[MDEV-29708] safe_mutex: Trying to lock uninitialized mutex in sql_cache.cc on SHUTDOWN, stack smashing, SIGABRT in safe_mutex_lock - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Duplicate
Affects Version/s: 10.5, 10.6, 10.11, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL), 11.0(EOL)
Fix Version/s: N/A
Component/s: Locking, Storage Engine - Spider
Labels:

Description

--let $SOCKET= `SELECT @@global.socket`

--source include/have_innodb.inc

SET sql_mode='';

INSTALL PLUGIN Spider SONAME 'ha_spider.so';

CREATE USER Spider@localhost IDENTIFIED BY 'PWD123';

eval CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$SOCKET",DATABASE 'test',user 'Spider',PASSWORD 'PWD123');

CREATE TABLE t (c INT) ENGINE=InnoDB;

CREATE TABLE ts (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv",TABLE "t"';

SELECT * FROM ts;

SET GLOBAL query_cache_type=ON;

SHUTDOWN;

DROP TABLE t,ts;  # Cleanup

Leads to:

10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Debug)
2022-10-05 19:20:04 0 [Note] InnoDB: FTS optimize thread exiting.
safe_mutex: Trying to lock uninitialized mutex at /test/10.11_dbg/sql/sql_cache.cc, line 725

And:

10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586 (Debug)
Core was generated by `/test/MD190922-mariadb-10.11.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=<optimized out>) at ../sysdeps/unix/sysv/linux/raise.c:50
[Current thread is 1 (Thread 0x14bcdd7d7940 (LWP 1990551))]
(gdb) bt
#0 __GI_raise (sig=<optimized out>) at ../sysdeps/unix/sysv/linux/raise.c:50
Backtrace stopped: Cannot access memory at address 0x7ffd05fa8518

10.7.8 bc656c4fa54c12ceabd857e8ae134f8979d82944 (Debug)
Program terminated with signal SIGABRT, Aborted.
#0 0x00001550c9423a7c in ?? ()
[Current thread is 1 (LWP 2933132)]
(gdb) bt
#0 0x00001550c9423a7c in ?? ()
Backtrace stopped: Cannot access memory at address 0x7ffe25dbde00

And (MTR provided):

