Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-37369

SIGSEGV on NEXTVAL from Global temporary table

    XMLWordPrintable

Details

    • Not for Release Notes

    Description

      CREATE GLOBAL TEMPORARY TABLE t (c INT);
      		 
      SELECT NEXTVAL(t);

      Leads to:

      MDEV-35915 ES 11.8.3-1 267fc98bf48033db5cf8b3bbffd9d3aea4e9ea8e (Debug, Clang) Build 31/07/2025

      		 
      Core was generated by `/test/MDEV-35915_EMD310725-mariadb-11.8.3-1-linux-x86_64-dbg/bin/mariadbd --no-'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x000060b9c900c7f9 in Item_func_nextval::fix_length_and_dec (this=0x74169c01aa68, thd=0x74169c000d58)at /test/11.8-enterprise-global-tmp_dbg/sql/item_func.h:4377
      		 
      4377	      unsigned_flag= table_list->table->s->sequence->is_unsigned;
      		 
      [Current thread is 1 (LWP 1259911)]
      		 
      (gdb) bt
      		 
      #0  0x000060b9c900c7f9 in Item_func_nextval::fix_length_and_dec (this=0x74169c01aa68, thd=0x74169c000d58)at /test/11.8-enterprise-global-tmp_dbg/sql/item_func.h:4377
      		 
      #1  0x000060b9c8fe7a93 in Item_func::fix_fields (this=0x74169c01aa68, thd=0x74169c000d58, ref=0x74169c01ab30)at /test/11.8-enterprise-global-tmp_dbg/sql/item_func.cc:366
      		 
      #2  0x000060b9c9002035 in Item_func_nextval::check_access_and_fix_fields (this=0x74169c01aa68, thd=0x74169c000d58, ref=0x74169c01ab30, want_access=(SELECT_ACL | INSERT_ACL))at /test/11.8-enterprise-global-tmp_dbg/sql/item_func.cc:7070
      		 
      #3  0x000060b9c900c6ef in Item_func_nextval::fix_fields (this=0x74169c01aa68, thd=0x74169c000d58, ref=0x74169c01ab30)at /test/11.8-enterprise-global-tmp_dbg/sql/item_func.h:4373
      		 
      #4  0x000060b9c8f9639a in Item::fix_fields_if_needed (this=0x74169c01aa68, thd=0x74169c000d58, ref=0x74169c01ab30)at /test/11.8-enterprise-global-tmp_dbg/sql/item.h:1216
      		 
      #5  0x000060b9c8f99ed9 in Item::fix_fields_if_needed_for_scalar (this=0x74169c01aa68, thd=0x74169c000d58, ref=0x74169c01ab30)at /test/11.8-enterprise-global-tmp_dbg/sql/item.h:1225
      		 
      #6  0x000060b9c9227b4b in setup_fields (thd=0x74169c000d58, ref_pointer_array={m_array = 0x74169c01c6f0, m_size = 3}, fields=@0x74169c01a0d8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x74169c01ab28, last = 0x74169c01ab28, elements = 1}, <No data fields>}, column_usage=MARK_COLUMNS_READ, sum_func_list=0x74169c01c2d0, pre_fix=0x74169c01a0f0, allow_sum_func=true, where=THD_WHERE::DEFAULT_WHERE, dep_check=0x74169c019ef8)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_base.cc:8309
      		 
      #7  0x000060b9c93ee5b4 in JOIN::prepare (this=0x74169c01bf28, tables_init=0x0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x74169c019e00, unit_arg=0x74169c005088)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_select.cc:1588
      		 
      #8  0x000060b9c93e9f69 in mysql_select (thd=0x74169c000d58, tables=0x0, fields=@0x74169c01a0d8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x74169c01ab28, last = 0x74169c01ab28, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x74169c01bf00, unit=0x74169c005088, select_lex=0x74169c019e00)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_select.cc:5367
      		 
      #9  0x000060b9c93e9af5 in handle_select (thd=0x74169c000d58, lex=0x74169c004fa8, result=0x74169c01bf00, setup_tables_done_option=0)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_select.cc:633
      		 
