Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Duplicate
-
10.5, 10.6, 10.11, 11.1(EOL), 11.2(EOL), 11.4, 11.5(EOL), 11.6(EOL)
Description
Split for for this SIGSEGV listed in MDEV-27902 and MDEV-34549:
SIGSEGV|spider_conn_queue_and_merge_loop_check|spider_conn_reset_queue_loop_check|spider_reset_conn_setted_parameter|spider_db_connect
|
One possible testcase:
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET '../socket.sock',DATABASE'',USER'',PASSWORD 'PWD0'); |
CREATE TABLE tSpider (a INT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t"'; |
CREATE TABLE t2 (c INT,c2 CHAR(1)) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t"'; |
XA START 'a'; |
SELECT * FROM information_schema.table_constraints; |
SELECT SLEEP (1); |
SELECT * FROM t2; |
SELECT SLEEP (1); |
SELECT * FROM t2; # Debug builds common crash location |
SELECT SLEEP (1); |
SELECT * FROM t2; # Optimized builds common crash location |
Leads to:
|
bb-11.6-mdev-32492-27902-29962 11.6.0 0d7c712debbe5056da2c34b5daf3fbd5969d00dc (Optimized) |
Core was generated by `/test/MDEV-32492-27902-29962_MD100724-mariadb-11.6.0-linux-x86_64-opt/bin/maria'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 __memcpy_avx_unaligned_erms ()at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:344
|
Download failed: Invalid argument. Continuing without source file ./string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S.
|
[Current thread is 1 (LWP 2865706)]
|
(gdb) bt
|
#0 __memcpy_avx_unaligned_erms ()at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:344
|
#1 0x0000147894072d1a in memcpy (__len=<optimized out>, __src=<optimized out>, __dest=<optimized out>)at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:29
|
#2 spider_conn_queue_and_merge_loop_check (conn=conn@entry=0x14786062f4f8, lcptr=lcptr@entry=0x1478600481f8)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_conn.cc:1127
|
#3 0x0000147894072e7d in spider_conn_reset_queue_loop_check (conn=0x14786062f4f8)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_conn.cc:1239
|
#4 0x000014789407309f in spider_reset_conn_setted_parameter (conn=<optimized out>, thd=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_conn.cc:259
|
#5 0x000014789405e9a6 in spider_db_connect (share=0x1478606327a8, conn=conn@entry=0x14786062f4f8, link_idx=0)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:131
|
#6 0x000014789405f660 in spider_db_conn_queue_action (conn=conn@entry=0x14786062f4f8)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:256
|
#7 0x0000147894064b80 in spider_db_before_query (conn=0x14786062f4f8, need_mon=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:571
|
#8 0x0000147894064d82 in spider_db_set_names_internal (trx=0x1478601a5c58, share=0x1478606284c8, conn=conn@entry=0x14786062f4f8, all_link_idx=0, need_mon=0x147860016f30)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:799
|
#9 0x0000147894064f39 in spider_db_set_names (spider=<optimized out>, conn=conn@entry=0x14786062f4f8, link_idx=link_idx@entry=0)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:842
|
#10 0x00001478940db749 in spider_mbase_handler::show_table_status (this=0x14786062df90, link_idx=0, sts_mode=1, flag=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_mysql.cc:13231
|
#11 0x000014789408e584 in spider_get_sts (share=0x1478606284c8, link_idx=0, tmp_time=tmp_time@entry=1720652489, spider=spider@entry=0x147860627910, sts_interval=sts_interval@entry=0, sts_mode=sts_mode@entry=1, sts_sync=sts_sync@entry=0, sts_sync_level=1, flag=82)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_table.cc:7153
|
#12 0x00001478940bd6f7 in ha_spider::info (this=0x147860627910, flag=18)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/ha_spider.cc:6560
|
#13 0x0000557629294ba1 in make_join_statistics (join=join@entry=0x147860019608, tables_list=@0x147860018188: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x147860019db8, last = 0x147860019db8, elements = 1}, <No data fields>}, keyuse_array=keyuse_array@entry=0x147860019960)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:5611
|
