Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.5, 10.6, 10.11, 11.1(EOL), 11.2(EOL), 11.4, 11.5(EOL), 11.6(EOL)
Description
The stack for this bug is similar to the MDEV-29018 stack, however no UNION is used here, and we get an UBSAN error rather than an ASAN error. It looks like a separate bug.
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE SERVER srv FOREIGN DATA WRAPPER MYSQL OPTIONS (SOCKET '../socket.sock', DATABASE 'test', USER 'Spider', PASSWORD ''); |
CREATE TABLE t1 (c1 INT,c2 INT) ENGINE=MyISAM; |
CREATE TABLE t2 (c1 INT,c2 INT) ENGINE=Spider COMMENT='WRAPPER "mysql", SRV "srv", TABLE "t1"'; |
CREATE VIEW v AS SELECT * FROM t2; |
UPDATE v SET c1=1; |
Leads to:
|
11.2.5 03807c8449cdccbf5b8afc0dddabb1d8ec7ba85a (Debug) |
Core was generated by `/test/MD200724-mariadb-11.2.5-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x0000151074177aad in ha_spider::field_exchange (this=this@entry=0x151050149220, field=0x0)at /test/11.2_dbg/storage/spider/ha_spider.cc:9090
|
[Current thread is 1 (LWP 3108202)]
|
(gdb) bt
|
#0 0x0000151074177aad in ha_spider::field_exchange (this=this@entry=0x151050149220, field=0x0)at /test/11.2_dbg/storage/spider/ha_spider.cc:9090
|
#1 0x0000151074177dc5 in ha_spider::set_searched_bitmap (this=this@entry=0x151050149220)at /test/11.2_dbg/storage/spider/ha_spider.cc:9330
|
#2 0x00001510741786d3 in ha_spider::set_select_column_mode (this=this@entry=0x151050149220)at /test/11.2_dbg/storage/spider/ha_spider.cc:9426
|
#3 0x000015107418e1d5 in ha_spider::rnd_init (this=0x151050149220, scan=<optimized out>) at /test/11.2_dbg/storage/spider/ha_spider.cc:5438
|
#4 0x000056247ac70797 in handler::ha_rnd_init (scan=true, this=0x151050149220)at /test/11.2_dbg/sql/handler.h:3493
|
#5 handler::ha_rnd_init_with_error (this=0x151050149220, scan=scan@entry=true)at /test/11.2_dbg/sql/handler.cc:3893
|
#6 0x000056247a8770bf in init_read_record (info=info@entry=0x1510801639d0, thd=thd@entry=0x151050000d58, table=table@entry=0x1510502b3108, select=select@entry=0x0, filesort=filesort@entry=0x0, use_record_cache=use_record_cache@entry=0, print_error=true, disable_rr_cache=false) at /test/11.2_dbg/sql/records.cc:327
|
#7 0x000056247aa7479d in Sql_cmd_update::update_single_table (this=<optimized out>, thd=0x151050000d58)at /test/11.2_dbg/sql/sql_update.cc:859
|
#8 0x000056247aa75d38 in Sql_cmd_update::execute_inner (this=0x151050014000, thd=0x151050000d58) at /test/11.2_dbg/sql/sql_update.cc:3076
|
#9 0x000056247a9a0d83 in Sql_cmd_dml::execute (this=0x151050014000, thd=0x151050000d58) at /test/11.2_dbg/sql/sql_select.cc:33791
|
#10 0x000056247a95d1c4 in mysql_execute_command (thd=thd@entry=0x151050000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/11.2_dbg/sql/sql_parse.cc:4433
|
#11 0x000056247a962753 in mysql_parse (thd=thd@entry=0x151050000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1510801642e0)at /test/11.2_dbg/sql/sql_parse.cc:7920
|
#12 0x000056247a964ada in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x151050000d58, packet=packet@entry=0x15105000b309 "UPDATE v SET c1=1", packet_length=packet_length@entry=17, blocking=blocking@entry=true)at /test/11.2_dbg/sql/sql_class.h:247
