Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.4(EOL), 10.5, 10.6, 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL), 11.3(EOL), 11.4, 11.6(EOL), 11.7(EOL)
Description
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET '../socket.sock',DATABASE'',USER'',PASSWORD''); |
CREATE TABLE t (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=InnoDB; |
INSERT INTO t VALUES (1,0,0),(2,0,0); |
CREATE TABLE t1 (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t"'; |
SET spider_disable_group_by_handler=1, spider_quick_page_byte=0, spider_bgs_mode=1; |
SELECT * FROM t1; |
Leads to:
|
11.4.0 9bd95e914f3f12d0d9d93e7a1f2c49e6e8841f17 (Optimized) |
Core was generated by `/test/MD271223-mariadb-11.4.0-linux-x86_64-opt/bin/mariadbd --no-defaults --cor'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000014e33c0679e1 in spider_db_get_row_from_tmp_tbl (
|
current=0x14e2a0015a48, row=row@entry=0x14e33c165938)
|
at /test/11.4_opt/storage/spider/spd_db_conn.cc:2326
|
[Current thread is 1 (Thread 0x14e33c168640 (LWP 1622666))]
|
(gdb) bt
|
#0 0x000014e33c0679e1 in spider_db_get_row_from_tmp_tbl (current=0x14e2a0015a48, row=row@entry=0x14e33c165938) at /test/11.4_opt/storage/spider/spd_db_conn.cc:2326
|
#1 0x000014e33c0683c9 in spider_db_fetch_minimum_columns (spider=spider@entry=0x14e30c05cbe0, buf=0x14e30c212af8 "\374\002", table=0x14e30c2126e8, result_list=0x14e30c05d1a8) at /test/11.4_opt/storage/spider/spd_db_conn.cc:2655
|
#2 0x000014e33c06b9ab in spider_db_fetch (buf=<optimized out>, spider=0x14e30c05cbe0, table=<optimized out>) at /test/11.4_opt/storage/spider/spd_db_conn.cc:3956
|
#3 0x000014e33c06bc69 in spider_db_seek_next (buf=buf@entry=0x14e30c212af8 "\374\002", spider=spider@entry=0x14e30c05cbe0, link_idx=<optimized out>, table=0x14e30c212af8) at /test/11.4_opt/storage/spider/spd_db_conn.cc:4406
|
#4 0x000014e33c0b6c90 in ha_spider::rnd_next_internal (this=0x14e30c05cbe0, buf=<optimized out>) at /test/11.4_opt/storage/spider/ha_spider.cc:5772
|
#5 0x00005615b2311cf7 in handler::ha_rnd_next (this=0x14e30c05cbe0, buf=0x14e30c212af8 "\374\002") at /test/11.4_opt/sql/handler.cc:3627
|
#6 0x00005615b1fb9144 in rr_sequential (info=0x14e30c023660) at /test/11.4_opt/sql/records.cc:513
|
#7 0x00005615b20d89d7 in READ_RECORD::read_record (this=0x14e30c023660) at /test/11.4_opt/sql/records.h:81
|
#8 sub_select (join=0x14e30c012330, join_tab=0x14e30c023590, end_of_records=false) at /test/11.4_opt/sql/sql_select.cc:23517
|
#9 0x00005615b210ba9f in do_select (procedure=<optimized out>, join=0x14e30c012330) at /test/11.4_opt/sql/sql_select.cc:23017
|
#10 JOIN::exec_inner (this=0x14e30c012330) at /test/11.4_opt/sql/sql_select.cc:4940
|
#11 0x00005615b210beee in JOIN::exec (this=this@entry=0x14e30c012330) at /test/11.4_opt/sql/sql_select.cc:4726
|
#12 0x00005615b2109e6c in mysql_select (thd=0x14e30c000c68, tables=0x14e30c0111a0, fields=<optimized out>, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x14e30c012308, unit=0x14e30c004f20, select_lex=0x14e30c010b80) at /test/11.4_opt/sql/sql_select.cc:5249
|
