Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.1
-
None
-
None
Description
I create a table on a remote MySQL server:
CREATE OR REPLACE TABLE t1 (a INT);
|
INSERT INTO t1 VALUES (10),(20),(30);
|
and create a ConnectSE connection on a local server:
CREATE OR REPLACE TABLE t1 (a int) ENGINE=CONNECT TABLE_TYPE=ODBC CONNECTION='dsn=MySQL;uid=root;';
|
SELECT * FROM t1;
|
It works fine.
Now if I try to insert more rows into this table:
INSERT INTO t1 VALUES (40);
|
it crashes with this stack trace:
#0 0x00005555563d5201 in ?? ()
|
#1 0x00007ffff7f7ddd0 in ?? ()
|
#2 0x00007fff89ab731d in mysql_stmt_prepare ()
|
from /usr/lib64/mysql/libmysqlclient.so.18
|
#3 0x00007fffa8dd35e6 in prepare () from /usr/lib64/libmyodbc5.so
|
#4 0x00007fffa8dda55c in SQLPrepareWImpl () from /usr/lib64/libmyodbc5.so
|
#5 0x00007fffb25b343c in SQLPrepare () from /lib64/libodbc.so.2
|
#6 0x00007ffff35adfbe in ODBConn::PrepareSQL (this=0x7fff8a000518,
|
sql=0x7fff8a0007b8 "INSERT INTO t1(a) VALUES (?)")
|
at /home/bar/maria-git/server.10.1/storage/connect/odbconn.cpp:1640
|
#7 0x00007ffff35a816f in TDBODBC::OpenDB (this=0x7fff8a0002a0,
|
g=0x7fff8ec6c000)
|
at /home/bar/maria-git/server.10.1/storage/connect/tabodbc.cpp:945
|
#8 0x00007ffff34fae8f in CntOpenTable (g=0x7fff8ec6c000, tdbp=0x7fff8a0002a0,
|
mode=MODE_INSERT, c1=0x7fff8a000430 "a", c2=0x0, del=false)
|
at /home/bar/maria-git/server.10.1/storage/connect/connect.cc:360
|
#9 0x00007ffff34e86f5 in ha_connect::OpenTable (this=0x7fff8ec36a88,
|
g=0x7fff8ec6c000, del=false)
|
at /home/bar/maria-git/server.10.1/storage/connect/ha_connect.cc:1820
|
#10 0x00007ffff34ed783 in ha_connect::write_row (this=0x7fff8ec36a88,
|
buf=0x7fff8ec5c188 "\375(")
|
After installing debug packages:
mariadb-debuginfo-10.0.21-1.fc23.x86_64
|
mysql-connector-odbc-debuginfo-5.3.4-4.fc23.x86_64
|
the stack trace is more readable:
#1 0x00007ffff7f7c1c0 in ?? ()
|
#2 0x00007fff89ab731d in mysql_stmt_prepare (stmt=0x7fff8ecd6c70,
|
query=query@entry=0x7fff8ec72370 "INSERT INTO t1(a) VALUES (?)",
|
length=length@entry=28)
|
at /usr/src/debug/mariadb-10.0.21/libmysql/libmysql.c:1651
|
#3 0x00007fffa8dd35e6 in prepare (stmt=0x7fff8ed05070,
|
query=0x7fff8ec72370 "INSERT INTO t1(a) VALUES (?)", query_length=28)
|
at /usr/src/debug/mysql-connector-odbc-5.3.4-src/driver/my_stmt.c:395
|
#4 0x00007fffa8dda55c in SQLPrepareWImpl (hstmt=0x7fff8ed05070,
|
str=<optimized out>, str_len=28)
|
 |
(gdb) f 2
|
1651 if ((*mysql->methods->read_prepare_result)(mysql, stmt))
|
(gdb) p mysql->methods[0]
|
$1 = {read_query_result = 0x555555c1ec7a <cli_read_query_result>,
|
advanced_command = 0x555555c17888 <cli_advanced_command>,
|
read_rows = 0x555555c19851 <cli_read_rows>,
|
use_result = 0x555555c1f3f4 <cli_use_result>,
|
fetch_lengths = 0x555555c18f4e <cli_fetch_lengths>,
|
flush_use_result = 0x555555c17e12 <cli_flush_use_result>,
|
read_change_user_result = 0x555555c1a57d <cli_read_change_user_result>,
|
list_fields = 0x0, read_prepare_result = 0x5555563d7000,
|
stmt_execute = 0x5555563d7014, read_binary_rows = 0x5555563d7038,
|
unbuffered_fetch = 0x5555563d7080, free_embedded_thd = 0x5555563d70b0,
|
read_statistics = 0x5555563d70d0, next_result = 0x5555563d70f9,
|
read_rows_from_cursor = 0x5555563d7118}
|
If I start the server with valgrind: "valgrind --tool=memcheck ./mysqld" and run the same INSERT query, it crashes with the following comments.
