Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6
-
None
Description
Server crashes in _ma_keylength_part or Assertion `info->last_key.keyinfo == key->keyinfo' failed in _ma_search_no_save
Note: I'm not sure it's related to versioning, but I couldn't modify the test case to avoid it.
--source include/have_partition.inc
|
|
|
CREATE TABLE t1 ( |
a INT NOT NULL AUTO_INCREMENT, |
b INT, |
c CHAR, |
PRIMARY KEY (b), |
UNIQUE(b), |
KEY(c,a) |
) ENGINE=Aria WITH SYSTEM VERSIONING |
PARTITION BY SYSTEM_TIME INTERVAL 1 HOUR ( |
PARTITION p1 HISTORY,
|
PARTITION pn CURRENT |
);
|
ALTER TABLE t1 DROP PRIMARY KEY; |
REPLACE INTO t1 VALUES (1,0,''),(2,0,''),(0,0,''); |
|
|
# Cleanup
|
DROP TABLE t1; |
|
10.4 non-debug ba679ae52 |
#3 <signal handler called>
|
#4 0x000055850e58c7d9 in _ma_keylength_part (keyinfo=keyinfo@entry=0x7f6cb008eca0, key=0x7f6cb01993db <error: Cannot access memory at address 0x7f6cb01993db>, end=0x7f6cb008eda0) at /data/src/10.4/storage/maria/ma_search.c:1626
|
#5 0x000055850e58996c in maria_rkey (info=0x7f6cb00346a8, buf=buf@entry=0x7f6cb011dfc0 "\375\002", inx=inx@entry=0, key_data=<optimized out>, keypart_map=<optimized out>, search_flag=HA_READ_KEY_EXACT) at /data/src/10.4/storage/maria/ma_rkey.c:200
|
#6 0x000055850e55f2f4 in ha_maria::index_read_idx_map (this=0x7f6cb00c61a0, buf=0x7f6cb011dfc0 "\375\002", index=0, key=<optimized out>, keypart_map=<optimized out>, find_flag=<optimized out>) at /data/src/10.4/storage/maria/ha_maria.cc:2377
|
#7 0x000055850e1e8c9a in handler::ha_index_read_idx_map (this=0x7f6cb00c61a0, buf=buf@entry=0x7f6cb011dfc0 "\375\002", index=index@entry=0, key=key@entry=0x7f6cc2b72720 "", keypart_map=keypart_map@entry=3, find_flag=find_flag@entry=HA_READ_KEY_EXACT) at /data/src/10.4/sql/handler.cc:2914
|
#8 0x000055850e641565 in ha_partition::index_read_idx_map (find_flag=HA_READ_KEY_EXACT, keypart_map=3, key=0x7f6cc2b72720 "", index=0, buf=0x7f6cb011dfc0 "\375\002", this=0x7f6cb011c910) at /data/src/10.4/sql/ha_partition.cc:5838
|
#9 ha_partition::index_read_idx_map (this=0x7f6cb011c910, buf=0x7f6cb011dfc0 "\375\002", index=0, key=0x7f6cc2b72720 "", keypart_map=3, find_flag=<optimized out>) at /data/src/10.4/sql/ha_partition.cc:5810
|
#10 0x000055850e1e8bed in handler::ha_index_read_idx_map (this=0x7f6cb011c910, buf=0x7f6cb011dfc0 "\375\002", index=index@entry=0, key=key@entry=0x7f6cc2b72720 "", keypart_map=3, find_flag=find_flag@entry=HA_READ_KEY_EXACT) at /data/src/10.4/sql/handler.cc:2914
|
#11 0x000055850dfc37a8 in write_record (thd=thd@entry=0x7f6cb0000c08, table=table@entry=0x7f6cb00c4c28, info=info@entry=0x7f6cc2b728b0) at /data/src/10.4/sql/sql_insert.cc:1806
|
#12 0x000055850dfc9896 in mysql_insert (thd=thd@entry=0x7f6cb0000c08, table_list=<optimized out>, fields=..., values_list=..., update_fields=..., update_values=..., duplic=<optimized out>, ignore=<optimized out>) at /data/src/10.4/sql/sql_insert.cc:1078
|
#13 0x000055850dff535a in mysql_execute_command (thd=0x7f6cb0000c08) at /data/src/10.4/sql/sql_parse.cc:4528
|
#14 0x000055850dffbfd8 in mysql_parse (thd=thd@entry=0x7f6cb0000c08, rawbuf=<optimized out>, length=49, parser_state=parser_state@entry=0x7f6cc2b75190, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.4/sql/sql_parse.cc:7900
|
#15 0x000055850dffe2af in dispatch_command (command=COM_QUERY, thd=0x7f6cb0000c08, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.4/sql/sql_class.h:1168
|
#16 0x000055850dfff9df in do_command (thd=0x7f6cb0000c08) at /data/src/10.4/sql/sql_parse.cc:1359
|
#17 0x000055850e0d38f4 in do_handle_one_connection (connect=connect@entry=0x558510515188) at /data/src/10.4/sql/sql_connect.cc:1412
|
#18 0x000055850e0d39e4 in handle_one_connection (arg=arg@entry=0x558510515188) at /data/src/10.4/sql/sql_connect.cc:1316
|
#19 0x000055850e62d2bf in pfs_spawn_thread (arg=0x558510524cd8) at /data/src/10.4/storage/perfschema/pfs.cc:1869
|
#20 0x00007f6cc941afa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
|
#21 0x00007f6cc8c694cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x7f6cb0010020): REPLACE INTO t1 VALUES (1,0,''),(2,0,''),(0,0,'')
|
Connection ID (thread ID): 4
|
Status: NOT_KILLED
|
|
10.3 debug 6577a7a8 |
mysqld: /data/src/10.3/storage/maria/ma_search.c:130: _ma_search_no_save: Assertion `info->last_key.keyinfo == key->keyinfo' failed.