#14 0x000055762929bb72 in JOIN::optimize_inner (this=this@entry=0x147860019608)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:2683
|
#15 0x000055762929c31a in JOIN::optimize (this=this@entry=0x147860019608)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:1984
|
#16 0x000055762929c411 in mysql_select (thd=thd@entry=0x147860000c68, tables=0x1478600185a8, fields=@0x147860018228: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x147860018558, last = 0x14786001a038, elements = 2}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x1478600195e0, unit=0x147860004f88, select_lex=0x147860017f70)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:5320
|
#17 0x000055762929cc64 in handle_select (thd=thd@entry=0x147860000c68, lex=lex@entry=0x147860004ea8, result=result@entry=0x1478600195e0, setup_tables_done_option=setup_tables_done_option@entry=0)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:628
|
#18 0x000055762920ee75 in execute_sqlcom_select (thd=thd@entry=0x147860000c68, all_tables=0x1478600185a8)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:6147
|
#19 0x000055762921e10f in mysql_execute_command (thd=thd@entry=0x147860000c68, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:3953
|
#20 0x000055762921f626 in mysql_parse (thd=0x147860000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:7867
|
#21 0x0000557629221805 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x147860000c68, packet=packet@entry=0x147860008859 "SELECT * FROM t2", packet_length=packet_length@entry=16, blocking=blocking@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:1991
|
#22 0x0000557629223df0 in do_command (thd=0x147860000c68, blocking=blocking@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:1405
|
#23 0x000055762935369f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55762d4e5708, put_in_cache=put_in_cache@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_connect.cc:1447
|
#24 0x00005576293539ed in handle_one_connection (arg=arg@entry=0x55762d4e5708)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_connect.cc:1349
|
#25 0x0000557629709ecd in pfs_spawn_thread (arg=0x55762d48d6b8)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/perfschema/pfs.cc:2198
|
#26 0x00001478ab497ada in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:444
|
#27 0x00001478ab52847c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
bb-11.6-mdev-32492-27902-29962 11.6.0 0d7c712debbe5056da2c34b5daf3fbd5969d00dc (Debug) |
Core was generated by `/test/MDEV-32492-27902-29962_MD100724-mariadb-11.6.0-linux-x86_64-dbg/bin/maria'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 __memcpy_avx_unaligned_erms ()at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:344
|
Download failed: Invalid argument. Continuing without source file ./string/../sysdeps/x86_64/multiarch/memmove-vec-unaligne
|
d-erms.S.
|
[Current thread is 1 (LWP 2958069)]
|
(gdb) bt
|
#0 __memcpy_avx_unaligned_erms ()at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:344
|
#1 0x000015522c099320 in memcpy (__len=<optimized out>, __src=<optimized out>, __dest=0x8f8f8f8f8f8f8f8f)at /usr/include/x8
|
6_64-linux-gnu/bits/string_fortified.h:29
|
#2 spider_conn_queue_and_merge_loop_check (conn=conn@entry=0x1551fc1f3ea8, lcptr=lcptr@entry=0x1551fc0cbe68)at /test/bb-11.
|
6-mdev-32492-27902-29962_dbg/storage/spider/spd_conn.cc:1127
|
#3 0x000015522c09953a in spider_conn_reset_queue_loop_check (conn=conn@entry=0x1551fc1f3ea8)at /test/bb-11.6-mdev-32492-279
|
02-29962_dbg/storage/spider/spd_conn.cc:1239
|
#4 0x000015522c099773 in spider_reset_conn_setted_parameter (conn=conn@entry=0x1551fc1f3ea8, thd=thd@entry=0x1551fc000d58)a
|
t /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_conn.cc:259
|
#5 0x000015522c07d2c2 in spider_db_connect (share=0x1551fc0c2f58, conn=conn@entry=0x1551fc1f3ea8, link_idx=0)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_conn.cc:131
|
#6 0x000015522c07da5c in spider_db_conn_queue_action (conn=conn@entry=0x1551fc1f3ea8)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_conn.cc:256
|
