[#MDEV-21098] Crash in rec_get_offsets_func() due to invalid rec_get

2019-11-19 09:13:55 0x7fd739d58700  InnoDB: Assertion failure in file /home/buildbot/buildbot/build/mariadb-10.3.11/storage/innobase/rem/rem0rec.cc line 820

InnoDB: We intentionally generate a memory trap.

InnoDB: Submit a detailed bug report to https://jira.mariadb.org/

InnoDB: If you get repeated assertion failures or crashes, even

InnoDB: immediately after the mysqld startup, there may be

InnoDB: corruption in the InnoDB tablespace. Please refer to

InnoDB: https://mariadb.com/kb/en/library/xtradbinnodb-recovery-modes/

InnoDB: about forcing recovery.

191119  9:13:55 [ERROR] mysqld got signal 6 ;

This could be because you hit a bug. It is also possible that this binary

or one of the libraries it was linked against is corrupt, improperly built,

or misconfigured. This error can also be caused by malfunctioning hardware.

To report this bug, see https://mariadb.com/kb/en/reporting-bugs

We will try our best to scrape up some info that will hopefully help

diagnose the problem, but since we have already crashed,

something is definitely wrong and this may fail.

Server version: 10.3.11-MariaDB-1:10.3.11+maria~cosmic-log

key_buffer_size=134217728

read_buffer_size=2097152

max_used_connections=60

max_threads=502

thread_count=67

It is possible that mysqld could use up to

key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 3226530 K  bytes of memory

Hope that's ok; if not, decrease some variables in the equation.

Thread pointer: 0x7fd7242a8df8

Attempting backtrace. You can use the following information to find out

where mysqld died. If you see no messages after this, something went

terribly wrong...

stack_bottom = 0x7fd739d57dd8 thread_stack 0x49000

/usr/sbin/mysqld(my_print_stacktrace+0x2e)[0x5606afee0c7e]

/usr/sbin/mysqld(handle_fatal_signal+0x505)[0x5606afa05575]

/lib/x86_64-linux-gnu/libpthread.so.0(+0x12dd0)[0x7fd797324dd0]

/lib/x86_64-linux-gnu/libc.so.6(gsignal+0xc7)[0x7fd796e4f077]

/lib/x86_64-linux-gnu/libc.so.6(abort+0x121)[0x7fd796e30535]

/usr/sbin/mysqld(+0x4c0aec)[0x5606af742aec]

/usr/sbin/mysqld(+0x4aa3bb)[0x5606af72c3bb]

/usr/sbin/mysqld(+0x9677c2)[0x5606afbe97c2]

/usr/sbin/mysqld(+0xa41ea1)[0x5606afcc3ea1]

/usr/sbin/mysqld(+0x9cc5de)[0x5606afc4e5de]

/usr/sbin/mysqld(+0x9033f1)[0x5606afb853f1]

/usr/sbin/mysqld(_ZN7handler17ha_index_read_mapEPhPKhm16ha_rkey_function+0x178)[0x5606afa0a858]

/usr/sbin/mysqld(+0x5f5058)[0x5606af877058]

/usr/sbin/mysqld(_Z10sub_selectP4JOINP13st_join_tableb+0x18e)[0x5606af86697e]

/usr/sbin/mysqld(_ZN4JOIN10exec_innerEv+0xb02)[0x5606af888be2]

/usr/sbin/mysqld(_ZN4JOIN4execEv+0x33)[0x5606af888e23]

/usr/sbin/mysqld(_ZN30subselect_single_select_engine4execEv+0x145)[0x5606afa9ca75]

/usr/sbin/mysqld(_ZN14Item_subselect4execEv+0x4d)[0x5606afa9c35d]

/usr/sbin/mysqld(_ZN24Item_singlerow_subselect11val_decimalEP10my_decimal+0x36)[0x5606afa9da36]

/usr/sbin/mysqld(_ZN18Item_cache_decimal11cache_valueEv+0x37)[0x5606afa15227]

/usr/sbin/mysqld(_ZN18Item_cache_wrapper7val_strEP6String+0x7f)[0x5606afa2a40f]

/usr/sbin/mysqld(_ZNK12Type_handler13Item_send_strEP4ItemP8ProtocolP8st_value+0x1c)[0x5606af96a99c]

/usr/sbin/mysqld(_ZN8Protocol19send_result_set_rowEP4ListI4ItemE+0xa3)[0x5606af78ba93]

/usr/sbin/mysqld(_ZN11select_send9send_dataER4ListI4ItemE+0x5b)[0x5606af7f019b]

/usr/sbin/mysqld(+0x5f6be5)[0x5606af878be5]

/usr/sbin/mysqld(+0x5da446)[0x5606af85c446]