|
200418 3:18:51 [ERROR] mysqld got signal 6 ;
|
|
|
#7 0x00007f4c736b8102 in __GI___assert_fail (assertion=0x55f97e383f20 "info->last_key.keyinfo == key->keyinfo", file=0x55f97e383da0 "/data/src/10.3/storage/maria/ma_search.c", line=130, function=0x55f97e384e40 <__PRETTY_FUNCTION__.18407> "_ma_search_no_save") at assert.c:101
|
#8 0x000055f97d545200 in _ma_search_no_save (info=0x629000168270, key=0x7f4c69525d10, nextflag=1, pos=8192, res_page_link=0x7f4c69525b60, res_page_buff=0x7f4c69525ba0) at /data/src/10.3/storage/maria/ma_search.c:130
|
#9 0x000055f97d544a8d in _ma_search (info=0x629000168270, key=0x7f4c69525d10, nextflag=1, pos=8192) at /data/src/10.3/storage/maria/ma_search.c:77
|
#10 0x000055f97d54072a in maria_rkey (info=0x629000168270, buf=0x619000092a60 "\375\002", inx=0, key_data=0x7f4c69526200 "", keypart_map=3, search_flag=HA_READ_KEY_EXACT) at /data/src/10.3/storage/maria/ma_rkey.c:104
|
#11 0x000055f97d479dc2 in ha_maria::index_read_idx_map (this=0x61d000218510, buf=0x619000092a60 "\375\002", index=0, key=0x7f4c69526200 "", keypart_map=3, find_flag=HA_READ_KEY_EXACT) at /data/src/10.3/storage/maria/ha_maria.cc:2298
|
#12 0x000055f97c4e3bba in handler::ha_index_read_idx_map (this=0x61d000218510, buf=0x619000092a60 "\375\002", index=0, key=0x7f4c69526200 "", keypart_map=3, find_flag=HA_READ_KEY_EXACT) at /data/src/10.3/sql/handler.cc:2932
|
#13 0x000055f97d8c1d32 in ha_partition::index_read_idx_map (this=0x61d000217110, buf=0x619000092a60 "\375\002", index=0, key=0x7f4c69526200 "", keypart_map=3, find_flag=HA_READ_KEY_EXACT) at /data/src/10.3/sql/ha_partition.cc:5805
|
#14 0x000055f97c4e3aa3 in handler::ha_index_read_idx_map (this=0x61d000217110, buf=0x619000092a60 "\375\002", index=0, key=0x7f4c69526200 "", keypart_map=3, find_flag=HA_READ_KEY_EXACT) at /data/src/10.3/sql/handler.cc:2932
|
#15 0x000055f97bc97075 in write_record (thd=0x62a000060270, table=0x61f000056af0, info=0x7f4c69526810) at /data/src/10.3/sql/sql_insert.cc:1784
|
#16 0x000055f97bc90e4b in mysql_insert (thd=0x62a000060270, table_list=0x62b0000003d0, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_REPLACE, ignore=false) at /data/src/10.3/sql/sql_insert.cc:1072
|
#17 0x000055f97bd3c3f1 in mysql_execute_command (thd=0x62a000060270) at /data/src/10.3/sql/sql_parse.cc:4454
|
#18 0x000055f97bd54c47 in mysql_parse (thd=0x62a000060270, rawbuf=0x62b000000290 "REPLACE INTO t1 VALUES (1,0,''),(2,0,''),(0,0,'')", length=49, parser_state=0x7f4c695289a0, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:7817
|
#19 0x000055f97bd2b827 in dispatch_command (command=COM_QUERY, thd=0x62a000060270, packet=0x6290000e6271 "REPLACE INTO t1 VALUES (1,0,''),(2,0,''),(0,0,'')", packet_length=49, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1855
|
#20 0x000055f97bd27fc7 in do_command (thd=0x62a000060270) at /data/src/10.3/sql/sql_parse.cc:1401
|
#21 0x000055f97c11126c in do_handle_one_connection (connect=0x611000005830) at /data/src/10.3/sql/sql_connect.cc:1403
|
#22 0x000055f97c110b24 in handle_one_connection (arg=0x611000005830) at /data/src/10.3/sql/sql_connect.cc:1308
|
#23 0x000055f97d85c8cf in pfs_spawn_thread (arg=0x61600000cff0) at /data/src/10.3/storage/perfschema/pfs.cc:1869
|
#24 0x00007f4c73f32fa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
|
#25 0x00007f4c737814cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Reproducible on 10.3-10.5.
