[MDEV-19178] Server crash in create_view_field or Assertion `m_sp == __null' failed in Item_func_sp::fix_fields after invalidating view by dropping function - Jira

Details

Type: Bug
Status: Confirmed (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 5.5(EOL), 10.1(EOL), 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL)
Fix Version/s: 10.5, 10.6, 10.11, 11.4, 11.8
Component/s: Stored routines, Views
Labels:
None

Description

Note: The assertion looks like MDEV-14557, but the location, stack trace and test case are different, so I'm filing it separately. Still, I assume the root cause is the same, ~~MDEV-5816~~, so I'm setting fix version to 10.5. Feel free to fix in earlier versions if it turns out possible/reasonable.

CREATE TABLE t1 (a INT);

CREATE FUNCTION zero() RETURNS INT RETURN 0;

CREATE VIEW v1 AS SELECT zero() AS zero FROM t1;

CREATE FUNCTION f(i INT) RETURNS INT RETURN i;

CREATE VIEW v2 AS SELECT f(zero) AS f FROM v1;

DROP FUNCTION zero;

UPDATE v2 SET f = 4;

10.4 0dc442ac
mysqld: /data/src/10.4/sql/item_func.cc:6341: virtual bool Item_func_sp::fix_fields(THD, Item*): Assertion `m_sp == __null' failed.
190405 0:30:34 [ERROR] mysqld got signal 6 ;

