Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.5, 10.6, 10.11, 11.2(EOL), 11.4, 11.6(EOL), 11.7
Description
Looping this sporadic testcase till it crashes:
DROP DATABASE test; |
CREATE DATABASE test; |
USE test; |
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE SERVER srv FOREIGN DATA WRAPPER mysql OPTIONS (SOCKET '../socket.sock', DATABASE 'test', USER 'Spider', PASSWORD ''); |
CREATE TABLE t1 (c INT PRIMARY KEY,c1 BLOB, c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql", SRV "srv", TABLE "t"'; |
CREATE TABLE t2 (c INT KEY,c1 BLOB, c2 TEXT) ENGINE=Spider COMMENT='WRAPPER "mysql", SRV "srv", TABLE "tm"'; |
CREATE TABLE t3 (e INT, f BLOB) ENGINE=Spider; |
SET GLOBAL default_storage_engine=Spider; |
CREATE TABLE t5 (c1 TINYINT NOT NULL); |
XA START 'xa1'; |
SHOW CREATE TABLE t1; |
SET spider_semi_table_lock=1; |
SELECT AVG(c1) AS VALUE FROM t1; |
SET GLOBAL table_open_cache=10; |
EXPLAIN EXTENDED SELECT * FROM t3 WHERE a >=any (SELECT b FROM t2); |
INSERT INTO t2 VALUES (0,0,0,'a','b','c','d'); |
UPDATE IGNORE t5 SET c1=NULL WHERE c1>1; |
SELECT * FROM t1 WHERE c2 IS NOT NULL ORDER BY c1,c2 LIMIT 2; |
INSERT INTO t1 SELECT A.a+10* B.a+100* C.a, A.a+10* B.a+100* C.a, 'filler' FROM t1 A, t1 B, t1 C; |
INSERT INTO t3 VALUES (1,0); |
SELECT HEX(c1),HEX (c2) FROM t5; |
SELECT * FROM t2 WHERE c1 <=-255 ORDER BY c1,c6 DESC LIMIT 2; |
We see after 200-700 repeats:
CS 11.2.6 e91a79945822def1452787f825e6047c6a64dbd9 (Debug) |
Core was generated by `/test/MD090924-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 spider_db_mbase::append_lock_tables (this=0x149cb0067890, str=0x149cb00f3670) at /test/11.2_dbg/storage/spider/spd_db_mysql.cc:3572
|
 |
[Current thread is 1 (LWP 3655217)]
|
(gdb) bt
|
#0 spider_db_mbase::append_lock_tables (this=0x149cb0067890, str=0x149cb00f3670) at /test/11.2_dbg/storage/spider/spd_db_mysql.cc:3572
|
#1 0x0000149d1ffa8120 in spider_mbase_handler::lock_tables (this=0x149cb00f3610, link_idx=0)at /test/11.2_dbg/storage/spider/spd_db_mysql.cc:13877
|
#2 0x0000149d1ff2e2ae in spider_db_lock_tables (spider=spider@entry=0x149cb003b030, link_idx=link_idx@entry=0)at /test/11.2_dbg/storage/spider/spd_db_conn.cc:1271
|
#3 0x0000149d1ff96ac7 in ha_spider::lock_tables (this=this@entry=0x149cb003b030)at /test/11.2_dbg/storage/spider/ha_spider.cc:11990
|
#4 0x0000149d1ff96f61 in ha_spider::external_lock (this=0x149cb003b030, thd=0x149cb0000d58, lock_type=0)at /test/11.2_dbg/storage/spider/ha_spider.cc:941
|
#5 0x0000563cf5f27f71 in handler::ha_external_lock (this=0x149cb003b030, thd=thd@entry=0x149cb0000d58, lock_type=lock_type@entry=0)at /test/11.2_dbg/sql/handler.cc:7445
|
#6 0x0000563cf6083118 in lock_external (count=1, tables=0x149cb00154e0, thd=0x149cb0000d58) at /test/11.2_dbg/sql/lock.cc:396
|
#7 mysql_lock_tables (thd=thd@entry=0x149cb0000d58, sql_lock=sql_lock@entry=0x149cb00154b0, flags=flags@entry=0)at /test/11.2_dbg/sql/lock.cc:341
|
#8 0x0000563cf6083f4b in mysql_lock_tables (thd=thd@entry=0x149cb0000d58, tables=tables@entry=0x149cb00154a8, count=count@entry=1, flags=flags@entry=0) at /test/11.2_dbg/sql/lock.cc:304
|
#9 0x0000563cf5b89138 in lock_tables (thd=thd@entry=0x149cb0000d58, tables=0x149cb0013d50, count=<optimized out>, flags=flags@entry=0)at /test/11.2_dbg/sql/sql_base.cc:5917
|
