Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
11.4
Description
Also see MDEV-35053.
|
CS 11.4.6 ef966af801afc2a07222b5df65dddd52c77431dd (Optimized) Build 15/02/2025 |
Core was generated by `/test/MD150225-mariadb-11.4.6-linux-x86_64-opt/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 purge_sys_t::iterator::free_history_rseg (this=this@entry=0x1528bfdffce0, rseg=...) at /test/11.4_opt/storage/innobase/trx/trx0purge.cc:493
|
|
|
[Current thread is 1 (LWP 3788608)]
|
(gdb) bt
|
#0 purge_sys_t::iterator::free_history_rseg (this=this@entry=0x1528bfdffce0, rseg=@0x559c54de6740: {space = 0x559c578cf418, latch = {pfs_psi = 0x0, lock = {writer = {lock = std::atomic<unsigned int> = { 3 }, static HOLDER = 1, static WAITER = 2}, readers = std::atomic<unsigned int> = { 2147483648 }, static WRITER = 2147483648}}, page_no = 32, history_size = 1, needs_purge = 658, ref = std::atomic<unsigned int> = { 0 }, static SKIP = 1, static REF = 2, curr_size = 2, undo_list = {count = 0, start = 0x0, end = 0x0, node = &trx_undo_t::undo_list}, undo_cached = {count = 1, start = 0x152888214248, end = 0x152888214248, node = &trx_undo_t::undo_list}, last_page_no = 4294967295, last_commit_and_offset = 43123604}) at /test/11.4_opt/storage/innobase/trx/trx0purge.cc:493
|
#1 0x0000559c541e21c1 in purge_sys_t::iterator::free_history (this=0x1528bfdffce0)at /test/11.4_opt/storage/innobase/trx/trx0purge.cc:554
|
#2 0x0000559c541d8217 in purge_truncation_callback ()at /test/11.4_opt/storage/innobase/srv/srv0srv.cc:1099
|
#3 0x0000559c542aa568 in tpool::task_group::execute (this=0x559c55743fa8 <purge_truncation_task_group>, t=0x559c55744040 <purge_truncation_task>)at /test/11.4_opt/tpool/task_group.cc:70
|
#4 0x0000559c542a82f6 in tpool::thread_pool_generic::worker_main (this=0x559c577d1d30, thread_var=0x559c577d21b0)at /test/11.4_opt/tpool/tpool_generic.cc:574
|
#5 0x00001528ee2eabb4 in std::execute_native_thread_routine (__p=0x1528ac000b70)at ../../../../../src/libstdc++-v3/src/c++11/thread.cc:104
|
#6 0x00001528ede9ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#7 0x00001528edf29c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
Observed once. All attempts to reproduce and/or create a testcase have failed thus far.
No relevant information in error log (no crash report - nothing).
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
I added a gdb thread apply all bt, registers, disassemble etc. Hopefully it helps.
set logging file MDEV-36098.txt
|
set logging enabled on
|
set pagination off
|
set print pretty on
|
set print frame-arguments all
|
thread apply all bt
|
info threads
|
show scheduler-locking
|
show schedule-multiple
|
show non-stop
|
show target-async
|
display/i $pc
|
disassemble
|
info reg
|
print buf_pool
|
set logging enabled off
|
As far as I can tell, a pointer of the doubly linked list rseg.undo_cached is corrupted. The output does not reveal in which way, nor what might have introduced this corruption. Can you produce an rr replay trace that is leading to this crash?
marko Thought you may want to see this given
MDEV-35053. As mentioned, all attempts to reproduce and/or create a testcase have failed thus far (thus also no rr or similar). Will keep trying for some time. Feel free to assign back to me.