Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22715

SIGSEGV in radixsort_for_str_ptr and in native_compare/my_qsort2 (optimized builds)

    XMLWordPrintable

Details

    Description

      SOURCE in.sql;

      Leads to:

      10.5.4 8569dac1ec9f6853a0b2f3ea9bcbda67644ead24 dbg

      		 
      Core was generated by `/test/MD260520-mariadb-10.5.4-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)
      		 
          at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
      		 
      [Current thread is 1 (Thread 0x14b6f792e700 (LWP 688652))]
      		 
      (gdb) bt
      		 
      #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
      		 
      #1  0x0000561fed75fd7a in my_write_core (sig=sig@entry=11) at /test/10.5_dbg/mysys/stacktrace.c:518
      		 
      #2  0x0000561fecf05385 in handle_fatal_signal (sig=11) at /test/10.5_dbg/sql/signal_handler.cc:330
      		 
      #3  <signal handler called>
      		 
      #4  0x0000561fed74ff8a in radixsort_for_str_ptr (base=0x14b6d3d687e0, number_of_elements=number_of_elements@entry=80659, size_of_element=<optimized out>, buffer=buffer@entry=0x14b6d3a46088) at /test/10.5_dbg/mysys/mf_radix.c:45
      		 
      #5  0x0000561fed1172a9 in Filesort_buffer::sort_buffer (this=this@entry=0x14b6d34dc200, param=param@entry=0x14b6f792bbd0, count=count@entry=80659) at /test/10.5_dbg/sql/filesort_utils.cc:187
      		 
      #6  0x0000561fecefcbb8 in SORT_INFO::sort_buffer (count=80659, param=0x14b6f792bbd0, this=0x14b6d34dc200) at /test/10.5_dbg/sql/filesort.h:151
      		 
      #7  write_keys (param=param@entry=0x14b6f792bbd0, fs_info=fs_info@entry=0x14b6d34dc200, count=count@entry=80659, buffpek_pointers=buffpek_pointers@entry=0x14b6f792bde0, tempfile=tempfile@entry=0x14b6f792bc70) at /test/10.5_dbg/sql/filesort.cc:1040
      		 
      #8  0x0000561fecf033fb in find_all_keys (found_rows=0x14b6d34dc3f0, pq=0x0, tempfile=0x14b6f792bc70, buffpek_pointers=0x14b6f792bde0, fs_info=0x14b6d34dc200, select=0x14b6d3477b98, param=0x14b6f792bbd0, thd=0x14b6d3415088) at /test/10.5_dbg/sql/filesort.cc:945
      		 
      #9  filesort (thd=thd@entry=0x14b6d3415088, table=table@entry=0x14b6d34d5088, filesort=filesort@entry=0x14b6d3477d68, tracker=0x14b6d3478458, join=join@entry=0x14b6d3475ab0, first_table_bit=<optimized out>) at /test/10.5_dbg/sql/filesort.cc:356
      		 
      #10 0x0000561feccafe83 in create_sort_index (thd=0x14b6d3415088, join=0x14b6d3475ab0, tab=tab@entry=0x14b6d3477258, fsort=0x14b6d3477d68, fsort@entry=0x0) at /test/10.5_dbg/sql/sql_select.cc:23870
      		 
      #11 0x0000561feccb01b2 in st_join_table::sort_table (this=this@entry=0x14b6d3477258) at /test/10.5_dbg/sql/sql_select.cc:21599
      		 
      #12 0x0000561feccb02e6 in join_init_read_record (tab=0x14b6d3477258) at /test/10.5_dbg/sql/sql_select.cc:21538
      		 
      #13 0x0000561fecca0c11 in sub_select (join=0x14b6d3475ab0, join_tab=0x14b6d3477258, end_of_records=<optimized out>) at /test/10.5_dbg/sql/sql_select.cc:20612
      		 
      #14 0x0000561feccd8a16 in do_select (procedure=0x0, join=0x14b6d3475ab0) at /test/10.5_dbg/sql/sql_select.cc:20149
      		 
      #15 JOIN::exec_inner (this=this@entry=0x14b6d3475ab0) at /test/10.5_dbg/sql/sql_select.cc:4464
      		 
      #16 0x0000561feccd9031 in JOIN::exec (this=this@entry=0x14b6d3475ab0) at /test/10.5_dbg/sql/sql_select.cc:4245
      		 
      #17 0x0000561feccd7346 in mysql_select (thd=thd@entry=0x14b6d3415088, tables=<optimized out>, fields=..., conds=0x0, og_num=2, order=<optimized out>, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x14b6d3475a88, unit=0x14b6d34190a0, select_lex=0x14b6d3474140) at /test/10.5_dbg/sql/sql_select.cc:4669
      		 
      #18 0x0000561feccd7675 in handle_select (thd=thd@entry=0x14b6d3415088, lex=lex@entry=0x14b6d3418fd8, result=result@entry=0x14b6d3475a88, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.5_dbg/sql/sql_select.cc:417
      		 