#10 0x0000563cf5b8af1c in open_and_lock_tables (thd=thd@entry=0x149cb0000d58, options=<optimized out>, tables=<optimized out>, tables@entry=0x149cb0013d50, derived=derived@entry=true, flags=flags@entry=0, prelocking_strategy=prelocking_strategy@entry=0x149d24078880)at /test/11.2_dbg/sql/sql_base.cc:5649
|
#11 0x0000563cf5bfde10 in open_and_lock_tables (flags=0, derived=true, tables=0x149cb0013d50, thd=0x149cb0000d58)at /test/11.2_dbg/sql/sql_base.h:531
|
#12 execute_sqlcom_select (thd=thd@entry=0x149cb0000d58, all_tables=0x149cb0013d50) at /test/11.2_dbg/sql/sql_parse.cc:6089
|
#13 0x0000563cf5c0a07a in mysql_execute_command (thd=thd@entry=0x149cb0000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/11.2_dbg/sql/sql_parse.cc:3984
|
#14 0x0000563cf5c10d26 in mysql_parse (thd=thd@entry=0x149cb0000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x149d240792a0)at /test/11.2_dbg/sql/sql_parse.cc:7929
|
#15 0x0000563cf5c131bd in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x149cb0000d58, packet=packet@entry=0x149cb000b309 "SELECT * FROM t2 WHERE c1 <=-255 ORDER BY c1,c6 DESC LIMIT 2", packet_length=packet_length@entry=60, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_class.h:248
|
#16 0x0000563cf5c153e3 in do_command (thd=0x149cb0000d58, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_parse.cc:1407
|
#17 0x0000563cf5d8135c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x563cf888b448, put_in_cache=put_in_cache@entry=true)at /test/11.2_dbg/sql/sql_connect.cc:1439
|
#18 0x0000563cf5d8165c in handle_one_connection (arg=arg@entry=0x563cf888b448)at /test/11.2_dbg/sql/sql_connect.cc:1341
|
#19 0x0000563cf61c862c in pfs_spawn_thread (arg=0x563cf88a8a38)at /test/11.2_dbg/storage/perfschema/pfs.cc:2201
|
#20 0x0000149d2689ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#21 0x0000149d26929c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
A stack which was previously fixed in MDEV-29963.
Additionally, about 60-70% of the time the crash is not in spider_db_mbase::append_lock_tables but in spider_string::length - as stack previously seen in MDEV-29854 on LOCK TABLES whereas here it is on SELECT:
CS 11.2.6 e91a79945822def1452787f825e6047c6a64dbd9 (Debug) |
Core was generated by `/test/MD090924-mariadb-11.2.6-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 spider_string::length (this=0x1) at /test/11.2_dbg/sql/sql_string.h:355
|
 |
[Current thread is 1 (LWP 3889885)]
|
(gdb) bt
|
#0 spider_string::length (this=0x1) at /test/11.2_dbg/sql/sql_string.h:355
|
#1 0x000014df50152689 in spider_link_get_key (link_for_hash=0x14def41f1008, length=0x14df50567518, not_used=<optimized out>)at /test/11.2_dbg/storage/spider/spd_table.cc:408
|
#2 0x000055c416461656 in my_hash_key (first=1 '\001', length=0x14df50567518, record=<optimized out>, hash=0x14def4284b88)at /test/11.2_dbg/mysys/hash.c:197
|
#3 hashcmp (hash=hash@entry=0x14def4284b88, pos=pos@entry=0x14def408cad8, key=key@entry=0x14def40fb408 "`test`.`tm`", length=length@entry=11)at /test/11.2_dbg/mysys/hash.c:380
|
#4 0x000055c41646188f in my_hash_first_from_hash_value (hash=0x14def4284b88, hash_value=<optimized out>, key=0x14def40fb408 "`test`.`tm`", length=11, current_record=current_record@entry=0x14df505675bc)at /test/11.2_dbg/mysys/hash.c:291
|
#5 0x000055c4164618e0 in my_hash_search_using_hash_value (hash=<optimized out>, hash_value=<optimized out>, key=<optimized out>, length=<optimized out>) at /test/11.2_dbg/mysys/hash.c:245
|
