Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.5, 10.6, 10.11, 11.4, 11.8, 12.0
Description
DROP DATABASE test; |
INSTALL SONAME 'ha_spider'; |
UNINSTALL SONAME IF EXISTS 'ha_spider'; |
SELECT spider_ping_table('',0,0,0,'',0,0,0,0,0); |
Leads to:
|
CS 11.4.6 da5a4d05b9da58705498a42b6ffa5d9211f446af (Optimized) Build 06/05/2025 |
Core was generated by `/test/MD060525-mariadb-11.4.6-linux-x86_64-opt/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 thd_get_ha_data (thd=0x7bfdf4000c68, hton=0x0)at /test/11.4_opt/sql/sql_class.cc:465
|
 |
[Current thread is 1 (LWP 3156548)]
|
(gdb) bt
|
#0 thd_get_ha_data (thd=0x7bfdf4000c68, hton=0x0)at /test/11.4_opt/sql/sql_class.cc:465
|
#1 0x00007bfefc11d774 in spider_get_trx (thd=0x7bfdf4000c68, regist_allocated_thds=true, error_num=error_num@entry=0x7bfefc1fd34c)at /test/11.4_opt/storage/spider/spd_trx.cc:928
|
#2 0x00007bfefc16331e in spider_ping_table_init_body (initid=0x7bfdf4017fb0, args=0x7bfdf4017f70, message=0x7bfefc1fd3b0 "\370z\001\364\375{")at /test/11.4_opt/storage/spider/spd_ping_table.cc:1501
|
#3 0x0000579c71d20a38 in udf_handler::fix_fields (this=0x7bfdf4017f60, thd=0x7bfdf4000c68, func=func@entry=0x7bfdf4017eb0, arg_count=<optimized out>, arguments=0x7bfdf4018048)at /test/11.4_opt/sql/item_func.cc:3672
|
#4 0x0000579c71d30362 in Item_udf_func::fix_fields (this=0x7bfdf4017eb0, thd=0x0, ref=<optimized out>) at /test/11.4_opt/sql/item_func.h:2978
|
#5 0x0000579c71e73c05 in Item::fix_fields_if_needed (this=0x7bfdf4017eb0, thd=0x7bfdf4000c68, ref=0x7bfdf40180a0) at /test/11.4_opt/sql/item.h:1184
|
#6 Item::fix_fields_if_needed_for_scalar (this=0x7bfdf4017eb0, thd=0x7bfdf4000c68, ref=0x7bfdf40180a0) at /test/11.4_opt/sql/item.h:1193
|
#7 setup_fields (thd=0x7bfdf4000c68, ref_pointer_array={m_array = 0x7bfdf40191d8, m_size = 13}, fields=<optimized out>, column_usage=<optimized out>, sum_func_list=sum_func_list@entry=0x7bfdf4018dc8, pre_fix=0x7bfdf4017658, allow_sum_func=<optimized out>, where=THD_WHERE::DEFAULT_WHERE)at /test/11.4_opt/sql/sql_base.cc:8181
|
#8 0x0000579c71f6d81e in JOIN::prepare (this=this@entry=0x7bfdf4018a28, tables_init=tables_init@entry=0x0, conds_init=conds_init@entry=0x0, og_num=og_num@entry=0, order_init=order_init@entry=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7bfdf4017388, unit_arg=0x7bfdf4004f40)at /test/11.4_opt/sql/sql_select.cc:1581
|
#9 0x0000579c71f69a51 in mysql_select (thd=thd@entry=0x7bfdf4000c68, tables=0x0, fields=@0x7bfdf4017640: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x7bfdf4018098, last = 0x7bfdf4018098, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x7bfdf4018a00, unit=0x7bfdf4004f40, select_lex=0x7bfdf4017388)at /test/11.4_opt/sql/sql_select.cc:5343
|
#10 0x0000579c71f69809 in handle_select (thd=thd@entry=0x7bfdf4000c68, lex=lex@entry=0x7bfdf4004e60, result=result@entry=0x7bfdf4018a00, setup_tables_done_option=setup_tables_done_option@entry=0)at /test/11.4_opt/sql/sql_select.cc:642
|
#11 0x0000579c71f325ee in execute_sqlcom_select (thd=thd@entry=0x7bfdf4000c68, all_tables=0x0) at /test/11.4_opt/sql/sql_parse.cc:6183
|
#12 0x0000579c71f30b19 in mysql_execute_command (thd=thd@entry=0x7bfdf4000c68, is_called_from_prepared_stmt=false) at /test/11.4_opt/sql/sql_parse.cc:3975
|
#13 0x0000579c71f290b1 in mysql_parse (thd=thd@entry=0x7bfdf4000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7bfefc1fe490)at /test/11.4_opt/sql/sql_parse.cc:7898
|
#14 0x0000579c71f27569 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7bfdf4000c68, packet=packet@entry=0x7bfdf40087e9 "SELECT spider_ping_table('',0,0,0,'',0,0,0,0,0)", packet_length=packet_length@entry=47, blocking=true)at /test/11.4_opt/sql/sql_parse.cc:1904
|
#15 0x0000579c71f294c1 in do_command (thd=thd@entry=0x7bfdf4000c68, blocking=true) at /test/11.4_opt/sql/sql_parse.cc:1417
|