#13 0x00005615b210a664 in handle_select (thd=thd@entry=0x14e30c000c68, lex=lex@entry=0x14e30c004e40, result=result@entry=0x14e30c012308, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/11.4_opt/sql/sql_select.cc:628
|
#14 0x00005615b207edd5 in execute_sqlcom_select (thd=0x14e30c000c68, all_tables=0x14e30c0111a0) at /test/11.4_opt/sql/sql_parse.cc:6029
|
#15 0x00005615b208df72 in mysql_execute_command (thd=0x14e30c000c68, is_called_from_prepared_stmt=<optimized out>) at /test/11.4_opt/sql/sql_parse.cc:3924
|
#16 0x00005615b208f346 in mysql_parse (thd=0x14e30c000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/11.4_opt/sql/sql_parse.cc:7748
|
#17 0x00005615b2091aed in dispatch_command (command=COM_QUERY, thd=0x14e30c000c68, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/11.4_opt/sql/sql_parse.cc:1992
|
#18 0x00005615b20938a0 in do_command (thd=0x14e30c000c68, blocking=blocking@entry=true) at /test/11.4_opt/sql/sql_parse.cc:1406
|
#19 0x00005615b21bda1f in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /test/11.4_opt/sql/sql_connect.cc:1418
|
#20 0x00005615b21bdd6d in handle_one_connection (arg=arg@entry=0x5615b44b2188) at /test/11.4_opt/sql/sql_connect.cc:1320
|
#21 0x00005615b2567561 in pfs_spawn_thread (arg=0x5615b44d9b38) at /test/11.4_opt/storage/perfschema/pfs.cc:2201
|
#22 0x000014e354c94ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
|
#23 0x000014e354d26660 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
|
|
11.4.0 9bd95e914f3f12d0d9d93e7a1f2c49e6e8841f17 (Debug) |
mariadbd: /test/11.4_dbg/storage/spider/spd_db_conn.cc:672: int spider_db_errorno(SPIDER_CONN*): Assertion `((&(&conn->mta_conn_mutex)->m_mutex)->count > 0 && pthread_equal(pthread_self(), (&(&conn->mta_conn_mutex)->m_mutex)->thread))' failed.
|
|
11.4.0 9bd95e914f3f12d0d9d93e7a1f2c49e6e8841f17 (Debug) |
Core was generated by `/test/MD271223-mariadb-11.4.0-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGABRT, Aborted.
|
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=23427545036352)
|
at ./nptl/pthread_kill.c:44
|
[Current thread is 1 (Thread 0x154ea67ff640 (LWP 1630543))]
|
(gdb) bt
|
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=23427545036352) at ./nptl/pthread_kill.c:44
|
#1 __pthread_kill_internal (signo=6, threadid=23427545036352) at ./nptl/pthread_kill.c:78
|
#2 __GI___pthread_kill (threadid=23427545036352, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
|
#3 0x0000154f11842476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
|
#4 0x0000154f118287f3 in __GI_abort () at ./stdlib/abort.c:79
|
#5 0x0000154f1182871b in __assert_fail_base (fmt=0x154f119dd130 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x154efc1c88d0 "((&(&conn->mta_conn_mutex)->m_mutex)->count > 0 && pthread_equal(pthread_self(), (&(&conn->mta_conn_mutex)->m_mutex)->thread))", file=0x154efc1c87b0 "/test/11.4_dbg/storage/spider/spd_db_conn.cc", line=672, function=<optimized out>) at ./assert/assert.c:92
|
