[MDEV-17183] Server crashes in write_record / key_copy upon replace into a partitioned RocksDB table after XA Created: 2018-09-12  Updated: 2023-04-27

Status: Open
Project: MariaDB Server
Component/s: Partitioning, Storage Engine - RocksDB, XA
Affects Version/s: 10.2, 10.3
Fix Version/s: 10.4

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Sergei Petrunia
Resolution: Unresolved Votes: 0
Labels: None


 Description   

Run with --mysqld=--plugin-load-add=ha_rocksdb

--source include/have_partition.inc
 
 
 
CREATE TABLE t1 (f INTEGER) ENGINE=RocksDB PARTITION BY RANGE(f) ( PARTITION p1 VALUES LESS THAN (128), PARTITION p2 VALUES LESS THAN MAXVALUE );
 
XA START 'x';
 
REPLACE INTO t1 VALUES (1),(2);
 
 
 
--connect (con1,localhost,root,,test)
 
--send
 
  TRUNCATE TABLE t1;
 
 
 
--connection default
 
--error ER_XAER_RMFAIL
 
XA COMMIT 'x' ONE PHASE;
 
REPLACE INTO t1 VALUES (3),(4);
 
 
 
# Cleanup
 
--connection con1
 
--reap
 
--disconnect con1
 
--connection default
 
DROP TABLE t1;

10.2 c3124174c3ec4

 
==17980==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x558eb22c3971 sp 0x7fe6bfc4e680 bp 0x7fe6bfc4e6d0 T11)
 
    #0 0x558eb22c3970 in key_copy(unsigned char*, unsigned char*, st_key*, unsigned int, bool) /data/src/10.2/sql/key.cc:122
 
    #1 0x558eb1a2c833 in write_record(THD*, TABLE*, st_copy_info*) /data/src/10.2/sql/sql_insert.cc:1728
 
    #2 0x558eb1a2869f in mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool) /data/src/10.2/sql/sql_insert.cc:1057
 
    #3 0x558eb1a8acfc in mysql_execute_command(THD*) /data/src/10.2/sql/sql_parse.cc:4435
 
    #4 0x558eb1aa1fc7 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.2/sql/sql_parse.cc:8009
 
    #5 0x558eb1a7cba8 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.2/sql/sql_parse.cc:1824
 
    #6 0x558eb1a79c4c in do_command(THD*) /data/src/10.2/sql/sql_parse.cc:1378
 
    #7 0x558eb1dbce73 in do_handle_one_connection(CONNECT*) /data/src/10.2/sql/sql_connect.cc:1335
 
    #8 0x558eb1dbc888 in handle_one_connection /data/src/10.2/sql/sql_connect.cc:1241
 
    #9 0x558eb27cd725 in pfs_spawn_thread /data/src/10.2/storage/perfschema/pfs.cc:1862
 
    #10 0x7fe6d235c493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
 
    #11 0x7fe6d074293e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe893e)
 
 
 
AddressSanitizer can not provide additional info.
 
SUMMARY: AddressSanitizer: SEGV /data/src/10.2/sql/key.cc:122 key_copy(unsigned char*, unsigned char*, st_key*, unsigned int, bool)
 
Thread T11 created by T0 here:
 
    #0 0x7fe6d2595bba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
 
    #1 0x558eb27cdced in spawn_thread_v1 /data/src/10.2/storage/perfschema/pfs.cc:1912
 
    #2 0x558eb1876ebe in inline_mysql_thread_create /data/src/10.2/include/mysql/psi/mysql_thread.h:1239
 
    #3 0x558eb188bde6 in create_thread_to_handle_connection(CONNECT*) /data/src/10.2/sql/mysqld.cc:6456
 
    #4 0x558eb188c4eb in create_new_thread /data/src/10.2/sql/mysqld.cc:6526
 
    #5 0x558eb188d502 in handle_connections_sockets() /data/src/10.2/sql/mysqld.cc:6801
 
    #6 0x558eb188b33b in mysqld_main(int, char**) /data/src/10.2/sql/mysqld.cc:6075
 
    #7 0x558eb187525f in main /data/src/10.2/sql/main.cc:25
 
    #8 0x7fe6d067a2b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
 
 
 
==17980==ABORTING

Non-asan debug and release builds also crash.
Generated at Thu Feb 08 08:34:32 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.