Details
-
Bug
-
Status: Stalled (View Workflow)
-
Major
-
Resolution: Unresolved
-
11.3.0, 10.5, 10.6, 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL)
-
None
-
Ubuntu 20.04
Description
Run these queries in release build:
CREATE TABLE t0 ( c51 TEXT DEFAULT ( ATAN ( 109 ) ) ) ;
INSERT INTO t0 VALUES ( -19 ) , ( 122 ) ;
ALTER TABLE t0 MODIFY COLUMN c51 INT NOT NULL ;
INSERT INTO t0 VALUES ( -83 ) , ( ATAN ( -89 LIKE EXISTS ( SELECT ROW_NUMBER ( ) OVER ( PARTITION BY c51 ORDER BY CASE c51 WHEN -107 THEN COUNT( DISTINCT c51 , + TRIM( TRAILING c51 FROM '/{;sxMhm&X$8fg7_ga#RG+7,>%)qs`b-Z7_\\><_k\'ML' ) NOT IN ( RAND ( ) NOT BETWEEN 69 AND -122 ) ) - - COS ( t0 . c51 ) ELSE 39 END IS TRUE ) NOT IN ( 107 , 15 , 57 ) AS c1 ) ) ) ;
Will trigger Segmentation fault.
GDB info:
Thread 16 "mariadbd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffd242e300 (LWP 3369)]
0x00000000013316dd in Field::type_std_attributes (this=0x6190000a3458) at /home/wx/mariadb-11.3.0/sql/field.h:902
902 return Type_std_attributes(type_numeric_attributes(), dtcollation());
#0 0x00000000013316dd in Field::type_std_attributes (this=0x619000159258) at /home/wx/mariadb-11.3.0/sql/field.h:902
#1 Item_field::set_field (this=0x6290000bc7e0, field_par=<optimized out>) at /home/wx/mariadb-11.3.0/sql/item.cc:3141
#2 0x000000000133122a in Item_field::Item_field (this=0x6290000bc7e0, thd=<optimized out>, f=<optimized out>) at /home/wx/mariadb-11.3.0/sql/item.cc:3046
#3 0x00000000015ef5ab in Item_sum::get_tmp_table_item (this=<optimized out>, thd=0x62b00016c218) at /home/wx/mariadb-11.3.0/sql/item_sum.cc:563
#4 0x0000000000c2f1a9 in change_refs_to_tmp_fields (thd=<optimized out>, ref_pointer_array=..., res_selected_fields=..., res_all_fields=..., elements=1, all_fields=...) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:28691
#5 JOIN::make_aggr_tables_info (this=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:3798
#6 0x0000000000bfc660 in JOIN::optimize_stage2 (this=0x6290000ba0c8) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:3438
#7 0x0000000000c13911 in JOIN::optimize_inner (this=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:2650
#8 0x0000000000bfc156 in JOIN::optimize (this=0x6290000ba0c8) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:1944
#9 0x0000000000ab5421 in st_select_lex::optimize_unflattened_subqueries (this=<optimized out>, const_only=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:4916
#10 0x0000000000a688a6 in mysql_insert (thd=<optimized out>, table_list=0x6290000915e0, fields=..., values_list=..., update_fields=..., update_values=..., duplic=<optimized out>, ignore=<optimized out>, result=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_insert.cc:875
#11 0x0000000000b36566 in mysql_execute_command (thd=0x62b00016c218, is_called_from_prepared_stmt=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:4417
#12 0x0000000000b1fe79 in mysql_parse (thd=thd@entry=0x62b00016c218, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, parser_state@entry=0x7fffd242ca80) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:7734
#13 0x0000000000b19069 in dispatch_command (command=<optimized out>, thd=0x62b00016c218, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1893
#14 0x0000000000b20b71 in do_command (thd=0x62b00016c218, blocking=true) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1406
#15 0x0000000000f03476 in do_handle_one_connection (connect=<optimized out>, put_in_cache=<optimized out>) at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1445
#16 0x0000000000f02eb9 in handle_one_connection (arg=arg@entry=0x608001c51cb8) at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1347
#17 0x0000000001a00c1b in pfs_spawn_thread (arg=0x617000005498) at /home/wx/mariadb-11.3.0/storage/perfschema/pfs.cc:2201
#18 0x00007ffff79f7609 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#19 0x00007ffff770f133 in clone () from /lib/x86_64-linux-gnu/libc.so.6
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-