Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Critical
-
Resolution: Unresolved
-
11.8, 12.1, 12.2
-
Can result in hang or crash
Description
--source include/have_innodb.inc
|
CREATE TABLE t (c INT) ENGINE=InnoDB; |
SET SESSION TRANSACTION ISOLATION LEVEL SERIALIZABLE; |
--error ER_TABLE_EXISTS_ERROR
|
RENAME TABLE t TO t; |
INSERT INTO t VALUES (1); |
SET SESSION transaction_read_only=1; |
HANDLER t OPEN; |
START TRANSACTION READ WRITE; |
DELETE FROM t; |
Leads to:
|
CS 12.2.0 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b (Optimized, Clang 21.1.3-20250923) Build 16/10/2025 |
Core was generated by `/test/MD161025-mariadb-12.2.0-linux-x86_64-opt/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 srw_lock_impl<true>::wr_lock (this=0x8, line=1399, file=<optimized out>)at include/srw_lock.h:552
|
 |
[Current thread is 1 (LWP 2874248)]
|
(gdb) bt
|
#0 srw_lock_impl<true>::wr_lock (this=0x8, line=1399, file=<optimized out>)at include/srw_lock.h:552
|
#1 trx_undo_assign_low<false> (mtr=mtr@entry=0x7a731c2bfff8, err=err@entry=0x7a731c2bffc4, rseg=0x0, undo=undo@entry=0x7a72eee014a8)at /test/12.2_opt/storage/innobase/trx/trx0undo.cc:1399
|
#2 0x000055ddaebc1f34 in trx_undo_report_row_operation (thr=<optimized out>, index=0x7a71ec027148, clust_entry=0x7a71ec026e28, update=update@entry=0x0, cmpl_info=cmpl_info@entry=0, rec=rec@entry=0x7a72c7cd407e "", offsets=0x7a731c2c1020, roll_ptr=0x7a731c2c0fd0)at /test/12.2_opt/storage/innobase/trx/trx0rec.cc:1901
|
#3 0x000055ddaea5940f in btr_cur_del_mark_set_clust_rec (block=0x7a72c780b480, rec=0x7a72c7cd407e "", index=index@entry=0x7a71ec027148, offsets=offsets@entry=0x7a731c2c1020, thr=thr@entry=0x7a71ec058a60, entry=0x0, mtr=0x7a731c2c1548)at /test/12.2_opt/storage/innobase/btr/btr0cur.cc:4249
|
#4 0x000055ddaeba4a37 in row_upd_del_mark_clust_rec (node=0x7a71ec058718, index=0x7a71ec027148, offsets=0x7a731c2c1020, thr=0x7a71ec058a60, foreign=false, mtr=0x7a731c2c1548, referenced=<optimized out>)at /test/12.2_opt/storage/innobase/row/row0upd.cc:2486
|
#5 row_upd_clust_step (node=0x7a71ec058718, thr=0x7a71ec058a60)at /test/12.2_opt/storage/innobase/row/row0upd.cc:2628
|
#6 row_upd (node=0x7a71ec058718, thr=0x7a71ec058a60)at /test/12.2_opt/storage/innobase/row/row0upd.cc:2750
|
#7 row_upd_step (thr=thr@entry=0x7a71ec058a60)at /test/12.2_opt/storage/innobase/row/row0upd.cc:2892
|
#8 0x000055ddaeb7f3cb in row_update_for_mysql (prebuilt=0x7a71ec0580f8)at /test/12.2_opt/storage/innobase/row/row0mysql.cc:1667
|
#9 0x000055ddaea07c69 in ha_innobase::delete_row (this=0x7a71ec0560b8, record=0x7a71ec056918 "\375\001")at /test/12.2_opt/storage/innobase/handler/ha_innodb.cc:8671
|
