Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31463

SIGSEGV in server_mysql_send_query | server_mysql_real_query

Details

    Description

      CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET '../socket.sock',DATABASE'',USER'',PASSWORD'');
      		 
      SET GLOBAL wait_timeout=+1;
      		 
      INSTALL PLUGIN Spider SONAME 'ha_spider.so';
      		 
      CREATE TABLE t (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",srv "srv"';
      		 
      XA START 'a';
      		 
      INSERT INTO t VALUES (0,0,0,0);
      		 
      SELECT SLEEP (4);
      		 
      INSERT INTO t VALUES (1,2,3),(4,5,6),(7,8,9);
      		 
      SELECT * FROM information_schema.key_column_usage;

      Leads to:

      11.0.2 5ba3bafb834dbc56e6105809ded9a7ccef70ee54 (Optimized)

      		 
      Core was generated by `/test/MD060623-mariadb-11.0.2-linux-x86_64-opt/bin/mariadbd --no-defaults --cor'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x000055e2abdce487 in server_mysql_send_query (mysql=mysql@entry=0x0, 
          query=0x14e250201918 "set @old_lock_wait_timeout=@@session.lock_wait_timeout;set session lock_wait_timeout=1;", length=87)
      		 
          at /test/11.0_opt/sql-common/client.c:3541
      		 
      [Current thread is 1 (Thread 0x14e28c08f700 (LWP 64380))]
      		 
      (gdb) bt
      		 
      #0  0x000055e2abdce487 in server_mysql_send_query (mysql=mysql@entry=0x0, query=0x14e250201918 "set @old_lock_wait_timeout=@@session.lock_wait_timeout;set session lock_wait_timeout=1;", length=87) at /test/11.0_opt/sql-common/client.c:3541
      		 
      #1  0x000055e2abdce516 in server_mysql_real_query (mysql=0x0, query=<optimized out>, length=<optimized out>) at /test/11.0_opt/sql-common/client.c:3558
      		 
      #2  0x000014e278173738 in spider_db_mbase::exec_query (this=0x14e2500654e0, query=0x14e250201918 "set @old_lock_wait_timeout=@@session.lock_wait_timeout;set session lock_wait_timeout=1;", length=87, quick_mode=<optimized out>) at /test/11.0_opt/storage/spider/spd_db_mysql.cc:2083
      		 
      #3  0x000014e278181c11 in spider_db_mbase::set_lock_wait_timeout (this=0x14e2500654e0, timeout=<optimized out>) at /test/11.0_opt/sql/sql_string.h:741
      		 
      #4  0x000014e278182116 in spider_mbase_handler::show_table_status (this=0x14e250069390, link_idx=<optimized out>, sts_mode=1, flag=<optimized out>) at /test/11.0_opt/storage/spider/spd_db_mysql.cc:13595
      		 
      #5  0x000014e278135411 in spider_get_sts (share=0x14e250061f38, link_idx=0, tmp_time=tmp_time@entry=1686553891, spider=spider@entry=0x14e2500247b0, sts_interval=sts_interval@entry=0, sts_mode=sts_mode@entry=1, sts_sync=sts_sync@entry=0, sts_sync_level=1, flag=86) at /test/11.0_opt/storage/spider/spd_table.cc:6822
      		 
      #6  0x000014e278163b68 in ha_spider::info (this=0x14e2500247b0, flag=22) at /test/11.0_opt/storage/spider/ha_spider.cc:6690
      		 
      #7  0x000055e2abc38b82 in get_schema_key_column_usage_record (res=false, table_name=0x14e250082008, db_name=0x14e250014670, table=0x14e250083d10, tables=<optimized out>, thd=0x14e250000c58) at /test/11.0_opt/sql/sql_show.cc:7448
      		 
      #8  get_schema_key_column_usage_record (thd=0x14e250000c58, tables=<optimized out>, table=0x14e250083d10, res=<optimized out>, db_name=0x14e250014670, table_name=0x14e250082008) at /test/11.0_opt/sql/sql_show.cc:7426
      		 
      #9  0x000055e2abc28218 in fill_schema_table_by_open (thd=0x14e250000c58, mem_root=<optimized out>, is_show_fields_or_keys=<optimized out>, table=0x14e250083d10, schema_table=0x55e2acc87ce0 <schema_tables+1280>, orig_db_name=0x14e250014670, orig_table_name=0x14e250082008, open_tables_state_backup=0x14e28c08bdf0, can_deadlock=true) at /test/11.0_opt/sql/sql_show.cc:4749
      		 
      #10 0x000055e2abc3f7ea in get_all_tables (thd=0x14e250000c58, tables=0x14e250010ec8, cond=<optimized out>) at /test/11.0_opt/sql/sql_show.cc:5385
      		 