#7 0x000015522c0849a0 in spider_db_before_query (conn=conn@entry=0x1551fc1f3ea8, need_mon=need_mon@entry=0x1551fc2c8eb0)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_conn.cc:571
|
#8 0x000015522c084fca in spider_db_set_names_internal (trx=0x1551fc273788, share=0x1551fc0c2f58, conn=conn@entry=0x1551fc1f3ea8, all_link_idx=0, need_mon=0x1551fc2c8eb0)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_conn.cc:798
|
#9 0x000015522c0852e7 in spider_db_set_names (spider=<optimized out>, conn=conn@entry=0x1551fc1f3ea8, link_idx=link_idx@entry=0)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_conn.cc:842
|
#10 0x000015522c111ee7 in spider_mbase_handler::show_table_status (this=0x1551fc0ca900, link_idx=0, sts_mode=1, flag=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_mysql.cc:13231
|
#11 0x000015522c08a46a in spider_db_show_table_status (spider=spider@entry=0x1551fc0c23a0, link_idx=link_idx@entry=0, sts_mode=<optimized out>, sts_mode@entry=1, flag=flag@entry=82)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_db_conn.cc:5170
|
#12 0x000015522c0b67a3 in spider_get_sts (share=0x1551fc0c2f58, link_idx=0, tmp_time=tmp_time@entry=1720652513, spider=spider@entry=0x1551fc0c23a0, sts_interval=sts_interval@entry=0, sts_mode=sts_mode@entry=1, sts_sync=sts_sync@entry=0, sts_sync_level=1, flag=82)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/spd_table.cc:7153
|
#13 0x000015522c0ee175 in ha_spider::info (this=0x1551fc0c23a0, flag=18)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/spider/ha_spider.cc:6560
|
#14 0x000055c5f4172eaf in TABLE_LIST::fetch_number_of_rows (this=this@entry=0x1551fc01b068)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/table.cc:10128
|
#15 0x000055c5f40c37b0 in make_join_statistics (join=join@entry=0x1551fc01c0c8, tables_list=@0x1551fc01ac48: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x1551fc01c888, last = 0x1551fc01c888, elements = 1}, <No data fields>}, keyuse_array=keyuse_array@entry=0x1551fc01c428)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_select.cc:5611
|
#16 0x000055c5f40cd506 in JOIN::optimize_inner (this=this@entry=0x1551fc01c0c8)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_select.cc:2683
|
#17 0x000055c5f40cdabc in JOIN::optimize (this=this@entry=0x1551fc01c0c8)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_select.cc:1984
|
#18 0x000055c5f40cdbdc in mysql_select (thd=thd@entry=0x1551fc000d58, tables=0x1551fc01b068, fields=@0x1551fc01ace8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x1551fc01b018, last = 0x1551fc01cb08, elements = 2}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2165574400, result=0x1551fc01c0a0, unit=0x1551fc005240, select_lex=0x1551fc01aa30)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_select.cc:5320
|
#19 0x000055c5f40ce466 in handle_select (thd=thd@entry=0x1551fc000d58, lex=lex@entry=0x1551fc005160, result=result@entry=0x1551fc01c0a0, setup_tables_done_option=setup_tables_done_option@entry=0)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_select.cc:628
|
#20 0x000055c5f402db4b in execute_sqlcom_select (thd=thd@entry=0x1551fc000d58, all_tables=0x1551fc01b068)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_parse.cc:6147
|
#21 0x000055c5f4038b57 in mysql_execute_command (thd=thd@entry=0x1551fc000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_parse.cc:3953
|
#22 0x000055c5f403f04c in mysql_parse (thd=thd@entry=0x1551fc000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x15524007a2a0)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_parse.cc:7867
|
#23 0x000055c5f404140f in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x1551fc000d58, packet=packet@entry=0x1551fc00b319 "SELECT * FROM t2", packet_length=packet_length@entry=16, blocking=blocking@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_class.h:255
|
#24 0x000055c5f40438a5 in do_command (thd=0x1551fc000d58, blocking=blocking@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_parse.cc:1405
|
#25 0x000055c5f41b364b in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55c5f75286c8, put_in_cache=put_in_cache@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_connect.cc:1447
|