#6 0x0000154f11839e96 in __GI___assert_fail (assertion=0x154efc1c88d0 "((&(&conn->mta_conn_mutex)->m_mutex)->count > 0 && pthread_equal(pthread_self(), (&(&conn->mta_conn_mutex)->m_mutex)->thread))", file=0x154efc1c87b0 "/test/11.4_dbg/storage/spider/spd_db_conn.cc", line=672, function=0x154efc1c89a8 "int spider_db_errorno(SPIDER_CONN*)") at ./assert/assert.c:101
|
#7 0x0000154efc125cfb in spider_db_errorno (conn=conn@entry=0x154ec423ea58) at /test/11.4_dbg/storage/spider/spd_db_conn.cc:672
|
#8 0x0000154efc12b642 in spider_db_store_result (spider=spider@entry=0x154ec40aaca0, link_idx=0, table=0x154ec40c0968) at /test/11.4_dbg/storage/spider/spd_db_conn.cc:3304
|
#9 0x0000154efc1434af in spider_bg_conn_action (arg=0x154ec423ea58) at /test/11.4_dbg/storage/spider/spd_conn.cc:2672
|
#10 0x0000154f11894ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
|
#11 0x0000154f11926660 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
|
Bug confirmed present in:
MariaDB: 10.11.7 (dbg), 10.11.7 (opt), 11.0.5 (dbg), 11.0.5 (opt), 11.1.4 (dbg), 11.1.4 (opt), 11.2.3 (dbg), 11.2.3 (opt), 11.3.2 (dbg), 11.3.2 (opt), 11.4.0 (dbg), 11.4.0 (opt)
Attachments
Issue Links
- relates to
-
MDEV-32238 Add a switch to disable spider group by handler
-
- Closed
-
-
-
- Confirmed
-
-
-
- Confirmed
-
Activity
On an UBSAN (optimized build) we also see:
|
11.3.0 126157061b4376496c034a809ea4943e863d1465 (Optimized, UBASAN) |
2024-01-08 11:04:34 0 [Note] /test/UBASAN_MD021123-mariadb-11.3.0-linux-x86_64-opt/bin/mariadbd: ready for connections.
|
Version: '11.3.0-MariaDB' socket: '/test/UBASAN_MD021123-mariadb-11.3.0-linux-x86_64-opt/socket.sock' port: 10323 MariaDB Server
|
/test/11.3_opt_san/storage/spider/spd_db_conn.cc:2331:30: runtime error: member access within null pointer of type 'struct TABLE'
|
#0 0x14c898e9b779 in spider_db_get_row_from_tmp_tbl(st_spider_result*, spider_db_row**) /test/11.3_opt_san/storage/spider/spd_db_conn.cc:2331
|
#1 0x14c898ea1cb5 in spider_db_fetch_minimum_columns(ha_spider*, unsigned char*, TABLE*, st_spider_result_list*) /test/11.3_opt_san/storage/spider/spd_db_conn.cc:2655
|
#2 0x14c898ebe400 in spider_db_fetch(unsigned char*, ha_spider*, TABLE*) /test/11.3_opt_san/storage/spider/spd_db_conn.cc:3956
|
#3 0x14c89909bdb7 in ha_spider::rnd_next_internal(unsigned char*) /test/11.3_opt_san/storage/spider/ha_spider.cc:5772
|
#4 0x5584642b0b0d in handler::ha_rnd_next(unsigned char*) /test/11.3_opt_san/sql/handler.cc:3627
|
#5 0x558462619b53 in rr_sequential(READ_RECORD*) /test/11.3_opt_san/sql/records.cc:513
|
#6 0x558462ef57cb in READ_RECORD::read_record() /test/11.3_opt_san/sql/records.h:81
|
#7 0x558462ef57cb in sub_select(JOIN*, st_join_table*, bool) /test/11.3_opt_san/sql/sql_select.cc:23527
|
#8 0x5584630dbffe in do_select /test/11.3_opt_san/sql/sql_select.cc:23027
|
#9 0x5584630dbffe in JOIN::exec_inner() /test/11.3_opt_san/sql/sql_select.cc:4949
|
#10 0x5584630e1163 in JOIN::exec() /test/11.3_opt_san/sql/sql_select.cc:4726
|
#11 0x5584630ce71d in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.3_opt_san/sql/sql_select.cc:5257
|
#12 0x5584630d2320 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.3_opt_san/sql/sql_select.cc:628
|
