Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-28481

SIGSEGV in Lex_charset_collation_st::find_bin_collation

    XMLWordPrintable

Details

    Description

      DROP DATABASE test;
      SET SESSION collation_server=filename;
      CREATE DATABASE test;
      USE test;
      CREATE TABLE t (c CHAR BINARY);
      

      Leads to:

      10.9.0 0b14dbd45b5a1c02616d611876158d44b92b77bf (Optimized)

      Core was generated by `/test/MD030522-mariadb-10.9.0-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  Lex_charset_collation_st::find_bin_collation (cs=0x0)
          at /test/10.9_opt/sql/lex_charset.cc:47
      47	    strxnmov(tmp, sizeof(tmp)-1, cs->cs_name.str, "_bin", NULL);
      [Current thread is 1 (Thread 0x14f1281bf700 (LWP 1256133))]
      (gdb) bt
      #0  Lex_charset_collation_st::find_bin_collation (cs=0x0) at /test/10.9_opt/sql/lex_charset.cc:47
      #1  Lex_charset_collation_st::find_bin_collation (cs=<optimized out>) at /test/10.9_opt/sql/lex_charset.cc:26
      #2  0x00005607b69776d1 in Column_definition::prepare_charset_for_string (this=this@entry=0x14f0e4010fd0, dattr=dattr@entry=0x14f1281bcdb0) at /test/10.9_opt/sql/sql_type.h:273
      #3  0x00005607b6a5d740 in Type_handler_string_result::Column_definition_prepare_stage1 (this=<optimized out>, thd=0x14f0e4000c58, mem_root=0x14f0e40067c8, def=0x14f0e4010fd0, file=0x14f0e40112b0, table_flags=2954625839647655134, derived_attr=0x14f1281bcdb0) at /test/10.9_opt/sql/sql_type.cc:3132
      #4  0x00005607b6977996 in Column_definition::prepare_stage1 (this=this@entry=0x14f0e4010fd0, thd=thd@entry=0x14f0e4000c58, mem_root=<optimized out>, file=file@entry=0x14f0e40112b0, table_flags=<optimized out>, derived_attr=derived_attr@entry=0x14f1281bcdb0) at /test/10.9_opt/sql/sql_type.h:7441
      #5  0x00005607b6978703 in mysql_prepare_create_table (thd=0x14f0e4000c58, create_info=0x14f1281bdcc0, alter_info=0x14f1281bdbd0, db_options=0x14f1281bcf08, file=0x14f0e40112b0, key_info_buffer=0x14f1281bd7a8, key_count=0x14f1281bd7a4, create_table_mode=0, db=<optimized out>, table_name=<optimized out>) at /test/10.9_opt/sql/handler.h:3453
      #6  0x00005607b697c299 in mysql_create_frm_image (thd=0x14f0e4000c58, db=@0x14f0e40107e0: {str = 0x14f0e4010ea8 "test", length = 4}, table_name=@0x14f0e40107f0: {str = 0x14f0e4010790 "t", length = 1}, create_info=0x14f1281bdcc0, alter_info=0x14f1281bdbd0, create_table_mode=0, key_info=0x14f1281bd7a8, key_count=0x14f1281bd7a4, frm=0x14f1281bd7c0) at /test/10.9_opt/sql/sql_table.cc:4291
      #7  0x00005607b698455a in create_table_impl (thd=thd@entry=0x14f0e4000c58, ddl_log_state_create=ddl_log_state_create@entry=0x14f1281bda70, ddl_log_state_rm=<optimized out>, orig_db=@0x14f0e40107e0: {str = 0x14f0e4010ea8 "test", length = 4}, orig_table_name=@0x14f0e40107f0: {str = 0x14f0e4010790 "t", length = 1}, db=@0x14f0e40107e0: {str = 0x14f0e4010ea8 "test", length = 4}, table_name=@0x14f0e40107f0: {str = 0x14f0e4010790 "t", length = 1}, path=@0x14f1281bd7b0: {str = 0x14f1281bd7d0 "./test/t", length = 8}, options={m_options = DDL_options_st::OPT_NONE}, create_info=0x14f1281bdcc0, alter_info=0x14f1281bdbd0, create_table_mode=0, is_trans=0x14f1281bda6f, key_info=0x14f1281bd7a8, key_count=0x14f1281bd7a4, frm=0x14f1281bd7c0) at /test/10.9_opt/sql/sql_table.cc:4603
      #8  0x00005607b6984e68 in mysql_create_table_no_lock (thd=thd@entry=0x14f0e4000c58, ddl_log_state_create=ddl_log_state_create@entry=0x14f1281bda70, ddl_log_state_rm=ddl_log_state_rm@entry=0x14f1281bda90, db=db@entry=0x14f0e40107e0, table_name=table_name@entry=0x14f0e40107f0, create_info=create_info@entry=0x14f1281bdcc0, alter_info=0x14f1281bdbd0, is_trans=0x14f1281bda6f, create_table_mode=0, table_list=0x14f0e40107c8) at /test/10.9_opt/sql/sql_table.cc:4726
      #9  0x00005607b6985254 in mysql_create_table (thd=thd@entry=0x14f0e4000c58, create_table=create_table@entry=0x14f0e40107c8, create_info=create_info@entry=0x14f1281bdcc0, alter_info=alter_info@entry=0x14f1281bdbd0) at /test/10.9_opt/sql/sql_table.cc:4838
      #10 0x00005607b6986af9 in Sql_cmd_create_table_like::execute (this=<optimized out>, thd=0x14f0e4000c58) at /test/10.9_opt/sql/sql_table.cc:12342
      #11 0x00005607b68d6256 in mysql_execute_command (thd=0x14f0e4000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.9_opt/sql/sql_parse.cc:6006
      #12 0x00005607b68c6a55 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x14f0e4000c58) at /test/10.9_opt/sql/sql_parse.cc:8046
      #13 mysql_parse (thd=0x14f0e4000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.9_opt/sql/sql_parse.cc:7968
      #14 0x00005607b68d271a in dispatch_command (command=COM_QUERY, thd=0x14f0e4000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.9_opt/sql/sql_class.h:1364
      #15 0x00005607b68d4642 in do_command (thd=0x14f0e4000c58, blocking=blocking@entry=true) at /test/10.9_opt/sql/sql_parse.cc:1408
      #16 0x00005607b69e95bf in do_handle_one_connection (connect=<optimized out>, connect@entry=0x5607b9f239d8, put_in_cache=put_in_cache@entry=true) at /test/10.9_opt/sql/sql_connect.cc:1418
      #17 0x00005607b69e989d in handle_one_connection (arg=0x5607b9f239d8) at /test/10.9_opt/sql/sql_connect.cc:1312
      #18 0x000014f14caa7609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      #19 0x000014f14c693163 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
      