      #11 0x000055e2abc40f2e in get_schema_tables_result (join=join@entry=0x14e250012560, executed_place=executed_place@entry=PROCESSED_BY_JOIN_EXEC) at /test/11.0_opt/sql/sql_show.cc:9060
      		 
      #12 0x000055e2abc23e97 in JOIN::exec_inner (this=0x14e250012560) at /test/11.0_opt/sql/sql_select.cc:4859
      		 
      #13 0x000055e2abc247ae in JOIN::exec (this=this@entry=0x14e250012560) at /test/11.0_opt/sql/sql_select.cc:4680
      		 
      #14 0x000055e2abc228ec in mysql_select (thd=0x14e250000c58, tables=0x14e250010ec8, fields=<optimized out>, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x14e250012538, unit=0x14e250004ce0, select_lex=0x14e250010830) at /test/11.0_opt/sql/sql_select.cc:5161
      		 
      #15 0x000055e2abc23037 in handle_select (thd=thd@entry=0x14e250000c58, lex=lex@entry=0x14e250004c08, result=result@entry=0x14e250012538, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/11.0_opt/sql/sql_select.cc:619
      		 
      #16 0x000055e2abba01fe in execute_sqlcom_select (thd=0x14e250000c58, all_tables=0x14e250010ec8) at /test/11.0_opt/sql/sql_parse.cc:6279
      		 
      #17 0x000055e2abbae0d4 in mysql_execute_command (thd=0x14e250000c58, is_called_from_prepared_stmt=<optimized out>) at /test/11.0_opt/sql/sql_parse.cc:3949
      		 
      #18 0x000055e2abb9ae55 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x14e250000c58) at /test/11.0_opt/sql/sql_parse.cc:8014
      		 
      #19 mysql_parse (thd=0x14e250000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/11.0_opt/sql/sql_parse.cc:7936
      		 
      #20 0x000055e2abba7142 in dispatch_command (command=COM_QUERY, thd=0x14e250000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/11.0_opt/sql/sql_class.h:1370
      		 
      #21 0x000055e2abba8f5e in do_command (thd=0x14e250000c58, blocking=blocking@entry=true) at /test/11.0_opt/sql/sql_parse.cc:1407
      		 
      #22 0x000055e2abcc850f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55e2adfbbaf8, put_in_cache=put_in_cache@entry=true) at /test/11.0_opt/sql/sql_connect.cc:1416
      		 
      #23 0x000055e2abcc87fd in handle_one_connection (arg=0x55e2adfbbaf8) at /test/11.0_opt/sql/sql_connect.cc:1318
      		 
      #24 0x000014e2a453a609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #25 0x000014e2a4126133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Bug confirmed present in:
      MariaDB: 11.0.2 (dbg), 11.0.2 (opt)

      Bug (or feature/syntax) confirmed not present in:
      MariaDB: 10.4.30 (dbg), 10.4.30 (opt), 10.5.21 (dbg), 10.5.21 (opt), 10.6.14 (dbg), 10.6.14 (opt), 10.9.7 (dbg), 10.9.7 (opt), 10.10.5 (dbg), 10.10.5 (opt), 10.11.4 (dbg), 10.11.4 (opt), 11.1.0 (dbg), 11.1.0 (opt)

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-31586 The test spider/bugfix.mdev_31463 has non-deterministic error codes

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          is caused by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29676 Dual thread hang in 'closing tables' and 'Waiting for table metadata lock' on Spider CREATE OR REPLACE TABLE

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            View 4 older comments
            ycp Yuchen Pei added a comment -

            Raising the prio because this is a new failure caused by a recent change

            ycp Yuchen Pei added a comment - Raising the prio because this is a new failure caused by a recent change
            ycp Yuchen Pei added a comment -

            Here's a PoC patch that fixes the issue and passes all existing tests. Will need to refine it:

            https://github.com/MariaDB/server/commit/861f3f98865

            ycp Yuchen Pei added a comment - Here's a PoC patch that fixes the issue and passes all existing tests. Will need to refine it: https://github.com/MariaDB/server/commit/861f3f98865
            ycp Yuchen Pei added a comment -

            Hi holyfoot, ptal thanks:

            https://github.com/MariaDB/server/commit/ba739969856

            ycp Yuchen Pei added a comment - Hi holyfoot , ptal thanks: https://github.com/MariaDB/server/commit/ba739969856
            holyfoot Alexey Botchkov added a comment -

            ok to push.
            one recommendation there in the patch comment.

            holyfoot Alexey Botchkov added a comment - ok to push. one recommendation there in the patch comment.
            ycp Yuchen Pei added a comment -

            Thanks for the review holyfoot. Applied your comment and pushed to 11.0

            ycp Yuchen Pei added a comment - Thanks for the review holyfoot . Applied your comment and pushed to 11.0

            People

              ycp Yuchen Pei
              ramesh Ramesh Sivaraman
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.