#26 0x000055c5f41b3940 in handle_one_connection (arg=arg@entry=0x55c5f75286c8)at /test/bb-11.6-mdev-32492-27902-29962_dbg/sql/sql_connect.cc:1349
|
#27 0x000055c5f4614133 in pfs_spawn_thread (arg=0x55c5f74ba108)at /test/bb-11.6-mdev-32492-27902-29962_dbg/storage/perfschema/pfs.cc:2198
|
#28 0x0000155244497ada in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:444
|
#29 0x000015524452847c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
We also see an ASAN heap-use-after-free:
|
11.6.0 29e9ade269d803b6823ec57808e0b7fad28baf9e (Optimized, UBASAN) |
==3089516==ERROR: AddressSanitizer: heap-use-after-free on address 0x612000034fe8 at pc 0x14f177cfc860 bp 0x14f179376ff0 sp 0x14f179376fe0
|
WRITE of size 4 at 0x612000034fe8 thread T12
|
#0 0x14f177cfc85f in spider_conn_reset_queue_loop_check(st_spider_conn*) /test/11.6_opt_san/storage/spider/spd_conn.cc:1238
|
#1 0x14f177cfd04e in spider_reset_conn_setted_parameter(st_spider_conn*, THD*) /test/11.6_opt_san/storage/spider/spd_conn.cc:259
|
#2 0x14f177c4ebbb in spider_db_connect(st_spider_share const*, st_spider_conn*, int) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:131
|
#3 0x14f177c53882 in spider_db_conn_queue_action(st_spider_conn*) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:256
|
#4 0x14f177c85c55 in spider_db_before_query(st_spider_conn*, int*) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:571
|
#5 0x14f177c86c10 in spider_db_set_names_internal(st_spider_transaction*, st_spider_share*, st_spider_conn*, int, int*) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:799
|
#6 0x14f177fc4f59 in spider_mbase_handler::show_table_status(int, int, unsigned int) /test/11.6_opt_san/storage/spider/spd_db_mysql.cc:13231
|
#7 0x14f177d7c303 in spider_get_sts(st_spider_share*, int, long, ha_spider*, double, int, int, int, unsigned int) /test/11.6_opt_san/storage/spider/spd_table.cc:7153
|
#8 0x14f177ee06ea in ha_spider::info(unsigned int) /test/11.6_opt_san/storage/spider/ha_spider.cc:6557
|
#9 0x5598c18e2910 in make_join_statistics /test/11.6_opt_san/sql/sql_select.cc:5606
|
#10 0x5598c191c5b1 in JOIN::optimize_inner() /test/11.6_opt_san/sql/sql_select.cc:2679
|
#11 0x5598c1923425 in JOIN::optimize() /test/11.6_opt_san/sql/sql_select.cc:1984
|
#12 0x5598c1923bc6 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.6_opt_san/sql/sql_select.cc:5315
|
#13 0x5598c1927a90 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.6_opt_san/sql/sql_select.cc:628
|
#14 0x5598c148faa0 in execute_sqlcom_select /test/11.6_opt_san/sql/sql_parse.cc:6147
|
#15 0x5598c14f3c92 in mysql_execute_command(THD*, bool) /test/11.6_opt_san/sql/sql_parse.cc:3953
|
#16 0x5598c1503042 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.6_opt_san/sql/sql_parse.cc:7868
|
#17 0x5598c150f53e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.6_opt_san/sql/sql_parse.cc:1892
|
#18 0x5598c151b418 in do_command(THD*, bool) /test/11.6_opt_san/sql/sql_parse.cc:1405
|
#19 0x5598c1ea3c7c in do_handle_one_connection(CONNECT*, bool) /test/11.6_opt_san/sql/sql_connect.cc:1447
|
#20 0x5598c1ea627c in handle_one_connection /test/11.6_opt_san/sql/sql_connect.cc:1349
|
#21 0x14f19ce97ad9 in start_thread nptl/pthread_create.c:444
|
#22 0x14f19cf2847b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
|
0x612000034fe8 is located 40 bytes inside of 280-byte region [0x612000034fc0,0x6120000350d8)
|
freed by thread T12 here:
|
#0 0x5598c0c0e8c7 in free (/test/UBASAN_MD170624-mariadb-11.6.0-linux-x86_64-opt/bin/mariadbd+0x7fd38c7)
|
#1 0x14f177deb957 in spider_free_mem(st_spider_transaction*, void*, unsigned long) /test/11.6_opt_san/storage/spider/spd_malloc.cc:183
|
#2 0x14f177cfc68d in spider_conn_reset_queue_loop_check(st_spider_conn*) /test/11.6_opt_san/storage/spider/spd_conn.cc:1230
|
#3 0x14f177cfd04e in spider_reset_conn_setted_parameter(st_spider_conn*, THD*) /test/11.6_opt_san/storage/spider/spd_conn.cc:259
|
#4 0x14f177c4ebbb in spider_db_connect(st_spider_share const*, st_spider_conn*, int) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:131
|
#5 0x14f177c53882 in spider_db_conn_queue_action(st_spider_conn*) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:256