      #19 0x0000561fecc620bf in execute_sqlcom_select (thd=thd@entry=0x14b6d3415088, all_tables=0x14b6d3474738) at /test/10.5_dbg/sql/sql_parse.cc:6207
      		 
      #20 0x0000561fecc5b1f4 in mysql_execute_command (thd=thd@entry=0x14b6d3415088) at /test/10.5_dbg/sql/sql_parse.cc:3939
      		 
      #21 0x0000561fecc6802e in mysql_parse (thd=thd@entry=0x14b6d3415088, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14b6f792d3d0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:7991
      		 
      #22 0x0000561fecc54b42 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b6d3415088, packet=packet@entry=0x14b6d3467089 "", packet_length=packet_length@entry=31, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:1874
      		 
      #23 0x0000561fecc5331c in do_command (thd=0x14b6d3415088) at /test/10.5_dbg/sql/sql_parse.cc:1355
      		 
      #24 0x0000561fecdad73f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x14b6d70453a8, put_in_cache=put_in_cache@entry=true) at /test/10.5_dbg/sql/sql_connect.cc:1411
      		 
      #25 0x0000561fecdade5b in handle_one_connection (arg=arg@entry=0x14b6d70453a8) at /test/10.5_dbg/sql/sql_connect.cc:1313
      		 
      #26 0x0000561fed20d14e in pfs_spawn_thread (arg=0x14b6f5445888) at /test/10.5_dbg/storage/perfschema/pfs.cc:2201
      		 
      #27 0x000014b6f6d556db in start_thread (arg=0x14b6f792e700) at pthread_create.c:463
      		 
      #28 0x000014b6f615388f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      10.5.4 8569dac1ec9f6853a0b2f3ea9bcbda67644ead24 opt

      		 
      Core was generated by `/test/MD260520-mariadb-10.5.4-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)
      		 
          at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
      		 
      [Current thread is 1 (Thread 0x145ec5db0700 (LWP 1075820))]
      		 
      (gdb) bt
      		 
      #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)
      		 
          at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
      		 
      #1  0x000055f704f29337 in my_write_core (sig=sig@entry=11) at /test/10.5_opt/mysys/stacktrace.c:518
      		 
      #2  0x000055f7048eb3ca in handle_fatal_signal (sig=11) at /test/10.5_opt/sql/signal_handler.cc:330
      		 
      #3  <signal handler called>
      		 
      #4  radixsort_for_str_ptr (base=0x145e8ad68770, number_of_elements=number_of_elements@entry=80659, 
          size_of_element=<optimized out>, buffer=buffer@entry=0x145e8b006018)
      		 
          at /test/10.5_opt/mysys/mf_radix.c:45
      		 
      #5  0x000055f704a74a38 in Filesort_buffer::sort_buffer (this=this@entry=0x145ea08e5180, 
          param=param@entry=0x145ec5dae540, count=count@entry=80659)
      		 
          at /test/10.5_opt/sql/filesort_utils.cc:187
      		 
      #6  0x000055f7048e5643 in SORT_INFO::sort_buffer (count=80659, param=<optimized out>, 
          this=0x145ea08e5180) at /test/10.5_opt/sql/filesort.h:151
      		 
      #7  write_keys (param=param@entry=0x145ec5dae540, fs_info=fs_info@entry=0x145ea08e5180, 
          count=count@entry=80659, buffpek_pointers=buffpek_pointers@entry=0x145ec5dae6d0, 
          tempfile=tempfile@entry=0x145ec5dae5e0) at /test/10.5_opt/sql/filesort.cc:1040
      		 
      #8  0x000055f7048e9c77 in find_all_keys (found_rows=0x145ea08e52f0, pq=0x0, tempfile=0x145ec5dae5e0, 
          buffpek_pointers=0x145ec5dae6d0, fs_info=0x145ea08e5180, select=0x145ea084aaa8, 
          param=0x145ec5dae540, thd=0x145ea0812018) at /test/10.5_opt/sql/filesort.cc:945
      		 
      #9  filesort (thd=thd@entry=0x145ea0812018, table=table@entry=0x145ea0898c18, 
          filesort=filesort@entry=0x145ea084abf8, tracker=0x145ea084b2e0, join=join@entry=0x145ea0848a40, 
          first_table_bit=<optimized out>) at /test/10.5_opt/sql/filesort.cc:356
      		 
      #10 0x000055f70473fa15 in create_sort_index (thd=0x145ea0812018, join=0x145ea0848a40, 
          tab=tab@entry=0x145ea084a1e8, fsort=0x145ea084abf8, fsort@entry=0x0)
      		 
          at /test/10.5_opt/sql/sql_select.cc:23870
      		 
      #11 0x000055f70473fcce in st_join_table::sort_table (this=this@entry=0x145ea084a1e8)
      		 
          at /test/10.5_opt/sql/sql_select.cc:21599
      		 
      #12 0x000055f70473fd5a in join_init_read_record (tab=0x145ea084a1e8)
      		 
          at /test/10.5_opt/sql/sql_select.cc:21538
      		 
      #13 0x000055f704731b57 in sub_select (join=0x145ea0848a40, join_tab=0x145ea084a1e8, 
          end_of_records=false) at /test/10.5_opt/sql/sql_select.cc:20612
      		 
