[MDEV-16615] ASAN SEGV in handler::print_error or server crash after error upon CREATE TABLE Created: 2018-06-28  Updated: 2018-06-28  Resolved: 2018-06-28

Status: Closed
Project: MariaDB Server
Component/s: Server
Affects Version/s: 10.1, 10.2
Fix Version/s: 10.1.35, 10.2.17, 10.3.8

Type: Bug Priority: Blocker
Reporter: Elena Stepanova Assignee: Sergei Golubchik
Resolution: Fixed Votes: 0
Labels: None


 Description   

Run with --mysqld=--sequence

--source include/have_innodb.inc
 
SET max_statement_time= 1;
 
--error ER_STATEMENT_TIMEOUT
 
CREATE TABLE t ENGINE=InnoDB SELECT * FROM seq_1_to_50000;

10.1 be5698265a

 
=================================================================
 
==8093==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000037d4 (pc 0x56223f39b73e sp 0x7f28736a6f10 bp 0x7f28736a6f20 T23)
 
    #0 0x56223f39b73d in handler::print_error(int, unsigned long) /data/src/10.1/sql/handler.cc:3416
 
    #1 0x56223f39f88c in ha_delete_table(THD*, handlerton*, char const*, char const*, char const*, bool) /data/src/10.1/sql/handler.cc:2405
 
    #2 0x56223f01d93d in quick_rm_table(THD*, handlerton*, char const*, char const*, unsigned int, char const*) /data/src/10.1/sql/sql_table.cc:2740
 
    #3 0x56223ed84832 in drop_open_table(THD*, TABLE*, char const*, char const*) /data/src/10.1/sql/sql_base.cc:1928
 
    #4 0x56223ee0c4cc in select_create::abort_result_set() /data/src/10.1/sql/sql_insert.cc:4537
 
    #5 0x56223ef84d6a in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.1/sql/sql_select.cc:394
 
    #6 0x56223ee71021 in mysql_execute_command(THD*) /data/src/10.1/sql/sql_parse.cc:3454
 
    #7 0x56223ee869bc in mysql_parse(THD*, char*, unsigned int, Parser_state*) /data/src/10.1/sql/sql_parse.cc:7449
 
    #8 0x56223ee8d313 in dispatch_command(enum_server_command, THD*, char*, unsigned int) /data/src/10.1/sql/sql_parse.cc:1492
 
    #9 0x56223ee939ef in do_command(THD*) /data/src/10.1/sql/sql_parse.cc:1121
 
    #10 0x56223f13966e in do_handle_one_connection(THD*) /data/src/10.1/sql/sql_connect.cc:1330
 
    #11 0x56223f139b7f in handle_one_connection /data/src/10.1/sql/sql_connect.cc:1242
 
    #12 0x56223fa09906 in pfs_spawn_thread /data/src/10.1/storage/perfschema/pfs.cc:1861
 
    #13 0x7f288c908493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
 
    #14 0x7f288acc193e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe893e)
 
 
 
AddressSanitizer can not provide additional info.
 
SUMMARY: AddressSanitizer: SEGV /data/src/10.1/sql/handler.cc:3416 handler::print_error(int, unsigned long)
 
Thread T23 created by T0 here:
 
    #0 0x7f288cb41bba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
 
    #1 0x56223fa1515d in spawn_thread_v1 /data/src/10.1/storage/perfschema/pfs.cc:1911
 
 
 
==8093==ABORTING

The failure appeared in 10.1 tree after this commit:

commit c4eb4bcef648eb2ebdc6edc06905f39f95ef7f6b
 
Author: Marko Mäkelä <marko.makela@mariadb.com>
 
Date:   Tue Jun 26 11:34:51 2018 +0300
 
 
 
    MDEV-16515 InnoDB: Failing assertion: ++retries < 10000 in file
 
    dict0dict.cc
 
    
    buf_LRU_drop_page_hash_for_tablespace(): Return whether any adaptive
 
    hash index entries existed. If yes, the caller should keep retrying to
 
    drop the adaptive hash index.
 
    
    row_import_for_mysql(), row_truncate_table_for_mysql(),
 
    row_drop_table_for_mysql(): Ensure that the adaptive hash index was
 
    entirely dropped for the table.


Generated at Thu Feb 08 08:30:14 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.