|
#6 0x14f177c85c55 in spider_db_before_query(st_spider_conn*, int*) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:571
|
#7 0x14f177c86c10 in spider_db_set_names_internal(st_spider_transaction*, st_spider_share*, st_spider_conn*, int, int*) /test/11.6_opt_san/storage/spider/spd_db_conn.cc:799
|
#8 0x14f177fc4f59 in spider_mbase_handler::show_table_status(int, int, unsigned int) /test/11.6_opt_san/storage/spider/spd_db_mysql.cc:13231
|
#9 0x14f177d7c303 in spider_get_sts(st_spider_share*, int, long, ha_spider*, double, int, int, int, unsigned int) /test/11.6_opt_san/storage/spider/spd_table.cc:7153
|
#10 0x14f177ee06ea in ha_spider::info(unsigned int) /test/11.6_opt_san/storage/spider/ha_spider.cc:6557
|
#11 0x5598c18e2910 in make_join_statistics /test/11.6_opt_san/sql/sql_select.cc:5606
|
#12 0x5598c191c5b1 in JOIN::optimize_inner() /test/11.6_opt_san/sql/sql_select.cc:2679
|
#13 0x5598c1923425 in JOIN::optimize() /test/11.6_opt_san/sql/sql_select.cc:1984
|
#14 0x5598c1923bc6 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.6_opt_san/sql/sql_select.cc:5315
|
#15 0x5598c1927a90 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.6_opt_san/sql/sql_select.cc:628
|
#16 0x5598c148faa0 in execute_sqlcom_select /test/11.6_opt_san/sql/sql_parse.cc:6147
|
#17 0x5598c14f3c92 in mysql_execute_command(THD*, bool) /test/11.6_opt_san/sql/sql_parse.cc:3953
|
#18 0x5598c1503042 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.6_opt_san/sql/sql_parse.cc:7868
|
#19 0x5598c150f53e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.6_opt_san/sql/sql_parse.cc:1892
|
#20 0x5598c151b418 in do_command(THD*, bool) /test/11.6_opt_san/sql/sql_parse.cc:1405
|
#21 0x5598c1ea3c7c in do_handle_one_connection(CONNECT*, bool) /test/11.6_opt_san/sql/sql_connect.cc:1447
|
#22 0x5598c1ea627c in handle_one_connection /test/11.6_opt_san/sql/sql_connect.cc:1349
|
#23 0x14f19ce97ad9 in start_thread nptl/pthread_create.c:444
|
|
|
previously allocated by thread T12 here:
|
#0 0x5598c0c0ec17 in malloc (/test/UBASAN_MD170624-mariadb-11.6.0-linux-x86_64-opt/bin/mariadbd+0x7fd3c17)
|
#1 0x5598c5289f84 in my_malloc /test/11.6_opt_san/mysys/my_malloc.c:93
|
#2 0x14f177debdeb in spider_bulk_alloc_mem(st_spider_transaction*, unsigned int, char const*, char const*, unsigned long, unsigned long, ...) /test/11.6_opt_san/storage/spider/spd_malloc.cc:231
|
#3 0x14f177cfe6f0 in spider_conn_queue_loop_check(st_spider_conn*, ha_spider*, int) /test/11.6_opt_san/storage/spider/spd_conn.cc:1385
|
#4 0x14f177d1f54a in spider_get_conn(st_spider_share*, int, char*, st_spider_transaction*, ha_spider*, bool, bool, int*) /test/11.6_opt_san/storage/spider/spd_conn.cc:832
|
#5 0x14f177d3cb3f in spider_share_get_conns(ha_spider*, st_spider_share*, int*) /test/11.6_opt_san/storage/spider/spd_table.cc:5250
|
#6 0x14f177da41f2 in spider_init_share(char const*, TABLE*, THD*, ha_spider*, int*, st_spider_share*, TABLE_SHARE*, bool) /test/11.6_opt_san/storage/spider/spd_table.cc:5520
|
#7 0x14f177da600b in spider_get_share(char const*, TABLE*, THD*, ha_spider*, int*) /test/11.6_opt_san/storage/spider/spd_table.cc:5634
|
#8 0x14f177e9b5dc in ha_spider::open(char const*, int, unsigned int) /test/11.6_opt_san/storage/spider/ha_spider.cc:312
|
#9 0x5598c2b7f71d in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /test/11.6_opt_san/sql/handler.cc:3560
|
#10 0x5598c1d15707 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /test/11.6_opt_san/sql/table.cc:4599
|
#11 0x5598c10b224b in open_table(THD*, TABLE_LIST*, Open_table_context*) /test/11.6_opt_san/sql/sql_base.cc:2240
|
#12 0x5598c10c8f99 in open_and_process_table /test/11.6_opt_san/sql/sql_base.cc:4174
|
#13 0x5598c10c8f99 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /test/11.6_opt_san/sql/sql_base.cc:4660
|
#14 0x5598c10ce2b4 in open_tables /test/11.6_opt_san/sql/sql_base.h:272
|
#15 0x5598c10ce2b4 in open_normal_and_derived_tables(THD*, TABLE_LIST*, unsigned int, unsigned int) /test/11.6_opt_san/sql/sql_base.cc:5698
|
#16 0x5598c10cea94 in open_tables_only_view_structure(THD*, TABLE_LIST*, bool) /test/11.6_opt_san/sql/sql_base.cc:5749