      #14 0x000055f70475323e in do_select (procedure=<optimized out>, join=0x145ea0848a40)
      		 
          at /test/10.5_opt/sql/sql_select.cc:20149
      		 
      #15 JOIN::exec_inner (this=this@entry=0x145ea0848a40) at /test/10.5_opt/sql/sql_select.cc:4464
      		 
      #16 0x000055f704753677 in JOIN::exec (this=this@entry=0x145ea0848a40)
      		 
          at /test/10.5_opt/sql/sql_select.cc:4245
      		 
      #17 0x000055f7047519c2 in mysql_select (thd=thd@entry=0x145ea0812018, tables=0x145ea08476c8, 
          fields=..., conds=0x0, og_num=<optimized out>, order=0x145ea0848720, group=0x0, having=0x0, 
          proc_param=0x0, select_options=2147748608, result=0x145ea0848a18, unit=0x145ea0815e70, 
          select_lex=0x145ea08470d0) at /test/10.5_opt/sql/sql_select.cc:4669
      		 
      #18 0x000055f704752381 in handle_select (thd=thd@entry=0x145ea0812018, lex=lex@entry=0x145ea0815da8, 
          result=result@entry=0x145ea0848a18, setup_tables_done_option=setup_tables_done_option@entry=0)
      		 
          at /test/10.5_opt/sql/sql_select.cc:417
      		 
      #19 0x000055f7046f8e91 in execute_sqlcom_select (thd=thd@entry=0x145ea0812018, 
          all_tables=0x145ea08476c8) at /test/10.5_opt/sql/sql_parse.cc:6207
      		 
      #20 0x000055f7046f4db2 in mysql_execute_command (thd=thd@entry=0x145ea0812018)
      		 
          at /test/10.5_opt/sql/sql_parse.cc:3939
      		 
      #21 0x000055f7046fbfac in mysql_parse (thd=0x145ea0812018, rawbuf=<optimized out>, length=31, 
          parser_state=0x145ec5daf4b0, is_com_multi=<optimized out>, is_next_command=<optimized out>)
      		 
          at /test/10.5_opt/sql/sql_parse.cc:7991
      		 
      #22 0x000055f7046f12b5 in dispatch_command (command=command@entry=COM_QUERY, 
          thd=thd@entry=0x145ea0812018, packet=packet@entry=0x145ea083a019 "", 
          packet_length=packet_length@entry=31, is_com_multi=is_com_multi@entry=false, 
          is_next_command=is_next_command@entry=false) at /test/10.5_opt/sql/sql_parse.cc:1874
      		 
      #23 0x000055f7046ef6a4 in do_command (thd=0x145ea0812018) at /test/10.5_opt/sql/sql_parse.cc:1355
      		 
      #24 0x000055f7047e4891 in do_handle_one_connection (connect=<optimized out>, 
          connect@entry=0x145ec38329b8, put_in_cache=put_in_cache@entry=true)
      		 
          at /test/10.5_opt/sql/sql_connect.cc:1411
      		 
      #25 0x000055f7047e4bf4 in handle_one_connection (arg=arg@entry=0x145ec38329b8)
      		 
          at /test/10.5_opt/sql/sql_connect.cc:1313
      		 
      #26 0x000055f704b5106a in pfs_spawn_thread (arg=0x145ec384b018)
      		 
          at /test/10.5_opt/storage/perfschema/pfs.cc:2201
      		 
      #27 0x0000145ec51d76db in start_thread (arg=0x145ec5db0700) at pthread_create.c:463
      		 
      #28 0x0000145ec45d588f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Bug confirmed present in:
      MariaDB: 10.5.2 (dbg), 10.5.2 (opt), 10.5.4 (dbg), 10.5.4 (opt)

      Bug confirmed not present in:
      MariaDB: 10.1.46 (dbg), 10.1.46 (opt), 10.2.33 (dbg), 10.2.33 (opt), 10.3.24 (dbg), 10.3.24 (opt), 10.4.14 (dbg), 10.4.14 (opt)
      MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt)

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. MDEV-22875 Various SIGSEGV crashes on optimized builds which may be masked, or fixed, by recent changes related to max_sort_length

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-22267 Assertion `length == Field_timef::pack_length()' failed in Field_timef::sort_string

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-22875 Various SIGSEGV crashes on optimized builds which may be masked, or fixed, by recent changes related to max_sort_length

          • Major - Major loss of function.
          • Closed

          Activity

            People

              varun Varun Gupta (Inactive)
              Roel Roel Van de Paar
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.