#13 0x558462c4f280 in execute_sqlcom_select /test/11.3_opt_san/sql/sql_parse.cc:6023
|
#14 0x558462cb37c3 in mysql_execute_command(THD*, bool) /test/11.3_opt_san/sql/sql_parse.cc:3923
|
#15 0x558462cc2302 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.3_opt_san/sql/sql_parse.cc:7742
|
#16 0x558462ccd925 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.3_opt_san/sql/sql_parse.cc:1893
|
#17 0x558462cd9698 in do_command(THD*, bool) /test/11.3_opt_san/sql/sql_parse.cc:1406
|
#18 0x55846361be0c in do_handle_one_connection(CONNECT*, bool) /test/11.3_opt_san/sql/sql_connect.cc:1418
|
#19 0x55846361e40c in handle_one_connection /test/11.3_opt_san/sql/sql_connect.cc:1320
|
#20 0x14c8bb894ac2 in start_thread nptl/pthread_create.c:442
|
#21 0x14c8bb92665f (/lib/x86_64-linux-gnu/libc.so.6+0x12665f)
|
|
|
240108 11:04:46 [ERROR] mysqld got signal 11 ;
|
MTR Testcase:
--source include/have_innodb.inc
|
--let $SOCKET= `SELECT @@global.socket`
|
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE USER spider@localhost IDENTIFIED BY 'pwd'; |
GRANT ALL ON test.* TO spider@localhost; |
eval CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET "$SOCKET",DATABASE 'test',USER 'spider',PASSWORD 'pwd'); |
CREATE TABLE t (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=InnoDB; |
INSERT INTO t VALUES (1,0,0),(2,0,0); |
CREATE TABLE t1 (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t"'; |
SET spider_disable_group_by_handler=1, spider_quick_page_byte=0, spider_bgs_mode=1; |
SELECT * FROM t1; |
Produces a slightly different stack/UniqueID (pfs_spawn_thread instead of start_thread):
((&(&conn->mta_conn_mutex)->m_mutex)->count > 0 && pthread_equal(pthread_self(), (&(&conn->mta_conn_mutex)->m_mutex)->thread))|SIGABRT|spider_db_errorno|spider_db_store_result|spider_bg_conn_action|pfs_spawn_thread
|
I could reproduce at 10.11 09049fe496eea1c19cd3ce80a788fa4b75d9609e
with the following case. The reason this is a "10.11-regression" is
because spider_disable_group_by_handler was introduced to 10.10+
in MDEV-32238. As mentioned in the description of that ticket, we
could replace spider_disable_group_by_handler with
spider_use_handler and get the same failure in lower versions
(in my case, 10.6 6538a91e945bebabba8fe4fb00d283994df9cb60 and 10.4
ca276a0f3fcb45ff0abc011e334c700e0c5d4315). I did not need UBSAN.
--disable_query_log
|
--disable_result_log
|
--source ../../t/test_init.inc
|
--enable_result_log
|
--enable_query_log
|
evalp CREATE SERVER srv FOREIGN DATA WRAPPER mysql |
OPTIONS (SOCKET "$MASTER_1_MYSOCK", DATABASE 'test',user 'root'); |
CREATE TABLE t (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=InnoDB; |
INSERT INTO t VALUES (1,0,0),(2,0,0); |
CREATE TABLE t1 (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t"'; |
SET spider_disable_group_by_handler=1, spider_quick_page_byte=0, spider_bgs_mode=1; |
SELECT * FROM t1; |
drop server srv; |
--disable_query_log
|
--disable_result_log
|
--source ../../t/test_deinit.inc
|
--enable_result_log
|
--enable_query_log
|
Additional testcase with different (and concerningly short) stack:
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