#7 0x00007ff850698ee2 in __assert_fail () from /lib/x86_64-linux-gnu/libc.so.6
#8 0x00005573dadcca3b in Item_func_sp::fix_fields (this=0x7ff8380184b8, thd=0x7ff838000b00, ref=0x7ff8380481d0) at /data/src/10.4/sql/item_func.cc:6341
#9 0x00005573dab18fe6 in create_view_field (thd=0x7ff838000b00, view=0x7ff8380156c0, field_ref=0x7ff8380481d0, name=0x7ff8380481d8) at /data/src/10.4/sql/table.cc:6378
#10 0x00005573dab18e5f in Field_iterator_view::create_item (this=0x7ff84a810870, thd=0x7ff838000b00) at /data/src/10.4/sql/table.cc:6353
#11 0x00005573da95a27e in find_field_in_view (thd=0x7ff838000b00, table_list=0x7ff8380156c0, name=0x7ff838015d80 "f", length=1, item_name=0x7ff838015d80 "f", ref=0x7ff838015f38, register_tree_change=true) at /data/src/10.4/sql/sql_base.cc:5700
#12 0x00005573da95b108 in find_field_in_table_ref (thd=0x7ff838000b00, table_list=0x7ff8380156c0, name=0x7ff838015d80 "f", length=1, item_name=0x7ff838015d80 "f", db_name=0x0, table_name=0x0, ref=0x7ff838015f38, check_privileges=true, allow_rowid=true, cached_field_index_ptr=0x7ff838015e5c, register_tree_change=true, actual_table=0x7ff84a810a60) at /data/src/10.4/sql/sql_base.cc:6039
#13 0x00005573da95bd6a in find_field_in_tables (thd=0x7ff838000b00, item=0x7ff838015d88, first_table=0x7ff8380156c0, last_table=0x0, ref=0x7ff838015f38, report_error=REPORT_ALL_ERRORS, check_privileges=true, register_tree_change=true) at /data/src/10.4/sql/sql_base.cc:6348
#14 0x00005573dad5d4ee in Item_field::fix_outer_field (this=0x7ff838015d88, thd=0x7ff838000b00, from_field=0x7ff84a810e70, reference=0x7ff838015f38) at /data/src/10.4/sql/item.cc:5516
#15 0x00005573dad5e0d5 in Item_field::fix_fields (this=0x7ff838015d88, thd=0x7ff838000b00, reference=0x7ff838015f38) at /data/src/10.4/sql/item.cc:5766
#16 0x00005573da8e5ed3 in Item::fix_fields_if_needed (this=0x7ff838015d88, thd=0x7ff838000b00, ref=0x7ff838015f38) at /data/src/10.4/sql/item.h:955
#17 0x00005573da8e5f01 in Item::fix_fields_if_needed_for_scalar (this=0x7ff838015d88, thd=0x7ff838000b00, ref=0x7ff838015f38) at /data/src/10.4/sql/item.h:959
#18 0x00005573da95ebe9 in setup_fields (thd=0x7ff838000b00, ref_pointer_array=..., fields=..., column_usage=MARK_COLUMNS_WRITE, sum_func_list=0x0, pre_fix=0x0, allow_sum_func=false) at /data/src/10.4/sql/sql_base.cc:7554
#19 0x00005573daafd74d in setup_fields_with_no_wrap (thd=0x7ff838000b00, ref_pointer_array=..., item=..., column_usage=MARK_COLUMNS_WRITE, sum_func_list=0x0, allow_sum_func=false) at /data/src/10.4/sql/sql_base.h:376
#20 0x00005573daaf4b5d in mysql_update (thd=0x7ff838000b00, table_list=0x7ff8380156c0, fields=..., values=..., conds=0x0, order_num=0, order=0x0, limit=18446744073709551615, ignore=false, found_return=0x7ff84a811850, updated_return=0x7ff84a811910) at /data/src/10.4/sql/sql_update.cc:455
#21 0x00005573da9f3926 in mysql_execute_command (thd=0x7ff838000b00) at /data/src/10.4/sql/sql_parse.cc:4648
#22 0x00005573da9ffbe4 in mysql_parse (thd=0x7ff838000b00, rawbuf=0x7ff8380155e8 "UPDATE v2 SET f = 4", length=19, parser_state=0x7ff84a812180, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:8154
#23 0x00005573da9eb630 in dispatch_command (command=COM_QUERY, thd=0x7ff838000b00, packet=0x7ff838139261 "UPDATE v2 SET f = 4", packet_length=19, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1832
#24 0x00005573da9e9e16 in do_command (thd=0x7ff838000b00) at /data/src/10.4/sql/sql_parse.cc:1365
#25 0x00005573dab61e55 in do_handle_one_connection (connect=0x5573dd87d520) at /data/src/10.4/sql/sql_connect.cc:1398
#26 0x00005573dab61bc6 in handle_one_connection (arg=0x5573dd87d520) at /data/src/10.4/sql/sql_connect.cc:1301
#27 0x00005573db055cb9 in pfs_spawn_thread (arg=0x5573dd96f8f0) at /data/src/10.4/storage/perfschema/pfs.cc:1862
#28 0x00007ff852587494 in start_thread (arg=0x7ff84a813700) at pthread_create.c:333
#29 0x00007ff85075593f in clone () from /lib/x86_64-linux-gnu/libc.so.6

Attachments

Issue Links

relates to

MDEV-14557 Assertion `m_sp == __null' failed in Item_func_sp::init_result_field upon 2nd execution of SP

Stalled

MDEV-20410 Pure virtual method called in Item_ref::set_properties, SIGSEGV or ASAN heap-use-after-free in create_view_field

Closed

Activity

Ascending order - Click to sort in descending order

Elena Stepanova added a comment - 2019-04-30 22:33

Here is a test case with a very similar stack trace, with the difference that it's SIGSEGV which affects non-debug builds as well.