#10 0x000055ddae397f9a in handler::ha_delete_row (this=0x7a71ec0560b8, buf=0x7a71ec056918 "\375\001") at /test/12.2_opt/sql/handler.cc:8407
|
#11 0x000055ddae61306e in TABLE::delete_row<false> (this=this@entry=0x7a71ec055c78, treat_versioned=<optimized out>)at /test/12.2_opt/sql/sql_delete.cc:371
|
#12 0x000055ddae6101df in TABLE::delete_row (this=0x7a71ec055c78)at /test/12.2_opt/sql/table.h:2003
|
#13 Sql_cmd_delete::delete_from_single_table (this=this@entry=0x7a71ec0185f8, thd=thd@entry=0x7a71ec000c68) at /test/12.2_opt/sql/sql_delete.cc:965
|
#14 0x000055ddae612cee in Sql_cmd_delete::execute_inner (this=0x7a71ec0185f8, thd=0x7a71ec000c68) at /test/12.2_opt/sql/sql_delete.cc:2165
|
#15 0x000055ddae6d7ac7 in Sql_cmd_dml::execute (this=0x7a71ec0185f8, thd=0x7a71ec000c68) at /test/12.2_opt/sql/sql_select.cc:34720
|
#16 0x000055ddae65de00 in mysql_execute_command (thd=thd@entry=0x7a71ec000c68, is_called_from_prepared_stmt=false) at /test/12.2_opt/sql/sql_parse.cc:4399
|
#17 0x000055ddae658fa4 in mysql_parse (thd=thd@entry=0x7a71ec000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7a731c2c2420)at /test/12.2_opt/sql/sql_parse.cc:7886
|
#18 0x000055ddae65774a in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7a71ec000c68, packet=packet@entry=0x7a71ec008a19 "DELETE FROM t", packet_length=packet_length@entry=13, blocking=true)at /test/12.2_opt/sql/sql_parse.cc:1878
|
#19 0x000055ddae659421 in do_command (thd=thd@entry=0x7a71ec000c68, blocking=true) at /test/12.2_opt/sql/sql_parse.cc:1417
|
#20 0x000055ddae7acc2d in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55ddb184e2b8, put_in_cache=true)at /test/12.2_opt/sql/sql_connect.cc:1503
|
#21 0x000055ddae7ac9ef in handle_one_connection (arg=arg@entry=0x55ddb184e2b8)at /test/12.2_opt/sql/sql_connect.cc:1415
|
#22 0x000055ddae970809 in pfs_spawn_thread (arg=0x55ddb189cc98)at /test/12.2_opt/storage/perfschema/pfs.cc:2198
|
#23 0x00007a731d29ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#24 0x00007a731d329c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
CS 12.2.0 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b (Debug, Clang 21.1.3-20250923) Build 16/10/2025 |
mariadbd: /test/12.2_dbg/storage/innobase/trx/trx0rec.cc:1897: dberr_t trx_undo_report_row_operation(que_thr_t *, dict_index_t *, const dtuple_t *, const upd_t *, ulint, const rec_t *, const rec_offs *, roll_ptr_t *): Assertion `!trx->read_only' failed.
|
|
CS 12.2.0 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b (Debug, Clang 21.1.3-20250923) Build 16/10/2025 |
Core was generated by `/test/MD161025-mariadb-12.2.0-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
|
Program terminated with signal SIGABRT, Aborted.
