maria-developers team mailing list archive

Thread
Date

Re: Possible race condition or NULL pointer triggered by OQGraph

To: maria-developers@xxxxxxxxxxxxxxxxxxx, oqgraph-dev@xxxxxxxxxxxxxxxxxxx
From: Heinz Wiesinger <HMWiesinger@xxxxxxxxxxx>
Date: Mon, 02 Jun 2014 13:44:32 +0200
In-reply-to: <20140602112354.GA19364@meddwl.fritz.box>
User-agent: KMail/4.12.4 (Linux/3.14.1; KDE/4.12.4; x86_64; ; )

On Monday 02 June 2014 13:23:54 Sergei Golubchik wrote:
> Hi, Andrew!
> 
> On Jun 02, Andrew McDonnell wrote:
> > Hi all
> > 
> > (Cross-posted to oqgraph-developers, maria-developers)
> > 
> > I am trying to track down a segfault apparently triggered by concurrent
> > execution of queries through OQGraph - for context, see:
> > 
> > https://mariadb.atlassian.net/browse/MDEV-6282
> > 
> > I am however a bit confused as to what is going on, because at least some
> > of the information leads me to suspect that there could be more going on
> > here than just a simple race condition.
> > 
> > --Immediate Cause--
> > 
> > On the surface, a segfault appears to be caused in a method in
> > sql_class.h,
> > Statement::check_limit_rows_examined() dereferencing a NULL pointer,
> > `lex`.
> > The method check_limit_rows_examined() was called from sql_class.h method
> > handler::increment_statistics() .
> 
> I don't see how thd->lex could be NULL there. It shouldn't be changed
> concurrently on anything.
> 
> Can you actually repeat the crash?

I haven't been able so far to come up with a nice, contained, general test 
case. However, I can very easily reproduce the crash, on both a CentOS 6 
system using MariaDB's rpms as well as on my Slackware systems using a self-
compiled version.

Grs,
Heinz

Attachment: signature.asc
Description: This is a digitally signed message part.

References

Possible race condition or NULL pointer triggered by OQGraph
From: Andrew McDonnell, 2014-06-02
Re: Possible race condition or NULL pointer triggered by OQGraph
From: Sergei Golubchik, 2014-06-02