Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-37779

SIGSEGV in List<Cached_item>::delete_elements

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Critical
    • Resolution: Unresolved
    • 11.4
    • 11.4
    • None
    • None
    • Can result in hang or crash

    Description

      CREATE TABLE t1 (c CHAR (1));
      		 
      SET SESSION log_slow_verbosity=5;
      		 
      UPDATE t1 SET c=1;
      		 
      DELETE FROM t1 LIMIT 5;
      		 
      SELECT a,UNIX_TIMESTAMP(a) FROM t1;

      Leads to:

      CS 11.4.9 62c70a8ae9f12edca3633c2d415e90e26fe694e8 (Debug, Clang 18.1.3-11) Build 29/09/2025

      		 
      Core was generated by `/test/MD290925-mariadb-11.4.9-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x000056beb99875a1 in List<Cached_item>::delete_elements (this=0x7b8fb401b580) at /test/11.4_dbg/sql/sql_list.h:524
      		 
      524	      delete (T*) element->info;
      		 
      [Current thread is 1 (LWP 493890)]
      		 
      (gdb) bt
      		 
      #0  0x000056beb99875a1 in List<Cached_item>::delete_elements (this=0x7b8fb401b580) at /test/11.4_dbg/sql/sql_list.h:524
      		 
      #1  0x000056beb9948108 in JOIN::cleanup (this=0x7b8fb401b3e8, full=true)at /test/11.4_dbg/sql/sql_select.cc:17123
      		 
      #2  0x000056beb9947c5f in JOIN::destroy (this=0x7b8fb401b3e8)at /test/11.4_dbg/sql/sql_select.cc:5094
      		 
      #3  0x000056beb9a1035a in st_select_lex::cleanup (this=0x7b8fb4019af8)at /test/11.4_dbg/sql/sql_union.cc:2918
      		 
      #4  0x000056beb9920fd5 in mysql_select (thd=0x7b8fb4000d58, tables=0x7b8fb401a398, fields=@0x7b8fb4019db0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x7b8fb401a0e8, last = 0x7b8fb401a310, elements = 2}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x7b8fb401b3c0, unit=0x7b8fb4005008, select_lex=0x7b8fb4019af8) at /test/11.4_dbg/sql/sql_select.cc:5399
      		 
      #5  0x000056beb9920985 in handle_select (thd=0x7b8fb4000d58, lex=0x7b8fb4004f28, result=0x7b8fb401b3c0, setup_tables_done_option=0)at /test/11.4_dbg/sql/sql_select.cc:642
      		 
      #6  0x000056beb98c88d1 in execute_sqlcom_select (thd=0x7b8fb4000d58, all_tables=0x7b8fb401a398) at /test/11.4_dbg/sql/sql_parse.cc:6184
      		 
      #7  0x000056beb98bd7e2 in mysql_execute_command (thd=0x7b8fb4000d58, is_called_from_prepared_stmt=false) at /test/11.4_dbg/sql/sql_parse.cc:3971
      		 
      #8  0x000056beb98b5984 in mysql_parse (thd=0x7b8fb4000d58, rawbuf=0x7b8fb4019a50 "SELECT a,UNIX_TIMESTAMP(a) FROM t1", length=34, parser_state=0x7b90d4307a30) at /test/11.4_dbg/sql/sql_parse.cc:7899
      		 
      #9  0x000056beb98b2e34 in dispatch_command (command=COM_QUERY, thd=0x7b8fb4000d58, packet=0x7b8fb400af69 "SELECT a,UNIX_TIMESTAMP(a) FROM t1", packet_length=34, blocking=true) at /test/11.4_dbg/sql/sql_parse.cc:1905
      		 
      #10 0x000056beb98b6533 in do_command (thd=0x7b8fb4000d58, blocking=true)at /test/11.4_dbg/sql/sql_parse.cc:1418
      		 
      #11 0x000056beb9a99b19 in do_handle_one_connection (connect=0x56bef1dcf3c8, put_in_cache=true) at /test/11.4_dbg/sql/sql_connect.cc:1497
      		 
      #12 0x000056beb9a998b2 in handle_one_connection (arg=0x56bef1ebbb78)at /test/11.4_dbg/sql/sql_connect.cc:1409
      		 
      #13 0x00007b90d489caa4 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
      		 
      #14 0x00007b90d4929c6c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

      Bug Detection Matrix

      		 
          Rel    o/d  Build   Commit                                    UniqueID observed             
      CS  10.6   dbg  290925  d891d23ec33fb8432b7cd9bf90b8a5b41fdbab42  No bug found                  
      CS  10.6   opt  290925  d891d23ec33fb8432b7cd9bf90b8a5b41fdbab42  No bug found                  
      CS  10.11  dbg  290925  7ccc7c33c6741bc3ff2780d33c8d6c14a12395c9  No bug found                  
      CS  10.11  opt  290925  7ccc7c33c6741bc3ff2780d33c8d6c14a12395c9  No bug found                  
      CS  11.4   dbg  290925  62c70a8ae9f12edca3633c2d415e90e26fe694e8  SIGSEGV|List<Cached_item>::delete_elements|JOIN::cleanup|JOIN::destroy|st_select_lex::cleanup
      		 
      CS  11.4   opt  290925  62c70a8ae9f12edca3633c2d415e90e26fe694e8  No bug found                  
      CS  11.8   dbg  300925  d203a8a5df95e2c5778a304a885fb7aedfbc095e  No bug found                  
      CS  11.8   opt  300925  d203a8a5df95e2c5778a304a885fb7aedfbc095e  No bug found                  
      CS  12.1   dbg  290925  667c5e0b002a24bc595d60955950200a588f4fb7  No bug found                  
      CS  12.1   opt  290925  667c5e0b002a24bc595d60955950200a588f4fb7  No bug found                  
      CS  12.2   dbg  290925  b8a77289639a3b10ada64cf892f02b5cecdb1603  No bug found                  
      CS  12.2   opt  290925  b8a77289639a3b10ada64cf892f02b5cecdb1603  No bug found                  
      ES  10.6   dbg  290925  ed866636069dda51daa8570497926ae43af8aa24  No bug found                  
      ES  10.6   opt  290925  ed866636069dda51daa8570497926ae43af8aa24  No bug found                  
      ES  11.4   dbg  290925  9dbe002d95a46a7a92aaedd2a23c1c1cbcf8340c  No bug found                  
      ES  11.4   opt  290925  9dbe002d95a46a7a92aaedd2a23c1c1cbcf8340c  No bug found                  
      ES  11.8   dbg  290925  543157202acd67ac9b0bb50e0b35bf7790e5467d  No bug found                  
      ES  11.8   opt  290925  543157202acd67ac9b0bb50e0b35bf7790e5467d  No bug found

      Attachments

        Activity

          People

            sanja Oleksandr Byelkin
            saahil Saahil Alam
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.