      #10 0x000060b9c938dd71 in execute_sqlcom_select (thd=0x74169c000d58, all_tables=0x74169c01a328)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_parse.cc:6224
      		 
      #11 0x000060b9c9382975 in mysql_execute_command (thd=0x74169c000d58, is_called_from_prepared_stmt=false)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_parse.cc:3999
      		 
      #12 0x000060b9c937a444 in mysql_parse (thd=0x74169c000d58, rawbuf=0x74169c019d80 "SELECT NEXTVAL(t)", length=17, parser_state=0x7417c85b29f0)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_parse.cc:7947
      		 
      #13 0x000060b9c93777af in dispatch_command (command=COM_QUERY, thd=0x74169c000d58, packet=0x74169c00b0f9 "SELECT NEXTVAL(t)", packet_length=17, blocking=true)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_parse.cc:1913
      		 
      #14 0x000060b9c937b00d in do_command (thd=0x74169c000d58, blocking=true)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_parse.cc:1426
      		 
      #15 0x000060b9c95986b9 in do_handle_one_connection (connect=0x60b9cc4c4498, put_in_cache=true)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_connect.cc:1415
      		 
      #16 0x000060b9c959845e in handle_one_connection (arg=0x60b9cc4d4448)at /test/11.8-enterprise-global-tmp_dbg/sql/sql_connect.cc:1327
      		 
      #17 0x00007417cb89ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
      		 
      #18 0x00007417cb929c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

      MDEV-35915 CS 12.0.1 21489191d3683c5655afa170533480c86843ecba (Debug, Clang) Build 04/08/2025

      		 
      Core was generated by `/test/MDEV-35915_MD040825-mariadb-12.0.1-linux-x86_64-dbg/bin/mariadbd --no-def'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x00005624b50bba19 in Item_func_nextval::fix_length_and_dec (this=0x7c005401abc0, thd=0x7c0054000d58)at /test/bb-12.0-nikita-global-tmp_dbg/sql/item_func.h:4441
      		 
      4441	      unsigned_flag= table_list->table->s->sequence->is_unsigned;
      		 
      [Current thread is 1 (LWP 1259819)]
      		 
      (gdb) bt
      		 
      #0  0x00005624b50bba19 in Item_func_nextval::fix_length_and_dec (this=0x7c005401abc0, thd=0x7c0054000d58)at /test/bb-12.0-nikita-global-tmp_dbg/sql/item_func.h:4441
      		 
      #1  0x00005624b5096b73 in Item_func::fix_fields (this=0x7c005401abc0, thd=0x7c0054000d58, ref=0x7c005401ac88)at /test/bb-12.0-nikita-global-tmp_dbg/sql/item_func.cc:380
      		 
      #2  0x00005624b50b1135 in Item_func_nextval::check_access_and_fix_fields (this=0x7c005401abc0, thd=0x7c0054000d58, ref=0x7c005401ac88, want_access=(SELECT_ACL | INSERT_ACL))at /test/bb-12.0-nikita-global-tmp_dbg/sql/item_func.cc:7111
      		 
      #3  0x00005624b50bb90f in Item_func_nextval::fix_fields (this=0x7c005401abc0, thd=0x7c0054000d58, ref=0x7c005401ac88)at /test/bb-12.0-nikita-global-tmp_dbg/sql/item_func.h:4437
      		 
      #4  0x00005624b504637a in Item::fix_fields_if_needed (this=0x7c005401abc0, thd=0x7c0054000d58, ref=0x7c005401ac88)at /test/bb-12.0-nikita-global-tmp_dbg/sql/item.h:1124
      		 
      #5  0x00005624b5049eb9 in Item::fix_fields_if_needed_for_scalar (this=0x7c005401abc0, thd=0x7c0054000d58, ref=0x7c005401ac88)at /test/bb-12.0-nikita-global-tmp_dbg/sql/item.h:1133
      		 
