|
|
10.4 632b1deb
|
mysqld: /data/src/10.4/sql/sql_string.cc:106: bool Binary_string::realloc_raw(size_t): Assertion `str_length < len' failed.
|
200422 14:10:18 [ERROR] mysqld got signal 6 ;
|
|
#7 0x00007f8a0ffca102 in __GI___assert_fail (assertion=0x55a9539751c0 "str_length < len", file=0x55a9539750a0 "/data/src/10.4/sql/sql_string.cc", line=106, function=0x55a953975b40 <Binary_string::realloc_raw(unsigned long)::__PRETTY_FUNCTION__> "bool Binary_string::realloc_raw(size_t)") at assert.c:101
|
#8 0x000055a951d34b4d in Binary_string::realloc_raw (this=0x62000094a218, alloc_length=0) at /data/src/10.4/sql/sql_string.cc:106
|
#9 0x000055a95185198d in Binary_string::realloc (this=0x62000094a218, arg_length=0) at /data/src/10.4/sql/sql_string.h:623
|
#10 0x000055a9518cf4a7 in Binary_string::c_ptr (this=0x62000094a218) at /data/src/10.4/sql/sql_string.h:585
|
#11 0x000055a9525eb1b9 in get_lock_data (thd=0x62b00008c270, table_ptr=0x7f8a06e20570, count=1, flags=2) at /data/src/10.4/sql/lock.cc:803
|
#12 0x000055a9525e94e5 in mysql_lock_abort_for_thread (thd=0x62b00008c270, table=0x62000094a0f0) at /data/src/10.4/sql/lock.cc:613
|
#13 0x000055a951a03718 in THD::notify_shared_lock (this=0x62b00008c270, ctx_in_use=0x62b00005b340, needs_thr_lock_abort=true) at /data/src/10.4/sql/sql_class.cc:2053
|
#14 0x000055a951f0dc71 in MDL_lock::notify_conflicting_locks (this=0x617000048410, ctx=0x62b00008c390) at /data/src/10.4/sql/mdl.cc:573
|
#15 0x000055a951f07dde in MDL_context::acquire_lock (this=0x62b00008c390, mdl_request=0x62b0000937b8, lock_wait_timeout=86400) at /data/src/10.4/sql/mdl.cc:2292
|
#16 0x000055a951f08ef8 in MDL_context::acquire_locks (this=0x62b00008c390, mdl_requests=0x7f8a06e20b70, lock_wait_timeout=86400) at /data/src/10.4/sql/mdl.cc:2447
|
#17 0x000055a95199ee28 in lock_table_names (thd=0x62b00008c270, options=..., tables_start=0x62b000093370, tables_end=0x0, lock_wait_timeout=86400, flags=0) at /data/src/10.4/sql/sql_base.cc:4086
|
#18 0x000055a95199fbbe in open_tables (thd=0x62b00008c270, options=..., start=0x7f8a06e21120, counter=0x7f8a06e210e0, flags=0, prelocking_strategy=0x7f8a06e21260) at /data/src/10.4/sql/sql_base.cc:4292
|
#19 0x000055a9519a52d4 in open_and_lock_tables (thd=0x62b00008c270, options=..., tables=0x62b000093370, derived=true, flags=0, prelocking_strategy=0x7f8a06e21260) at /data/src/10.4/sql/sql_base.cc:5217
|
#20 0x000055a951905067 in open_and_lock_tables (thd=0x62b00008c270, tables=0x62b000093370, derived=true, flags=0) at /data/src/10.4/sql/sql_base.h:503
|
#21 0x000055a951f1243e in open_only_one_table (thd=0x62b00008c270, table=0x62b000093370, repair_table_use_frm=false, is_view_operator_func=true) at /data/src/10.4/sql/sql_admin.cc:395
|
#22 0x000055a951f13099 in mysql_admin_table (thd=0x62b00008c270, tables=0x62b000093370, check_opt=0x62b000091448, operator_name=0x55a953a07fa0 "repair", lock_type=TL_WRITE, org_open_for_modify=true, repair_table_use_frm=false, extra_open_options=32, prepare_func=0x55a951f10ab3 <prepare_for_repair(THD*, TABLE_LIST*, HA_CHECK_OPT*)>, operator_func=(int (handler::*)(class handler * const, class THD *, HA_CHECK_OPT *)) 0x55a9522fc3d0 <handler::ha_repair(THD*, st_ha_check_opt*)>, view_operator_func=0x55a951df333d <view_repair(THD*, TABLE_LIST*, st_ha_check_opt*)>) at /data/src/10.4/sql/sql_admin.cc:518
