[MDEV-21166] Creating and running a mroonga function causes the server to go away Created: 2019-11-28  Updated: 2023-04-27

Status: Confirmed
Project: MariaDB Server
Component/s: Storage Engine - Mroonga
Affects Version/s: 10.0, 10.1, 10.2, 10.3, 10.4, 10.5
Fix Version/s: 10.4, 10.5

Type: Bug Priority: Major
Reporter: Ian Gilfillan Assignee: Kouhei Sutou
Resolution: Unresolved Votes: 0
Labels: None


 Description   

If mroonga is not installed, creating at least the mroonga_escape function and running it results in unexpected problems:

In 10.1.37

CREATE FUNCTION mroonga_escape RETURNS STRING SONAME 'ha_mroonga.so';
 
Query OK, 0 rows affected (0.04 sec)
 
 
 
select mroonga_escape('10');
 
ERROR 2013 (HY000): Lost connection to MySQL server during query
 
 
 
select mroonga_escape('10');
 
ERROR 2006 (HY000): MySQL server has gone away
 
No connection. Trying to reconnect...

In 10.2.27:

CREATE FUNCTION mroonga_escape RETURNS STRING SONAME 'ha_mroonga.so';
 
Query OK, 0 rows affected (0.01 sec)
 
 
 
SELECT mroonga_escape("+-<>~*()\"\:");
 
ERROR 2013 (HY000): Lost connection to MySQL server during query

In 10.3.20 and 10.4.10

CREATE FUNCTION mroonga_escape RETURNS STRING   SONAME 'ha_mroonga.so';
 
ERROR 1041 (HY000): Out of memory.



 Comments   
Comment by Alice Sherepa [ 2019-11-28 ]

Thanks! Reproduced on 10.0-10.4:

CREATE FUNCTION mroonga_escape RETURNS STRING SONAME 'ha_mroonga.so';
 
select mroonga_escape('10');
 
SELECT mroonga_escape("+-<>~*()\"\:");

10.1 a51f3b09bb99f2927ce

 
    #0 0x7fc5e7e98a88 in mrn::ContextPool::pull() /10.1/storage/mroonga/lib/mrn_context_pool.cpp:111
 
    #1 0x7fc5e7e7cb81 in mroonga_escape_init /10.1/storage/mroonga/udf/mrn_udf_escape.cpp:95
 
    #2 0xccce7a in udf_handler::fix_fields(THD*, Item_func_or_sum*, unsigned int, Item**) /10.1/sql/item_func.cc:3596
 
    #3 0xce63b2 in Item_udf_func::fix_fields(THD*, Item**) /10.1/sql/item_func.h:1409
 
    #4 0x60c469 in setup_fields(THD*, Item**, List<Item>&, enum_mark_columns, List<Item>*, List<Item>*, bool) /10.1/sql/sql_base.cc:8049
 
    #5 0x7c0a94 in JOIN::prepare(Item***, TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /10.1/sql/sql_select.cc:807
 
    #6 0x7e9669 in mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /10.1/sql/sql_select.cc:3479
 
    #7 0x7e9fe8 in handle_select(THD*, LEX*, select_result*, unsigned long) /10.1/sql/sql_select.cc:389
 
    #8 0x6c76a0 in execute_sqlcom_select /10.1/sql/sql_parse.cc:5691
 
    #9 0x6e17a8 in mysql_execute_command(THD*) /10.1/sql/sql_parse.cc:3038
 
    #10 0x6f7307 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /10.1/sql/sql_parse.cc:7209
 
    #11 0x6fd8b7 in dispatch_command(enum_server_command, THD*, char*, unsigned int) /10.1/sql/sql_parse.cc:1499
 
    #12 0x703f1e in do_command(THD*) /10.1/sql/sql_parse.cc:1131
 
    #13 0x987de9 in do_handle_one_connection(THD*) /10.1/sql/sql_connect.cc:1331
 
    #14 0x9882ed in handle_one_connection /10.1/sql/sql_connect.cc:1242
 
    #15 0x17da5a9 in pfs_spawn_thread /10.1/storage/perfschema/pfs.cc:1861
 
    #16 0x7fc5fe1046b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
 
    #17 0x7fc5fd7af41c in clone (/lib/x86_64-linux-gnu/libc.so.6+0x10741c)

10.0 15b9d04bdc66f4d5d6c

 
#3  <signal handler called>
 
#4  0x00007f69c565f8ea in grn_ctx_init_internal (ctx=0x7f69cdbf83f0, flags=0) at /10.0/storage/mroonga/vendor/groonga/lib/ctx.c:644
 
#5  0x00007f69c565f99d in grn_ctx_init (ctx=0x7f69cdbf83f0, flags=0) at /10.0/storage/mroonga/vendor/groonga/lib/ctx.c:660
 
