| Bug #45603 | Crash/invalid memory reads in mi_get_status debug code | ||
|---|---|---|---|
| Submitted: | 19 Jun 2009 7:43 | Modified: | 8 Feb 2010 11:00 |
| Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
| Status: | Duplicate | Impact on me: | |
| Category: | MySQL Server: MyISAM storage engine | Severity: | S2 (Serious) |
| Version: | 5.1,6.0 | OS: | Any (windows ,linux) |
| Assigned to: | Assigned Account | CPU Architecture: | Any |
| Tags: | valgrind | ||
[19 Jun 2009 7:44]
MySQL Verification Team
the more complete valgrind output...
Attachment: bug45603_6.0.12_full_valgrind_output.txt (text/plain), 14.55 KiB.
[16 Oct 2009 11:38]
Philip Stoev
Test case for bug45603.test
Attachment: bug45603.test (application/octet-stream, text), 16.14 KiB.
[16 Oct 2009 11:40]
Philip Stoev
Please find attached a test case that crashes the server with the following backtrace:
#4 0x0000000000943581 in mi_get_status (param=0x355ac58, concurrent_insert=0) at mi_locking.c:287
#5 0x00000000009c404a in thr_lock (data=0x355afa8, owner=0x7fc53802e3b8, lock_type=TL_WRITE) at thr_lock.c:679
#6 0x00000000009c4cc8 in thr_multi_lock (data=0x2976e10, count=88, owner=0x7fc53802e3b8) at thr_lock.c:973
#7 0x000000000063d334 in mysql_lock_tables (thd=0x7fc53802d668, tables=0x35b0758, count=65, flags=4, need_reopen=0x7fc53f06b0b3) at lock.cc:279
#8 0x000000000069e3f7 in lock_tables (thd=0x7fc53802d668, tables=0x2923ff0, count=65, need_reopen=0x7fc53f06b0b3) at sql_base.cc:5292
#9 0x00000000006afb66 in open_and_lock_tables_derived (thd=0x7fc53802d668, tables=0x2923ff0, derived=true) at sql_base.cc:4990
#10 0x000000000066465d in open_and_lock_tables (thd=0x7fc53802d668, tables=0x2923ff0) at mysql_priv.h:1562
#11 0x00000000006f910a in mysql_insert (thd=0x7fc53802d668, table_list=0x2923ff0, fields=@0x7fc53802f9c0, values_list=@0x7fc53802fa08,
update_fields=@0x7fc53802f9f0, update_values=@0x7fc53802f9d8, duplic=DUP_ERROR, ignore=false) at sql_insert.cc:611
#12 0x000000000065b0d7 in mysql_execute_command (thd=0x7fc53802d668) at sql_parse.cc:3150
#13 0x000000000066152b in mysql_parse (thd=0x7fc53802d668,
inBuf=0x2923dd8 "INSERT INTO `table0_myisam_key_pk_parts_2_int_autoinc` ( `pk` ) VALUES ( NULL )", length=79, found_semicolon=0x7fc53f06ced0)
at sql_parse.cc:5942
#14 0x0000000000662373 in dispatch_command (command=COM_QUERY, thd=0x7fc53802d668,
packet=0x7fc538081ce9 "INSERT INTO `table0_myisam_key_pk_parts_2_int_autoinc` ( `pk` ) VALUES ( NULL )", packet_length=79) at sql_parse.cc:1224
#15 0x0000000000663765 in do_command (thd=0x7fc53802d668) at sql_parse.cc:865
#16 0x000000000064f996 in handle_one_connection (arg=0x7fc53802d668) at sql_connect.cc:1127
#17 0x000000315b0073da in start_thread () from /lib64/libpthread.so.0
#18 0x000000315a4e627d in clone () from /lib64/libc.so.6
[8 Feb 2010 11:00]
Sergey Vojtovich
A duplicate of BUG#48438.
Description: got many of these during a single threaded test: Invalid read of size 4 at: mi_get_status (mi_locking.c:283) by: thr_lock (thr_lock.c:615) by: thr_multi_lock (thr_lock.c:1020) by: mysql_lock_tables(THD*, TABLE**, unsigned, unsigned, bool*) (lock.cc:321) by: lock_tables(THD*, TABLE_LIST*, unsigned, unsigned, bool*) (sql_base.cc:4538) by: open_and_lock_tables_derived (sql_base.cc:4232) by: execute_sqlcom_select(THD*, TABLE_LIST*) (mysql_priv.h:1594) by: mysql_execute_command(THD*) (sql_parse.cc:2172) by: mysql_parse(THD*, char const*, unsigned, char const**) (sql_parse.cc:5979) by: dispatch_command (sql_parse.cc:1064) by: do_command(THD*) (sql_parse.cc:746) by: handle_one_connection (sql_connect.cc:1146) Address 0xF9E1048 is not stack'd, malloc'd or (recently) free'd the invalid read is in this line: #ifndef DBUG_OFF if (info->state->key_file_length > info->s->state.state.key_file_length || info->state->data_file_length > info->s->state.state.data_file_length) DBUG_PRINT("warning",("old info: key_file: %ld data_file: %ld", (long) info->state->key_file_length, (long) info->state->data_file_length)); #endif How to repeat: wait and see.