Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.2, 10.3, 10.4, 10.5, 10.6, 10.7
Description
Similar to MDEV-24262, but different testcase
CREATE TABLE t(a VARCHAR(16383) CHARACTER SET UTF32, KEY k(a)) ENGINE=InnoDB;
|
SET SESSION sql_buffer_result=ON;
|
SET SESSION big_tables=ON;
|
SELECT DISTINCT COUNT(DISTINCT a) FROM t;
|
Leads to:
|
10.6.0 9118fd360a3da0bba521caf2a35c424968235ac4 (Debug) |
Core was generated by `/test/MD010121-mariadb-10.6.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)
|
at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
[Current thread is 1 (Thread 0x1524b0e9f700 (LWP 2400942))]
|
(gdb) bt
|
#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:56
|
#1 0x0000561bf4e500d7 in my_write_core (sig=sig@entry=11) at /test/10.6_dbg/mysys/stacktrace.c:424
|
#2 0x0000561bf45e4ab1 in handle_fatal_signal (sig=11) at /test/10.6_dbg/sql/signal_handler.cc:330
|
#3 <signal handler called>
|
#4 0x0000561bf43777a9 in st_join_table::cleanup (this=this@entry=0x1524780155b8) at /test/10.6_dbg/sql/sql_select.cc:13444
|
#5 0x0000561bf4395951 in JOIN::cleanup (this=this@entry=0x152478013f70, full=full@entry=true) at /test/10.6_dbg/sql/sql_select.cc:13882
|
#6 0x0000561bf4395dfb in JOIN::destroy (this=0x152478013f70) at /test/10.6_dbg/sql/sql_select.cc:4501
|
#7 0x0000561bf440fd3b in st_select_lex::cleanup (this=this@entry=0x152478012778) at /test/10.6_dbg/sql/sql_union.cc:2746
|
#8 0x0000561bf43a0b40 in mysql_select (thd=thd@entry=0x152478000db8, tables=0x152478012ef8, fields=@0x1524780128c8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x152478012e98, last = 0x152478012e98, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147879681, result=0x152478013f48, unit=0x152478004f80, select_lex=0x152478012778) at /test/10.6_dbg/sql/sql_select.cc:4687
|
#9 0x0000561bf43a0cd0 in handle_select (thd=thd@entry=0x152478000db8, lex=lex@entry=0x152478004eb8, result=result@entry=0x152478013f48, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.6_dbg/sql/sql_select.cc:417
|
#10 0x0000561bf431319d in execute_sqlcom_select (thd=thd@entry=0x152478000db8, all_tables=0x152478012ef8) at /test/10.6_dbg/sql/sql_parse.cc:6116
|
#11 0x0000561bf431fc7c in mysql_execute_command (thd=thd@entry=0x152478000db8) at /test/10.6_dbg/sql/sql_parse.cc:3820
|
#12 0x0000561bf430c072 in mysql_parse (thd=thd@entry=0x152478000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1524b0e9e3d0) at /test/10.6_dbg/sql/sql_parse.cc:7881
|
#13 0x0000561bf431a1ec in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x152478000db8, packet=packet@entry=0x152478008d39 "SELECT DISTINCT COUNT(DISTINCT a) FROM t", packet_length=packet_length@entry=40) at /test/10.6_dbg/sql/sql_class.h:1293
|
#14 0x0000561bf431d52d in do_command (thd=0x152478000db8) at /test/10.6_dbg/sql/sql_parse.cc:1348
|
#15 0x0000561bf44797fc in do_handle_one_connection (connect=<optimized out>, connect@entry=0x561bf7a2e6f8, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1410
|
#16 0x0000561bf4479f03 in handle_one_connection (arg=arg@entry=0x561bf7a2e6f8) at /test/10.6_dbg/sql/sql_connect.cc:1312
|
#17 0x0000561bf492f88f in pfs_spawn_thread (arg=0x561bf797a898) at /test/10.6_dbg/storage/perfschema/pfs.cc:2201
|
#18 0x00001524c622d609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#19 0x00001524c5e1c293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
10.6.0 9118fd360a3da0bba521caf2a35c424968235ac4 (Optimized) |
2021-01-11 15:33:44 0 [Note] /test/MD010121-mariadb-10.6.0-linux-x86_64-opt/bin/mysqld: ready for connections.
|
Version: '10.6.0-MariaDB' socket: '/test/MD010121-mariadb-10.6.0-linux-x86_64-opt/socket.sock' port: 18336 MariaDB Server
|
double free or corruption (!prev)
|
210111 15:33:53 [ERROR] mysqld got signal 6 ;
|
This could be because you hit a bug. It is also possible that this binary
|
or one of the libraries it was linked against is corrupt, improperly built,
|
or misconfigured. This error can also be caused by malfunctioning hardware.
|
 |
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
|
 |
We will try our best to scrape up some info that will hopefully help
|
diagnose the problem, but since we have already crashed,
|
something is definitely wrong and this may fail.
|
 |
Server version: 10.6.0-MariaDB
|
key_buffer_size=134217728
|
read_buffer_size=131072
|
max_used_connections=1
|
max_threads=153
|
thread_count=2
|
It is possible that mysqld could use up to
|
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467868 K bytes of memory
|
Hope that's ok; if not, decrease some variables in the equation.
|
 |
Thread pointer: 0x14799c000c58
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x147a08f2bd58 thread_stack 0x49000
|
Bug confirmed present in:
MariaDB: 10.2.37 (dbg), 10.2.37 (opt), 10.3.28 (dbg), 10.3.28 (opt), 10.4.18 (dbg), 10.4.18 (opt), 10.5.9 (dbg), 10.5.9 (opt), 10.6.0 (dbg), 10.6.0 (opt)
Bug (or feature/syntax) confirmed not present in:
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.50 (dbg), 5.6.50 (opt), 5.7.32 (dbg), 5.7.32 (opt), 8.0.22 (dbg), 8.0.22 (opt)
Optimized builds 10.2-10.6 will hang for both server and client (i.e. client will hang whilst trying to connect) even though the server is already crashed (with double free or corruption) as per the error log:
Attachments
Issue Links
- relates to
-
-
- Closed
-
-
-
- Closed
-
-
-
- Closed
-