[MDEV-23126] Server crashes in Query_cache_block::query after FLUSH QUERY CACHE - Jira

Details

Type: Bug
Status: Confirmed (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7, 10.8, 10.9, 10.10
Fix Version/s: 10.4, 10.5, 10.6, 10.11, 11.0, 11.1, 11.2, 11.3, 11.4
Component/s: Partitioning, Query Cache, Views
Labels:
None

Description

--source include/have_partition.inc

--source include/have_innodb.inc

SET @qcache.save= @@global.query_cache_type;

SET GLOBAL query_cache_type= 1;

SET query_cache_type= 1;

CREATE TABLE t1 (a INT) ENGINE=InnoDB

  PARTITION BY RANGE(a)

  SUBPARTITION BY HASH(a) SUBPARTITIONS 2 (

    PARTITION p0 VALUES LESS THAN (1),

    PARTITION p1 VALUES LESS THAN (128),

    PARTITION p2 VALUES LESS THAN MAXVALUE

);

CREATE TABLE t2 (b INT) ENGINE=InnoDB;

CREATE VIEW v AS SELECT a FROM t1;

SELECT * FROM t2;

SELECT v.a FROM v, t1 UNION SELECT v.a FROM v, t1;

INSERT INTO t2 VALUES (1);

SELECT * FROM t2;

FLUSH QUERY CACHE;

DROP VIEW IF EXISTS v;

DROP TABLE t1, t2;

SET GLOBAL query_cache_type= @qcache.save;

10.2 debug 253aa7bb
#3 <signal handler called>
#4 0x000055f0cba1a682 in Query_cache_block::query (this=0x7f6fa0fd6280) at /data/src/10.2/sql/sql_cache.cc:856
#5 0x000055f0cba20be2 in Query_cache::invalidate_query_block_list (this=0x55f0ccffef80 <query_cache>, thd=0x7f7424000af0, list_root=0x7f742418e5a8) at /data/src/10.2/sql/sql_cache.cc:3345
#6 0x000055f0cba20b9d in Query_cache::invalidate_table_internal (this=0x55f0ccffef80 <query_cache>, thd=0x7f7424000af0, key=0x7f7424012999 "test", key_length=7) at /data/src/10.2/sql/sql_cache.cc:3322
#7 0x000055f0cba20b23 in Query_cache::invalidate_table (this=0x55f0ccffef80 <query_cache>, thd=0x7f7424000af0, key=0x7f7424012999 "test", key_length=7) at /data/src/10.2/sql/sql_cache.cc:3300
#8 0x000055f0cba20a31 in Query_cache::invalidate_table (this=0x55f0ccffef80 <query_cache>, thd=0x7f7424000af0, table_list=0x7f7424012520) at /data/src/10.2/sql/sql_cache.cc:3277
#9 0x000055f0cba1e09e in Query_cache::invalidate (this=0x55f0ccffef80 <query_cache>, thd=0x7f7424000af0, tables_used=0x7f7424012520, using_transactions=0 '\000') at /data/src/10.2/sql/sql_cache.cc:2246
#10 0x000055f0cbb72de0 in mysql_drop_view (thd=0x7f7424000af0, views=0x7f7424012520, drop_mode=DROP_DEFAULT) at /data/src/10.2/sql/sql_view.cc:1829
#11 0x000055f0cba7e4c5 in mysql_execute_command (thd=0x7f7424000af0) at /data/src/10.2/sql/sql_parse.cc:5797
#12 0x000055f0cba83d53 in mysql_parse (thd=0x7f7424000af0, rawbuf=0x7f7424012448 "DROP VIEW IF EXISTS v", length=21, parser_state=0x7f7470c7d610, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7733
#13 0x000055f0cba7207f in dispatch_command (command=COM_QUERY, thd=0x7f7424000af0, packet=0x7f74240953d1 "DROP VIEW IF EXISTS v", packet_length=21, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1824
#14 0x000055f0cba70afa in do_command (thd=0x7f7424000af0) at /data/src/10.2/sql/sql_parse.cc:1377
#15 0x000055f0cbbc69d5 in do_handle_one_connection (connect=0x55f0cfc9dcd0) at /data/src/10.2/sql/sql_connect.cc:1336
#16 0x000055f0cbbc6740 in handle_one_connection (arg=0x55f0cfc9dcd0) at /data/src/10.2/sql/sql_connect.cc:1241
#17 0x000055f0cc3dcd8c in pfs_spawn_thread (arg=0x55f0cfbead10) at /data/src/10.2/storage/perfschema/pfs.cc:1869
#18 0x00007f74785b94a4 in start_thread (arg=0x7f7470c7e700) at pthread_create.c:456
#19 0x00007f74766edd0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