|
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>)at ./nptl/pthread_kill.c:44
|
 |
[Current thread is 1 (LWP 2857675)]
|
(gdb) bt
|
#0 __pthread_kill_implementation (no_tid=0, signo=6, threadid=<optimized out>)at ./nptl/pthread_kill.c:44
|
#1 __pthread_kill_internal (signo=6, threadid=<optimized out>)at ./nptl/pthread_kill.c:78
|
#2 __GI___pthread_kill (threadid=<optimized out>, signo=signo@entry=6)at ./nptl/pthread_kill.c:89
|
#3 0x0000751ea784526e in __GI_raise (sig=sig@entry=6)at ../sysdeps/posix/raise.c:26
|
#4 0x0000751ea78288ff in __GI_abort () at ./stdlib/abort.c:79
|
#5 0x0000751ea782881b in __assert_fail_base (fmt=0x751ea79d01e8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x61c713862159 "!trx->read_only", file=file@entry=0x61c7138442e4 "/test/12.2_dbg/storage/innobase/trx/trx0rec.cc", line=line@entry=1897, function=function@entry=0x61c7138b1670 "dberr_t trx_undo_report_row_operation(que_thr_t *, dict_index_t *, const dtuple_t *, const upd_t *, ulint, const rec_t *, const rec_offs *, roll_ptr_t *)") at ./assert/assert.c:94
|
#6 0x0000751ea783b507 in __assert_fail (assertion=0x61c713862159 "!trx->read_only", file=0x61c7138442e4 "/test/12.2_dbg/storage/innobase/trx/trx0rec.cc", line=1897, function=0x61c7138b1670 "dberr_t trx_undo_report_row_operation(que_thr_t *, dict_index_t *, const dtuple_t *, const upd_t *, ulint, const rec_t *, const rec_offs *, roll_ptr_t *)") at ./assert/assert.c:103
|
#7 0x000061c714d6b952 in trx_undo_report_row_operation (thr=0x751d7807c770, index=0x751d7802c718, clust_entry=0x751d7802de08, update=0x0, cmpl_info=0, rec=0x751e78cd807e "", offsets=0x751ea45b01e0, roll_ptr=0x751ea45afc18)at /test/12.2_dbg/storage/innobase/trx/trx0rec.cc:1897
|
#8 0x000061c714a0bc1a in btr_cur_del_mark_set_clust_rec (block=0x751e7880e400, rec=0x751e78cd807e "", index=0x751d7802c718, offsets=0x751ea45b01e0, thr=0x751d7807c770, entry=0x751d7802de08, mtr=0x751ea45b0480) at /test/12.2_dbg/storage/innobase/btr/btr0cur.cc:4249
|
#9 0x000061c714d2b19c in row_upd_del_mark_clust_rec (node=0x751d7807c418, index=0x751d7802c718, offsets=0x751ea45b01e0, thr=0x751d7807c770, referenced=false, foreign=false, mtr=0x751ea45b0480)at /test/12.2_dbg/storage/innobase/row/row0upd.cc:2486
|
#10 0x000061c714d2a51b in row_upd_clust_step (node=0x751d7807c418, thr=0x751d7807c770) at /test/12.2_dbg/storage/innobase/row/row0upd.cc:2628
|
#11 0x000061c714d28af5 in row_upd (node=0x751d7807c418, thr=0x751d7807c770)at /test/12.2_dbg/storage/innobase/row/row0upd.cc:2750
|
#12 0x000061c714d288b0 in row_upd_step (thr=0x751d7807c770)at /test/12.2_dbg/storage/innobase/row/row0upd.cc:2892
|
#13 0x000061c714ccb542 in row_update_for_mysql (prebuilt=0x751d7807bdd8)at /test/12.2_dbg/storage/innobase/row/row0mysql.cc:1667
|
#14 0x000061c71495f478 in ha_innobase::delete_row (this=0x751d78079d98, record=0x751d7807a5f8 "\375\001")at /test/12.2_dbg/storage/innobase/handler/ha_innodb.cc:8671
|
#15 0x000061c7140169c9 in handler::ha_delete_row (this=0x751d78079d98, buf=0x751d7807a5f8 "\375\001") at /test/12.2_dbg/sql/handler.cc:8407
|
#16 0x000061c7143fa7ed in TABLE::delete_row<false> (this=0x751d78079958, treat_versioned=false) at /test/12.2_dbg/sql/sql_delete.cc:371
|
#17 0x000061c7143fac8d in TABLE::delete_row (this=0x751d78079958)at /test/12.2_dbg/sql/table.h:2003