SET spider_bgs_mode=1; |
CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET '../socket.sock',DATABASE'',USER'',PASSWORD''); |
CREATE TABLE t1 (c INT KEY,c1 BLOB) ENGINE=InnoDB; |
CREATE TABLE t2 (c INT KEY,c1 BLOB) ENGINE=InnoDB; |
INSERT INTO t1 VALUES (0,0); |
CREATE TABLE t3 (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t2"'; |
INSERT INTO t1 VALUES (1,1); |
INSERT INTO t2 VALUES (1,1),(2,2); |
SELECT * FROM t1 WHERE NOT EXISTS (SELECT * FROM t3 WHERE t1.c1=t3.c1); |
Leads to:
|
CS 11.2.6 e91a79945822def1452787f825e6047c6a64dbd9 (Debug) |
Core was generated by `/test/MD090924-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000014ef1c3322c2 in spider_db_store_result (spider=spider@entry=0x14eed40c14c0, link_idx=0, table=0x14eed405a5b8)at /test/11.2_dbg/storage/spider/spd_db_conn.cc:3141
|
|
|
[Current thread is 1 (LWP 3458303)]
|
(gdb) bt
|
#0 0x000014ef1c3322c2 in spider_db_store_result (spider=spider@entry=0x14eed40c14c0, link_idx=0, table=0x14eed405a5b8)at /test/11.2_dbg/storage/spider/spd_db_conn.cc:3141
|
#1 0x000014ef1c34af96 in spider_bg_conn_action (arg=0x14eed4090c38)at /test/11.2_dbg/storage/spider/spd_conn.cc:2610
|
#2 0x000014ef30c9ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#3 0x000014ef30d29c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
CS 11.7.0 5bbda9711131845ae6b4315a268b4d1710943a85 (Debug, UBASAN) |
/test/11.7_dbg_san/storage/spider/spd_db_conn.cc:3141:53: runtime error: member call on null pointer of type 'struct SPIDER_DB_RESULT'
|
#0 0x14baebeb1dc4 (/test/UBASAN_MD090924-mariadb-11.7.0-linux-x86_64-dbg/lib/plugin/ha_spider.so+0x6b1dc4) (BuildId: 0505996a04cbcecf23f3da50bfc407f84294edad)
|
#1 0x14baebf458b0 (/test/UBASAN_MD090924-mariadb-11.7.0-linux-x86_64-dbg/lib/plugin/ha_spider.so+0x7458b0) (BuildId: 0505996a04cbcecf23f3da50bfc407f84294edad)
|
#2 0x55f474ac01e9 in asan_thread_start(void*) (/test/UBASAN_MD090924-mariadb-11.7.0-linux-x86_64-dbg/bin/mariadbd+0x7d1e1e9) (BuildId: 4b8c1741cf0d7a713ea5d94dcb62211d213957ae)
|
#3 0x14bb2ec9ca93 in start_thread nptl/pthread_create.c:447
|
#4 0x14bb2ed29c3b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
|
/test/11.7_dbg_san/storage/spider/spd_db_conn.cc:3141:53: runtime error: member access within null pointer of type 'struct SPIDER_DB_RESULT'
|
#0 0x14baebeb1dda (/test/UBASAN_MD090924-mariadb-11.7.0-linux-x86_64-dbg/lib/plugin/ha_spider.so+0x6b1dda) (BuildId: 0505996a04cbcecf23f3da50bfc407f84294edad)
|
#1 0x14baebf458b0 (/test/UBASAN_MD090924-mariadb-11.7.0-linux-x86_64-dbg/lib/plugin/ha_spider.so+0x7458b0) (BuildId: 0505996a04cbcecf23f3da50bfc407f84294edad)
|
#2 0x55f474ac01e9 in asan_thread_start(void*) (/test/UBASAN_MD090924-mariadb-11.7.0-linux-x86_64-dbg/bin/mariadbd+0x7d1e1e9) (BuildId: 4b8c1741cf0d7a713ea5d94dcb62211d213957ae)
|
#3 0x14bb2ec9ca93 in start_thread nptl/pthread_create.c:447
|
#4 0x14bb2ed29c3b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
MTR Testcase for the same:
--source include/have_innodb.inc
|
--source plugin/spider/spider/include/init_spider.inc
|
SET spider_same_server_link=on; |