10.11.0 6ebdd3013a18b01dbecec76b870810329eb76586
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/test/MD190922-mariadb-10.11.0-linux-x86_64-dbg/bin/mariadbd --defaults-group-s'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x1508944cd940 (LWP 2671503))]
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x00001508946a6859 in __GI_abort () at abort.c:79
#2 0x000055a17d6a8123 in safe_mutex_lock (mp=mp@entry=0x55a17e23ee00 <query_cache+160>, my_flags=my_flags@entry=0, file=fi
le@entry=0x55a17d8588c8 "/test/10.11_dbg/sql/sql_cache.cc", line=line@entry=725) at /test/10.11_dbg/mysys/thr_mutex.c:245
#3 0x000055a17cbf7f50 in inline_mysql_mutex_lock (src_line=725, src_file=0x55a17d8588c8 "/test/10.11_dbg/sql/sql_cache.cc"
, that=0x55a17e23ee00 <query_cache+160>) at /test/10.11_dbg/include/mysql/psi/mysql_thread.h:750
#4 Query_cache::lock (this=this@entry=0x55a17e23ed60 <query_cache>, thd=thd@entry=0x55a180b37ec8) at /test/10.11_dbg/sql/s
ql_cache.cc:725
#5 0x000055a17cbfab20 in Query_cache::invalidate_table (this=this@entry=0x55a17e23ed60 <query_cache>, thd=0x55a180b37ec8,
key=key@entry=0x7ffe88c363f0 "mysql", key_length=key_length@entry=23) at /test/10.11_dbg/sql/sql_cache.cc:3318
#6 0x000055a17cbfad7d in Query_cache::invalidate_by_MyISAM_filename (this=0x55a17e23ed60 <query_cache>, filename=<optimize
d out>) at /test/10.11_dbg/sql/sql_cache.cc:2440
#7 0x000055a17cc00731 in query_cache_invalidate_by_MyISAM_filename (filename=<optimized out>) at /test/10.11_dbg/sql/sql_c
ache.cc:1251
#8 0x000055a17d18a2dc in reset_thd_trn (thd=thd@entry=0x55a180b37ec8, first_table=first_table@entry=0x55a180d87f08) at /te
st/10.11_dbg/storage/maria/ha_maria.cc:3007
#9 0x000055a17d18a401 in maria_commit (hton=<optimized out>, thd=0x55a180b37ec8, all=<optimized out>) at /test/10.11_dbg/s
torage/maria/ha_maria.cc:3531
#10 0x000055a17cf65cc1 in commit_one_phase_2 (thd=thd@entry=0x55a180b37ec8, all=all@entry=false, trans=trans@entry=0x55a180d5f088, is_real_trans=true) at /test/10.11_dbg/sql/handler.cc:2068
#11 0x000055a17cf65e9a in ha_commit_one_phase (thd=thd@entry=0x55a180b37ec8, all=all@entry=false) at /test/10.11_dbg/sql/handler.cc:2021
#12 0x000055a17cf78031 in ha_commit_trans (thd=thd@entry=0x55a180b37ec8, all=all@entry=false) at /test/10.11_dbg/sql/handler.cc:1815
#13 0x000055a17cc0ec4d in THD::commit_whole_transaction_and_close_tables (this=this@entry=0x55a180b37ec8) at /test/10.11_dbg/sql/sql_class.cc:6087
#14 0x0000150890fe2c28 in spider_sys_close_table (thd=thd@entry=0x55a180b37ec8, open_tables_backup=open_tables_backup@entry=0x7ffe88c37068) at /test/10.11_dbg/storage/spider/spd_sys_table.cc:608
#15 0x0000150890fe2c7b in spider_close_sys_table (thd=thd@entry=0x55a180b37ec8, table=table@entry=0x55a180cbfb98, open_tables_backup=open_tables_backup@entry=0x7ffe88c37068, need_lock=need_lock@entry=false) at /test/10.11_dbg/storage/spider/spd_sys_table.cc:542
#16 0x0000150890feb6e0 in spider_sys_insert_or_update_table_sts (thd=thd@entry=0x55a180b37ec8, name=0x15085c180560 "./test/ts", name_length=<optimized out>, stat=stat@entry=0x15085c05da48, need_lock=need_lock@entry=false) at /test/10.11_dbg/storage/spider/spd_sys_table.cc:3255
#17 0x000015089104360f in spider_free_share (share=0x15085c05d208) at /test/10.11_dbg/storage/spider/spd_table.cc:5625
#18 0x0000150891067941 in ha_spider::close (this=0x15085c05b680) at /test/10.11_dbg/storage/spider/ha_spider.cc:577
#19 0x000055a17cf679bc in handler::ha_close (this=0x15085c05b680) at /test/10.11_dbg/sql/handler.cc:3401
#20 0x000055a17cd8f40f in closefrm (table=table@entry=0x15085c18cca8) at /test/10.11_dbg/sql/table.cc:4555
#21 0x000055a17cebba68 in intern_close_table (table=0x15085c18cca8) at /test/10.11_dbg/sql/table_cache.cc:225
#22 0x000055a17cebc90c in tc_purge () at /test/10.11_dbg/sql/table_cache.cc:317
#23 0x000055a17cbe7889 in purge_tables () at /test/10.11_dbg/sql/sql_base.cc:326
#24 0x000055a17cebb245 in tdc_start_shutdown () at /test/10.11_dbg/sql/table_cache.cc:639
#25 0x000055a17cb3c2c6 in clean_up (print_message=print_message@entry=true) at /test/10.11_dbg/sql/mysqld.cc:1985
#26 0x000055a17cb486b5 in mysqld_main (argc=<optimized out>, argv=<optimized out>) at /test/10.11_dbg/sql/mysqld.cc:5941
#27 0x000055a17cb3bb86 in main (argc=<optimized out>, argv=<optimized out>) at /test/10.11_dbg/sql/main.cc:34

And:

