Details
-
Bug
-
Status: Open (View Workflow)
-
Critical
-
Resolution: Unresolved
-
10.6, 10.11, 11.4, 11.8, 12.1, 12.2
-
Can result in hang or crash
Description
Server crash found on debug build
Server crashes with signal 6 during an UPDATE statement.
The crash occurs inside row_upd_index_is_referenced() (row0upd.cc:142) while calling std::find_if() from dict_foreign_with_index().
The error log indicates an invalid iterator range [first, last)
Leads to :
|
10.11.15-MariaDB-debug-log source revision: 2f5bad2f2bbe1c43bf796edb67b93fc64d3c3157 |
/usr/include/c++/13/bits/stl_algo.h:3921:
|
In function:
|
_IIter std::find_if(_IIter, _IIter, _Predicate) [with _IIter =
|
gnu_debug::_Safe_iterator<_Rb_tree_const_iterator<dict_foreign_t*>,
|
debug::set<dict_foreign_t*, dict_foreign_compare,
|
ut_allocator<dict_foreign_t*> >, bidirectional_iterator_tag>; _Predicate
|
= dict_foreign_with_index]
|
|
|
Error: function requires a valid iterator range [first, last).
|
|
|
Objects involved in the operation:
|
iterator "first" @ 0x76a6f43fd160 {
|
type = std::_Rb_tree_const_iterator<dict_foreign_t*> (constant iterator);
|
state = singular;
|
references sequence with type 'std::debug::set<dict_foreign_t*, dict_foreign_compare, ut_allocator<dict_foreign_t*, true> >' @ 0x76a69805eb28
|
}
|
iterator "last" @ 0x76a6f43fd190 {
|
type = std::_Rb_tree_const_iterator<dict_foreign_t*> (constant iterator);
|
state = past-the-end;
|
references sequence with type 'std::debug::set<dict_foreign_t*, dict_foreign_compare, ut_allocator<dict_foreign_t*, true> >' @ 0x76a69805eb28
|
}
|
251014 21:28:30 [ERROR] /Server_bin/10.11E_debug_Og/bin/mariadbd got signal 6 ;
|
Sorry, we probably made a mistake, and this is a bug.
|
|
Stacktrace |
|
|
# 2025-10-14T21:29:58 [1776035] Thread 1 (Thread 0x76a6f43ff6c0 (LWP 1783997)):
|
# 2025-10-14T21:29:58 [1776035] #0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
|
# 2025-10-14T21:29:58 [1776035] #1 __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
|
# 2025-10-14T21:29:58 [1776035] #2 __GI___pthread_kill (threadid=<optimized out>, signo=6) at ./nptl/pthread_kill.c:89
|
# 2025-10-14T21:29:58 [1776035] #3 0x00005e02dd223b01 in my_write_core (sig=6) at /data/Server/10.11E/mysys/stacktrace.c:424
|
# 2025-10-14T21:29:58 [1776035] #4 0x00005e02dccba190 in handle_fatal_signal (sig=6) at /data/Server/10.11E/sql/signal_handler.cc:298
|
# 2025-10-14T21:29:58 [1776035] #5 <signal handler called>
|
# 2025-10-14T21:29:58 [1776035] #6 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:44
|
# 2025-10-14T21:29:58 [1776035] #7 __pthread_kill_internal (signo=6, threadid=<optimized out>) at ./nptl/pthread_kill.c:78
|
# 2025-10-14T21:29:58 [1776035] #8 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
|
# 2025-10-14T21:29:58 [1776035] #9 0x000076a6f584526e in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
|
# 2025-10-14T21:29:58 [1776035] #10 0x000076a6f58288ff in __GI_abort () at ./stdlib/abort.c:79
|
# 2025-10-14T21:29:58 [1776035] #11 0x000076a6f5ca9133 in ?? () from /lib/x86_64-linux-gnu/libstdc++.so.6
|
# 2025-10-14T21:29:58 [1776035] #12 0x00005e02dd07a3f6 in std::find_if<__gnu_debug::_Safe_iterator<std::_Rb_tree_const_iterator<dict_foreign_t*>, std::__debug::set<dict_foreign_t*, dict_foreign_compare, ut_allocator<dict_foreign_t*, true> >, std::bidirectional_iterator_tag>, dict_foreign_with_index> (__first=invalid iterator, __last=0x0, __pred=__pred@entry=...) at /usr/include/c++/13/bits/stl_algo.h:3921
|
