Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31284

SIGSEGV in VDec2_lazy::VDec2_lazy | Item_func_plus::decimal_op

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.4(EOL), 10.5, 10.6, 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL)
    • 10.5, 10.6, 10.11
    • None
    • None

    Description

      CREATE TABLE t (t INT KEY) ENGINE=INNODB;
      		 
      INSERT INTO t (t) VALUES (t +0+t + t+t +0+t + t -0+t +-0+-0+t + t +-0+t +-0+t + t+t +0+t + t+t + t +0+t + t +-0+t +-0+-0+t + t +-0+t +-0.0+t +-0+0+t +-0+0.0+t + t +-0+0.0+0.0+0+t +-0+0.0+-0+0.0+0.0+0+t +-0+0.0+0+0.0+0+t +-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0.0+0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0+t + t+t +0+t + t+t + t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0+t + t+t +0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+t + t +0.0+0+t + t+t +0.0+t + t +-0+0+t +0.0+0.0+0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0+t + t+t +0+t + t+t + t +0.0+t + t +-0+0+t +0.0+0+0.0+0.0+0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0+t + t+t +0+t + t+t + t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+t +-0+0+t +-0+0.0+t + t +-0+0.0+0.0+0+t +-0+0.0+-0+0.0+0.0+0+t +-0+0.0+0+0.0+0+t +-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0.0+0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0+t + t+t +0+t + t+t + t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0+t + t+t +0+t + t+t +-0+0.0+t +0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t+t +0.0+0+0.0+0.0+0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0+t + t+t +0+t + t+t + t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+t +-0+0+t +-0+0.0+t + t +-0+0.0+0.0+0+t +-0+0.0+-0+0.0+0.0+0+t +-0+0.0+0+0.0+0+t +-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0.0+0+t + t+t +0.0+t + t +-0+0+t +-0+0.0+-0+t + t +-0+0.0+0.0+0+t +-0+0.0+0+t  ),(0.0);

      Leads to:

      11.0.2 368dd22a816f3b437bccd0b9ff28b9de9b1abf0a (Debug)

      		 
      Core was generated by `/test/MD120523-mariadb-11.0.2-linux-x86_64-dbg/bin/mariadbd --no-defaults --cor'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x00005558faaf45e3 in VDec2_lazy::VDec2_lazy (b=0x153b4c028b10, 
          a=0x153b4c028a50, this=0x153b84064fd0) at /test/11.0_dbg/sql/sql_type.h:507
      		 
      [Current thread is 1 (Thread 0x153b840ae700 (LWP 1016112))]
      		 
      (gdb) bt
      		 
      #0  0x00005558faaf45e3 in VDec2_lazy::VDec2_lazy (b=0x153b4c028b10, a=0x153b4c028a50, this=0x153b84064fd0) at /test/11.0_dbg/sql/sql_type.h:507
      		 
      #1  Item_func_plus::decimal_op (this=0x153b4c028c30, decimal_value=0x153b840651e8) at /test/11.0_dbg/sql/item_func.cc:1196
      		 
      #2  0x00005558fa97fba2 in VDec_op::VDec_op (this=0x153b840651e0, item=0x153b4c028c30) at /test/11.0_dbg/sql/sql_type.cc:308
      		 
      #3  0x00005558fa97ff43 in Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal (this=<optimized out>, item=<optimized out>, dec=0x153b840652c8) at /test/11.0_dbg/sql/sql_type.cc:5348
      		 
      #4  0x00005558faac16bd in Item_func_hybrid_field_type::val_decimal (this=0x153b4c028c30, dec=0x153b840652c8) at /test/11.0_dbg/sql/sql_type.h:7441
      		 
      #5  0x00005558fa97f69e in VDec::VDec (this=0x153b840652c0, item=0x153b4c028c30) at /test/11.0_dbg/sql/sql_type.cc:301
      		 
      #6  0x00005558faaf45e8 in VDec2_lazy::VDec2_lazy (b=0x153b4c028cf0, a=<optimized out>, this=0x153b840652c0) at /test/11.0_dbg/sql/sql_type.h:507
      		 