/usr/sbin/mysqld(_Z10sub_selectP4JOINP13st_join_tableb+0x1a7)[0x5606af866997]

/usr/sbin/mysqld(+0x5da446)[0x5606af85c446]

/usr/sbin/mysqld(_Z10sub_selectP4JOINP13st_join_tableb+0x20f)[0x5606af8669ff]

/usr/sbin/mysqld(_ZN4JOIN10exec_innerEv+0xb02)[0x5606af888be2]

/usr/sbin/mysqld(_ZN4JOIN4execEv+0x33)[0x5606af888e23]

/usr/sbin/mysqld(_Z12mysql_selectP3THDP10TABLE_LISTjR4ListI4ItemEPS4_jP8st_orderS9_S7_S9_yP13select_resultP18st_select_lex_unitP13st_select_lex+0xef)[0x5606af888f6f]

/usr/sbin/mysqld(_Z13handle_selectP3THDP3LEXP13select_resultm+0x14d)[0x5606af88986d]

/usr/sbin/mysqld(+0x5a61fc)[0x5606af8281fc]

/usr/sbin/mysqld(_Z21mysql_execute_commandP3THD+0x662d)[0x5606af83524d]

/usr/sbin/mysqld(_ZN13sp_instr_stmt9exec_coreEP3THDPj+0x15)[0x5606af7a64b5]

/usr/sbin/mysqld(_ZN13sp_lex_keeper23reset_lex_and_exec_coreEP3THDPjbP8sp_instr+0x90)[0x5606af7ad030]

/usr/sbin/mysqld(_ZN13sp_instr_stmt7executeEP3THDPj+0x647)[0x5606af7adae7]

/usr/sbin/mysqld(_ZN7sp_head7executeEP3THDb+0x7fc)[0x5606af7a93cc]

/usr/sbin/mysqld(_ZN7sp_head17execute_procedureEP3THDP4ListI4ItemE+0x973)[0x5606af7aa7e3]

/usr/sbin/mysqld(+0x5a5fe9)[0x5606af827fe9]

/usr/sbin/mysqld(_Z21mysql_execute_commandP3THD+0x425a)[0x5606af832e7a]

/usr/sbin/mysqld(_ZN18Prepared_statement7executeEP6Stringb+0x41e)[0x5606af84b05e]

/usr/sbin/mysqld(_ZN18Prepared_statement12execute_loopEP6StringbPhS2_+0x9a)[0x5606af84b24a]

/usr/sbin/mysqld(+0x5ca24d)[0x5606af84c24d]

/usr/sbin/mysqld(_Z19mysqld_stmt_executeP3THDPcj+0x25)[0x5606af84c2e5]

/usr/sbin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x1a92)[0x5606af839c02]

/usr/sbin/mysqld(_Z10do_commandP3THD+0x170)[0x5606af83ac80]

/usr/sbin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x242)[0x5606af90eeb2]

/usr/sbin/mysqld(handle_one_connection+0x3d)[0x5606af90f05d]

/lib/x86_64-linux-gnu/libpthread.so.0(+0x8164)[0x7fd79731a164]

/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7fd796f28def]

Trying to get some variables.

Some pointers may be invalid and cause the dump to abort.

Query (0x7fd7247d9dc0): SELECT rental.propref, deal.dealnum AS deal,rental.displayaddress as address,deal.dealid,   (SELECT SUM(TERM) FROM invoices WHERE dealid = deal.dealid AND who != 'Tenant' and term > 0 ) AS paidsofar,deal.TERM,   (SELECT SUM(TERMdays) FROM invoices WHERE dealid = deal.dealid AND who != 'Tenant'  ) AS termdays,   deal.startdate AS duedate,rental.building AS building,deal.account AS invoice,deal.startdate,   deal.dealnames AS tenant,deal.dealid-deal.dealid as offerid,enddate,actualend,deal.FLWONNOTREQ   FROM deal   INNER JOIN rental ON rental.propref = deal.propref   WHERE  deal.cancelled = 0     AND deal.shortlet = 0    AND deal.commrate > 0 and account >= 0

Connection ID (thread ID): 99

Status: NOT_KILLED

Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on

[MDEV-21098] Crash in rec_get_offsets_func() due to invalid rec_get_status() Created: 2019-11-20 Updated: 2023-04-14 Resolved: 2022-08-01
Status:	Closed
Project:	MariaDB Server
Component/s:	Data Manipulation - Subquery, Storage Engine - InnoDB
Affects Version/s:	10.3.11
Fix Version/s:	10.6.9, 10.7.5, 10.8.4, 10.9.2, 10.10.1

[MDEV-21098] Crash in rec_get_offsets_func() due to invalid rec_get_status() Created: 2019-11-20 Updated: 2023-04-14 Resolved: 2022-08-01