--let $datadir= `SELECT @@datadir`

--write_file $datadir/test/load.data

EOF

CREATE TABLE t1 (a INT, b INT);

INSERT INTO t1 (a) VALUES (1),(2);

CREATE TRIGGER tr BEFORE INSERT ON t1 FOR EACH ROW INSERT INTO t2 SELECT * FROM x;

CREATE TABLE t2 (c INT, d INT);

CREATE TABLE t3 (a INT);

CREATE VIEW v3 AS SELECT * FROM t3;

CREATE TABLE x (a INT, f INT);

INSERT INTO t1 (a) VALUES (3);

DROP TABLE x;

CREATE VIEW x AS SELECT * FROM v3;

--error ER_BAD_FIELD_ERROR

LOAD DATA INFILE 'load.data' IGNORE INTO TABLE t1;

--error ER_BAD_FIELD_ERROR

INSERT INTO t1 (a) VALUES (4);

# Cleanup

--remove_file $datadir/test/load.data

DROP VIEW x, v3;

DROP TABLE t1, t2, t3;

10.2 00377147 debug
#3 <signal handler called>
#4 0x000055fefacfb55c in create_view_field (thd=0x7f1c40000b00, view=0x7f1c4003e6b0, field_ref=0x7f1c400a84d8, name=0x7f1c400a84e8 "a") at /data/src/10.2/sql/table.cc:5850
#5 0x000055fefacfb459 in Field_iterator_view::create_item (this=0x7f1c52505840, thd=0x7f1c40000b00) at /data/src/10.2/sql/table.cc:5825
#6 0x000055fefab814b3 in find_field_in_view (thd=0x7f1c40000b00, table_list=0x7f1c4003e6b0, name=0x7f1c4003f020 "a", length=1, item_name=0x7f1c4003f020 "a", ref=0x7f1c4003e668, register_tree_change=true) at /data/src/10.2/sql/sql_base.cc:5318
#7 0x000055fefab8247e in find_field_in_table_ref (thd=0x7f1c40000b00, table_list=0x7f1c4003e6b0, name=0x7f1c4003f020 "a", length=1, item_name=0x7f1c4003f020 "a", db_name=0x0, table_name=0x0, ref=0x7f1c4003e668, check_privileges=true, allow_rowid=true, cached_field_index_ptr=0x7f1c4003efd4, register_tree_change=true, actual_table=0x7f1c52505a38) at /data/src/10.2/sql/sql_base.cc:5678
#8 0x000055fefab82d2c in find_field_in_tables (thd=0x7f1c40000b00, item=0x7f1c4003ef10, first_table=0x7f1c4003e6b0, last_table=0x0, ref=0x7f1c4003e668, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true) at /data/src/10.2/sql/sql_base.cc:5914
#9 0x000055fefae8d539 in Item_field::fix_fields (this=0x7f1c4003ef10, thd=0x7f1c40000b00, reference=0x7f1c4003e668) at /data/src/10.2/sql/item.cc:5454
#10 0x000055fefab85ded in setup_fields (thd=0x7f1c40000b00, ref_pointer_array=..., fields=..., mark_used_columns=MARK_COLUMNS_READ, sum_func_list=0x7f1c4009fe00, pre_fix=0x7f1c400402a8, allow_sum_func=true) at /data/src/10.2/sql/sql_base.cc:7184
#11 0x000055fefac2d9f1 in JOIN::prepare (this=0x7f1c4009fae0, tables_init=0x7f1c4003e6b0, wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f1c40040168, unit_arg=0x7f1c4003fa30) at /data/src/10.2/sql/sql_select.cc:814
#12 0x000055fefac383cf in mysql_select (thd=0x7f1c40000b00, tables=0x7f1c4003e6b0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=3489663744, result=0x7f1c4009fa38, unit=0x7f1c4003fa30, select_lex=0x7f1c40040168) at /data/src/10.2/sql/sql_select.cc:3797
#13 0x000055fefac2c66b in handle_select (thd=0x7f1c40000b00, lex=0x7f1c4003f968, result=0x7f1c4009fa38, setup_tables_done_option=1073741824) at /data/src/10.2/sql/sql_select.cc:376