      10.9.0 0b14dbd45b5a1c02616d611876158d44b92b77bf (Debug)

      Core was generated by `/test/MD030522-mariadb-10.9.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  0x0000563d7736f453 in Lex_charset_collation_st::find_bin_collation (
          cs=0x0, cs@entry=0x563d78639840 <my_charset_filename>)
          at /test/10.9_dbg/sql/lex_charset.cc:47
      47	    strxnmov(tmp, sizeof(tmp)-1, cs->cs_name.str, "_bin", NULL);
      [Current thread is 1 (Thread 0x1531000a1700 (LWP 1259414))]
      (gdb) bt
      #0  0x0000563d7736f453 in Lex_charset_collation_st::find_bin_collation (cs=0x0, cs@entry=0x563d78639840 <my_charset_filename>) at /test/10.9_dbg/sql/lex_charset.cc:47
      #1  0x0000563d7736f7d4 in Lex_charset_collation_st::resolved_to_character_set (this=this@entry=0x15310009ec30, def=0x563d78639840 <my_charset_filename>) at /test/10.9_dbg/sql/lex_charset.cc:129
      #2  0x0000563d7724e33c in Column_definition::prepare_charset_for_string (this=this@entry=0x15305c0144f0, dattr=dattr@entry=0x15310009edc8) at /test/10.9_dbg/sql/sql_type.h:273
      #3  0x0000563d77373062 in Type_handler_string_result::Column_definition_prepare_stage1 (this=<optimized out>, thd=0x15305c000db8, mem_root=0x15305c006ae8, def=0x15305c0144f0, file=0x15305c0147d0, table_flags=2954625839647655134, derived_attr=0x15310009edc8) at /test/10.9_dbg/sql/sql_type.cc:3132
      #4  0x0000563d7724e649 in Column_definition::prepare_stage1 (this=this@entry=0x15305c0144f0, thd=thd@entry=0x15305c000db8, mem_root=<optimized out>, file=file@entry=0x15305c0147d0, table_flags=<optimized out>, derived_attr=derived_attr@entry=0x15310009edc8) at /test/10.9_dbg/sql/sql_type.h:7441
      #5  0x0000563d77257911 in mysql_prepare_create_table (thd=thd@entry=0x15305c000db8, create_info=create_info@entry=0x15310009fca0, alter_info=alter_info@entry=0x15310009fbb0, db_options=db_options@entry=0x15310009ef08, file=file@entry=0x15305c0147d0, key_info_buffer=key_info_buffer@entry=0x15310009f798, key_count=0x15310009f794, create_table_mode=0, db=<optimized out>, table_name=<optimized out>) at /test/10.9_dbg/sql/handler.h:3453
      #6  0x0000563d7725bbf5 in mysql_create_frm_image (thd=thd@entry=0x15305c000db8, db=@0x15305c013d00: {str = 0x15305c0143c8 "test", length = 4}, table_name=@0x15305c013d10: {str = 0x15305c013cb0 "t", length = 1}, create_info=create_info@entry=0x15310009fca0, alter_info=alter_info@entry=0x15310009fbb0, create_table_mode=create_table_mode@entry=0, key_info=0x15310009f798, key_count=0x15310009f794, frm=0x15310009f7b0) at /test/10.9_dbg/sql/sql_table.cc:4291
      #7  0x0000563d7725c94e in create_table_impl (thd=thd@entry=0x15305c000db8, ddl_log_state_create=ddl_log_state_create@entry=0x15310009fa50, ddl_log_state_rm=<optimized out>, ddl_log_state_rm@entry=0x15310009fa70, orig_db=@0x15305c013d00: {str = 0x15305c0143c8 "test", length = 4}, orig_table_name=@0x15305c013d10: {str = 0x15305c013cb0 "t", length = 1}, db=@0x15305c013d00: {str = 0x15305c0143c8 "test", length = 4}, table_name=@0x15305c013d10: {str = 0x15305c013cb0 "t", length = 1}, path=@0x15310009f7a0: {str = 0x15310009f7c0 "./test/t", length = 8}, options=<optimized out>, create_info=0x15310009fca0, alter_info=0x15310009fbb0, create_table_mode=0, is_trans=0x15310009fa4f, key_info=0x15310009f798, key_count=0x15310009f794, frm=0x15310009f7b0) at /test/10.9_dbg/sql/sql_table.cc:4603