      #7  Item_func_plus::decimal_op (this=0x153b4c028e10, decimal_value=0x153b840654d8) at /test/11.0_dbg/sql/item_func.cc:1196
      		 
      #8  0x00005558fa97fba2 in VDec_op::VDec_op (this=0x153b840654d0, item=0x153b4c028e10) at /test/11.0_dbg/sql/sql_type.cc:308
      		 
      #9  0x00005558fa97ff43 in Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal (this=<optimized out>, item=<optimized out>, dec=0x153b840655b8) at /test/11.0_dbg/sql/sql_type.cc:5348
      		 
      #10 0x00005558faac16bd in Item_func_hybrid_field_type::val_decimal (this=0x153b4c028e10, dec=0x153b840655b8) at /test/11.0_dbg/sql/sql_type.h:7441
      		 
      #11 0x00005558fa97f69e in VDec::VDec (this=0x153b840655b0, item=0x153b4c028e10) at /test/11.0_dbg/sql/sql_type.cc:301
      		 
      [..]
      		 
      #987 0x00005558fa97ff43 in Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal (this=<optimized out>, item=<optimized out>, dec=0x153b84083488) at /test/11.0_dbg/sql/sql_type.cc:5348
      		 
      #988 0x00005558faac16bd in Item_func_hybrid_field_type::val_decimal (this=0x153b4c0392c8, dec=0x153b84083488) at /test/11.0_dbg/sql/sql_type.h:7441
      		 
      #989 0x00005558fa97f69e in VDec::VDec (this=0x153b84083480, item=0x153b4c0392c8) at /test/11.0_dbg/sql/sql_type.cc:301
      		 
      #990 0x00005558faaf45e8 in VDec2_lazy::VDec2_lazy (b=0x153b4c039388, a=<optimized out>, this=0x153b84083480) at /test/11.0_dbg/sql/sql_type.h:507
      		 
      #991 Item_func_plus::decimal_op (this=0x153b4c039408, decimal_value=0x153b84083698) at /test/11.0_dbg/sql/item_func.cc:1196
      		 
      #992 0x00005558fa97fba2 in VDec_op::VDec_op (this=0x153b84083690, item=0x153b4c039408) at /test/11.0_dbg/sql/sql_type.cc:308
      		 
      #993 0x00005558fa97ff43 in Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal (this=<optimized out>, item=<optimized out>, dec=0x153b84083778) at /test/11.0_dbg/sql/sql_type.cc:5348

      Bug confirmed present in:
      MariaDB: 10.4.30 (dbg), 10.5.21 (dbg), 10.6.14 (dbg), 10.6.14 (opt), 10.8.8 (dbg), 10.8.8 (opt), 10.9.7 (dbg), 10.9.7 (opt), 10.10.5 (dbg), 10.10.5 (opt), 10.11.4 (dbg), 10.11.4 (opt), 11.0.2 (dbg), 11.0.2 (opt), 11.1.0 (dbg), 11.1.0 (opt)

      Bug (or feature/syntax) confirmed not present in:
      MariaDB: 10.4.30 (opt), 10.5.21 (opt)

      Unique IDs

      SIGSEGV|Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal|Item_func_hybrid_field_type::val_decimal|VDec::VDec|VDec2_lazy::VDec2_lazy
      		 
      SIGSEGV|VDec2_lazy::VDec2_lazy|Item_func_plus::decimal_op|VDec_op::VDec_op|Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal
      		 
      SIGSEGV|VDec_op::VDec_op|Type_handler_decimal_result::Item_func_hybrid_field_type_val_decimal|Item_func_hybrid_field_type::val_decimal|VDec::VDec
      		 
      SIGSEGV|VDec::VDec|VDec2_lazy::VDec2_lazy|Item_func_plus::decimal_op|VDec_op::VDec_op

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-31629 Assertion `(m_ptr == __null) == item->null_value' failed in VDec::VDec

          • Major - Major loss of function.
          • Open

          Activity

            People

              bar Alexander Barkov
              ramesh Ramesh Sivaraman
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.