Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22262

Server crashes in ha_partition::open or handler::ha_table_flags upon UPDATE with partition pruning

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Confirmed (View Workflow)
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 10.4, 10.5, 10.6, 10.7, 10.8, 10.9
    • Fix Version/s: 10.4, 10.5, 10.6, 10.7
    • Component/s: Partitioning
    • Labels:
      None

      Description

      Notes:
      It might be related to MDEV-21134; however, the tops of stack traces are the same, but the rest is different, and besides MDEV-21134 is said to be specific to 10.3, while this one is not reproducible on 10.3.
      It is certainly related to MDEV-22184, as USING HASH is also important here. On the same reason, it might be related to MDEV-22185.
      There are probably other related bugs as well.

      --source include/have_partition.inc
       
      CREATE TABLE t1 (a INT, b INT, KEY(b)) ENGINE=MyISAM
      PARTITION BY RANGE (a) SUBPARTITION BY LINEAR HASH (a) SUBPARTITIONS 3 (
          PARTITION p0 VALUES LESS THAN (1),
          PARTITION p1 VALUES LESS THAN (20),
          PARTITION pn VALUES LESS THAN MAXVALUE
      );
      INSERT INTO t1 VALUES (1,8),(8,5),(2,2);
      ALTER TABLE t1 ADD UNIQUE ind USING HASH (a);
      UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8;
       
      # Cleanup
      DROP TABLE t1;
      

      10.4 non-debug 5679a2b6

      #3  <signal handler called>
      #4  ha_partition::info (this=0x7efdf00112e8, flag=280) at /data/src/10.4/sql/ha_partition.cc:8303
      #5  0x0000562e90bde4b3 in ha_partition::open (this=0x7efdf00112e8, name=<optimized out>, test_if_locked=<optimized out>, mode=<optimized out>) at /data/src/10.4/sql/ha_partition.cc:3655
      #6  0x0000562e90739d83 in handler::ha_open (this=this@entry=0x7efdf00112e8, table_arg=<optimized out>, name=name@entry=0x7efdf006aac8 "./test/t1", mode=33, test_if_locked=test_if_locked@entry=1026, mem_root=mem_root@entry=0x0, partitions_to_open=0x0) at /data/src/10.4/sql/handler.cc:2749
      #7  0x0000562e90bdc20b in ha_partition::clone (this=0x7efdf011d660, name=0x7efdf006aac8 "./test/t1", mem_root=0x7efdf0006188) at /data/src/10.4/sql/ha_partition.cc:3754
      #8  0x0000562e905f1f6e in TABLE::clone_handler_for_update (this=this@entry=0x7efdf011c868) at /data/src/10.4/sql/table.cc:9127
      #9  0x0000562e9074072a in check_duplicate_long_entries_update (h=<optimized out>, new_rec=0x7efdf007f368 "\361\003", table=0x7efdf011c868) at /data/src/10.4/sql/handler.cc:6626
      #10 handler::ha_update_row (this=0x7efdf011d660, old_data=0x7efdf007f380 "\361\b", new_data=0x7efdf007f368 "\361\003") at /data/src/10.4/sql/handler.cc:6716
      #11 0x0000562e905dc23c in mysql_update (thd=thd@entry=0x7efdf00009a8, table_list=<optimized out>, fields=..., values=..., conds=<optimized out>, order_num=<optimized out>, order=<optimized out>, limit=18446744073709551615, ignore=false, found_return=0x7efe075c6cb0, updated_return=0x7efe075c6d70) at /data/src/10.4/sql/sql_update.cc:1056
      #12 0x0000562e9053e9ad in mysql_execute_command (thd=thd@entry=0x7efdf00009a8) at /data/src/10.4/sql/sql_parse.cc:4376
      #13 0x0000562e90543079 in mysql_parse (thd=thd@entry=0x7efdf00009a8, rawbuf=<optimized out>, length=42, parser_state=parser_state@entry=0x7efe075c91a0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.4/sql/sql_parse.cc:7900
      #14 0x0000562e90545488 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7efdf00009a8, packet=packet@entry=0x7efdf0007a19 "UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8", packet_length=packet_length@entry=42, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.4/sql/sql_parse.cc:1842
      #15 0x0000562e90546c09 in do_command (thd=0x7efdf00009a8) at /data/src/10.4/sql/sql_parse.cc:1360
      #16 0x0000562e906168f4 in do_handle_one_connection (connect=connect@entry=0x562e930001c8) at /data/src/10.4/sql/sql_connect.cc:1412
      #17 0x0000562e906169a4 in handle_one_connection (arg=arg@entry=0x562e930001c8) at /data/src/10.4/sql/sql_connect.cc:1316
      #18 0x0000562e90bc1f64 in pfs_spawn_thread (arg=0x562e92f79118) at /data/src/10.4/storage/perfschema/pfs.cc:1869
      #19 0x00007efe133b94a4 in start_thread (arg=0x7efe075ca700) at pthread_create.c:456
      #20 0x00007efe114edd0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
      

