[MDEV-27894] Spider: SIGSEGV in __memmove_avx_unaligned_erms (from memcpy in handler::check_duplicate_long_entry_key) and Assertion `inited == NONE || lookup_handler != this' failed on INSERT DELAYED - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.5, 10.6, 10.7, 10.8, 10.9
Fix Version/s: 10.5.17, 10.6.9, 10.7.5, 10.8.4, 10.9.2
Component/s: Storage Engine - Spider
Labels:

Description

INSTALL PLUGIN spider SONAME 'ha_spider.so';

CREATE TABLE t (a INT UNSIGNED KEY,b INT UNSIGNED,c INT UNSIGNED,UNIQUE (b,c) USING HASH) ENGINE=SPIDER;

SHOW CREATE TABLE t;

INSERT DELAYED INTO t VALUES (0,0,0);

Leads to:

10.9.0 b5852ffbeebc3000982988383daeefb0549e058a (Optimized)
Core was generated by `/test/MD140222-mariadb-10.9.0-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 __memmove_avx_unaligned_erms ()
at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:306
[Current thread is 1 (Thread 0x148f5c1de700 (LWP 2298967))]
(gdb) bt
#0 __memmove_avx_unaligned_erms () at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:306
#1 0x000055afeae932b9 in memcpy (__len=<optimized out>, __src=<optimized out>, __dest=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:34
#2 handler::check_duplicate_long_entry_key (this=this@entry=0x148ef8023810, new_rec=new_rec@entry=0x148ef8047a18 <incomplete sequence \361>, key_no=key_no@entry=1) at /test/10.9_opt/sql/handler.cc:7171
#3 0x000055afeae9357a in handler::check_duplicate_long_entries (this=this@entry=0x148ef8023810, new_rec=new_rec@entry=0x148ef8047a18 <incomplete sequence \361>) at /test/10.9_opt/sql/handler.cc:7252
#4 0x000055afeae93d7d in handler::ha_write_row (this=0x148ef8023810, buf=0x148ef8047a18 <incomplete sequence \361>) at /test/10.9_opt/sql/handler.cc:7514
#5 0x000055afeabfd0fd in write_record (thd=thd@entry=0x148ef80619d8, table=0x148ef8048428, info=info@entry=0x148ef80683b8, sink=sink@entry=0x0) at /test/10.9_opt/sql/sql_insert.cc:2156
#6 0x000055afeabffb2d in Delayed_insert::handle_inserts (this=0x148ef80619b8) at /test/10.9_opt/sql/sql_insert.cc:3605
#7 0x000055afeac07145 in handle_delayed_insert (arg=arg@entry=0x148ef80619b8) at /test/10.9_opt/sql/sql_insert.cc:3345
#8 0x000055afeb0d57b1 in pfs_spawn_thread (arg=0x55afeebf3a78) at /test/10.9_opt/storage/perfschema/pfs.cc:2201
#9 0x0000148f7f333609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#10 0x0000148f7ef21293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

10.7.2 3351dfaab0599268eaf25f9d6995ef128910a8b9 (Debug)
mysqld: /test/10.7_dbg/sql/handler.cc:7507: int handler::ha_write_row(const uchar*): Assertion `inited == NONE \|\| lookup_handler != this' failed.

10.7.2 3351dfaab0599268eaf25f9d6995ef128910a8b9 (Debug)
Core was generated by `/test/MD290122-mariadb-10.7.2-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
[Current thread is 1 (Thread 0x14eaf65ee700 (LWP 2300708))]
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x000014eb1b4e5859 in __GI_abort () at abort.c:79
#2 0x000014eb1b4e5729 in __assert_fail_base (fmt=0x14eb1b67b588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55ef7b378580 "inited == NONE \|\| lookup_handler != this", file=0x55ef7b375003 "/test/10.7_dbg/sql/handler.cc", line=7507, function=<optimized out>) at assert.c:92
#3 0x000014eb1b4f6f36 in __GI___assert_fail (assertion=assertion@entry=0x55ef7b378580 "inited == NONE \|\| lookup_handler != this", file=file@entry=0x55ef7b375003 "/test/10.7_dbg/sql/handler.cc", line=line@entry=7507, function=function@entry=0x55ef7b378558 "int handler::ha_write_row(const uchar*)") at assert.c:101
#4 0x000055ef7a824ad8 in handler::ha_write_row (this=0x14eaa802f360, buf=0x14eaa802eed8 <incomplete sequence \361>) at /test/10.7_dbg/sql/handler.cc:7507
#5 0x000055ef7a4c4160 in write_record (thd=thd@entry=0x14eaa809a298, table=0x14eaa8061bd8, info=info@entry=0x14eaa80a1038, sink=sink@entry=0x0) at /test/10.7_dbg/sql/sql_insert.cc:2156
#6 0x000055ef7a4c6c32 in Delayed_insert::handle_inserts (this=this@entry=0x14eaa809a278) at /test/10.7_dbg/sql/sql_insert.cc:3597
#7 0x000055ef7a4c86ab in handle_delayed_insert (arg=arg@entry=0x14eaa809a278) at /test/10.7_dbg/sql/sql_insert.cc:3337
#8 0x000055ef7ab0d8b0 in pfs_spawn_thread (arg=0x55ef7d4de8f8) at /test/10.7_dbg/storage/perfschema/pfs.cc:2201
#9 0x000014eb1b9f4609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#10 0x000014eb1b5e2293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.4.23 (dbg), 10.4.23 (opt), 10.5.14 (dbg), 10.5.14 (opt), 10.6.6 (dbg), 10.7.2 (dbg), 10.7.2 (opt), 10.8.1 (dbg), 10.8.1 (opt), 10.9.0 (dbg), 10.9.0 (opt)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.42 (dbg), 10.2.42 (opt), 10.3.33 (dbg), 10.3.33 (opt), 10.6.6 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.36 (dbg), 5.7.36 (opt), 8.0.27 (dbg), 8.0.27 (opt)

Attachments

Issue Links

relates to

MDEV-22525 Backport MDEV-19848 (Server crashes in check_vcol_forward_refs upon INSERT DELAYED into table with long blob key)

Closed

MDEV-28012 Spider: SIGSEGV in check_vcol_forward_refs on INSERT DELAYED

Closed

MDEV-28013 Memory leak on INSERT DELAYED

Closed

Activity

People

Assignee:: Nayuta Yanagisawa (Inactive)

Reporter:: Roel Van de Paar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2022-02-19 08:22

Updated:: 2022-06-28 03:08

Resolved:: 2022-06-28 03:08

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.