#16 0x0000579c720771cd in do_handle_one_connection (connect=<optimized out>, connect@entry=0x579c748dd008, put_in_cache=true)at /test/11.4_opt/sql/sql_connect.cc:1408
|
#17 0x0000579c72076f93 in handle_one_connection (arg=arg@entry=0x579c748dd008)at /test/11.4_opt/sql/sql_connect.cc:1320
|
#18 0x0000579c72226f1e in pfs_spawn_thread (arg=0x579c74889b08)at /test/11.4_opt/storage/perfschema/pfs.cc:2201
|
#19 0x00007bff0529ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#20 0x00007bff05329c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
CS 11.4.6 da5a4d05b9da58705498a42b6ffa5d9211f446af (Debug) Build 06/05/2025 |
Core was generated by `/test/MD060525-mariadb-11.4.6-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000061e27c6c62ad in thd_get_ha_data (thd=0x794a7c000d58, hton=0x0)at /test/11.4_dbg/sql/sql_class.cc:465
|
 |
[Current thread is 1 (LWP 3155854)]
|
(gdb) bt
|
#0 0x000061e27c6c62ad in thd_get_ha_data (thd=0x794a7c000d58, hton=0x0)at /test/11.4_dbg/sql/sql_class.cc:465
|
#1 0x0000794ba4519321 in spider_get_trx (thd=0x794a7c000d58, regist_allocated_thds=true, error_num=0x794ba4964fbc)at /test/11.4_dbg/storage/spider/spd_trx.cc:928
|
#2 0x0000794ba458385d in spider_ping_table_init_body (initid=0x794a7c01a7a0, args=0x794a7c01a760, message=0x794ba49651b0 "\b\300\222~\342a")at /test/11.4_dbg/storage/spider/spd_ping_table.cc:1501
|
#3 0x0000794ba457ed05 in spider_ping_table_init (initid=0x794a7c01a7a0, args=0x794a7c01a760, message=0x794ba49651b0 "\b\300\222~\342a")at /test/11.4_dbg/storage/spider/spd_udf.cc:99
|
#4 0x000061e27c493ba7 in udf_handler::fix_fields (this=0x794a7c01a750, thd=0x794a7c000d58, func=0x794a7c01a6a0, arg_count=10, arguments=0x794a7c01a838) at /test/11.4_dbg/sql/item_func.cc:3672
|
#5 0x000061e27c4a6fb6 in Item_udf_func::fix_fields (this=0x794a7c01a6a0, thd=0x794a7c000d58, ref=0x794a7c01a890)at /test/11.4_dbg/sql/item_func.h:2978
|
#6 0x000061e27c436aaa in Item::fix_fields_if_needed (this=0x794a7c01a6a0, thd=0x794a7c000d58, ref=0x794a7c01a890) at /test/11.4_dbg/sql/item.h:1184
|
#7 0x000061e27c43a539 in Item::fix_fields_if_needed_for_scalar (this=0x794a7c01a6a0, thd=0x794a7c000d58, ref=0x794a7c01a890)at /test/11.4_dbg/sql/item.h:1193
|
#8 0x000061e27c6b1181 in setup_fields (thd=0x794a7c000d58, ref_pointer_array={m_array = 0x794a7c01b9d8, m_size = 13}, fields=@0x794a7c019e30: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x794a7c01a888, last = 0x794a7c01a888, elements = 1}, <No data fields>}, column_usage=MARK_COLUMNS_READ, sum_func_list=0x794a7c01b5c0, pre_fix=0x794a7c019e48, allow_sum_func=true, where=THD_WHERE::DEFAULT_WHERE) at /test/11.4_dbg/sql/sql_base.cc:8181
|
#9 0x000061e27c86d810 in JOIN::prepare (this=0x794a7c01b218, tables_init=0x0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x794a7c019b78, unit_arg=0x794a7c005000)at /test/11.4_dbg/sql/sql_select.cc:1581
|
#10 0x000061e27c869319 in mysql_select (thd=0x794a7c000d58, tables=0x0, fields=@0x794a7c019e30: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x794a7c01a888, last = 0x794a7c01a888, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x794a7c01b1f0, unit=0x794a7c005000, select_lex=0x794a7c019b78) at /test/11.4_dbg/sql/sql_select.cc:5343
|
#11 0x000061e27c868ea5 in handle_select (thd=0x794a7c000d58, lex=0x794a7c004f20, result=0x794a7c01b1f0, setup_tables_done_option=0)at /test/11.4_dbg/sql/sql_select.cc:642
|
#12 0x000061e27c80cf41 in execute_sqlcom_select (thd=0x794a7c000d58, all_tables=0x0) at /test/11.4_dbg/sql/sql_parse.cc:6183
|
#13 0x000061e27c801ed0 in mysql_execute_command (thd=0x794a7c000d58, is_called_from_prepared_stmt=false) at /test/11.4_dbg/sql/sql_parse.cc:3975
|
#14 0x000061e27c7fa054 in mysql_parse (thd=0x794a7c000d58, rawbuf=0x794a7c019ac0 "SELECT spider_ping_table('',0,0,0,'',0,0,0,0,0)", length=47, parser_state=0x794ba4967a30)at /test/11.4_dbg/sql/sql_parse.cc:7898