|
#13 0x000056247a966dff in do_command (thd=0x151050000d58, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_parse.cc:1407
|
#14 0x000056247aacde61 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x56247d8419c8, put_in_cache=put_in_cache@entry=true)at /test/11.2_dbg/sql/sql_connect.cc:1439
|
#15 0x000056247aace156 in handle_one_connection (arg=arg@entry=0x56247d8419c8)at /test/11.2_dbg/sql/sql_connect.cc:1341
|
#16 0x000056247af1f192 in pfs_spawn_thread (arg=0x56247d7b6a18)at /test/11.2_dbg/storage/perfschema/pfs.cc:2201
|
#17 0x0000151097c97ada in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:444
|
#18 0x0000151097d2847c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
11.2.5 03807c8449cdccbf5b8afc0dddabb1d8ec7ba85a (Optimized) |
Core was generated by `/test/MD200724-mariadb-11.2.5-linux-x86_64-opt/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000014a0581531cd in ha_spider::field_exchange (this=this@entry=0x14a02c096980, field=0x0)at /test/11.2_opt/storage/spider/ha_spider.cc:9091
|
[Current thread is 1 (LWP 3107650)]
|
(gdb) bt
|
#0 0x000014a0581531cd in ha_spider::field_exchange (this=this@entry=0x14a02c096980, field=0x0)at /test/11.2_opt/storage/spider/ha_spider.cc:9091
|
#1 0x000014a05815352e in ha_spider::set_searched_bitmap (this=0x14a02c096980)at /test/11.2_opt/storage/spider/ha_spider.cc:9330
|
#2 ha_spider::set_searched_bitmap (this=0x14a02c096980)at /test/11.2_opt/storage/spider/ha_spider.cc:9300
|
#3 0x000014a058153e18 in ha_spider::set_select_column_mode (this=0x14a02c096980) at /test/11.2_opt/storage/spider/ha_spider.cc:9426
|
#4 ha_spider::set_select_column_mode (this=0x14a02c096980)at /test/11.2_opt/storage/spider/ha_spider.cc:9405
|
#5 0x000014a058166a9c in ha_spider::rnd_init (this=0x14a02c096980, scan=<optimized out>) at /test/11.2_opt/storage/spider/ha_spider.cc:5438
|
#6 0x0000557eb2b4461d in handler::ha_rnd_init (scan=true, this=0x14a02c096980)at /test/11.2_opt/sql/handler.h:3493
|
#7 handler::ha_rnd_init_with_error (this=0x14a02c096980, scan=scan@entry=true)at /test/11.2_opt/sql/handler.cc:3893
|
#8 0x0000557eb27e43c9 in init_read_record (info=info@entry=0x14a064120330, thd=thd@entry=0x14a02c000c68, table=table@entry=0x14a02c0b7bb8, select=select@entry=0x0, filesort=filesort@entry=0x0, use_record_cache=use_record_cache@entry=0, print_error=true, disable_rr_cache=false) at /test/11.2_opt/sql/records.cc:327
|
#9 0x0000557eb29a352a in Sql_cmd_update::update_single_table (this=0x14a02c011520, thd=0x14a02c000c68)at /test/11.2_opt/sql/sql_update.cc:859
|
#10 0x0000557eb29a510d in Sql_cmd_update::execute_inner (this=0x14a02c011520, thd=0x14a02c000c68) at /test/11.2_opt/sql/sql_update.cc:3076
|
#11 0x0000557eb28f3f61 in Sql_cmd_dml::execute (this=0x14a02c011520, thd=0x14a02c000c68) at /test/11.2_opt/sql/sql_select.cc:33791
|
#12 0x0000557eb28bc6c2 in mysql_execute_command (thd=thd@entry=0x14a02c000c68, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)at /test/11.2_opt/sql/sql_parse.cc:4433
|