eval CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (HOST "127.0.0.1", DATABASE "test", USER "root", PORT $MASTER_MYPORT); |
SET spider_bgs_mode=1; |
CREATE TABLE t1 (c INT KEY,c1 BLOB) ENGINE=InnoDB; |
CREATE TABLE t2 (c INT KEY,c1 BLOB) ENGINE=InnoDB; |
INSERT INTO t1 VALUES (0,0); |
CREATE TABLE t3 (c INT KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t2"'; |
INSERT INTO t1 VALUES (1,1); |
INSERT INTO t2 VALUES (1,1),(2,2); |
SELECT * FROM t1 WHERE NOT EXISTS (SELECT * FROM t3 WHERE t1.c1=t3.c1); |
Bug confirmed present in:
MariaDB: 10.5.27 (dbg), 10.5.27 (opt), 10.6.20 (dbg), 10.6.20 (opt), 10.11.10 (dbg), 10.11.10 (opt), 11.2.6 (dbg), 11.2.6 (opt), 11.4.4 (dbg), 11.4.4 (opt), 11.6.2 (dbg), 11.6.2 (opt), 11.7.0 (dbg), 11.7.0 (opt)
./mtr spider/bg.basic_sql --view
|
leads to sig 11 on 10.5-11.8
250207 13:44:31 [ERROR] /10.5/bld/sql/mariadbd got signal 11 ;
|
|
|
Server version: 10.5.28-MariaDB-debug-log source revision: 10fd2c207a8d79e038fba752a72129a3a0e94b6b
|
|
|
sql/signal_handler.cc:229(handle_fatal_signal)[0x55a59414b8ba]
|
sigaction.c:0(__restore_rt)[0x7f929d6f9420]
|
spider/spd_db_conn.cc:3617(spider_db_store_result(ha_spider*, int, TABLE*))[0x7f9288a8ff6e]
|
spider/spd_conn.cc:2628(spider_bg_conn_action(void*))[0x7f9288afdd4e]
|
nptl/pthread_create.c:478(start_thread)[0x7f929d6ed609]
|
|
|
Connection ID (thread ID): 9
|
Additional testcase:
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE SERVER srv FOREIGN DATA WRAPPER mysql OPTIONS (SOCKET '../socket.sock',DATABASE'',USER'',PASSWORD''); |
CREATE TABLE t (c INT PRIMARY KEY,c1 BLOB,c2 TEXT) ENGINE=InnoDB; |
INSERT INTO t VALUES (1,'',''),(2,0,''); |
CREATE TABLE t2 (c INT PRIMARY KEY,c1 BLOB,c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t"'; |
SET spider_bgs_mode=1; |
SET SESSION spider_quick_page_byte=0; |
ANALYZE TABLE t2 PERSISTENT FOR ALL; |
Leads to a variety of stacks, both SIGABRT's and UBSAN finds, including ones caused by this and by MDEV-34769.
Full list of UniqueID's/stacks seen (one per line):
((&(&conn->mta_conn_mutex)->m_mutex)->count > 0 && pthread_equal(pthread_self(), (&(&conn->mta_conn_mutex)->m_mutex)->thread))|SIGABRT|spider_db_errorno|spider_db_store_result|spider_bg_conn_action|asan_thread_start
|
((&(&conn->mta_conn_mutex)->m_mutex)->count > 0 && pthread_equal(pthread_self(), (&(&conn->mta_conn_mutex)->m_mutex)->thread))|SIGABRT|temp_file_size_cb_func|_ma_update_tmp_file_size|ha_maria::drop_table|free_tmp_table
|
UBSAN|member access within null pointer of type 'TABLE'|storage/spider/spd_db_conn.cc|spider_db_get_row_from_tmp_tbl|spider_db_fetch_minimum_columns|spider_db_fetch|ha_spider::rnd_next_internal
|
UBSAN|member access within null pointer of type 'struct st_my_thread_var'|storage/spider/spd_table.cc|spider_create_sys_thd|spider_table_bg_sts_action|asan_thread_start|start_thread
|
UBSAN|member access within null pointer of type 'struct st_my_thread_var'|storage/spider/spd_table.cc|spider_create_sys_thd|spider_table_bg_crd_action|asan_thread_start|start_thread
|
I can detail these further if it will help.