|
#15 0x000061e27c7f7504 in dispatch_command (command=COM_QUERY, thd=0x794a7c000d58, packet=0x794a7c00afd9 "SELECT spider_ping_table('',0,0,0,'',0,0,0,0,0)", packet_length=47, blocking=true) at /test/11.4_dbg/sql/sql_parse.cc:1904
|
#16 0x000061e27c7fac03 in do_command (thd=0x794a7c000d58, blocking=true)at /test/11.4_dbg/sql/sql_parse.cc:1417
|
#17 0x000061e27ca0bb59 in do_handle_one_connection (connect=0x61e27e8e3758, put_in_cache=true) at /test/11.4_dbg/sql/sql_connect.cc:1408
|
#18 0x000061e27ca0b8f2 in handle_one_connection (arg=0x61e27e947208)at /test/11.4_dbg/sql/sql_connect.cc:1320
|
#19 0x0000794bada9ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#20 0x0000794badb29c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
Bug Detection Matrix |
Rel o/d Build Commit UniqueID observed
|
CS 10.5 dbg 060525 5c92b27d5433df7558f41ac5718481f87bdfa544 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
CS 10.5 opt 060525 5c92b27d5433df7558f41ac5718481f87bdfa544 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
CS 10.6 dbg 060525 c62671543976eb397576f1b57fb6817029bc21ee SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
CS 10.6 opt 060525 c62671543976eb397576f1b57fb6817029bc21ee SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
CS 10.11 dbg 060525 2263c8a1f7db9b308e1458d1ddc4203d006940d7 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
CS 10.11 opt 060525 2263c8a1f7db9b308e1458d1ddc4203d006940d7 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
CS 11.4 dbg 060525 da5a4d05b9da58705498a42b6ffa5d9211f446af SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
CS 11.4 opt 060525 da5a4d05b9da58705498a42b6ffa5d9211f446af SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
CS 11.8 dbg 060525 865b05bf4acf10e0d4b3359019ed7b2efe0be81d SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
CS 11.8 opt 060525 865b05bf4acf10e0d4b3359019ed7b2efe0be81d SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
CS 12.0 dbg 060525 51c0afcd248ad57095fdcf56efec2865ea49bd83 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
CS 12.0 opt 060525 51c0afcd248ad57095fdcf56efec2865ea49bd83 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
ES 10.5 dbg 060525 0d368ec0042a81d9549fc939fb742f82350b20ab SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
ES 10.5 opt 060525 0d368ec0042a81d9549fc939fb742f82350b20ab SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
ES 10.6 dbg 060525 6111fbaf7bdcb6f1170f556ffd05d6e1a4159f62 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
ES 10.6 opt 060525 6111fbaf7bdcb6f1170f556ffd05d6e1a4159f62 SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
ES 11.4 dbg 060525 9cd12544ebfd0d52d2158af66b5aced58121cf1f SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|spider_ping_table_init
|
ES 11.4 opt 060525 9cd12544ebfd0d52d2158af66b5aced58121cf1f SIGSEGV|thd_get_ha_data|spider_get_trx|spider_ping_table_init_body|udf_handler::fix_fields
|
MS 5.5 dbg 070123 bac287c315b1792e7ae33f91add6a60292f9bae8 No bug found
|
MS 5.5 opt 070123 bac287c315b1792e7ae33f91add6a60292f9bae8 No bug found
|
MS 5.6 dbg 070123 dab95781a1244104d6b87020ac2fc4d190ba2946 No bug found
|
MS 5.6 opt 070123 dab95781a1244104d6b87020ac2fc4d190ba2946 No bug found
|
MS 5.7 dbg 070525 f7680e98b6bbe3500399fbad465d08a6b75d7a5c No bug found
|
MS 5.7 opt 070525 f7680e98b6bbe3500399fbad465d08a6b75d7a5c No bug found
|
MS 8.0 dbg 060224 49ef33f7edadef3ae04665e73d1babd40179a4f1 No bug found
|
MS 8.0 opt 060224 49ef33f7edadef3ae04665e73d1babd40179a4f1 No bug found
|
MS 9.1 dbg 211024 61a3a1d8ef15512396b4c2af46e922a19bf2b174 No bug found
|
MS 9.1 opt 211024 61a3a1d8ef15512396b4c2af46e922a19bf2b174 No bug found
|
Testcase is CLI+MTR compatible. Note the stack difference between optimized and debug builds.
Attachments
Issue Links
- relates to
-
-
- Closed
-