#13 0x0000557eb28bd6f6 in mysql_parse (thd=0x14a02c000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/11.2_opt/sql/sql_parse.cc:7920
|
#14 0x0000557eb28bf905 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14a02c000c68, packet=packet@entry=0x14a02c008839 "UPDATE v SET c1=1", packet_length=packet_length@entry=17, blocking=blocking@entry=true)at /test/11.2_opt/sql/sql_parse.cc:1993
|
#15 0x0000557eb28c1dd3 in do_command (thd=0x14a02c000c68, blocking=blocking@entry=true) at /test/11.2_opt/sql/sql_parse.cc:1407
|
#16 0x0000557eb29eec7f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x557eb6af1ba8, put_in_cache=put_in_cache@entry=true)at /test/11.2_opt/sql/sql_connect.cc:1439
|
#17 0x0000557eb29eefcd in handle_one_connection (arg=arg@entry=0x557eb6af1ba8)at /test/11.2_opt/sql/sql_connect.cc:1341
|
#18 0x0000557eb2d9b081 in pfs_spawn_thread (arg=0x557eb6b36868)at /test/11.2_opt/storage/perfschema/pfs.cc:2201
|
#19 0x000014a06f297ada in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:444
|
#20 0x000014a06f32847c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
11.2.5 03807c8449cdccbf5b8afc0dddabb1d8ec7ba85a (Debug, UBASAN) |
/test/11.2_dbg_san/storage/spider/ha_spider.cc:9090:14: runtime error: member access within null pointer of type 'struct Field'
|
#0 0x14c86c6235fc in ha_spider::field_exchange(Field*) /test/11.2_dbg_san/storage/spider/ha_spider.cc:9090
|
#1 0x14c86c6263fc in ha_spider::set_searched_bitmap() /test/11.2_dbg_san/storage/spider/ha_spider.cc:9330
|
#2 0x14c86c62e11d in ha_spider::set_select_column_mode() /test/11.2_dbg_san/storage/spider/ha_spider.cc:9426
|
#3 0x14c86c6eaf64 in ha_spider::rnd_init(bool) /test/11.2_dbg_san/storage/spider/ha_spider.cc:5438
|
#4 0x55c1ca4141f4 in handler::ha_rnd_init(bool) /test/11.2_dbg_san/sql/handler.h:3493
|
#5 0x55c1ca4141f4 in handler::ha_rnd_init_with_error(bool) /test/11.2_dbg_san/sql/handler.cc:3893
|
#6 0x55c1c8497295 in init_read_record(READ_RECORD*, THD*, TABLE*, SQL_SELECT*, SORT_INFO*, int, bool, bool) /test/11.2_dbg_san/sql/records.cc:327
|
#7 0x55c1c9386d74 in Sql_cmd_update::update_single_table(THD*) /test/11.2_dbg_san/sql/sql_update.cc:859
|
#8 0x55c1c9390e8e in Sql_cmd_update::execute_inner(THD*) /test/11.2_dbg_san/sql/sql_update.cc:3076
|
#9 0x55c1c8d61b79 in Sql_cmd_dml::execute(THD*) /test/11.2_dbg_san/sql/sql_select.cc:33791
|
#10 0x55c1c8b7d182 in mysql_execute_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:4433
|
#11 0x55c1c8ba052c in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.2_dbg_san/sql/sql_parse.cc:7920
|
#12 0x55c1c8bb0374 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1894
|
#13 0x55c1c8bbeb3d in do_command(THD*, bool) /test/11.2_dbg_san/sql/sql_parse.cc:1407
|
#14 0x55c1c95d7fb3 in do_handle_one_connection(CONNECT*, bool) /test/11.2_dbg_san/sql/sql_connect.cc:1439
|
#15 0x55c1c95d94ce in handle_one_connection /test/11.2_dbg_san/sql/sql_connect.cc:1341
|
#16 0x14c890a97ad9 in start_thread nptl/pthread_create.c:444
|
#17 0x14c890b2847b in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
 |
240723 16:02:39 [ERROR] mysqld got signal 11 ;
|