# 2025-10-14T21:29:58 [1776035] #13 0x00005e02dd07877d in row_upd_index_is_referenced (index=index@entry=0x76a69806d2e0, trx=trx@entry=0x76a6f5213700) at /data/Server/10.11E/storage/innobase/row/row0upd.cc:142
|
# 2025-10-14T21:29:58 [1776035] #14 0x00005e02dd0795bd in row_upd_clust_step (node=node@entry=0x76a5fc069b38, thr=thr@entry=0x76a5fc069fb8) at /data/Server/10.11E/storage/innobase/row/row0upd.cc:2581
|
# 2025-10-14T21:29:58 [1776035] #15 0x00005e02dd079db5 in row_upd (node=node@entry=0x76a5fc069b38, thr=thr@entry=0x76a5fc069fb8) at /data/Server/10.11E/storage/innobase/row/row0upd.cc:2774
|
# 2025-10-14T21:29:58 [1776035] #16 0x00005e02dd07a0a9 in row_upd_step (thr=thr@entry=0x76a5fc069fb8) at /data/Server/10.11E/storage/innobase/row/row0upd.cc:2916
|
# 2025-10-14T21:29:58 [1776035] #17 0x00005e02dd03afbc in row_update_for_mysql (prebuilt=0x76a5fc069360) at /data/Server/10.11E/storage/innobase/row/row0mysql.cc:1668
|
# 2025-10-14T21:29:58 [1776035] #18 0x00005e02dcef80e4 in ha_innobase::update_row (this=0x76a5fc067318, old_row=0x76a5fc067d40 "\350\357", new_row=0x76a5fc067b18 "\350\357") at /data/Server/10.11E/storage/innobase/handler/ha_innodb.cc:8585
|
# 2025-10-14T21:29:58 [1776035] #19 0x00005e02dccc84c9 in handler::ha_update_row (this=0x76a5fc067318, old_data=0x76a5fc067d40 "\350\357", new_data=0x76a5fc067b18 "\350\357") at /data/Server/10.11E/sql/handler.cc:7832
|
# 2025-10-14T21:29:58 [1776035] #20 0x00005e02dcb31e19 in mysql_update (thd=thd@entry=0x76a644000d58, table_list=<optimized out>, fields=..., values=..., conds=<optimized out>, order_num=<optimized out>, order=<optimized out>, limit=18446744073709551559, ignore=false, found_return=0x76a6f43fdf00, updated_return=0x76a6f43fe070) at /data/Server/10.11E/sql/sql_update.cc:1121
|
# 2025-10-14T21:29:58 [1776035] #21 0x00005e02dca51193 in mysql_execute_command (thd=thd@entry=0x76a644000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /data/Server/10.11E/sql/sql_parse.cc:4471
|
# 2025-10-14T21:29:58 [1776035] #22 0x00005e02dca56506 in mysql_parse (thd=thd@entry=0x76a644000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x76a6f43fe400) at /data/Server/10.11E/sql/sql_parse.cc:8184
|
# 2025-10-14T21:29:58 [1776035] #23 0x00005e02dca57b72 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x76a644000d58, packet=packet@entry=0x76a64400b049 " UPDATE test.t4_p SET col_text = REPEAT(SUBSTR(CAST( 1444 AS CHAR),1,1), @fill_amount) /* E_R Thread14 QNO 2162 CON_ID 30 */ ", packet_length=packet_length@entry=126, blocking=blocking@entry=true) at /data/Server/10.11E/sql/sql_parse.cc:1906
|
# 2025-10-14T21:29:58 [1776035] #24 0x00005e02dca59010 in do_command (thd=thd@entry=0x76a644000d58, blocking=blocking@entry=true) at /data/Server/10.11E/sql/sql_parse.cc:1419
|
# 2025-10-14T21:29:58 [1776035] #25 0x00005e02dcb7c0e3 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x5e02e0456468, put_in_cache=put_in_cache@entry=true) at /data/Server/10.11E/sql/sql_connect.cc:1475
|
# 2025-10-14T21:29:58 [1776035] #26 0x00005e02dcb7c2f4 in handle_one_connection (arg=0x5e02e0456468) at /data/Server/10.11E/sql/sql_connect.cc:1387
|
# 2025-10-14T21:29:58 [1776035] #27 0x000076a6f589ca94 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:447
|
# 2025-10-14T21:29:58 [1776035] #28 0x000076a6f5929c3c in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
Core dump is present on SDP:-
/data/results/1760480250/TBR-2132-TBR-2122
Attachments
Issue Links
- is blocked by
-
-
- Confirmed
-