The test case is not applicable to 10.2 due to versioning.
Attachments
Issue Links
- relates to
-
-
- Open
-
Activity
Reproducible without System Versioning:
--source include/have_partition.inc
|
|
|
create table t1 ( |
a int auto_increment, |
b int, c int, |
key(c, a), unique(b) |
) engine aria
|
partition by hash (b); |
|
|
replace into t1 values (1, 0, 0), (2, 0, 0), (0, 0, 0); |
|
|
# cleanup
|
drop table t1; |
Here is a similar test case, which, in addition to the failures above, can also produce on non-debug builds the ones below.
--source include/have_partition.inc# Cleanup10.3-e fe4e3027 non-debug
#3 <signal handler called>#4 __memmove_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:325#5 0x00005648107b0b97 in memcpy (__len=<optimized out>, __src=0x0, __dest=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/string3.h:53#6 _ma_search_no_save (info=info@entry=0x7fdde00b1638, key=key@entry=0x7fddfc507130, nextflag=nextflag@entry=1, pos=16384, res_page_link=0x0, res_page_link@entry=0x7fddfc5070a0, res_page_buff=0x0, res_page_buff@entry=0x7fddfc5070a8) at /data/src/10.3-enterprise/storage/maria/ma_search.c:230#7 0x00005648107b0ffc in _ma_search (info=info@entry=0x7fdde00b1638, key=key@entry=0x7fddfc507130, nextflag=nextflag@entry=1, pos=<optimized out>) at /data/src/10.3-enterprise/storage/maria/ma_search.c:77#8 0x00005648107ae9fa in maria_rkey (info=0x7fdde00b1638, buf=buf@entry=0x7fdde0063e30 "\375", inx=inx@entry=1, key_data=<optimized out>, keypart_map=<optimized out>, search_flag=HA_READ_KEY_EXACT) at /data/src/10.3-enterprise/storage/maria/ma_rkey.c:104#9 0x000056481077b7e2 in ha_maria::index_read_idx_map (this=0x7fdde0066c10, buf=0x7fdde0063e30 "\375", index=1, key=<optimized out>, keypart_map=<optimized out>, find_flag=<optimized out>) at /data/src/10.3-enterprise/storage/maria/ha_maria.cc:2308#10 0x0000564810379d6b in handler::ha_index_read_idx_map (this=0x7fdde0066c10, buf=buf@entry=0x7fdde0063e30 "\375", index=index@entry=1, key=key@entry=0x7fddfc5073a0 "", keypart_map=keypart_map@entry=3, find_flag=find_flag@entry=HA_READ_KEY_EXACT) at /data/src/10.3-enterprise/sql/handler.cc:3005#11 0x0000564810897270 in ha_partition::index_read_idx_map (this=0x7fdde0073e80, buf=0x7fdde0063e30 "\375", index=1, key=0x7fddfc5073a0 "", keypart_map=3, find_flag=<optimized out>) at /data/src/10.3-enterprise/sql/ha_partition.cc:5816#12 0x0000564810379cbe in handler::ha_index_read_idx_map (this=0x7fdde0073e80, buf=0x7fdde0063e30 "\375", index=index@entry=1, key=key@entry=0x7fddfc5073a0 "", keypart_map=3, find_flag=find_flag@entry=HA_READ_KEY_EXACT) at /data/src/10.3-enterprise/sql/handler.cc:3005#13 0x0000564810157f6b in write_record (thd=thd@entry=0x7fdde00009a8, table=table@entry=0x7fdde0072a78, info=info@entry=0x7fddfc5075d0) at /data/src/10.3-enterprise/sql/sql_insert.cc:1784#14 0x000056481015f2f7 in mysql_insert (thd=thd@entry=0x7fdde00009a8, table_list=<optimized out>, fields=..., values_list=..., update_fields=..., update_values=..., duplic=<optimized out>, ignore=<optimized out>) at /data/src/10.3-enterprise/sql/sql_insert.cc:1072#15 0x000056481018907d in mysql_execute_command (thd=thd@entry=0x7fdde00009a8) at /data/src/10.3-enterprise/sql/sql_parse.cc:4465#16 0x000056481018d60a in mysql_parse (thd=thd@entry=0x7fdde00009a8, rawbuf=<optimized out>, length=37, parser_state=parser_state@entry=0x7fddfc5095f0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.3-enterprise/sql/sql_parse.cc:7855#17 0x000056481018f222 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7fdde00009a8, packet=packet@entry=0x7fdde00071f9 "REPLACE INTO t1 () VALUES (),(),(),()", packet_length=packet_length@entry=37, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.3-enterprise/sql/sql_parse.cc:1857#18 0x0000564810190c8e in do_command (thd=0x7fdde00009a8) at /data/src/10.3-enterprise/sql/sql_parse.cc:1403#19 0x0000564810269a22 in do_handle_one_connection (connect=connect@entry=0x5648130257b8) at /data/src/10.3-enterprise/sql/sql_connect.cc:1403#20 0x0000564810269b7d in handle_one_connection (arg=arg@entry=0x5648130257b8) at /data/src/10.3-enterprise/sql/sql_connect.cc:1308#21 0x0000564810882421 in pfs_spawn_thread (arg=0x564813025818) at /data/src/10.3-enterprise/storage/perfschema/pfs.cc:1869#22 0x00007fde0b7044a4 in start_thread (arg=0x7fddfc50a700) at pthread_create.c:456#23 0x00007fde09a40d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:9710.3e fe4e3027 non-debug
ASAN:DEADLYSIGNAL===================================================================27948==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x55b0cf706c1c bp 0x7fdb74f7d120 sp 0x7fdb74f7ce80 T5)#0 0x55b0cf706c1b in _ma_row_pos_from_key /data/src/10.3-enterprise/storage/maria/ma_search.c:782#1 0x55b0cf707987 in _ma_search_no_save /data/src/10.3-enterprise/storage/maria/ma_search.c:234#2 0x55b0cf708513 in _ma_search /data/src/10.3-enterprise/storage/maria/ma_search.c:77#3 0x55b0cf701afe in maria_rkey /data/src/10.3-enterprise/storage/maria/ma_rkey.c:104#4 0x55b0cf6908df in ha_maria::index_read_idx_map(unsigned char*, unsigned int, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.3-enterprise/storage/maria/ha_maria.cc:2308#5 0x55b0cec14743 in handler::ha_index_read_idx_map(unsigned char*, unsigned int, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.3-enterprise/sql/handler.cc:3005#6 0x55b0cf9543b7 in ha_partition::index_read_idx_map(unsigned char*, unsigned int, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.3-enterprise/sql/ha_partition.cc:5816#7 0x55b0cec1453c in handler::ha_index_read_idx_map(unsigned char*, unsigned int, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.3-enterprise/sql/handler.cc:3005#8 0x55b0ce64f351 in write_record(THD*, TABLE*, st_copy_info*) /data/src/10.3-enterprise/sql/sql_insert.cc:1784#9 0x55b0ce671047 in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /data/src/10.3-enterprise/sql/sql_insert.cc:1072#10 0x55b0ce6e7cfd in mysql_execute_command(THD*) /data/src/10.3-enterprise/sql/sql_parse.cc:4465#11 0x55b0ce6f81c2 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.3-enterprise/sql/sql_parse.cc:7855#12 0x55b0ce6fc3ba in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.3-enterprise/sql/sql_parse.cc:1857#13 0x55b0ce700499 in do_command(THD*) /data/src/10.3-enterprise/sql/sql_parse.cc:1403#14 0x55b0ce95f67f in do_handle_one_connection(CONNECT*) /data/src/10.3-enterprise/sql/sql_connect.cc:1403#15 0x55b0ce95faaa in handle_one_connection /data/src/10.3-enterprise/sql/sql_connect.cc:1308#16 0x55b0cf9137e3 in pfs_spawn_thread /data/src/10.3-enterprise/storage/perfschema/pfs.cc:1869#17 0x7fdb87ae04a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)#18 0x7fdb855d8d0e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8d0e)AddressSanitizer can not provide additional info.SUMMARY: AddressSanitizer: SEGV /data/src/10.3-enterprise/storage/maria/ma_search.c:782 in _ma_row_pos_from_keyThread T5 created by T0 here:#0 0x7fdb87d26f59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)#1 0x55b0cf91ba62 in spawn_thread_v1 /data/src/10.3-enterprise/storage/perfschema/pfs.cc:1919==27948==ABORTING10.3 19da9a51 non-debug
mysqltest: At line 12: query 'REPLACE INTO t1 () VALUES (),(),(),()' failed: 1032: Can't find record in 't1'