Details
-
Bug
-
Status: Open (View Workflow)
-
Critical
-
Resolution: Unresolved
-
11.4.8, 11.8.3
-
None
-
x86_32, x86_64
Description
I have found a weird crash that seems to happen only with Yocto 5.3 (current master development) that has GCC 15. I tested MariaDB versions 11.4.6, 11.4.8 and 11.8.3.
The backtrace is as follows:
(gdb) bt
|
#0 my_convert (to=<optimized out>, to_length=160, to_cs=0x55b5740fbda0 <my_charset_utf8mb4_general_ci>, from=<optimized out>, from_length=40, |
from_cs=0x55b57408bda0 <my_charset_utf8mb3_unicode_ci>, errors=0x7f950c35cd6c) at /usr/src/debug/mariadb/11.8.3/strings/ctype.c:1256 |
#1 0x000055b572d9f4a0 in copy_and_convert (to=0x7f94fc00c9db "Configuratiogicate_log\020automagicate_log\017is_done_message\017is_done_message", |
to_length=<optimized out>, to_cs=<optimized out>, from=0x7f94fc059f37 "Configuration downloading from portal...", from_length=40, from_cs=<optimized out>, |
errors=0x7f950c35cd6c) at /usr/src/debug/mariadb/11.8.3/sql/sql_string.h:53 |
#2 Protocol::net_store_data_cs (this=0x7f94fc001260, from=0x7f94fc059f37 "Configuration downloading from portal...", length=40, from_cs=<optimized out>, |
to_cs=<optimized out>) at /usr/src/debug/mariadb/11.8.3/sql/protocol.cc:114 |
#3 0x000055b572da103f in Protocol::send_result_set_row (this=this@entry=0x7f94fc001260, row_items=row_items@entry=0x7f94fc013418) |
at /usr/src/debug/mariadb/11.8.3/sql/protocol.cc:1359 |
#4 0x000055b572e19442 in select_send::send_data (this=0x7f94fc014f78, items=...) at /usr/src/debug/mariadb/11.8.3/sql/sql_class.cc:3294 |
#5 0x000055b572ef7c69 in select_result_sink::send_data_with_check (u=<optimized out>, sent=<optimized out>, this=<optimized out>, items=...) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_class.h:6264 |
#6 select_result_sink::send_data_with_check (this=<optimized out>, items=..., u=<optimized out>, sent=<optimized out>) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_class.h:6254 |
#7 end_send (join=<optimized out>, join_tab=<optimized out>, end_of_records=<optimized out>) at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:25629 |
#8 0x000055b572ec38b6 in evaluate_join_record (join=join@entry=0x7f94fc014fa0, join_tab=join_tab@entry=0x7f94fc016940, error=error@entry=0) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:24523 |
#9 0x000055b572edcbf2 in sub_select (join=0x7f94fc014fa0, join_tab=0x7f94fc016940, end_of_records=<optimized out>) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:24290 |
#10 0x000055b572f119c6 in do_select (join=0x7f94fc014fa0, procedure=<optimized out>) at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:23801 |
#11 JOIN::exec_inner (this=this@entry=0x7f94fc014fa0) at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:5071 |
#12 0x000055b572f11d43 in JOIN::exec (this=this@entry=0x7f94fc014fa0) at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:4859 |
#13 0x000055b572f0ffe6 in mysql_select (thd=thd@entry=0x7f94fc000cd8, tables=0x7f94fc013f38, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, |
proc_param=0x0, select_options=551922436864, result=0x7f94fc014f78, unit=0x7f94fc005038, select_lex=0x7f94fc013160) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:5387 |
#14 0x000055b572f107dd in handle_select (thd=thd@entry=0x7f94fc000cd8, lex=lex@entry=0x7f94fc004f58, result=result@entry=0x7f94fc014f78, |
setup_tables_done_option=setup_tables_done_option@entry=0) at /usr/src/debug/mariadb/11.8.3/sql/sql_select.cc:633 |
#15 0x000055b572e77d9e in execute_sqlcom_select (thd=thd@entry=0x7f94fc000cd8, all_tables=0x7f94fc013f38) at /usr/src/debug/mariadb/11.8.3/sql/sql_parse.cc:6190 |
#16 0x000055b572e877be in mysql_execute_command (thd=thd@entry=0x7f94fc000cd8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_parse.cc:3975 |
#17 0x000055b572e88e03 in mysql_parse (thd=0x7f94fc000cd8, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) |
at /usr/src/debug/mariadb/11.8.3/sql/sql_parse.cc:7905 |
#18 0x000055b572e8b2a1 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7f94fc000cd8, packet=packet@entry=0x7f94fc0088a9 "", |
packet_length=packet_length@entry=152, blocking=blocking@entry=true) at /usr/src/debug/mariadb/11.8.3/sql/sql_parse.cc:1903 |
#19 0x000055b572e8cf7c in do_command (thd=thd@entry=0x7f94fc000cd8, blocking=blocking@entry=true) at /usr/src/debug/mariadb/11.8.3/sql/sql_parse.cc:1416 |
#20 0x000055b572fcfc0d in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /usr/src/debug/mariadb/11.8.3/sql/sql_connect.cc:1415 |
#21 0x000055b572fcffc5 in handle_one_connection (arg=arg@entry=0x55b57943cbd8) at /usr/src/debug/mariadb/11.8.3/sql/sql_connect.cc:1327 |
#22 0x000055b573382440 in pfs_spawn_thread (arg=0x55b5795eb598) at /usr/src/debug/mariadb/11.8.3/storage/perfschema/pfs.cc:2198 |
#23 0x00007f952e8571dd in start_thread (arg=<optimized out>) at pthread_create.c:448 |
#24 0x00007f952e8d318c in __GI___clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 |
It happens when the database contains utf8mb3 encoded strings. The crash seems to be randomly reproducible.
The DB contents were carried over from an older installation and upgraded with mysql_upgrade. Sometimes even this in-place upgrade crashes. When it succeeds, plain SELECT}}s crash randomly. {{mysqldump crashes the server randomly on tables.
The code in question is this:
#if defined(__i386__) || defined(__x86_64__) |
/* |
Special loop for i386, it allows to refer to a
|
non-aligned memory block as UINT32, which makes
|
it possible to copy four bytes at once. This
|
gives about 10% performance improvement comparing
|
to byte-by-byte loop.
|
*/
|
for ( ; length >= 4; length-= 4, from+= 4, to+= 4) |
{
|
if ((*(uint32*)from) & 0x80808080) <======== this is where it crashes |
break; |
*((uint32*) to)= *((const uint32*) from); |
}
|
#endif /* __i386__ */ |
Probably, it's an unaligned access that happens randomly, and depends on compiler optimization settings.
Removing the i386-optimized code stops the MariaDB server crashes, with no other changes to the system.
Attachments
Issue Links
- duplicates
-
-
- Open
-
- relates to
-
-
- Open
-