Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.4.11, 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL)
-
None
-
Ubuntu 19.04
Description
Consider the following CREATE TABLE statement:
CREATE TABLE t0(c0 INT AS(('' RLIKE '[')));
|
Unexpectedly, the statement results in a segfault on the current trunk (89ae01f) with the following stacktrace:
Server version: 10.4.11-MariaDB-debug
|
key_buffer_size=134217728
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=7
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467846 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
|
|
Thread pointer: 0x7fbe08000d50
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7fbe8cea8e98 thread_stack 0x49000
|
/usr/local/mysql/bin/mysqld(my_print_stacktrace+0x4f)[0x55ee64000bd9]
|
mysys/stacktrace.c:269(my_print_stacktrace)[0x55ee637557e2]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x13f40)[0x7fbea2f77f40]
|
linux/raise.c:51(__GI_raise)[0x7fbea270ced7]
|
stdlib/abort.c:81(__GI_abort)[0x7fbea26ee535]
|
intl/loadmsgcat.c:1177(_nl_load_domain)[0x7fbea26ee40f]
|
/lib/x86_64-linux-gnu/libc.so.6(+0x35012)[0x7fbea26fe012]
|
sql/sql_error.cc:340(Diagnostics_area::set_ok_status(unsigned long long, unsigned long long, char const*))[0x55ee6339a5ac]
|
sql/sql_class.h:5010(my_ok(THD*, unsigned long long, unsigned long long, char const*))[0x55ee6333b250]
|
sql/sql_table.cc:11446(Sql_cmd_create_table_like::execute(THD*))[0x55ee634ebbd4]
|
sql/sql_parse.cc:6099(mysql_execute_command(THD*))[0x55ee633fa230]
|
sql/sql_parse.cc:7898(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55ee633ffb1d]
|
sql/sql_parse.cc:1841(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55ee633eaad2]
|
sql/sql_parse.cc:1359(do_command(THD*))[0x55ee633e9156]
|
sql/sql_connect.cc:1412(do_handle_one_connection(CONNECT*))[0x55ee63577b8e]
|
sql/sql_connect.cc:1317(handle_one_connection)[0x55ee635778ce]
|
nptl/pthread_create.c:487(start_thread)[0x7fbea2f6d182]
|
x86_64/clone.S:97(clone)[0x7fbea27e6b1f]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x7fbe080122b8): CREATE TABLE t0(c1 INT AS(('' RLIKE '[')))
|
Connection ID (thread ID): 8
|
Status: NOT_KILLED
|
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
Updated the summary slightly as it's not really segfault in the description, it's sigabrt (caused by an assertion failure).
|
10.4 ae33ebe5 |
mysqld: /data/src/10.4/sql/sql_error.cc:335: void Diagnostics_area::set_ok_status(ulonglong, ulonglong, const char*): Assertion `!is_set() || (m_status == DA_OK_BULK && is_bulk_op())' failed.
|
...
|
on non-debug table is created with error:
MariaDB [test]> CREATE TABLE t0(c0 INT AS(('' RLIKE '[')));
|
ERROR 1139 (42000): Regex error 'missing terminating ] for character class at offset 1'
|
|
|
MariaDB [test]> CREATE TABLE t0(c0 INT );
|
ERROR 1050 (42S01): Table 't0' already exists
|
|
|
MariaDB [test]> show create table t0;
|
ERROR 1139 (42000): Regex error 'missing terminating ] for character class at offset 1'
|
|
Hello nikitamalyavin,
Please review a patch:
https://github.com/MariaDB/server/commit/cf2348b675e43d601d96f399c218346f7095627d
Thanks.
Thanks! It might be related to
MDEV-21017.10.2 90451a59811b415a44
#4 0x00007fd4c1695428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54#5 0x00007fd4c169702a in __GI_abort () at abort.c:89#6 0x00007fd4c168dbd7 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x561c950b3760 "!is_set() || (m_status == DA_OK_BULK && is_bulk_op())", file=file@entry=0x561c950b3690 "/10.2/sql/sql_error.cc", line=line@entry=380, function=function@entry=0x561c950b3ac0 <Diagnostics_area::set_ok_status(unsigned long long, unsigned long long, char const*)::__PRETTY_FUNCTION__> "void Diagnostics_area::set_ok_status(ulonglong, ulonglong, const char*)") at assert.c:92#7 0x00007fd4c168dc82 in __GI___assert_fail (assertion=0x561c950b3760 "!is_set() || (m_status == DA_OK_BULK && is_bulk_op())", file=0x561c950b3690 "/10.2/sql/sql_error.cc", line=380, function=0x561c950b3ac0 <Diagnostics_area::set_ok_status(unsigned long long, unsigned long long, char const*)::__PRETTY_FUNCTION__> "void Diagnostics_area::set_ok_status(ulonglong, ulonglong, const char*)") at assert.c:101#8 0x0000561c94599bc9 in Diagnostics_area::set_ok_status (this=0x7fd468005ca0, affected_rows=0, last_insert_id=0, message=0x0) at /10.2/sql/sql_error.cc:380#9 0x0000561c9454bc7b in my_ok (thd=0x7fd468000af0, affected_rows=0, id=0, message=0x0) at /10.2/sql/sql_class.h:4548#10 0x0000561c946a42a5 in Sql_cmd_create_table::execute (this=0x7fd4680126a0, thd=0x7fd468000af0) at /10.2/sql/sql_table.cc:10907#11 0x0000561c945cf24b in mysql_execute_command (thd=0x7fd468000af0) at /10.2/sql/sql_parse.cc:5972#12 0x0000561c945d4305 in mysql_parse (thd=0x7fd468000af0, rawbuf=0x7fd4680125a0 "CREATE TABLE t0(c0 INT AS(('' RLIKE '[')))", length=42, parser_state=0x7fd4b8507080, is_com_multi=false, is_next_command=false) at /10.2/sql/sql_parse.cc:7740#13 0x0000561c945c25da in dispatch_command (command=COM_QUERY, thd=0x7fd468000af0, packet=0x7fd468096121 "CREATE TABLE t0(c0 INT AS(('' RLIKE '[')))", packet_length=42, is_com_multi=false, is_next_command=false) at /10.2/sql/sql_parse.cc:1831#14 0x0000561c945c0eee in do_command (thd=0x7fd468000af0) at /10.2/sql/sql_parse.cc:1385#15 0x0000561c9471760d in do_handle_one_connection (connect=0x561c98b3f540) at /10.2/sql/sql_connect.cc:1336#16 0x0000561c94717378 in handle_one_connection (arg=0x561c98b3f540) at /10.2/sql/sql_connect.cc:1241#17 0x0000561c94f4591c in pfs_spawn_thread (arg=0x561c98b4a330) at /10.2/storage/perfschema/pfs.cc:1862#18 0x00007fd4c22d26ba in start_thread (arg=0x7fd4b8508700) at pthread_create.c:333#19 0x00007fd4c176741d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109