      #6  0x00005624b52e2131 in setup_fields (thd=0x7c0054000d58, ref_pointer_array={m_array = 0x7c005401c848, m_size = 3}, fields=@0x7c005401a228: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x7c005401ac80, last = 0x7c005401ac80, elements = 1}, <No data fields>}, column_usage=MARK_COLUMNS_READ, sum_func_list=0x7c005401c428, pre_fix=0x7c005401a240, allow_sum_func=true, where=THD_WHERE::DEFAULT_WHERE)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_base.cc:8222
      		 
      #7  0x00005624b54b6eda in JOIN::prepare (this=0x7c005401c080, tables_init=0x0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7c0054019f70, unit_arg=0x7c0054005150)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_select.cc:1584
      		 
      #8  0x00005624b54b2859 in mysql_select (thd=0x7c0054000d58, tables=0x0, fields=@0x7c005401a228: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x7c005401ac80, last = 0x7c005401ac80, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x7c005401c058, unit=0x7c0054005150, select_lex=0x7c0054019f70)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_select.cc:5360
      		 
      #9  0x00005624b54b23e5 in handle_select (thd=0x7c0054000d58, lex=0x7c0054005070, result=0x7c005401c058, setup_tables_done_option=0)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_select.cc:634
      		 
      #10 0x00005624b5456701 in execute_sqlcom_select (thd=0x7c0054000d58, all_tables=0x7c005401a488)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_parse.cc:6170
      		 
      #11 0x00005624b544b54e in mysql_execute_command (thd=0x7c0054000d58, is_called_from_prepared_stmt=false)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_parse.cc:3958
      		 
      #12 0x00005624b54437f4 in mysql_parse (thd=0x7c0054000d58, rawbuf=0x7c0054019ef0 "SELECT NEXTVAL(t)", length=17, parser_state=0x7c017bffda10)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_parse.cc:7893
      		 
      #13 0x00005624b5440bc8 in dispatch_command (command=COM_QUERY, thd=0x7c0054000d58, packet=0x7c005400b269 "SELECT NEXTVAL(t)", packet_length=17, blocking=true)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_parse.cc:1881
      		 
      #14 0x00005624b54443a3 in do_command (thd=0x7c0054000d58, blocking=true)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_parse.cc:1420
      		 
      #15 0x00005624b5662659 in do_handle_one_connection (connect=0x5624b8fdaaf8, put_in_cache=true)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_connect.cc:1414
      		 
      #16 0x00005624b56623fe in handle_one_connection (arg=0x5624b8fe5b58)at /test/bb-12.0-nikita-global-tmp_dbg/sql/sql_connect.cc:1326
      		 
      #17 0x00007c018149ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
      		 
      #18 0x00007c0181529c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

      MDEV-35915 CS 12.0.1 21489191d3683c5655afa170533480c86843ecba (Optimized, Clang) Build 04/08/2025

      		 
      Core was generated by `/test/MDEV-35915_MD040825-mariadb-12.0.1-linux-x86_64-opt/bin/mariadbd --no-def'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x00005d4ad3d651b1 in Item_func_nextval::fix_length_and_dec (this=0x7ce0b00183c0, thd=0x7ce0b0000c68)at /test/bb-12.0-nikita-global-tmp_opt/sql/item_func.h:4441
      		 
      4441	      unsigned_flag= table_list->table->s->sequence->is_unsigned;
      		 
      [Current thread is 1 (LWP 1350776)]
      		 
      (gdb) bt
      		 
      #0  0x00005d4ad3d651b1 in Item_func_nextval::fix_length_and_dec (this=0x7ce0b00183c0, thd=0x7ce0b0000c68)at /test/bb-12.0-nikita-global-tmp_opt/sql/item_func.h:4441
      		 
      #1  0x00005d4ad3d48768 in Item_func::fix_fields (this=0x7ce0b00183c0, thd=0x7ce0b0000c68, ref=<optimized out>)at /test/bb-12.0-nikita-global-tmp_opt/sql/item_func.cc:380
      		 
      #2  0x00005d4ad3eb6295 in Item::fix_fields_if_needed (this=0x7ce0b00183c0, thd=0x7ce0b0000c68, ref=0x7ce0b0018488)at /test/bb-12.0-nikita-global-tmp_opt/sql/item.h:1124
      		 
