[MDEV-21878] Signal 11 with EXCEPT clause Created: 2020-03-05  Updated: 2021-03-22  Resolved: 2021-03-22

Status: Closed
Project: MariaDB Server
Component/s: Optimizer, Server, Storage Engine - Aria
Affects Version/s: 10.2.14
Fix Version/s: N/A

Type: Bug Priority: Major
Reporter: Kyle Joiner (Inactive) Assignee: Unassigned
Resolution: Won't Fix Votes: 0
Labels: need_feedback
Environment:

Centos 7

Issue Links:
Duplicate
duplicates MDEV-13749 Server crashes in _ma_unique_hash / J... Closed

 Description   

Crash in 10.2.14 when using an EXCEPT CLAUSE:

reproduced with employees sample database.
Load database.

CREATE TABLE salaries_tmp SELECT * FROM salaries LIMIT 1000000;
 
SELECT * FROM salaries EXCEPT (SELECT * FROM salaries_tmp);

Crash:

Mar 05 11:20:50 localhost.localdomain mysqld[4985]: 200305 11:20:50 [ERROR] mysqld got signal 11 ;
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: This could be because you hit a bug. It is also possible that this binary
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: or one of the libraries it was linked against is corrupt, improperly built,
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: or misconfigured. This error can also be caused by malfunctioning hardware.
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: To report this bug, see https://mariadb.com/kb/en/reporting-bugs
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: We will try our best to scrape up some info that will hopefully help
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: diagnose the problem, but since we have already crashed,
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: something is definitely wrong and this may fail.
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Server version: 10.2.14-MariaDB
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: key_buffer_size=134217728
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: read_buffer_size=131072
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: max_used_connections=1
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: max_threads=153
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: thread_count=7
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: It is possible that mysqld could use up to
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467310 K  
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Hope that's ok; if not, decrease some variables in the equation.
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Thread pointer: 0x564add3daf08
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Attempting backtrace. You can use the following information to find out
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: where mysqld died. If you see no messages after this, something went
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: terribly wrong...
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: stack_bottom = 0x7f63a7123d30 thread_stack 0x49000
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: mysys/stacktrace.c:268(my_print_stacktrace)[0x564adabd958e]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/signal_handler.cc:168(handle_fatal_signal)[0x564ada66dcc5]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sigaction.c:0(__restore_rt)[0x7f63b42845f0]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: maria/ma_unique.c:114(_ma_unique_hash)[0x564adaacf920]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: maria/ha_maria.cc:3960(ha_maria::find_unique_row(unsigned char*, unsigned int))[
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_union.cc:187(select_unit::send_data(List<Item>&))[0x564ada540c33]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_select.cc:20234(end_send(JOIN*, st_join_table*, bool))[0x564ada4f3a4f]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_class.h:3663(THD::get_stmt_da())[0x564ada4db1c3]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_select.cc:19074(sub_select(JOIN*, st_join_table*, bool))[0x564ada4e3bbe]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_select.cc:18611(do_select)[0x564ada5035af]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_select.cc:3425(JOIN::exec())[0x564ada5037c3]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_union.cc:1437(st_select_lex_unit::exec())[0x564ada5425eb]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_union.cc:41(mysql_union(THD*, LEX*, select_result*, st_select_lex_unit*,
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_class.h:3653(handle_select(THD*, LEX*, select_result*, unsigned long))[0
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_parse.cc:6515(execute_sqlcom_select(THD*, TABLE_LIST*))[0x564ada3ca5c1]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_parse.cc:3739(mysql_execute_command(THD*))[0x564ada4b16a0]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_parse.cc:7982(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_parse.cc:1838(dispatch_command(enum_server_command, THD*, char*, unsigne
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_parse.cc:1388(do_command(THD*))[0x564ada4b8e29]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_connect.cc:1335(do_handle_one_connection(CONNECT*))[0x564ada57fcca]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: sql/sql_connect.cc:1243(handle_one_connection)[0x564ada57fded]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: pthread_create.c:0(start_thread)[0x7f63b427ce65]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: /lib64/libc.so.6(clone+0x6d)[0x7f63b261d88d]
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Trying to get some variables.
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Some pointers may be invalid and cause the dump to abort.
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Query (0x564add3e8690): select * from salaries except (select * from salaries_tm
 
Mar 05 11:20:50 localhost.localdomain mysqld[4985]: Connection ID (thread ID): 10



 Comments   
Comment by Elena Stepanova [ 2020-03-05 ]

It looks like it might be related to MDEV-13749 and MDEV-13231. Both were fixed in early 10.3, but apparently not on 10.2-compatibility, at least a build which I have on my machine still fails with both test cases. It might not necessarily crash, it is often a matter of luck, but ASAN fails with the stack trace similar to the reported ones.