|
#17 0x5598c1972850 in fill_schema_table_by_open /test/11.6_opt_san/sql/sql_show.cc:4808
|
#18 0x5598c1a29815 in get_all_tables(THD*, TABLE_LIST*, Item*) /test/11.6_opt_san/sql/sql_show.cc:5608
|
#19 0x5598c1a37eb8 in get_schema_tables_result(JOIN*, enum_schema_table_state) /test/11.6_opt_san/sql/sql_show.cc:9456
|
#20 0x5598c192fb2c in JOIN::exec_inner() /test/11.6_opt_san/sql/sql_select.cc:4974
|
#21 0x5598c1936983 in JOIN::exec() /test/11.6_opt_san/sql/sql_select.cc:4796
|
#22 0x5598c1923e8d in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/11.6_opt_san/sql/sql_select.cc:5329
|
#23 0x5598c1927a90 in handle_select(THD*, LEX*, select_result*, unsigned long long) /test/11.6_opt_san/sql/sql_select.cc:628
|
#24 0x5598c148faa0 in execute_sqlcom_select /test/11.6_opt_san/sql/sql_parse.cc:6147
|
#25 0x5598c14f3c92 in mysql_execute_command(THD*, bool) /test/11.6_opt_san/sql/sql_parse.cc:3953
|
#26 0x5598c1503042 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.6_opt_san/sql/sql_parse.cc:7868
|
#27 0x5598c150f53e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.6_opt_san/sql/sql_parse.cc:1892
|
#28 0x5598c151b418 in do_command(THD*, bool) /test/11.6_opt_san/sql/sql_parse.cc:1405
|
#29 0x5598c1ea3c7c in do_handle_one_connection(CONNECT*, bool) /test/11.6_opt_san/sql/sql_connect.cc:1447
|
#30 0x5598c1ea627c in handle_one_connection /test/11.6_opt_san/sql/sql_connect.cc:1349
|
#31 0x14f19ce97ad9 in start_thread nptl/pthread_create.c:444
|
|
|
Thread T12 created by T0 here:
|
#0 0x5598c0bb2a35 in pthread_create (/test/UBASAN_MD170624-mariadb-11.6.0-linux-x86_64-opt/bin/mariadbd+0x7f77a35)
|
#1 0x5598c0c67dce in create_thread_to_handle_connection(CONNECT*) /test/11.6_opt_san/sql/mysqld.cc:6203
|
#2 0x5598c0c7b70f in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /test/11.6_opt_san/sql/mysqld.cc:6327
|
#3 0x5598c0c7c7f7 in handle_connections_sockets() /test/11.6_opt_san/sql/mysqld.cc:6440
|
#4 0x5598c0c7f8cc in mysqld_main(int, char**) /test/11.6_opt_san/sql/mysqld.cc:6098
|
#5 0x14f19ce280cf in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
|
|
|
SUMMARY: AddressSanitizer: heap-use-after-free /test/11.6_opt_san/storage/spider/spd_conn.cc:1238 in spider_conn_reset_queue_loop_check(st_spider_conn*)
|
Shadow bytes around the buggy address:
|
0x0c247fffe9a0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c247fffe9b0: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa
|
0x0c247fffe9c0: fa fa fa fa fa fa fa fa 00 00 00 00 00 00 00 00
|
0x0c247fffe9d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c247fffe9e0: 00 00 00 00 00 00 00 00 00 00 fa fa fa fa fa fa
|
=>0x0c247fffe9f0: fa fa fa fa fa fa fa fa fd fd fd fd fd[fd]fd fd
|
0x0c247fffea00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c247fffea10: fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa fa
|
0x0c247fffea20: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
|
0x0c247fffea30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
|
0x0c247fffea40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
Left alloca redzone: ca
|
Right alloca redzone: cb
|
Shadow gap: cc
|
==3089516==ABORTING
|
240711 9:45:54 [ERROR] mysqld got signal 6 ;
|
Note: this bug still exists in bb-11.6-mdev-32492-27902-29962 and is thus not resolved by the MDEV-27902 patch.
Attachments
Issue Links
- duplicates
-
-
- Closed
-
- relates to
-
-
- Open
-
- split from
-
-
- Closed
-
Activity
In MTR runs we see stack corruption:
|
bb-11.6-mdev-32492-27902-29962 11.6.0 0d7c712debbe5056da2c34b5daf3fbd5969d00dc (Optimized) |
CURRENT_TEST: main.test
|
mysqltest: At line 17: query 'SELECT * FROM t2' failed with wrong errno <Unknown> (2013): 'Lost connection to server during query', instead of ER_CONNECT_TO_FOREIGN_DATA_SOURCE (1429)...
|
|
|
- found 'core' (0/5)
|
Guessing that core was generated by '/test/MDEV-32492-27902-29962_MD100724-mariadb-11.6.0-linux-x86_64-opt/bin/mysqlhotcopy'
|
Output from gdb follows. The first stack trace is from the failing thread.
|
The following stack traces are from all threads (so the failing one is
|
duplicated).