|
#18 0x000061c7143f5d54 in Sql_cmd_delete::delete_from_single_table (this=0x751d7801adf8, thd=0x751d78000d58)at /test/12.2_dbg/sql/sql_delete.cc:965
|
#19 0x000061c7143f9c5d in Sql_cmd_delete::execute_inner (this=0x751d7801adf8, thd=0x751d78000d58) at /test/12.2_dbg/sql/sql_delete.cc:2165
|
#20 0x000061c714519c29 in Sql_cmd_dml::execute (this=0x751d7801adf8, thd=0x751d78000d58) at /test/12.2_dbg/sql/sql_select.cc:34720
|
#21 0x000061c71446c312 in mysql_execute_command (thd=0x751d78000d58, is_called_from_prepared_stmt=false) at /test/12.2_dbg/sql/sql_parse.cc:4399
|
#22 0x000061c714463818 in mysql_parse (thd=0x751d78000d58, rawbuf=0x751d78019ea0 "DELETE FROM t", length=13, parser_state=0x751ea45b2a00) at /test/12.2_dbg/sql/sql_parse.cc:7886
|
#23 0x000061c714460ff9 in dispatch_command (command=COM_QUERY, thd=0x751d78000d58, packet=0x751d7800b219 "DELETE FROM t", packet_length=13, blocking=true) at /test/12.2_dbg/sql/sql_parse.cc:1878
|
#24 0x000061c71446429a in do_command (thd=0x751d78000d58, blocking=true)at /test/12.2_dbg/sql/sql_parse.cc:1417
|
#25 0x000061c714656f2e in do_handle_one_connection (connect=0x61c7172b39a8, put_in_cache=true) at /test/12.2_dbg/sql/sql_connect.cc:1503
|
#26 0x000061c714656d11 in handle_one_connection (arg=0x61c71720f5b8)at /test/12.2_dbg/sql/sql_connect.cc:1415
|
#27 0x0000751ea789ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
|
#28 0x0000751ea7929c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
Bug Detection Matrix |
Rel o/d Build Commit UniqueID observed
|
CS 10.6 dbg 161025 8258b2fd56e6c7fad64d3877ca01049778f1a541 No bug found
|
CS 10.6 opt 161025 8258b2fd56e6c7fad64d3877ca01049778f1a541 No bug found
|
CS 10.11 dbg 161025 1ac22707205c433a42e60e7340299e9bbf988157 No bug found
|
CS 10.11 opt 161025 1ac22707205c433a42e60e7340299e9bbf988157 No bug found
|
CS 11.4 dbg 161025 b2c1ba820b6cda723c58f2ba01ccf2e379b7f313 No bug found
|
CS 11.4 opt 161025 b2c1ba820b6cda723c58f2ba01ccf2e379b7f313 No bug found
|
CS 11.8 dbg 161025 29d8f65470394f740fa548e4a4a822273d7362e8 !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 11.8 opt 161025 29d8f65470394f740fa548e4a4a822273d7362e8 SIGSEGV|srw_lock_impl<true>::wr_lock|trx_undo_assign_low<false>|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec
|
CS 12.1 dbg 161025 d29fb34b8390accaa7700c3a87911180f3fa3dff !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 12.1 opt 161025 d29fb34b8390accaa7700c3a87911180f3fa3dff SIGSEGV|srw_lock_impl<true>::wr_lock|trx_undo_assign_low<false>|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec
|
CS 12.2 dbg 161025 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 12.2 opt 161025 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b SIGSEGV|srw_lock_impl<true>::wr_lock|trx_undo_assign_low<false>|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec
|
ES 10.6 dbg 161025 7fb6f2133cd2a150fb551bb517a3bb6588d79ad6 No bug found
|
ES 10.6 opt 161025 7fb6f2133cd2a150fb551bb517a3bb6588d79ad6 No bug found
|
ES 11.4 dbg 161025 bfe2cfd839dacf10f700bb320c09527945d1d6e2 No bug found
|
ES 11.4 opt 161025 bfe2cfd839dacf10f700bb320c09527945d1d6e2 No bug found
|
ES 11.8 dbg 161025 08dc6f5144533a3c8747c5d67d363258b4e2ed20 !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