vex amd64->IR: unhandled instruction bytes: 0x6E 0x6B 0x6E 0x6F 0x77 0x6E 0x20 0x4D
|
vex amd64->IR: REX=0 REX.W=0 REX.R=0 REX.X=0 REX.B=0
|
vex amd64->IR: VEX=0 VEX.L=0 VEX.nVVVV=0x0 ESC=NONE
|
vex amd64->IR: PFX.66=0 PFX.F2=0 PFX.F3=0
|
==9448== valgrind: Unrecognised instruction at address 0xf89201.
|
==9448== at 0xF89201: ??? (in /media/DATA/maria-git/server.10.1/sql/mysqld)
|
==9448== by 0x1F4315E5: prepare (in /usr/lib64/libmyodbc5w.so)
|
==9448== by 0x1F43855B: SQLPrepareWImpl (in /usr/lib64/libmyodbc5w.so)
|
==9448== by 0x15C2143B: SQLPrepare (in /usr/lib64/libodbc.so.2.0.0)
|
==9448== by 0x9D47FBD: ODBConn::PrepareSQL(char*) (odbconn.cpp:1640)
|
==9448== by 0x9D4216E: TDBODBC::OpenDB(_global*) (tabodbc.cpp:945)
|
==9448== by 0x9C94E8E: CntOpenTable(_global*, TDB*, MODE, char*, char*, bool, ha_connect*) (connect.cc:360)
|
==9448== by 0x9C826F4: ha_connect::OpenTable(_global*, bool) (ha_connect.cc:1820)
|
==9448== by 0x9C87782: ha_connect::write_row(unsigned char*) (ha_connect.cc:3248)
|
==9448== by 0x814D56: handler::ha_write_row(unsigned char*) (handler.cc:5874)
|
==9448== by 0x5B3DD9: write_record(THD*, TABLE*, st_copy_info*) (sql_insert.cc:1881)
|
==9448== by 0x5B18DB: mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) (sql_insert.cc:991)
|
==9448== Your program just tried to execute an instruction that Valgrind
|
==9448== did not recognise. There are two possible reasons for this.
|
==9448== 1. Your program has a bug and erroneously jumped to a non-code
|
==9448== location. If you are running Memcheck and you just saw a
|
==9448== warning about a bad jump, it's probably your program's fault.
|
==9448== 2. The instruction is legitimate but Valgrind doesn't handle it,
|
==9448== i.e. it's Valgrind's fault. If you think this is the case or
|
==9448== you are not sure, please let us know and we'll try to fix it.
|
==9448== Either way, Valgrind will now raise a SIGILL signal which will
|
==9448== probably kill your program.
|
160114 10:38:49 [ERROR] mysqld got signal 4 ;
|
The crash seems to be repeatable with 10.0 and 10.1.
Also, the crash is repeatable both with statically linked and dynamically loadable ConnectSE.
Attachments
Issue Links
- relates to
-
MDEV-9380 MariaDB server crashes with CONNECT engine ODBC and MySQL driver
- Open