      10.4 debug 5679a2b6

      #3  <signal handler called>
      #4  0x00005599c61eae72 in handler::ha_table_flags (this=0x0) at /data/src/10.4/sql/handler.h:3258
      #5  0x00005599c6e3b18c in ha_partition::info (this=0x7f181c014740, flag=280) at /data/src/10.4/sql/ha_partition.cc:8304
      #6  0x00005599c6e2e0a0 in ha_partition::open (this=0x7f181c014740, name=0x7f181c00ab40 "./test/t1", mode=33, test_if_locked=1026) at /data/src/10.4/sql/ha_partition.cc:3655
      #7  0x00005599c65e47d3 in handler::ha_open (this=0x7f181c014740, table_arg=0x7f181c12bee0, name=0x7f181c00ab40 "./test/t1", mode=33, test_if_locked=1026, mem_root=0x0, partitions_to_open=0x0) at /data/src/10.4/sql/handler.cc:2749
      #8  0x00005599c6e2e365 in ha_partition::clone (this=0x7f181c1aae68, name=0x7f181c00ab40 "./test/t1", mem_root=0x7f181c006490) at /data/src/10.4/sql/ha_partition.cc:3754
      #9  0x00005599c63bb701 in TABLE::clone_handler_for_update (this=0x7f181c12bee0) at /data/src/10.4/sql/table.cc:9127
      #10 0x00005599c65f0648 in check_duplicate_long_entries_update (table=0x7f181c12bee0, h=0x7f181c1aae68, new_rec=0x7f181c1a9f70 "\361\003") at /data/src/10.4/sql/handler.cc:6626
      #11 0x00005599c65f0e6a in handler::ha_update_row (this=0x7f181c1aae68, old_data=0x7f181c1a9f88 "\361\b", new_data=0x7f181c1a9f70 "\361\003") at /data/src/10.4/sql/handler.cc:6716
      #12 0x00005599c638ff77 in mysql_update (thd=0x7f181c000af0, table_list=0x7f181c0132f0, fields=..., values=..., conds=0x7f181c013d48, order_num=0, order=0x0, limit=18446744073709551615, ignore=false, found_return=0x7f182d0d5840, updated_return=0x7f182d0d5900) at /data/src/10.4/sql/sql_update.cc:1056
      #13 0x00005599c628012f in mysql_execute_command (thd=0x7f181c000af0) at /data/src/10.4/sql/sql_parse.cc:4376
      #14 0x00005599c628d0d5 in mysql_parse (thd=0x7f181c000af0, rawbuf=0x7f181c013198 "UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8", length=42, parser_state=0x7f182d0d6160, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7900
      #15 0x00005599c62782a4 in dispatch_command (command=COM_QUERY, thd=0x7f181c000af0, packet=0x7f181c136341 "UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8", packet_length=42, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1842
      #16 0x00005599c6276931 in do_command (thd=0x7f181c000af0) at /data/src/10.4/sql/sql_parse.cc:1360
      #17 0x00005599c640001b in do_handle_one_connection (connect=0x5599c8b029c0) at /data/src/10.4/sql/sql_connect.cc:1412
      #18 0x00005599c63ffd6a in handle_one_connection (arg=0x5599c8b029c0) at /data/src/10.4/sql/sql_connect.cc:1316
      #19 0x00005599c6e0a16b in pfs_spawn_thread (arg=0x5599c8a168a0) at /data/src/10.4/storage/perfschema/pfs.cc:1869
      #20 0x00007f1834eb54a4 in start_thread (arg=0x7f182d0d7700) at pthread_create.c:456
      #21 0x00007f1832fe9d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
      

      Even a slight change in the test case changes the top of the debug stack trace, e.g. in the test case below we have 2 subpartitions instead of 3:

      --source include/have_partition.inc
       
      CREATE TABLE t1 (a INT, b INT, KEY(b)) ENGINE=MyISAM
      PARTITION BY RANGE (a) SUBPARTITION BY LINEAR HASH (a) SUBPARTITIONS 2 (
          PARTITION p0 VALUES LESS THAN (1),
          PARTITION p1 VALUES LESS THAN (20),
          PARTITION pn VALUES LESS THAN MAXVALUE
      );
      INSERT INTO t1 VALUES (1,8),(8,5),(2,2);
      ALTER TABLE t1 ADD UNIQUE ind USING HASH (a);
      UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8;
       