10.7.6 f3785f099c2f0f251f39632928e822328abe9a02 (Debug)
Core was generated by `/test/MD190922-mariadb-10.7.6-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
[Current thread is 1 (Thread 0x147a30106940 (LWP 1990853))]
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x0000147a302df859 in __GI_abort () at abort.c:79
#2 0x000055f4a2d440eb in safe_mutex_lock (mp=mp@entry=0x55f4a37d9d40 <query_cache+160>, my_flags=my_flags@entry=0, file=file@entry=0x55f4a2ee8408 "/test/10.7_dbg/sql/sql_cache.cc", line=line@entry=725) at /test/10.7_dbg/mysys/thr_mutex.c:245
#3 0x000055f4a22af054 in inline_mysql_mutex_lock (src_line=725, src_file=0x55f4a2ee8408 "/test/10.7_dbg/sql/sql_cache.cc", that=0x55f4a37d9d40 <query_cache+160>) at /test/10.7_dbg/include/mysql/psi/mysql_thread.h:750
#4 Query_cache::lock (this=this@entry=0x55f4a37d9ca0 <query_cache>, thd=thd@entry=0x55f4a54fa9f8) at /test/10.7_dbg/sql/sql_cache.cc:725
#5 0x000055f4a22b1c2e in Query_cache::invalidate_table (this=this@entry=0x55f4a37d9ca0 <query_cache>, thd=0x55f4a54fa9f8, key=key@entry=0x7fff613c5d30 "mysql", key_length=key_length@entry=23) at /test/10.7_dbg/sql/sql_cache.cc:3318
#6 0x000055f4a22b1e8b in Query_cache::invalidate_by_MyISAM_filename (this=0x55f4a37d9ca0 <query_cache>, filename=<optimized out>) at /test/10.7_dbg/sql/sql_cache.cc:2440
#7 0x000055f4a22b7849 in query_cache_invalidate_by_MyISAM_filename (filename=<optimized out>) at /test/10.7_dbg/sql/sql_cache.cc:1251
#8 0x000055f4a28290d4 in reset_thd_trn (thd=thd@entry=0x55f4a54fa9f8, first_table=first_table@entry=0x55f4a551ed98) at /test/10.7_dbg/storage/maria/ha_maria.cc:3007
#9 0x000055f4a28291f9 in maria_commit (hton=<optimized out>, thd=0x55f4a54fa9f8, all=<optimized out>) at /test/10.7_dbg/storage/maria/ha_maria.cc:3525
#10 0x000055f4a260774c in commit_one_phase_2 (thd=thd@entry=0x55f4a54fa9f8, all=all@entry=false, trans=trans@entry=0x55f4a54ddbe8, is_real_trans=true) at /test/10.7_dbg/sql/handler.cc:2067
#11 0x000055f4a2607925 in ha_commit_one_phase (thd=thd@entry=0x55f4a54fa9f8, all=all@entry=false) at /test/10.7_dbg/sql/handler.cc:2020
#12 0x000055f4a2619b29 in ha_commit_trans (thd=thd@entry=0x55f4a54fa9f8, all=all@entry=false) at /test/10.7_dbg/sql/handler.cc:1814
#13 0x000055f4a22c5c8b in THD::commit_whole_transaction_and_close_tables (this=this@entry=0x55f4a54fa9f8) at /test/10.7_dbg/sql/sql_class.cc:6078
#14 0x0000147a032d0656 in spider_sys_close_table (thd=thd@entry=0x55f4a54fa9f8, open_tables_backup=open_tables_backup@entry=0x7fff613c69a8) at /test/10.7_dbg/storage/spider/spd_sys_table.cc:690
#15 0x0000147a032d06a9 in spider_close_sys_table (thd=thd@entry=0x55f4a54fa9f8, table=table@entry=0x1479c80b60f8, open_tables_backup=open_tables_backup@entry=0x7fff613c69a8, need_lock=need_lock@entry=false) at /test/10.7_dbg/storage/spider/spd_sys_table.cc:621
#16 0x0000147a032d910e in spider_sys_insert_or_update_table_sts (thd=thd@entry=0x55f4a54fa9f8, name=0x1479c8061cf0 "./test/ts", name_length=<optimized out>, stat=stat@entry=0x1479c807c660, need_lock=need_lock@entry=false) at /test/10.7_dbg/storage/spider/spd_sys_table.cc:3423
#17 0x0000147a03333a5e in spider_free_share (share=0x1479c807be28) at /test/10.7_dbg/storage/spider/spd_table.cc:6359
#18 0x0000147a0335908b in ha_spider::close (this=0x1479c807a260) at /test/10.7_dbg/storage/spider/ha_spider.cc:759
#19 0x000055f4a2609446 in handler::ha_close (this=0x1479c807a260) at /test/10.7_dbg/sql/handler.cc:3400
#20 0x000055f4a243f64f in closefrm (table=table@entry=0x1479c8051ac8) at /test/10.7_dbg/sql/table.cc:4515
#21 0x000055f4a255ebd9 in intern_close_table (table=0x1479c8051ac8) at /test/10.7_dbg/sql/table_cache.cc:225
#22 0x000055f4a255fa7e in tc_purge () at /test/10.7_dbg/sql/table_cache.cc:317
#23 0x000055f4a229f4e3 in purge_tables () at /test/10.7_dbg/sql/sql_base.cc:327
#24 0x000055f4a255e3ab in tdc_start_shutdown () at /test/10.7_dbg/sql/table_cache.cc:639
#25 0x000055f4a21f52b6 in clean_up (print_message=print_message@entry=true) at /test/10.7_dbg/sql/mysqld.cc:1988
#26 0x000055f4a2201677 in mysqld_main (argc=<optimized out>, argv=<optimized out>) at /test/10.7_dbg/sql/mysqld.cc:5942
#27 0x000055f4a21f4b76 in main (argc=<optimized out>, argv=<optimized out>) at /test/10.7_dbg/sql/main.cc:34

Bug confirmed present in:
MariaDB: 10.5.18 (dbg), 10.6.10 (dbg), 10.7.6 (dbg), 10.8.5 (dbg), 10.9.3 (dbg), 10.10.2 (dbg), 10.11.0 (dbg)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.3.37 (dbg), 10.3.37 (opt), 10.4.27 (opt), 10.5.18 (opt), 10.6.10 (opt), 10.7.6 (opt), 10.8.5 (opt), 10.9.3 (opt), 10.10.2 (opt), 10.11.0 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.38 (dbg), 5.7.38 (opt), 8.0.29 (dbg), 8.0.29 (opt)

Attachments

Issue Links

duplicates

MDEV-28739 Trying to lock uninitialized mutex or hang upon shutdown after using Spider with query_cache

Closed

Activity

People

Assignee:: Yuchen Pei

Reporter:: Roel Van de Paar

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2022-10-05 08:35

Updated:: 2023-11-09 06:31

Resolved:: 2023-11-09 06:31

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.