      #3  Item::fix_fields_if_needed_for_scalar (this=0x7ce0b00183c0, thd=0x7ce0b0000c68, ref=0x7ce0b0018488)at /test/bb-12.0-nikita-global-tmp_opt/sql/item.h:1133
      		 
      #4  setup_fields (thd=0x7ce0b0000c68, ref_pointer_array={m_array = 0x7ce0b001a038, m_size = 3}, fields=<optimized out>, column_usage=<optimized out>, sum_func_list=sum_func_list@entry=0x7ce0b0019c20, pre_fix=0x7ce0b0017a40, allow_sum_func=<optimized out>, where=THD_WHERE::DEFAULT_WHERE)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_base.cc:8222
      		 
      #5  0x00005d4ad3fbab7e in JOIN::prepare (this=this@entry=0x7ce0b0019880, tables_init=tables_init@entry=0x0, conds_init=conds_init@entry=0x0, og_num=og_num@entry=0, order_init=order_init@entry=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7ce0b0017770, unit_arg=0x7ce0b0005088)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_select.cc:1584
      		 
      #6  0x00005d4ad3fb6df1 in mysql_select (thd=thd@entry=0x7ce0b0000c68, tables=0x0, fields=@0x7ce0b0017a28: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x7ce0b0018480, last = 0x7ce0b0018480, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x7ce0b0019858, unit=0x7ce0b0005088, select_lex=0x7ce0b0017770)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_select.cc:5360
      		 
      #7  0x00005d4ad3fb6ba9 in handle_select (thd=thd@entry=0x7ce0b0000c68, lex=lex@entry=0x7ce0b0004fa8, result=result@entry=0x7ce0b0019858, setup_tables_done_option=setup_tables_done_option@entry=0)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_select.cc:634
      		 
      #8  0x00005d4ad3f80b7e in execute_sqlcom_select (thd=thd@entry=0x7ce0b0000c68, all_tables=0x7ce0b0017c88)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_parse.cc:6170
      		 
      #9  0x00005d4ad3f7f067 in mysql_execute_command (thd=thd@entry=0x7ce0b0000c68, is_called_from_prepared_stmt=false)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_parse.cc:3958
      		 
      #10 0x00005d4ad3f77961 in mysql_parse (thd=thd@entry=0x7ce0b0000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7ce1dc101420)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_parse.cc:7893
      		 
      #11 0x00005d4ad3f75e7f in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7ce0b0000c68, packet=packet@entry=0x7ce0b0008a69 "SELECT NEXTVAL(t)", packet_length=packet_length@entry=17, blocking=true)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_parse.cc:1881
      		 
      #12 0x00005d4ad3f77d71 in do_command (thd=thd@entry=0x7ce0b0000c68, blocking=true) at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_parse.cc:1420
      		 
      #13 0x00005d4ad40cd49d in do_handle_one_connection (connect=<optimized out>, connect@entry=0x5d4ad6a20988, put_in_cache=true)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_connect.cc:1414
      		 
      #14 0x00005d4ad40cd25f in handle_one_connection (arg=arg@entry=0x5d4ad6a20988)at /test/bb-12.0-nikita-global-tmp_opt/sql/sql_connect.cc:1326
      		 
      #15 0x00005d4ad428a039 in pfs_spawn_thread (arg=0x5d4ad69d06f8)at /test/bb-12.0-nikita-global-tmp_opt/storage/perfschema/pfs.cc:2198
      		 
      #16 0x00007ce1dee9ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
      		 
      #17 0x00007ce1def29c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

      At least present in InnoDB + MyISAM.

      Attachments

        Issue Links

          is caused by

          New Feature - A new feature of the product, which has yet to be developed. MDEV-35915 Implement Global temporary tables

          • Critical - Crashes, loss of data, severe memory leak.
          • In Testing

          Activity

            People

              nikitamalyavin Nikita Malyavin
              Roel Roel Van de Paar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.