Note the spider_db_get_row_from_tmp_tbl issue (discussed in this MDEV) seemingly being distinct from the mutex issue.
With the same testcase, occasionally we will see this assertion/stack on debug instead:
11.4.0 9bd95e914f3f12d0d9d93e7a1f2c49e6e8841f17 (Debug)
mariadbd: /test/11.4_dbg/sql/mysqld.cc:3790: void my_malloc_size_cb_func(long long int, my_bool): Assertion `(longlong) thd->status_var.local_memory_used >= 0 || !debug_assert_on_not_freed_memory' failed.11.4.0 9bd95e914f3f12d0d9d93e7a1f2c49e6e8841f17 (Debug)
Core was generated by `/test/MD271223-mariadb-11.4.0-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.Program terminated with signal SIGABRT, Aborted.#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=22624882714176)at ./nptl/pthread_kill.c:44[Current thread is 1 (Thread 0x1493c418e640 (LWP 2957547))](gdb) bt#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=22624882714176) at ./nptl/pthread_kill.c:44#1 __pthread_kill_internal (signo=6, threadid=22624882714176) at ./nptl/pthread_kill.c:78#2 __GI___pthread_kill (threadid=22624882714176, signo=signo@entry=6) at ./nptl/pthread_kill.c:89#3 0x00001493cfa42476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26#4 0x00001493cfa287f3 in __GI_abort () at ./stdlib/abort.c:79#5 0x00001493cfa2871b in __assert_fail_base (fmt=0x1493cfbdd130 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55fcf1f0e468 "(longlong) thd->status_var.local_memory_used >= 0 || !debug_assert_on_not_freed_memory", file=0x55fcf1f0a004 "/test/11.4_dbg/sql/mysqld.cc", line=3790, function=<optimized out>) at ./assert/assert.c:92#6 0x00001493cfa39e96 in __GI___assert_fail (assertion=0x55fcf1f0e468 "(longlong) thd->status_var.local_memory_used >= 0 || !debug_assert_on_not_freed_memory", file=0x55fcf1f0a004 "/test/11.4_dbg/sql/mysqld.cc", line=3790, function=0x55fcf1f0e3f0 "void my_malloc_size_cb_func(long long int, my_bool)") at ./assert/assert.c:101#7 0x000055fcf1201641 in my_malloc_size_cb_func (size=<optimized out>, is_thread_specific=<optimized out>) at /test/11.4_dbg/sql/mysqld.cc:3790#8 0x000055fcf1d64eef in my_free (ptr=0x149318017ef8) at /test/11.4_dbg/mysys/my_malloc.c:212#9 0x000055fcf1d5c423 in root_free (root=root@entry=0x1493c418be70, ptr=<optimized out>, size=<optimized out>) at /test/11.4_dbg/mysys/my_alloc.c:83#10 0x000055fcf1d5cc0d in free_root (root=0x1493c418be70, MyFlags=<optimized out>) at /test/11.4_dbg/mysys/my_alloc.c:516#11 0x000055fcf1397894 in free_tmp_table (thd=0x149318000f98, entry=0x149318017f10) at /test/11.4_dbg/sql/sql_select.cc:22770#12 0x00001493c4065161 in spider_rm_sys_tmp_table_for_result (thd=<optimized out>, tmp_table=<optimized out>, tmp_tbl_prm=tmp_tbl_prm@entry=0x149318028390) at /test/11.4_dbg/storage/spider/spd_sys_table.cc:3709#13 0x00001493c4072def in spider_db_free_one_result (result_list=result_list@entry=0x14938c0ab088, result=0x149318028348) at /test/11.4_dbg/storage/spider/spd_db_conn.cc:2832#14 0x00001493c40776cc in spider_db_seek_next (buf=buf@entry=0x14938c05a368 "\374\002", spider=spider@entry=0x14938c0aaac0, link_idx=0, table=0x14938c0bb498) at /test/11.4_dbg/storage/spider/spd_db_conn.cc:4014#15 