do_handle_one_connection (connect=0x5569cba4bf00) at /home/travis/src/sql/sql_connect.cc:1402
#13 0x00005569c7cc4ca9 in handle_one_connection (arg=0x5569cba4bf00) at /home/travis/src/sql/sql_connect.cc:1308
#14 0x00007fa48acf26ba in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#15 0x00007fa48a18741d in clone () from /lib/x86_64-linux-gnu/libc.so.6

Query (0x7fa4841e3808): REPLACE INTO view5 ( field1, field2, field3, field4 ) SELECT a1.field1 AS field1, a2.field2 AS field2, a1.field3 AS field3, a1.field4 AS field4 FROM table_multipart AS a1, table_virtual AS a2 WHERE a1.field1 = a2.field1 AND a1.field2 <> 'l' ORDER BY field1, field2, field3, field4 LIMIT 2 /* QNO 6268 CON_ID 16 */
Connection ID (thread ID): 16
Status: NOT_KILLED
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on

See the test case in alice's comment

Attachments

Issue Links

duplicates

MDEV-15572 view.test, server crash with --big-tables=1

Closed

Activity

Alice Sherepa added a comment - 2019-01-30 12:06 - edited

With big_tables=ON reproducible on MadiaDB 5.5-10.4 (with both InnoDB/MyISAM);

set big_tables=ON;

CREATE TABLE t1 ( f1 int , f2 int , f3 int , f4 int);

CREATE TABLE t2 ( f1 int , f2 int , f3 int , f4 int);

CREATE VIEW v1 AS

	SELECT t2.f1, t1.f2, t2.f3, t2.f4 FROM (t1 JOIN t2);

REPLACE INTO v1 (f1, f2, f3, f4)

	SELECT f1, f2, f3, f4 FROM t1;

5.5 eff71f39ddc117d09d, built as -DCMAKE_BUILD_TYPE=Debug -DWITHOUT_TOKUDB=1 -DWITH_ASAN=ON

Version: '5.5.63-MariaDB-debug'

AddressSanitizer: SEGV on unknown address 0x0000000002d0 (pc 0x000000f259c8 bp 0x000000000000 sp 0x7f7328dee850 T15)

    #0 0xf259c7 in maria_end_bulk_insert /5.5/storage/maria/ma_write.c:1797

    #1 0xe35022 in ha_maria::end_bulk_insert() /5.5/storage/maria/ha_maria.cc:2184

    #2 0x62b5c6 in handler::ha_end_bulk_insert() /5.5/sql/handler.h:1943

    #3 0x62b5c6 in select_insert::abort_result_set() /5.5/sql/sql_insert.cc:3756

    #4 0x768a1f in handle_select(THD*, LEX*, select_result*, unsigned long) /5.5/sql/sql_select.cc:329

    #5 0x687cf9 in mysql_execute_command(THD*) /5.5/sql/sql_parse.cc:3052

    #6 0x69263f in mysql_parse(THD*, char*, unsigned int, Parser_state*) /5.5/sql/sql_parse.cc:5924

    #7 0x695a3c in dispatch_command(enum_server_command, THD*, char*, unsigned int) /5.5/sql/sql_parse.cc:1067

    #8 0x699b1a in do_command(THD*) /5.5/sql/sql_parse.cc:793

    #9 0x8cbd07 in do_handle_one_connection(THD*) /5.5/sql/sql_connect.cc:1268

    #10 0x8cbf80 in handle_one_connection /5.5/sql/sql_connect.cc:1184

    #11 0x143978b in pfs_spawn_thread /5.5/storage/perfschema/pfs.cc:1015

    #12 0x7f733732d6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)

    #13 0x7f73367d441c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)

Alice Sherepa added a comment - 2019-01-30 12:06 - edited With big_tables=ON reproducible on MadiaDB 5.5-10.4 (with both InnoDB/MyISAM); set big_tables= ON ; CREATE TABLE t1 ( f1 int , f2 int , f3 int , f4 int ); CREATE TABLE t2 ( f1 int , f2 int , f3 int , f4 int ); CREATE VIEW v1 AS SELECT t2.f1, t1.f2, t2.f3, t2.f4 FROM (t1 JOIN t2); REPLACE INTO v1 (f1, f2, f3, f4) SELECT f1, f2, f3, f4 FROM t1; 5.5 eff71f39ddc117d09d, built as -DCMAKE_BUILD_TYPE=Debug -DWITHOUT_TOKUDB=1 -DWITH_ASAN=ON Version: '5.5.63-MariaDB-debug' AddressSanitizer: SEGV on unknown address 0x0000000002d0 (pc 0x000000f259c8 bp 0x000000000000 sp 0x7f7328dee850 T15) #0 0xf259c7 in maria_end_bulk_insert /5.5/storage/maria/ma_write.c:1797 #1 0xe35022 in ha_maria::end_bulk_insert() /5.5/storage/maria/ha_maria.cc:2184 #2 0x62b5c6 in handler::ha_end_bulk_insert() /5.5/sql/handler.h:1943 #3 0x62b5c6 in select_insert::abort_result_set() /5.5/sql/sql_insert.cc:3756 #4 0x768a1f in handle_select(THD*, LEX*, select_result*, unsigned long) /5.5/sql/sql_select.cc:329 #5 0x687cf9 in mysql_execute_command(THD*) /5.5/sql/sql_parse.cc:3052 #6 0x69263f in mysql_parse(THD*, char*, unsigned int, Parser_state*) /5.5/sql/sql_parse.cc:5924 #7 0x695a3c in dispatch_command(enum_server_command, THD*, char*, unsigned int) /5.5/sql/sql_parse.cc:1067 #8 0x699b1a in do_command(THD*) /5.5/sql/sql_parse.cc:793 #9 0x8cbd07 in do_handle_one_connection(THD*) /5.5/sql/sql_connect.cc:1268 #10 0x8cbf80 in handle_one_connection /5.5/sql/sql_connect.cc:1184 #11 0x143978b in pfs_spawn_thread /5.5/storage/perfschema/pfs.cc:1015 #12 0x7f733732d6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9) #13 0x7f73367d441c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)

MariaDB Server

Server crashes in ha_maria::end_bulk_insert

Details

Description

Attachments

Issue Links

Activity

People

Dates

Git Integration