#6  0x00007f69c5650e98 in mroonga_escape_init (initid=0x7f69c68f8340, args=0x7f69c68f8300, message=0x7f69daddbee0 "@\300\335\332i\177") at /10.0/storage/mroonga/udf/mrn_udf_escape.cpp:73
 
#7  0x00000000008db6f3 in udf_handler::fix_fields (this=0x7f69c68f82f0, thd=0x7f69cde4f070, func=0x7f69c68f8228, arg_count=1, arguments=0x7f69c68f82c0) at /10.0/sql/item_func.cc:3618
 
#8  0x00000000008e7182 in Item_udf_func::fix_fields (this=0x7f69c68f8228, thd=0x7f69cde4f070, ref=0x7f69c68f8398) at /10.0/sql/item_func.h:1404
 
#9  0x00000000005fd94b in setup_fields (thd=0x7f69cde4f070, ref_pointer_array=0x7f69c68f89f0, fields=..., mark_used_columns=MARK_COLUMNS_READ, sum_func_list=0x7f69c68f87f0, pre_fix=0x7f69cde53230, allow_sum_func=true) at /10.0/sql/sql_base.cc:7983
 
#10 0x0000000000691dc1 in JOIN::prepare (this=0x7f69c68f8498, rref_pointer_array=0x7f69cde533a8, tables_init=0x0, wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f69cde53100, unit_arg=0x7f69cde52a08) at /10.0/sql/sql_select.cc:796
 
#11 0x000000000069b4c2 in mysql_select (thd=0x7f69cde4f070, rref_pointer_array=0x7f69cde533a8, tables=0x0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f69c68f8478, unit=0x7f69cde52a08, select_lex=0x7f69cde53100) at /10.0/sql/sql_select.cc:3328
 
#12 0x0000000000690ee4 in handle_select (thd=0x7f69cde4f070, lex=0x7f69cde52940, result=0x7f69c68f8478, setup_tables_done_option=0) at /10.0/sql/sql_select.cc:378
 
#13 0x000000000066146f in execute_sqlcom_select (thd=0x7f69cde4f070, all_tables=0x0) at /10.0/sql/sql_parse.cc:5313
 
#14 0x000000000065945a in mysql_execute_command (thd=0x7f69cde4f070) at /10.0/sql/sql_parse.cc:2555
 
#15 0x0000000000664650 in mysql_parse (thd=0x7f69cde4f070, rawbuf=0x7f69c68f8088 "select mroonga_escape('10')", length=27, parser_state=0x7f69daddd660) at /10.0/sql/sql_parse.cc:6649
 
#16 0x00000000006564ee in dispatch_command (command=COM_QUERY, thd=0x7f69cde4f070, packet=0x7f69d31b4071 "select mroonga_escape('10')", packet_length=27) at /10.0/sql/sql_parse.cc:1301
 
#17 0x0000000000655755 in do_command (thd=0x7f69cde4f070) at /10.0/sql/sql_parse.cc:1003
 
#18 0x000000000078d5ee in do_handle_one_connection (thd_arg=0x7f69cde4f070) at /10.0/sql/sql_connect.cc:1377
 
#19 0x000000000078d33c in handle_one_connection (arg=0x7f69cde4f070) at /10.0/sql/sql_connect.cc:1292
 
#20 0x0000000000e4e0b8 in pfs_spawn_thread (arg=0x7f69cdbf83f0) at /10.0/storage/perfschema/pfs.cc:1861
 
#21 0x00007f69d9f896ba in start_thread (arg=0x7f69dadde700) at pthread_create.c:333
 
#22 0x00007f69d963441d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109


MariaDB [test]> CREATE FUNCTION mroonga_escape RETURNS STRING   SONAME 'ha_mroonga.so';
 
Query OK, 0 rows affected (0.010 sec)
 
MariaDB [test]> show create function mroonga_escape;
 
ERROR 1305 (42000): FUNCTION mroonga_escape does not exist
 
MariaDB [test]> CREATE FUNCTION mroonga_escape RETURNS STRING   SONAME 'ha_mroonga.so';
 
ERROR 1125 (HY000): Function 'mroonga_escape' already exists
 
MariaDB [test]> select version();
 
+-----------------+
 
| version()       |
 
+-----------------+
 
| 10.3.20-MariaDB |
 
+-----------------+
 
1 row in set (0.000 sec)

Comment by Oleksandr Byelkin [ 2019-11-28 ]

Is Mrooga officially supported?

The crash is inside UDF, so it is question to them who wrote it.

Comment by Elena Stepanova [ 2021-10-19 ]

Same for mroonga_command function.

Generated at Thu Feb 08 09:05:05 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.