0x00001493c40d0be2 in ha_spider::rnd_next_internal (this=this@entry=0x14938c0aaac0, buf=buf@entry=0x14938c05a368 "\374\002") at /test/11.4_dbg/storage/spider/ha_spider.cc:5772#16 0x00001493c40d1932 in ha_spider::rnd_next (this=0x14938c0aaac0, buf=0x14938c05a368 "\374\002") at /test/11.4_dbg/storage/spider/ha_spider.cc:5811#17 0x000055fcf16356af in handler::ha_rnd_next (this=0x14938c0aaac0, buf=0x14938c05a368 "\374\002") at /test/11.4_dbg/sql/handler.cc:3627#18 0x000055fcf12467af in rr_sequential (info=0x14938c0a0fc0) at /test/11.4_dbg/sql/records.cc:513#19 0x000055fcf1388b51 in READ_RECORD::read_record (this=0x14938c0a0fc0) at /test/11.4_dbg/sql/records.h:81#20 sub_select (join=0x14938c014d30, join_tab=0x14938c0a0ef0, end_of_records=false) at /test/11.4_dbg/sql/sql_select.cc:23517#21 0x000055fcf13c01bf in do_select (procedure=0x0, join=0x14938c014d30) at /test/11.4_dbg/sql/sql_select.cc:23017#22 JOIN::exec_inner (this=this@entry=0x14938c014d30) at /test/11.4_dbg/sql/sql_select.cc:4940#23 0x000055fcf13c0754 in JOIN::exec (this=this@entry=0x14938c014d30) at /test/11.4_dbg/sql/sql_select.cc:4726#24 0x000055fcf13be55f in mysql_select (thd=thd@entry=0x14938c000d58, tables=0x14938c013ba0, fields=@0x14938c013838: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14938c013b58, last = 0x14938c0158b8, elements = 3}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x14938c014d08, unit=0x14938c0051d0, select_lex=0x14938c013580) at /test/11.4_dbg/sql/sql_select.cc:5249#25 0x000055fcf13bed88 in handle_select (thd=thd@entry=0x14938c000d58, lex=lex@entry=0x14938c0050f0, result=result@entry=0x14938c014d08, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/11.4_dbg/sql/sql_select.cc:628#26 0x000055fcf131ef22 in execute_sqlcom_select (thd=thd@entry=0x14938c000d58, all_tables=0x14938c013ba0) at /test/11.4_dbg/sql/sql_parse.cc:6029#27 0x000055fcf132af7a in mysql_execute_command (thd=thd@entry=0x14938c000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/11.4_dbg/sql/sql_parse.cc:3924#28 0x000055fcf13314bb in mysql_parse (thd=thd@entry=0x14938c000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1493c418d1e0) at /test/11.4_dbg/sql/sql_parse.cc:7748#29 0x000055fcf1333831 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14938c000d58, packet=packet@entry=0x14938c00b1c9 "", packet_length=packet_length@entry=16, blocking=blocking@entry=true) at /test/11.4_dbg/sql/sql_class.h:253#30 0x000055fcf1335956 in do_command (thd=0x14938c000d58, blocking=blocking@entry=true) at /test/11.4_dbg/sql/sql_parse.cc:1406#31 0x000055fcf149a8b7 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55fcf4978ba8, put_in_cache=put_in_cache@entry=true) at /test/11.4_dbg/sql/sql_connect.cc:1418#32 0x000055fcf149abac in handle_one_connection (arg=arg@entry=0x55fcf4978ba8) at /test/11.4_dbg/sql/sql_connect.cc:1320#33 0x000055fcf18df73a in pfs_spawn_thread (arg=0x55fcf48e5cf8) at /test/11.4_dbg/storage/perfschema/pfs.cc:2201#34 0x00001493cfa94ac3 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442#35 0x00001493cfb26660 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81