ES 11.8 opt 161025 08dc6f5144533a3c8747c5d67d363258b4e2ed20 SIGSEGV|srw_lock_impl<true>::wr_lock|trx_undo_assign_low<false>|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec
|
MS 5.5 dbg 070123 bac287c315b1792e7ae33f91add6a60292f9bae8 No bug found
|
MS 5.5 opt 070123 bac287c315b1792e7ae33f91add6a60292f9bae8 No bug found
|
MS 5.6 dbg 070123 dab95781a1244104d6b87020ac2fc4d190ba2946 No bug found
|
MS 5.6 opt 070123 dab95781a1244104d6b87020ac2fc4d190ba2946 No bug found
|
MS 5.7 dbg 070525 f7680e98b6bbe3500399fbad465d08a6b75d7a5c No bug found
|
MS 5.7 opt 070525 f7680e98b6bbe3500399fbad465d08a6b75d7a5c No bug found
|
MS 8.0 dbg 060224 49ef33f7edadef3ae04665e73d1babd40179a4f1 No bug found
|
MS 8.0 opt 060224 49ef33f7edadef3ae04665e73d1babd40179a4f1 No bug found
|
MS 9.1 dbg 211024 61a3a1d8ef15512396b4c2af46e922a19bf2b174 No bug found
|
MS 9.1 opt 211024 61a3a1d8ef15512396b4c2af46e922a19bf2b174 No bug found
|
|
SAN Bug Detection Matrix |
Rel o/d Build Commit UniqueID observed
|
CS 10.6 dbg 161025 8258b2fd56e6c7fad64d3877ca01049778f1a541 No bug found
|
CS 10.6 opt 161025 8258b2fd56e6c7fad64d3877ca01049778f1a541 No bug found
|
CS 10.11 dbg 161025 1ac22707205c433a42e60e7340299e9bbf988157 No bug found
|
CS 10.11 opt 161025 1ac22707205c433a42e60e7340299e9bbf988157 No bug found
|
CS 11.4 dbg 161025 b2c1ba820b6cda723c58f2ba01ccf2e379b7f313 No bug found
|
CS 11.4 opt 161025 b2c1ba820b6cda723c58f2ba01ccf2e379b7f313 No bug found
|
CS 11.8 dbg 161025 29d8f65470394f740fa548e4a4a822273d7362e8 !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 11.8 opt 161025 29d8f65470394f740fa548e4a4a822273d7362e8 UBSAN|null pointer passed as argument 3, which is declared to never be null|storage/innobase/trx/trx0rec.cc|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 12.1 dbg 161025 d29fb34b8390accaa7700c3a87911180f3fa3dff !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 12.1 opt 161025 d29fb34b8390accaa7700c3a87911180f3fa3dff UBSAN|null pointer passed as argument 3, which is declared to never be null|storage/innobase/trx/trx0rec.cc|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 12.2 dbg 161025 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
CS 12.2 opt 161025 8d08350dd3cac91df23a7dfbde23c276d7c7cd2b UBSAN|null pointer passed as argument 3, which is declared to never be null|storage/innobase/trx/trx0rec.cc|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
ES 10.6 dbg 161025 7fb6f2133cd2a150fb551bb517a3bb6588d79ad6 No bug found
|
ES 10.6 opt 161025 7fb6f2133cd2a150fb551bb517a3bb6588d79ad6 No bug found
|
ES 11.4 dbg 161025 bfe2cfd839dacf10f700bb320c09527945d1d6e2 No bug found
|
ES 11.4 opt 161025 bfe2cfd839dacf10f700bb320c09527945d1d6e2 No bug found
|
ES 11.8 dbg 161025 08dc6f5144533a3c8747c5d67d363258b4e2ed20 !trx->read_only|SIGABRT|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
ES 11.8 opt 161025 08dc6f5144533a3c8747c5d67d363258b4e2ed20 UBSAN|null pointer passed as argument 3, which is declared to never be null|storage/innobase/trx/trx0rec.cc|trx_undo_report_row_operation|btr_cur_del_mark_set_clust_rec|row_upd_del_mark_clust_rec|row_upd_clust_step
|
Only present in InnoDB.
Attachments
Issue Links
- relates to
-
-
- Confirmed
-
-
-
- Confirmed
-