#14 0x000055fefabf0cc5 in mysql_execute_command (thd=0x7f1c40000b00) at /data/src/10.2/sql/sql_parse.cc:4545
#15 0x000055fefafed5ea in sp_instr_stmt::exec_core (this=0x7f1c4003ecd0, thd=0x7f1c40000b00, nextp=0x7f1c52506d44) at /data/src/10.2/sql/sp_head.cc:3248
#16 0x000055fefafecc55 in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f1c4003ed10, thd=0x7f1c40000b00, nextp=0x7f1c52506d44, open_tables=false, instr=0x7f1c4003ecd0) at /data/src/10.2/sql/sp_head.cc:3011
#17 0x000055fefafed295 in sp_instr_stmt::execute (this=0x7f1c4003ecd0, thd=0x7f1c40000b00, nextp=0x7f1c52506d44) at /data/src/10.2/sql/sp_head.cc:3164
#18 0x000055fefafe8451 in sp_head::execute (this=0x7f1c4003d288, thd=0x7f1c40000b00, merge_da_on_success=false) at /data/src/10.2/sql/sp_head.cc:1329
#19 0x000055fefafe9048 in sp_head::execute_trigger (this=0x7f1c4003d288, thd=0x7f1c40000b00, db_name=0x7f1c4006df88, table_name=0x7f1c4006df98, grant_info=0x7f1c4003cf58) at /data/src/10.2/sql/sp_head.cc:1658
#20 0x000055fefacd1719 in Table_triggers_list::process_triggers (this=0x7f1c4003c9c8, thd=0x7f1c40000b00, event=TRG_EVENT_INSERT, time_type=TRG_ACTION_BEFORE, old_row_is_record1=true) at /data/src/10.2/sql/sql_trigger.cc:2199
#21 0x000055fefab889de in fill_record_n_invoke_before_triggers (thd=0x7f1c40000b00, table=0x7f1c40038310, fields=..., values=..., ignore_errors=false, event=TRG_EVENT_INSERT) at /data/src/10.2/sql/sql_base.cc:8193
#22 0x000055fefabc8650 in mysql_insert (thd=0x7f1c40000b00, table_list=0x7f1c40012540, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at /data/src/10.2/sql/sql_insert.cc:966
#23 0x000055fefabf05d8 in mysql_execute_command (thd=0x7f1c40000b00) at /data/src/10.2/sql/sql_parse.cc:4438
#24 0x000055fefabfba93 in mysql_parse (thd=0x7f1c40000b00, rawbuf=0x7f1c40012458 "INSERT INTO t1 (a) VALUES (4)", length=29, parser_state=0x7f1c52508200, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:8013
#25 0x000055fefabe9590 in dispatch_command (command=COM_QUERY, thd=0x7f1c40000b00, packet=0x7f1c4008e121 "INSERT INTO t1 (a) VALUES (4)", packet_length=29, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1833
#26 0x000055fefabe7ead in do_command (thd=0x7f1c40000b00) at /data/src/10.2/sql/sql_parse.cc:1387
#27 0x000055fefad3bab9 in do_handle_one_connection (connect=0x55fefe98a030) at /data/src/10.2/sql/sql_connect.cc:1335
#28 0x000055fefad3b846 in handle_one_connection (arg=0x55fefe98a030) at /data/src/10.2/sql/sql_connect.cc:1241
#29 0x000055fefb0a387e in pfs_spawn_thread (arg=0x55fefe8d5960) at /data/src/10.2/storage/perfschema/pfs.cc:1862
#30 0x00007f1c5a2c7494 in start_thread (arg=0x7f1c52509700) at pthread_create.c:333
#31 0x00007f1c5828f93f in clone () from /lib/x86_64-linux-gnu/libc.so.6

The actual crash happens for me only on 10.2+, but even 10.1 and 5.5 fail with ASAN heap-use-after-free, which means it's just the matter of luck.