#6 0x000014df501a2202 in spider_mbase_handler::append_lock_tables_list (this=0x14def4037070, conn=0x14def4317038, link_idx=0, appended=0x14df5056763c)at /test/11.2_dbg/storage/spider/spd_db_mysql.cc:12760
|
#7 0x000014df50196484 in ha_spider::append_lock_tables_list (this=this@entry=0x14def4080040)at /test/11.2_dbg/storage/spider/ha_spider.cc:11915
|
#8 0x000014df501968b0 in ha_spider::store_lock (this=0x14def4080040, thd=0x14def4000d58, to=0x14def40154d0, lock_type=TL_READ)at /test/11.2_dbg/storage/spider/ha_spider.cc:820
|
#9 0x000055c415e0ebb7 in get_lock_data (thd=thd@entry=0x14def4000d58, table_ptr=table_ptr@entry=0x14def40154a8, count=count@entry=1, flags=flags@entry=3) at /test/11.2_dbg/sql/lock.cc:825
|
#10 0x000055c415e0ef31 in mysql_lock_tables (thd=thd@entry=0x14def4000d58, tables=tables@entry=0x14def40154a8, count=count@entry=1, flags=flags@entry=0) at /test/11.2_dbg/sql/lock.cc:301
|
#11 0x000055c415914138 in lock_tables (thd=thd@entry=0x14def4000d58, tables=0x14def4013d50, count=<optimized out>, flags=flags@entry=0)at /test/11.2_dbg/sql/sql_base.cc:5917
|
#12 0x000055c415915f1c in open_and_lock_tables (thd=thd@entry=0x14def4000d58, options=<optimized out>, tables=<optimized out>, tables@entry=0x14def4013d50, derived=derived@entry=true, flags=flags@entry=0, prelocking_strategy=prelocking_strategy@entry=0x14df50567880)at /test/11.2_dbg/sql/sql_base.cc:5649
|
#13 0x000055c415988e10 in open_and_lock_tables (flags=0, derived=true, tables=0x14def4013d50, thd=0x14def4000d58)at /test/11.2_dbg/sql/sql_base.h:531
|
#14 execute_sqlcom_select (thd=thd@entry=0x14def4000d58, all_tables=0x14def4013d50) at /test/11.2_dbg/sql/sql_parse.cc:6089
|
#15 0x000055c41599507a in mysql_execute_command (thd=thd@entry=0x14def4000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/11.2_dbg/sql/sql_parse.cc:3984
|
#16 0x000055c41599bd26 in mysql_parse (thd=thd@entry=0x14def4000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14df505682a0)at /test/11.2_dbg/sql/sql_parse.cc:7929
|
#17 0x000055c41599e1bd in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14def4000d58, packet=packet@entry=0x14def401f8f9 "SELECT * FROM t2 WHERE c1 <=-255 ORDER BY c1,c6 DESC LIMIT 2", packet_length=packet_length@entry=60, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_class.h:248
|
#18 0x000055c4159a03e3 in do_command (thd=0x14def4000d58, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_parse.cc:1407
|
#19 0x000055c415b0c35c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55c418e37ce8, put_in_cache=put_in_cache@entry=true)at /test/11.2_dbg/sql/sql_connect.cc:1439
|
#20 0x000055c415b0c65c in handle_one_connection (arg=arg@entry=0x55c418e37ce8)at /test/11.2_dbg/sql/sql_connect.cc:1341
|
#21 0x000055c415f5362c in pfs_spawn_thread (arg=0x55c418e70f68)at /test/11.2_dbg/storage/perfschema/pfs.cc:2201
|
#22 0x000014df52c9ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#23 0x000014df52d29c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
Bug confirmed present in:
MariaDB: 10.5.27 (dbg), 10.5.27 (opt), 10.6.20 (dbg), 10.6.20 (opt), 10.11.10 (dbg), 10.11.10 (opt), 11.2.6 (dbg), 11.2.6 (opt), 11.4.4 (dbg), 11.4.4 (opt), 11.6.2 (dbg), 11.6.2 (opt), 11.7.0 (dbg), 11.7.0 (opt)
Attachments
Issue Links
- relates to
-
MDEV-29854 SIGSEGV in spider_string::length on LOCK TABLES
- Closed
-
MDEV-29963 SIGSEGV in spider_db_mbase::append_lock_tables on LOCK TABLES
- Closed