MySQL Bugs: #42916: Maria not 'crash-me' safe

Bug #42916	Maria not 'crash-me' safe
Submitted:	17 Feb 2009 8:13	Modified:	26 May 2010 17:51
Reporter:	Amit Saha	Email Updates:
Status:	Unsupported	Impact on me:	None
Category:	MySQL Server: Maria storage engine	Severity:	S3 (Non-critical)
Version:	6.-0-tree	OS:	Linux (Debian 5.0)
Assigned to:		CPU Architecture:	Any
Tags:	crash, pushbuild, sporadic, test failure

Description:
The MySQL server with Maria as the default SE crashes a couple of times when the 'crash-me' test is run. I am using a debug build of the 6.0- tree.

Crash #1 (at columns in table:)

[ERROR] mysqld: Incorrect key file for table './test/crash_q'; try to repair     it
mysqld: sql_error.cc:86: void Diagnostics_area::set_ok_status(THD*, ulonglon    g, ulonglong, const char*): Assertion `! is_set()' failed.
090217 13:17:32 - mysqld got signal 6 ;

Crash #2: (index length)

mysqld: ma_pagecache.c:3275: pagecache_read: Assertion `pageno < ((1ULL) << 40)' failed.
090217 13:29:01 - mysqld got signal 6 ;

Please find the stack traces attached.

How to repeat:
Run crash-me against a debug build of MySQL 6.0-tree  with Maria as the default SE

Stacktrace for Crash 1

Attachment: crashme-maria-st1.trace (application/octet-stream, text), 1.28 KiB.

Stacktrace for Crash 2

Attachment: crashme-maria-st2.trace (application/octet-stream, text), 2.72 KiB.

Thank you for the report.

I run crash-me test for about 20 minutes and got no crash. Were there any other circumstances which can lead to crash? Please send us your configuration file and indicate accurate configure options you used to build mysqld. Please also send error log file.

Please make sure, you are running crash-me with a fresh directory, say:

./crash-me --dir=temp/maria

The binary was built using the 'BUILD/pentium-debug' script. Please find the 'mysql.cfg' attached for maria.

MySQL cfg for Maria

Attachment: mysql.cfg (application/octet-stream, text), 280.03 KiB.

Thank you for the feedback.

Verified as described. Options --dir=empty_dir is required to repeat.

Backtrace in my environment:

090217 13:28:01 [ERROR] mysqld: Incorrect key file for table './test/crash_q'; try to repair it
mysqld: sql_error.cc:86: void Diagnostics_area::set_ok_status(THD*, ulonglong, ulonglong, const char*): Assertion `! is_set()' failed.
090217 13:28:01 - mysqld got signal 6 ;
...
stack_bottom = 0xb639b448 thread_stack 0x20000
./libexec/mysqld(my_print_stacktrace+0x32) [0x858ec72]
./libexec/mysqld(handle_segfault+0x2f2) [0x821e7de]
[0x2ce420]
/lib/libc.so.6(abort+0xf8) [0x316678]
/lib/libc.so.6(__assert_fail+0xfd) [0x30e269]
./libexec/mysqld(Diagnostics_area::set_ok_status(THD*, unsigned long long, unsigned long long, char const*)+0x74) [0x82e4760]
./libexec/mysqld(my_ok(THD*, unsigned long long, unsigned long long, char const*)+0x59) [0x8151761]
./libexec/mysqld(mysql_rm_table(THD*, TABLE_LIST*, char, char)+0x152) [0x83752f0]
./libexec/mysqld(mysql_execute_command(THD*)+0x4164) [0x8235e54]
./libexec/mysqld(mysql_parse(THD*, char const*, unsigned int, char const**)+0x22b) [0x823b265]
./libexec/mysqld(dispatch_command(enum_server_command, THD*, char*, unsigned int)+0x8b3) [0x823bca7]
./libexec/mysqld(do_command(THD*)+0x241) [0x823d00b]
./libexec/mysqld(handle_one_connection+0x11d) [0x822af37]
/lib/libpthread.so.0 [0x45fbd4]
/lib/libc.so.6(__clone+0x5e) [0x3b74fe]

crash-me failed with:
...
select alias name length: +512
table alias name length: +512
index name length: 64
max char() size: 255
max varchar() size: 1048543
max text or blob size: 1048543 (cache)
Columns in table: Error: Can't connect to MySQL server on '127.0.0.1' (111);  DBI:mysql:database=test;host=127.0.0.1:33050  - 'root' - ''
I got the above error when connecting to mysql

Isn't droping/creating tables (i.e. DDL) impossible to make crash safe due to .frm?

Also I can't see something of maria in the stack. As I can see problem is in try to send OK when reply is already sent to user.