Elena Stepanova added a comment - 2019-04-30 22:33 Here is a test case with a very similar stack trace, with the difference that it's SIGSEGV which affects non-debug builds as well. --let $datadir= `SELECT @@datadir` --write_file $datadir/test/load.data 1 EOF CREATE TABLE t1 (a INT , b INT ); INSERT INTO t1 (a) VALUES (1),(2); CREATE TRIGGER tr BEFORE INSERT ON t1 FOR EACH ROW INSERT INTO t2 SELECT * FROM x; CREATE TABLE t2 (c INT , d INT ); CREATE TABLE t3 (a INT ); CREATE VIEW v3 AS SELECT * FROM t3; CREATE TABLE x (a INT , f INT ); INSERT INTO t1 (a) VALUES (3); DROP TABLE x; CREATE VIEW x AS SELECT * FROM v3; --error ER_BAD_FIELD_ERROR LOAD DATA INFILE 'load.data' IGNORE INTO TABLE t1; --error ER_BAD_FIELD_ERROR INSERT INTO t1 (a) VALUES (4); # Cleanup --remove_file $datadir/test/load.data DROP VIEW x, v3; DROP TABLE t1, t2, t3; 10.2 00377147 debug #3 <signal handler called> #4 0x000055fefacfb55c in create_view_field (thd=0x7f1c40000b00, view=0x7f1c4003e6b0, field_ref=0x7f1c400a84d8, name=0x7f1c400a84e8 "a") at /data/src/10.2/sql/table.cc:5850 #5 0x000055fefacfb459 in Field_iterator_view::create_item (this=0x7f1c52505840, thd=0x7f1c40000b00) at /data/src/10.2/sql/table.cc:5825 #6 0x000055fefab814b3 in find_field_in_view (thd=0x7f1c40000b00, table_list=0x7f1c4003e6b0, name=0x7f1c4003f020 "a", length=1, item_name=0x7f1c4003f020 "a", ref=0x7f1c4003e668, register_tree_change=true) at /data/src/10.2/sql/sql_base.cc:5318 #7 0x000055fefab8247e in find_field_in_table_ref (thd=0x7f1c40000b00, table_list=0x7f1c4003e6b0, name=0x7f1c4003f020 "a", length=1, item_name=0x7f1c4003f020 "a", db_name=0x0, table_name=0x0, ref=0x7f1c4003e668, check_privileges=true, allow_rowid=true, cached_field_index_ptr=0x7f1c4003efd4, register_tree_change=true, actual_table=0x7f1c52505a38) at /data/src/10.2/sql/sql_base.cc:5678 #8 0x000055fefab82d2c in find_field_in_tables (thd=0x7f1c40000b00, item=0x7f1c4003ef10, first_table=0x7f1c4003e6b0, last_table=0x0, ref=0x7f1c4003e668, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true) at /data/src/10.2/sql/sql_base.cc:5914 #9 0x000055fefae8d539 in Item_field::fix_fields (this=0x7f1c4003ef10, thd=0x7f1c40000b00, reference=0x7f1c4003e668) at /data/src/10.2/sql/item.cc:5454 #10 0x000055fefab85ded in setup_fields (thd=0x7f1c40000b00, ref_pointer_array=..., fields=..., mark_used_columns=MARK_COLUMNS_READ, sum_func_list=0x7f1c4009fe00, pre_fix=0x7f1c400402a8, allow_sum_func=true) at /data/src/10.2/sql/sql_base.cc:7184 #11 0x000055fefac2d9f1 in JOIN::prepare (this=0x7f1c4009fae0, tables_init=0x7f1c4003e6b0, wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f1c40040168, unit_arg=0x7f1c4003fa30) at /data/src/10.2/sql/sql_select.cc:814 #12 0x000055fefac383cf in mysql_select (thd=0x7f1c40000b00, tables=0x7f1c4003e6b0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=3489663744, result=0x7f1c4009fa38, unit=0x7f1c4003fa30, select_lex=0x7f1c40040168) at /data/src/10.2/sql/sql_select.cc:3797 #13 0x000055fefac2c66b in handle_select (thd=0x7f1c40000b00, lex=0x7f1c4003f968, result=0x7f1c4009fa38, setup_tables_done_option=1073741824) at /data/src/10.2/sql/sql_select.cc:376 #14 0x000055fefabf0cc5 in mysql_execute_command (thd=0x7f1c40000b00) at /data/src/10.2/sql/sql_parse.cc:4545 #15 0x000055fefafed5ea in sp_instr_stmt::exec_core (this=0x7f1c4003ecd0, thd=0x7f1c40000b00, nextp=0x7f1c52506d44) at /data/src/10.2/sql/sp_head.cc:3248 #16 0x000055fefafecc55 in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f1c4003ed10, thd=0x7f1c40000b00, nextp=0x7f1c52506d44, open_tables=false, instr=0x7f1c4003ecd0) at /data/src/10.2/sql/sp_head.cc:3011 #17 0x000055fefafed295 in sp_instr_stmt::execute (this=0x7f1c4003ecd0, thd=0x7f1c40000b00, nextp=0x7f1c52506d44) at /data/src/10.2/sql/sp_head.cc:3164 #18 0x000055fefafe8451 in sp_head::execute (this=0x7f1c4003d288, thd=0x7f1c40000b00, merge_da_on_success=false) at /data/src/10.2/sql/sp_head.cc:1329 #19 0x000055fefafe9048 in sp_head::execute_trigger (this=0x7f1c4003d288, thd=0x7f1c40000b00, db_name=0x7f1c4006df88, table_name=0x7f1c4006df98, grant_info=0x7f1c4003cf58) at /data/src/10.2/sql/sp_head.cc:1658 #20 0x000055fefacd1719 in Table_triggers_list::process_triggers (this=0x7f1c4003c9c8, thd=0x7f1c40000b00, event=TRG_EVENT_INSERT, time_type=TRG_ACTION_BEFORE, old_row_is_record1=true) at /data/src/10.2/sql/sql_trigger.cc:2199 #21 0x000055fefab889de in fill_record_n_invoke_before_triggers (thd=0x7f1c40000b00, table=0x7f1c40038310, fields=..., values=..., ignore_errors=false, event=TRG_EVENT_INSERT) at /data/src/10.2/sql/sql_base.cc:8193 #22 0x000055fefabc8650 in mysql_insert (thd=0x7f1c40000b00, table_list=0x7f1c40012540, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at /data/src/10.2/sql/sql_insert.cc:966 #23 0x000055fefabf05d8 in mysql_execute_command (thd=0x7f1c40000b00) at /data/src/10.2/sql/sql_parse.cc:4438 #24 0x000055fefabfba93 in mysql_parse (thd=0x7f1c40000b00, rawbuf=0x7f1c40012458 "INSERT INTO t1 (a) VALUES (4)", length=29, parser_state=0x7f1c52508200, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:8013 #25 0x000055fefabe9590 in dispatch_command (command=COM_QUERY, thd=0x7f1c40000b00, packet=0x7f1c4008e121 "INSERT INTO t1 (a) VALUES (4)", packet_length=29, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1833 #26 0x000055fefabe7ead in do_command (thd=0x7f1c40000b00) at /data/src/10.2/sql/sql_parse.cc:1387 #27 0x000055fefad3bab9 in do_handle_one_connection (connect=0x55fefe98a030) at /data/src/10.2/sql/sql_connect.cc:1335 #28 0x000055fefad3b846 in handle_one_connection (arg=0x55fefe98a030) at /data/src/10.2/sql/sql_connect.cc:1241 #29 0x000055fefb0a387e in pfs_spawn_thread (arg=0x55fefe8d5960) at /data/src/10.2/storage/perfschema/pfs.cc:1862 #30 0x00007f1c5a2c7494 in start_thread (arg=0x7f1c52509700) at pthread_create.c:333 #31 0x00007f1c5828f93f in clone () from /lib/x86_64-linux-gnu/libc.so.6 The actual crash happens for me only on 10.2+, but even 10.1 and 5.5 fail with ASAN heap-use-after-free, which means it's just the matter of luck.