      # Cleanup
      DROP TABLE t1;
      

      #3  <signal handler called>
      #4  0x00005618bba4e9ed in ha_partition::compare_number_of_records (me=0x7f926c014710, a=0x7f926c173d80, b=0x7f926c173d84) at /data/src/10.4/sql/ha_partition.cc:8105
      #5  0x00005618bba79e6a in my_qsort2 (base_ptr=0x7f926c173d80, count=6, size=4, cmp=0x5618bba4e9b4 <ha_partition::compare_number_of_records(ha_partition*, unsigned int const*, unsigned int const*)>, cmp_argument=0x7f926c014710) at /data/src/10.4/mysys/mf_qsort.c:131
      #6  0x00005618bba4f3e7 in ha_partition::info (this=0x7f926c014710, flag=280) at /data/src/10.4/sql/ha_partition.cc:8396
      #7  0x00005618bba420a0 in ha_partition::open (this=0x7f926c014710, name=0x7f926c19b7d0 "./test/t1", mode=33, test_if_locked=1026) at /data/src/10.4/sql/ha_partition.cc:3655
      #8  0x00005618bb1f87d3 in handler::ha_open (this=0x7f926c014710, table_arg=0x7f926c12ad40, name=0x7f926c19b7d0 "./test/t1", mode=33, test_if_locked=1026, mem_root=0x0, partitions_to_open=0x0) at /data/src/10.4/sql/handler.cc:2749
      #9  0x00005618bba42365 in ha_partition::clone (this=0x7f926c12bba8, name=0x7f926c19b7d0 "./test/t1", mem_root=0x7f926c006490) at /data/src/10.4/sql/ha_partition.cc:3754
      #10 0x00005618bafcf701 in TABLE::clone_handler_for_update (this=0x7f926c12ad40) at /data/src/10.4/sql/table.cc:9127
      #11 0x00005618bb204648 in check_duplicate_long_entries_update (table=0x7f926c12ad40, h=0x7f926c12bba8, new_rec=0x7f926c176d78 "\361\003") at /data/src/10.4/sql/handler.cc:6626
      #12 0x00005618bb204e6a in handler::ha_update_row (this=0x7f926c12bba8, old_data=0x7f926c176d90 "\361\b", new_data=0x7f926c176d78 "\361\003") at /data/src/10.4/sql/handler.cc:6716
      #13 0x00005618bafa3f77 in mysql_update (thd=0x7f926c000af0, table_list=0x7f926c0132f0, fields=..., values=..., conds=0x7f926c013d48, order_num=0, order=0x0, limit=18446744073709551615, ignore=false, found_return=0x7f9288064840, updated_return=0x7f9288064900) at /data/src/10.4/sql/sql_update.cc:1056
      #14 0x00005618bae9412f in mysql_execute_command (thd=0x7f926c000af0) at /data/src/10.4/sql/sql_parse.cc:4376
      #15 0x00005618baea10d5 in mysql_parse (thd=0x7f926c000af0, rawbuf=0x7f926c013198 "UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8", length=42, parser_state=0x7f9288065160, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7900
      #16 0x00005618bae8c2a4 in dispatch_command (command=COM_QUERY, thd=0x7f926c000af0, packet=0x7f926c136341 "UPDATE t1 PARTITION (p1) SET a=3 WHERE a=8", packet_length=42, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1842
      #17 0x00005618bae8a931 in do_command (thd=0x7f926c000af0) at /data/src/10.4/sql/sql_parse.cc:1360
      #18 0x00005618bb01401b in do_handle_one_connection (connect=0x5618bdb2d9c0) at /data/src/10.4/sql/sql_connect.cc:1412
      #19 0x00005618bb013d6a in handle_one_connection (arg=0x5618bdb2d9c0) at /data/src/10.4/sql/sql_connect.cc:1316
      #20 0x00005618bba1e16b in pfs_spawn_thread (arg=0x5618bda418a0) at /data/src/10.4/storage/perfschema/pfs.cc:1869
      #21 0x00007f928f45c4a4 in start_thread (arg=0x7f9288066700) at pthread_create.c:456
      #22 0x00007f928d590d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
      

      Reproducible on 10.4 and 10.5, with slightly different stack traces as described above.
      Not reproducible on 10.3.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sanja Oleksandr Byelkin
              Reporter:
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:

                  Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.