Comment by Elena Stepanova [ 2020-03-07 ]

bb-10.2-compatibility 5aeaba11 (22257) ASAN debug

 
==30415==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000019 (pc 0x55e3b62bef5c bp 0x7f868c744ea0 sp 0x7f868c744d60 T31)
 
    #0 0x55e3b62bef5b in _ma_unique_hash /data/src/bb-10.2-compatibility-22257/storage/maria/ma_unique.c:111
 
    #1 0x55e3b62e8796 in ha_maria::find_unique_row(unsigned char*, unsigned int) /data/src/bb-10.2-compatibility-22257/storage/maria/ha_maria.cc:3959
 
    #2 0x55e3b52b8af1 in select_unit::send_data(List<Item>&) /data/src/bb-10.2-compatibility-22257/sql/sql_union.cc:187
 
    #3 0x55e3b519c0d6 in end_send /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:20234
 
    #4 0x55e3b5194f9b in evaluate_join_record /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:19286
 
    #5 0x55e3b5193b4f in sub_select(JOIN*, st_join_table*, bool) /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:19066
 
    #6 0x55e3b5191f6f in do_select /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:18610
 
    #7 0x55e3b5130b6b in JOIN::exec_inner() /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:3629
 
    #8 0x55e3b512e873 in JOIN::exec() /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:3424
 
    #9 0x55e3b52c4452 in st_select_lex_unit::exec() /data/src/bb-10.2-compatibility-22257/sql/sql_union.cc:1436
 
    #10 0x55e3b52b75ea in mysql_union(THD*, LEX*, select_result*, st_select_lex_unit*, unsigned long) /data/src/bb-10.2-compatibility-22257/sql/sql_union.cc:41
 
    #11 0x55e3b511108e in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/bb-10.2-compatibility-22257/sql/sql_select.cc:357
 
    #12 0x55e3b50986f6 in execute_sqlcom_select /data/src/bb-10.2-compatibility-22257/sql/sql_parse.cc:6514
 
    #13 0x55e3b5086f29 in mysql_execute_command(THD*) /data/src/bb-10.2-compatibility-22257/sql/sql_parse.cc:3739
 
    #14 0x55e3b50a0afb in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/bb-10.2-compatibility-22257/sql/sql_parse.cc:7981
 
    #15 0x55e3b507c0ed in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/bb-10.2-compatibility-22257/sql/sql_parse.cc:1838
 
    #16 0x55e3b507912b in do_command(THD*) /data/src/bb-10.2-compatibility-22257/sql/sql_parse.cc:1385
 
    #17 0x55e3b53ad06f in do_handle_one_connection(CONNECT*) /data/src/bb-10.2-compatibility-22257/sql/sql_connect.cc:1335
 
    #18 0x55e3b53aca54 in handle_one_connection /data/src/bb-10.2-compatibility-22257/sql/sql_connect.cc:1241
 
    #19 0x7f86bc0174a3 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x74a3)
 
    #20 0x7f86ba14bd0e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe8d0e)
 
 
 
AddressSanitizer can not provide additional info.
 
SUMMARY: AddressSanitizer: SEGV /data/src/bb-10.2-compatibility-22257/storage/maria/ma_unique.c:111 in _ma_unique_hash
 
Thread T31 created by T0 here:
 
    #0 0x7f86bc25df59 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.3+0x30f59)
 
    #1 0x55e3b6777de4 in spawn_thread_noop /data/src/bb-10.2-compatibility-22257/mysys/psi_noop.c:187
 
    #2 0x55e3b4e29072 in inline_mysql_thread_create /data/src/bb-10.2-compatibility-22257/include/mysql/psi/mysql_thread.h:1239
 
    #3 0x55e3b4e3d5c7 in create_thread_to_handle_connection(CONNECT*) /data/src/bb-10.2-compatibility-22257/sql/mysqld.cc:6458
 
    #4 0x55e3b4e3dcbe in create_new_thread /data/src/bb-10.2-compatibility-22257/sql/mysqld.cc:6528
 
    #5 0x55e3b4e3ece5 in handle_connections_sockets() /data/src/bb-10.2-compatibility-22257/sql/mysqld.cc:6803
 
    #6 0x55e3b4e3cb08 in mysqld_main(int, char**) /data/src/bb-10.2-compatibility-22257/sql/mysqld.cc:6077
 
    #7 0x55e3b4e279ff in main /data/src/bb-10.2-compatibility-22257/sql/main.cc:25
 
    #8 0x7f86ba0832e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
 
 
 
==30415==ABORTING

I've checked that the failure with the described test case (using employees database) disappears after applying MDEV-13749 patch to bb-10.2-compatibility-22257, and test cases from both MDEV-13749 and MDEV-13231 stop failing, too.

Generated at Thu Feb 08 09:10:32 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.