Alice Sherepa added a comment - 2025-04-09 10:21

10.5/src/mysys/my_alloc.c:212: alloc_root: Assertion `(mem_root->flags & 4) == 0' failed.

Server version: 10.5.29-MariaDB-debug-log source revision: b6392c292e8dc4539185dba4696e05c65d0f1065

/lib/x86_64-linux-gnu/libc.so.6(+0x33fd6)[0x7f1bdaba1fd6]

mysys/my_alloc.c:214(alloc_root)[0x55f025781f35]

sql/parse_file.cc:608(parse_escaped_string(char const*, char const*, st_mem_root*, st_mysql_const_lex_string*))[0x55f02355dcca]

sql/parse_file.cc:806(File_parser::parse(unsigned char*, st_mem_root*, File_option*, unsigned int, Unknown_key_hook*) const)[0x55f02355eb80]

sql/sql_view.cc:1326(mysql_make_view(THD*, TABLE_SHARE*, TABLE_LIST*, bool))[0x55f023babfa7]

sql/sql_base.cc:2968(tdc_open_view(THD*, TABLE_LIST*, unsigned int))[0x55f0236b312c]

sql/sql_base.cc:1657(is_locked_view(THD*, TABLE_LIST*))[0x55f0236ab061]

sql/sql_base.cc:1826(open_table(THD*, TABLE_LIST*, Open_table_context*))[0x55f0236abfdc]

sql/sql_base.cc:3839(open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*))[0x55f0236b7516]

sql/sql_base.cc:4323(open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*))[0x55f0236ba12d]

sql/sql_base.cc:5270(open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*))[0x55f0236bf47f]

sql/sql_base.h:509(open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int))[0x55f023610449]

sql/sql_parse.cc:4756(mysql_execute_command(THD*))[0x55f023865bcc]

sql/sp_head.cc:3854(sp_instr_stmt::exec_core(THD*, unsigned int*))[0x55f0235f7468]

sql/sp_head.cc:3565(sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*))[0x55f0235f574b]

sql/sp_head.cc:3757(sp_instr_stmt::execute(THD*, unsigned int*))[0x55f0235f6bb5]

sql/sp_head.cc:1443(sp_head::execute(THD*, bool))[0x55f0235e6cf1]

sql/sp_head.cc:1951(sp_head::execute_trigger(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, st_grant_info*))[0x55f0235ea1ec]

sql/sql_trigger.cc:2311(Table_triggers_list::process_triggers(THD*, trg_event_type, trg_action_time_type, bool))[0x55f023b5a9be]

sql/sql_base.cc:8760(fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type))[0x55f0236d6a5f]

sql/sql_load.cc:1187(read_sep_field(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, String&, unsigned long, bool))[0x55f02383b238]

sql/sql_load.cc:700(mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool))[0x55f0238374ea]

sql/sql_parse.cc:5174(mysql_execute_command(THD*))[0x55f0238692e5]

sql/sql_parse.cc:8252(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55f02387da95]

sql/sql_parse.cc:1894(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55f0238522e2]

sql/sql_parse.cc:1375(do_command(THD*))[0x55f02384ebbc]

sql/sql_connect.cc:1386(do_handle_one_connection(CONNECT*, bool))[0x55f023cc57b6]

sql/sql_connect.cc:1300(handle_one_connection)[0x55f023cc5310]

perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55f02498598c]

nptl/pthread_create.c:478(start_thread)[0x7f1bdb152609]