|
#23 0x000055a951f1b1b0 in Sql_cmd_repair_table::execute (this=0x62b000093a48, thd=0x62b00008c270) at /data/src/10.4/sql/sql_admin.cc:1409
|
#24 0x000055a951b2f266 in mysql_execute_command (thd=0x62b00008c270) at /data/src/10.4/sql/sql_parse.cc:6101
|
#25 0x000055a951b3ac91 in mysql_parse (thd=0x62b00008c270, rawbuf=0x62b000093290 "REPAIR TABLE t1", length=15, parser_state=0x7f8a06e24a70, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7900
|
#26 0x000055a951b109af in dispatch_command (command=COM_QUERY, thd=0x62b00008c270, packet=0x629000230271 "", packet_length=15, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1841
|
#27 0x000055a951b0d3da in do_command (thd=0x62b00008c270) at /data/src/10.4/sql/sql_parse.cc:1359
|
#28 0x000055a951ee45a4 in do_handle_one_connection (connect=0x6110000096b0) at /data/src/10.4/sql/sql_connect.cc:1412
|
#29 0x000055a951ee3e46 in handle_one_connection (arg=0x6110000096b0) at /data/src/10.4/sql/sql_connect.cc:1316
|
#30 0x000055a953505e59 in pfs_spawn_thread (arg=0x61600000d2f0) at /data/src/10.4/storage/perfschema/pfs.cc:1869
|
#31 0x00007f8a10844fa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
|
#32 0x00007f8a100934cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Reproducible on 10.4, 10.5 debug builds.
Mo obvious immediate problem observed on non-debug builds.
Couldn't reproduce and didn't observe on 10.3. However, the test case below non-deterministically causes memory leak warnings on 10.2, 10.3.
The test case courtesy of svoj:
CREATE TABLE t1(a INT) ENGINE=MyISAM;
|
connect con1, localhost, root;
|
let $i=10000;
|
disable_query_log;
|
disable_result_log;
|
while ($i)
|
{
|
connection default;
|
HANDLER t1 OPEN;
|
send SELECT * FROM t1, t1 t1a1over8, t1 t1a2over8, t1 t1a3over8, t1 t1a4over8, t1 t1a5over8, t1 t1a6over8;
|
connection con1;
|
send REPAIR TABLE t1;
|
connection default;
|
reap;
|
HANDLER t1 CLOSE;
|
connection con1;
|
reap;
|
dec $i;
|
}
|
enable_query_log;
|
enable_result_log;
|
DROP TABLE t1;
|
Optional sleeps, also courtesy of svoj (I didn't try them, as the test case fails for me easily enough without them):
diff --git a/sql/sql_string.cc b/sql/sql_string.cc
|
index 2fc6ae0..cd5fff7 100644
|
--- a/sql/sql_string.cc
|
+++ b/sql/sql_string.cc
|
@@ -41,6 +41,7 @@ bool Binary_string::real_alloc(size_t length)
|
if (Alloced_length < arg_length)
|
{
|
free();
|
+ my_sleep(100);
|
if (!(Ptr=(char*) my_malloc(PSI_INSTRUMENT_ME,
|
arg_length,MYF(MY_WME | (thread_specific ?
|
MY_THREAD_SPECIFIC : 0)))))
|
@@ -103,6 +104,7 @@ bool Binary_string::realloc_raw(size_t alloc_length)
|
(thread_specific ?
|
MY_THREAD_SPECIFIC : 0)))))
|
{
|
+ my_sleep(200);
|
DBUG_ASSERT(str_length < len);
|
if (str_length) // Avoid bugs in memcpy on AIX
|
memcpy(new_ptr,Ptr,str_length);
|
|