10.2 non-debug 253aa7bb
#3 <signal handler called>
#4 Query_cache_block::headers_len (this=this@entry=0x7f18712943f0) at /data/src/10.2/sql/sql_cache.cc:844
#5 0x000055d0aa859df1 in Query_cache_block::data (this=this@entry=0x7f18712943f0) at /data/src/10.2/sql/sql_cache.cc:850
#6 0x000055d0aa859e8a in Query_cache_block::query (this=this@entry=0x7f18712943f0) at /data/src/10.2/sql/sql_cache.cc:859
#7 0x000055d0aa85b8d7 in Query_cache::invalidate_query_block_list (this=this@entry=0x55d0ab8cd8e0 <query_cache>, thd=thd@entry=0x7f36f40009a8, list_root=0x7f36f4177b18) at /data/src/10.2/sql/sql_cache.cc:3345
#8 0x000055d0aa85ba0f in Query_cache::invalidate_table_internal (this=this@entry=0x55d0ab8cd8e0 <query_cache>, thd=thd@entry=0x7f36f40009a8, key=key@entry=0x7f36f400f5f1 "test", key_length=key_length@entry=7) at /data/src/10.2/sql/sql_cache.cc:3322
#9 0x000055d0aa85ba53 in Query_cache::invalidate_table (this=this@entry=0x55d0ab8cd8e0 <query_cache>, thd=thd@entry=0x7f36f40009a8, key=0x7f36f400f5f1 "test", key_length=7) at /data/src/10.2/sql/sql_cache.cc:3300
#10 0x000055d0aa85bd8d in Query_cache::invalidate_table (this=0x55d0ab8cd8e0 <query_cache>, thd=0x7f36f40009a8, table_list=<optimized out>) at /data/src/10.2/sql/sql_cache.cc:3277
#11 0x000055d0aa85bdf0 in Query_cache::invalidate (this=0x55d0ab8cd8e0 <query_cache>, thd=thd@entry=0x7f36f40009a8, tables_used=tables_used@entry=0x7f36f400f178, using_transactions=<optimized out>, using_transactions@entry=0 '\000') at /data/src/10.2/sql/sql_cache.cc:2246
#12 0x000055d0aa93cd5b in mysql_drop_view (thd=thd@entry=0x7f36f40009a8, views=views@entry=0x7f36f400f178, drop_mode=<optimized out>) at /data/src/10.2/sql/sql_view.cc:1829
#13 0x000055d0aa89a525 in mysql_execute_command (thd=thd@entry=0x7f36f40009a8) at /data/src/10.2/sql/sql_parse.cc:5797
#14 0x000055d0aa8a063a in mysql_parse (thd=thd@entry=0x7f36f40009a8, rawbuf=<optimized out>, length=21, parser_state=parser_state@entry=0x7f37401e3620, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7733
#15 0x000055d0aa8a2ec0 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7f36f40009a8, packet=packet@entry=0x7f36f4006cf9 "DROP VIEW IF EXISTS v", packet_length=packet_length@entry=21, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:1824
#16 0x000055d0aa8a3c80 in do_command (thd=0x7f36f40009a8) at /data/src/10.2/sql/sql_parse.cc:1377
#17 0x000055d0aa9704a2 in do_handle_one_connection (connect=connect@entry=0x55d0adccf148) at /data/src/10.2/sql/sql_connect.cc:1336
#18 0x000055d0aa9705fd in handle_one_connection (arg=arg@entry=0x55d0adccf148) at /data/src/10.2/sql/sql_connect.cc:1241
#19 0x000055d0aaf32451 in pfs_spawn_thread (arg=0x55d0adc66d28) at /data/src/10.2/storage/perfschema/pfs.cc:1869
#20 0x00007f3746db84a4 in start_thread (arg=0x7f37401e4700) at pthread_create.c:456
#21 0x00007f3745e36d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Reproducible on 10.1-10.5, debug and non-debug as shown above. ASAN builds also fail with SEGV.

Attachments

Issue Links

relates to

MDEV-23127 Server crash in Query_cache::double_linked_list_exclude or Assertion `table_block_data->m_cached_query_count >= 0' failed in Query_cache::unlink_table

Confirmed

Server crashes in Query_cache_block::query after FLUSH QUERY CACHE

Details

Description

Attachments

Issue Links

Activity

People

Dates

Git Integration