Query (0x6250001569a8): INSERT INTO t2 SELECT * FROM x

Alice Sherepa added a comment - 2025-04-09 10:21 10.5/src/mysys/my_alloc.c:212: alloc_root: Assertion `(mem_root->flags & 4) == 0' failed. Server version: 10.5.29-MariaDB-debug-log source revision: b6392c292e8dc4539185dba4696e05c65d0f1065 /lib/x86_64-linux-gnu/libc.so.6(+0x33fd6)[0x7f1bdaba1fd6] mysys/my_alloc.c:214(alloc_root)[0x55f025781f35] sql/parse_file.cc:608(parse_escaped_string(char const*, char const*, st_mem_root*, st_mysql_const_lex_string*))[0x55f02355dcca] sql/parse_file.cc:806(File_parser::parse(unsigned char*, st_mem_root*, File_option*, unsigned int, Unknown_key_hook*) const)[0x55f02355eb80] sql/sql_view.cc:1326(mysql_make_view(THD*, TABLE_SHARE*, TABLE_LIST*, bool))[0x55f023babfa7] sql/sql_base.cc:2968(tdc_open_view(THD*, TABLE_LIST*, unsigned int))[0x55f0236b312c] sql/sql_base.cc:1657(is_locked_view(THD*, TABLE_LIST*))[0x55f0236ab061] sql/sql_base.cc:1826(open_table(THD*, TABLE_LIST*, Open_table_context*))[0x55f0236abfdc] sql/sql_base.cc:3839(open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*))[0x55f0236b7516] sql/sql_base.cc:4323(open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*))[0x55f0236ba12d] sql/sql_base.cc:5270(open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*))[0x55f0236bf47f] sql/sql_base.h:509(open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int))[0x55f023610449] sql/sql_parse.cc:4756(mysql_execute_command(THD*))[0x55f023865bcc] sql/sp_head.cc:3854(sp_instr_stmt::exec_core(THD*, unsigned int*))[0x55f0235f7468] sql/sp_head.cc:3565(sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*))[0x55f0235f574b] sql/sp_head.cc:3757(sp_instr_stmt::execute(THD*, unsigned int*))[0x55f0235f6bb5] sql/sp_head.cc:1443(sp_head::execute(THD*, bool))[0x55f0235e6cf1] sql/sp_head.cc:1951(sp_head::execute_trigger(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, st_grant_info*))[0x55f0235ea1ec] sql/sql_trigger.cc:2311(Table_triggers_list::process_triggers(THD*, trg_event_type, trg_action_time_type, bool))[0x55f023b5a9be] sql/sql_base.cc:8760(fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type))[0x55f0236d6a5f] sql/sql_load.cc:1187(read_sep_field(THD*, st_copy_info&, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, READ_INFO&, String&, unsigned long, bool))[0x55f02383b238] sql/sql_load.cc:700(mysql_load(THD*, sql_exchange const*, TABLE_LIST*, List<Item>&, List<Item>&, List<Item>&, enum_duplicates, bool, bool))[0x55f0238374ea] sql/sql_parse.cc:5174(mysql_execute_command(THD*))[0x55f0238692e5] sql/sql_parse.cc:8252(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55f02387da95] sql/sql_parse.cc:1894(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55f0238522e2] sql/sql_parse.cc:1375(do_command(THD*))[0x55f02384ebbc] sql/sql_connect.cc:1386(do_handle_one_connection(CONNECT*, bool))[0x55f023cc57b6] sql/sql_connect.cc:1300(handle_one_connection)[0x55f023cc5310] perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55f02498598c] nptl/pthread_create.c:478(start_thread)[0x7f1bdb152609] Query (0x6250001569a8): INSERT INTO t2 SELECT * FROM x

MariaDB Server

Server crash in create_view_field or Assertion `m_sp == __null' failed in Item_func_sp::fix_fields after invalidating view by dropping function

Details

Description

Attachments

Issue Links

Activity

People

Dates

Git Integration