|
--------------------------
|
"/test/MDEV-32492-27902-29962_MD100724-mariadb-11.6.0-linux-x86_64-opt/bin/mysqlhotcopy": not in executable format: file format not recognized
|
[New LWP 3451023]
|
[New LWP 3450742]
|
[New LWP 3450910]
|
[New LWP 3451139]
|
[New LWP 3450954]
|
[New LWP 3451387]
|
[New LWP 3450941]
|
[New LWP 3451140]
|
[New LWP 3450952]
|
Core was generated by `/test/MDEV-32492-27902-29962_MD100724-mariadb-11.6.0-linux-x86_64-opt/bin/maria'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x00001479b057d5ec in ?? ()
|
[Current thread is 1 (LWP 3451023)]
|
|
|
Thread 9 (LWP 3450952):
|
#0 0x00001479b0494076 in ?? ()
|
#1 0x0000000000000000 in ?? ()
|
|
|
Thread 8 (LWP 3451140):
|
#0 0x00001479b0494076 in ?? ()
|
#1 0x00001479a9ec22c0 in ?? ()
|
#2 0x0000018990010d00 in ?? ()
|
#3 0x0000147998035a80 in ?? ()
|
#4 0x0000000000000000 in ?? ()
|
|
|
Thread 7 (LWP 3450941):
|
#0 0x00001479b0494076 in ?? ()
|
#1 0x0000000000000000 in ?? ()
|
|
|
Thread 6 (LWP 3451387):
|
#0 0x00001479b0494076 in ?? ()
|
#1 0x00001479a9a4eb40 in ?? ()
|
#2 0x00000189dfba3115 in ?? ()
|
#3 0x000055f1e0fe1d4c in ?? ()
|
#4 0x00001479a9a4ecc0 in ?? ()
|
#5 0x000055f1e0fe1d20 in ?? ()
|
#6 0x000055f1e0fe1d44 in ?? ()
|
#7 0x0000000000000000 in ?? ()
|
|
|
Thread 5 (LWP 3450954):
|
#0 0x00001479b04435ca in ?? ()
|
#1 0x00001479a9ffebd0 in ?? ()
|
#2 0x0000000000000000 in ?? ()
|
|
|
Thread 4 (LWP 3451139):
|
#0 0x00001479b0494076 in ?? ()
|
#1 0x0000000000000200 in ?? ()
|
#2 0x00000189e0f34440 in ?? ()
|
#3 0x00001479980359b0 in ?? ()
|
#4 0x0000000000000000 in ?? ()
|
|
|
Thread 3 (LWP 3450910):
|
#0 0x00001479b0494076 in ?? ()
|
#1 0x0000000000000000 in ?? ()
|
|
|
Thread 2 (LWP 3450742):
|
#0 0x00001479b051a18f in ?? ()
|
#1 0x000055f1e3e2fb80 in ?? ()
|
#2 0x000055f1e3e46988 in ?? ()
|
#3 0x0000000000000003 in ?? ()
|
#4 0xffffffff00000001 in ?? ()
|
#5 0x00007ffc7cca1e70 in ?? ()
|
#6 0x000055f1dfaf4fb2 in ?? ()
|
#7 0x00007ffc7cca1d20 in ?? ()
|
#8 0x00007ffc7cca1d10 in ?? ()
|
#9 0x000000010000000c in ?? ()
|
#10 0x0000000c00000000 in ?? ()
|
#11 0x00001479b05feca0 in ?? ()
|
#12 0x00000080a18c0900 in ?? ()
|
#13 0x0000002100000020 in ?? ()
|
#14 0x0000000100000020 in ?? ()
|
#15 0x00000000ffffffff in ?? ()
|
#16 0x00000020e068a428 in ?? ()
|
#17 0x000055f1e3e46988 in ?? ()
|
#18 0x0000000000000003 in ?? ()
|
#19 0x0000000000000010 in ?? ()
|
#20 0x0000000000000010 in ?? ()
|
#21 0x0000000000000008 in ?? ()
|
#22 0x0000000000000000 in ?? ()
|
|
|
Thread 1 (LWP 3451023):
|
#0 0x00001479b057d5ec in ?? ()
|
#1 0x00001479a9ec2d1a in ?? ()
|
#2 0x000f92659994e898 in ?? ()
|
#3 0x00000001afc26dc0 in ?? ()
|
#4 0xfffffffffffffdf8 in ?? ()
|
#5 0x000055f1e0f34440 in ?? ()
|
#6 0x0000000000000000 in ?? ()
|
However, a direct gdb call on the same core resolves the stacks correctly:
|
bb-11.6-mdev-32492-27902-29962 11.6.0 0d7c712debbe5056da2c34b5daf3fbd5969d00dc (Optimized) |
Core was generated by `/test/MDEV-32492-27902-29962_MD100724-mariadb-11.6.0-linux-x86_64-opt/bin/maria'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 __memcpy_avx_unaligned_erms ()at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:344
|
Download failed: Invalid argument. Continuing without source file ./string/../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S.