      #8  0x0000563d7725d593 in mysql_create_table_no_lock (thd=thd@entry=0x15305c000db8, ddl_log_state_create=ddl_log_state_create@entry=0x15310009fa50, ddl_log_state_rm=ddl_log_state_rm@entry=0x15310009fa70, db=db@entry=0x15305c013d00, table_name=table_name@entry=0x15305c013d10, create_info=create_info@entry=0x15310009fca0, alter_info=0x15310009fbb0, is_trans=0x15310009fa4f, create_table_mode=0, table_list=0x15305c013ce8) at /test/10.9_dbg/sql/sql_table.cc:4726
      #9  0x0000563d7725d98a in mysql_create_table (thd=thd@entry=0x15305c000db8, create_table=create_table@entry=0x15305c013ce8, create_info=create_info@entry=0x15310009fca0, alter_info=alter_info@entry=0x15310009fbb0) at /test/10.9_dbg/sql/sql_table.cc:4838
      #10 0x0000563d7725f715 in Sql_cmd_create_table_like::execute (this=<optimized out>, thd=0x15305c000db8) at /test/10.9_dbg/sql/sql_table.cc:12342
      #11 0x0000563d7718a03a in mysql_execute_command (thd=thd@entry=0x15305c000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.9_dbg/sql/sql_parse.cc:6006
      #12 0x0000563d7717267b in mysql_parse (thd=thd@entry=0x15305c000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1531000a0470) at /test/10.9_dbg/sql/sql_parse.cc:8046
      #13 0x0000563d7717ff79 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x15305c000db8, packet=packet@entry=0x15305c00b699 "CREATE TABLE t (c CHAR BINARY)", packet_length=packet_length@entry=30, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_class.h:1364
      #14 0x0000563d77182686 in do_command (thd=0x15305c000db8, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_parse.cc:1408
      #15 0x0000563d772dfd02 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x563d7a8c08a8, put_in_cache=put_in_cache@entry=true) at /test/10.9_dbg/sql/sql_connect.cc:1418
      #16 0x0000563d772e020b in handle_one_connection (arg=0x563d7a8c08a8) at /test/10.9_dbg/sql/sql_connect.cc:1312
      #17 0x00001531197b7609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      #18 0x00001531193a3163 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
      

      Bug confirmed present in:
      MariaDB: 10.9.0 (dbg), 10.9.0 (opt)

      Bug (or feature/syntax) confirmed not present in:
      MariaDB: 10.2.44 (dbg), 10.2.44 (opt), 10.3.35 (dbg), 10.3.35 (opt), 10.4.25 (dbg), 10.4.25 (opt), 10.5.16 (dbg), 10.5.16 (opt), 10.6.8 (dbg), 10.6.8 (opt), 10.7.4 (dbg), 10.7.4 (opt), 10.8.3 (dbg), 10.8.3 (opt)
      MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.37 (dbg), 5.7.37 (opt), 8.0.28 (dbg), 8.0.28 (opt)

      10.8:

      10.8.3 9f5a3e568913e0810109554608c56c93f3ec24f8 (Debug)

      10.8.3-dbg>CREATE TABLE t (a INT KEY,s1 CHAR(2) BINARY);
      ERROR 1273 (HY000): Unknown collation: 'filename_bin'
      

      Attachments

        Activity

          People

            bar Alexander Barkov
            Roel Roel Van de Paar
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.