|
[Current thread is 1 (LWP 3451023)]
|
(gdb) bt
|
#0 __memcpy_avx_unaligned_erms ()at ../sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S:344
|
#1 0x00001479a9ec2d1a in memcpy (__len=<optimized out>, __src=<optimized out>, __dest=<optimized out>)at /usr/include/x86_64-linux-gnu/bits/string_fortified.h:29
|
#2 spider_conn_queue_and_merge_loop_check (conn=conn@entry=0x14799823fa58, lcptr=lcptr@entry=0x14799810cf48)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_conn.cc:1127
|
#3 0x00001479a9ec2e7d in spider_conn_reset_queue_loop_check (conn=0x14799823fa58)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_conn.cc:1239
|
#4 0x00001479a9ec309f in spider_reset_conn_setted_parameter (conn=<optimized out>, thd=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_conn.cc:259
|
#5 0x00001479a9eae9a6 in spider_db_connect (share=0x147998258ab8, conn=conn@entry=0x14799823fa58, link_idx=0)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:131
|
#6 0x00001479a9eaf660 in spider_db_conn_queue_action (conn=conn@entry=0x14799823fa58)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:256
|
#7 0x00001479a9eb4b80 in spider_db_before_query (conn=0x14799823fa58, need_mon=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:571
|
#8 0x00001479a9eb4d82 in spider_db_set_names_internal (trx=0x1479981d6198, share=0x14799844ba78, conn=conn@entry=0x14799823fa58, all_link_idx=0, need_mon=0x147998042ed8)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:799
|
#9 0x00001479a9eb4f39 in spider_db_set_names (spider=<optimized out>, conn=conn@entry=0x14799823fa58, link_idx=link_idx@entry=0)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_conn.cc:842
|
#10 0x00001479a9f2b749 in spider_mbase_handler::show_table_status (this=0x14799823e4f0, link_idx=0, sts_mode=1, flag=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_db_mysql.cc:13231
|
#11 0x00001479a9ede584 in spider_get_sts (share=0x14799844ba78, link_idx=0, tmp_time=tmp_time@entry=1720652789, spider=spider@entry=0x14799844aec0, sts_interval=sts_interval@entry=0, sts_mode=sts_mode@entry=1, sts_sync=sts_sync@entry=0, sts_sync_level=1, flag=82)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/spd_table.cc:7153
|
#12 0x00001479a9f0d6f7 in ha_spider::info (this=0x14799844aec0, flag=18)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/spider/ha_spider.cc:6560
|
#13 0x000055f1dfc7cba1 in make_join_statistics (join=join@entry=0x147998014518, tables_list=@0x147998013098: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x147998014cc8, last = 0x147998014cc8, elements = 1}, <No data fields>}, keyuse_array=keyuse_array@entry=0x147998014870)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:5611
|
#14 0x000055f1dfc83b72 in JOIN::optimize_inner (this=this@entry=0x147998014518)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:2683
|
#15 0x000055f1dfc8431a in JOIN::optimize (this=this@entry=0x147998014518)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:1984
|
#16 0x000055f1dfc84411 in mysql_select (thd=thd@entry=0x147998000c68, tables=0x1479980134b8, fields=@0x147998013138: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x147998013468, last = 0x147998014f48, elements = 2}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x1479980144f0, unit=0x147998004f88, select_lex=0x147998012e80)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:5320
|
#17 0x000055f1dfc84c64 in handle_select (thd=thd@entry=0x147998000c68, lex=lex@entry=0x147998004ea8, result=result@entry=0x1479980144f0, setup_tables_done_option=setup_tables_done_option@entry=0)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_select.cc:628
|
#18 0x000055f1dfbf6e75 in execute_sqlcom_select (thd=thd@entry=0x147998000c68, all_tables=0x1479980134b8)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:6147
|
#19 0x000055f1dfc0610f in mysql_execute_command (thd=thd@entry=0x147998000c68, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:3953
|
#20 0x000055f1dfc07626 in mysql_parse (thd=0x147998000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:7867
|
#21 0x000055f1dfc09805 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x147998000c68, packet=packet@entry=0x147998008859 "SELECT * FROM t2", packet_length=packet_length@entry=16, blocking=blocking@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:1991
|
#22 0x000055f1dfc0bdf0 in do_command (thd=0x147998000c68, blocking=blocking@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_parse.cc:1405
|
#23 0x000055f1dfd3b69f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55f1e3eca928, put_in_cache=put_in_cache@entry=true)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_connect.cc:1447
|
#24 0x000055f1dfd3b9ed in handle_one_connection (arg=arg@entry=0x55f1e3eca928)at /test/bb-11.6-mdev-32492-27902-29962_opt/sql/sql_connect.cc:1349
|
#25 0x000055f1e00f1ecd in pfs_spawn_thread (arg=0x55f1e3e72c68)at /test/bb-11.6-mdev-32492-27902-29962_opt/storage/perfschema/pfs.cc:2198
|
#26 0x00001479b0497ada in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:444
|
#27 0x00001479b052847c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
ycp Hi! As requested & now confirmed; yes the issue exists in bb-10.5-mdev-29962, however it seems for a debug build only; an optimized build does not crash.
Roel, thanks for the testcase. This bug seems to be fixed by the patch for MDEV-34541.
Oh, interesting, as the SQL and Spider setup is very different, and the stacks are in different locations. Thank you!
MTR Testcase:
--let $SOCKET= `SELECT @@global.socket`--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE--error ER_CONNECT_TO_FOREIGN_DATA_SOURCE