SHOW COLUMNS crashes with SIGSEGV in my_convert() on utf8mb4 table with ENUMs and COMMENTs

SHOW COLUMNS crashes MariaDB with SIGSEGV (Signal 11) on a specific table schema. The crash is 100% reproducible and occurs in the my_convert() character set conversion function.

Crash Location
my_convert() → String::copy() → Protocol_binary::store_str() → Field_longstr::send()

Steps to Reproduce
1. Create the table using the attached schema (xf_user.sql)
2. Run: SHOW COLUMNS FROM xf_user;
3. Server crashes with SIGSEGV

Expected Result

Column metadata is returned without crashing.

Actual Result

Server crashes with Signal 11 and restarts.

Workaround

Using information_schema works:

SELECT * FROM information_schema.COLUMNS WHERE TABLE_SCHEMA='dbname' AND TABLE_NAME='xf_user';

Key Observations

• Crash is 100% reproducible on permanent tables
• Empty table with same schema also crashes (not data corruption)
• Fresh table in new database also crashes
• Similar tables with fewer columns (41 cols) work fine
• Table has 48 columns, multiple ENUMs, COMMENTs with apostrophes, multiple indexes

Stack Trace
/usr/local/mariadb/bin/mariadbd(my_print_stacktrace+0x29) [0x607324462f39]
/usr/local/mariadb/bin/mariadbd(handle_fatal_signal+0x2a3) [0x607323d80ac3]
/lib/x86_64-linux-gnu/libc.so.6(+0x45f60) [0x755ecfc45f60]
/usr/local/mariadb/bin/mariadbd(my_convert+0x228) [0x607324503f28]
/usr/local/mariadb/bin/mariadbd(_ZN6String4copyEPKcmPK15charset_info_stS4_Pj+0x125) [0x607323a94c85]
/usr/local/mariadb/bin/mariadbd(ZN15Protocol_binary9store_strEPKcmPK15charset_info_stS4+0x278) [0x607323838db8]
/usr/local/mariadb/bin/mariadbd(_ZN13Field_longstr4sendEP8Protocol+0x68) [0x607323d50ff8]
/usr/local/mariadb/bin/mariadbd(_ZN8Protocol19send_result_set_rowEP4ListI4ItemE+0xb1) [0x607323832b71]
/usr/local/mariadb/bin/mariadbd(_ZN11select_send9send_dataER4ListI4ItemE+0x33) [0x6073238ffdb3]

Verification (not data corruption)

• CHECK TABLE EXTENDED: OK
• InnoDB status: No corruption warnings
• innodb_force_recovery: 0 (normal)
• Data is fully readable via SELECT queries
• Fresh table creation with same schema reproduces crash

Create a file named xf_user.sql with this content:

– MariaDB 12.1.2 SHOW COLUMNS crash reproduction schema
– This table causes SIGSEGV when running: SHOW COLUMNS FROM xf_user;

CREATE TABLE `xf_user` (
`user_id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(50) NOT NULL,
`username_date` int(10) unsigned NOT NULL DEFAULT 0,
`username_date_visible` int(10) unsigned NOT NULL DEFAULT 0,
`email` varchar(120) NOT NULL,
`custom_title` varchar(50) NOT NULL DEFAULT '',
`language_id` int(10) unsigned NOT NULL,
`style_id` int(10) unsigned NOT NULL COMMENT '0 = use system default',
`style_variation` varchar(50) NOT NULL DEFAULT '',
`timezone` varchar(50) NOT NULL COMMENT 'Example: ''Europe/London''',
`visible` tinyint(3) unsigned NOT NULL DEFAULT 1 COMMENT 'Show browsing activity to others',
`user_group_id` int(10) unsigned NOT NULL,
`secondary_group_ids` varbinary(255) NOT NULL,
`display_style_group_id` int(10) unsigned NOT NULL DEFAULT 0 COMMENT 'User group ID that provides user styling',
`permission_combination_id` int(10) unsigned NOT NULL,
`message_count` int(10) unsigned NOT NULL DEFAULT 0,
`question_solution_count` int(10) unsigned NOT NULL DEFAULT 0,
`conversations_unread` smallint(5) unsigned NOT NULL DEFAULT 0,
`register_date` int(10) unsigned NOT NULL DEFAULT 0,
`last_activity` int(10) unsigned NOT NULL DEFAULT 0,
`last_summary_email_date` int(10) unsigned DEFAULT NULL,
`trophy_points` int(10) unsigned NOT NULL DEFAULT 0,
`alerts_unviewed` smallint(5) unsigned NOT NULL DEFAULT 0,
`alerts_unread` smallint(5) unsigned NOT NULL DEFAULT 0,
`avatar_date` int(10) unsigned NOT NULL DEFAULT 0,
`avatar_width` smallint(5) unsigned NOT NULL DEFAULT 0,
`avatar_height` smallint(5) unsigned NOT NULL DEFAULT 0,
`avatar_highdpi` tinyint(3) unsigned NOT NULL DEFAULT 0,
`avatar_optimized` tinyint(3) unsigned NOT NULL DEFAULT 0,
`gravatar` varchar(120) NOT NULL DEFAULT '' COMMENT 'If specified, this is an email address corresponding to the user''s ''Gravatar''',
`user_state` enum('valid','email_confirm','email_confirm_edit','moderated','email_bounce','rejected','disabled') NOT NULL DEFAULT 'valid',
`security_lock` enum('','change','reset') NOT NULL DEFAULT '',
`is_moderator` tinyint(3) unsigned NOT NULL DEFAULT 0,
`is_admin` tinyint(3) unsigned NOT NULL DEFAULT 0,
`is_banned` tinyint(3) unsigned NOT NULL DEFAULT 0,
`reaction_score` int(11) NOT NULL DEFAULT 0,
`warning_points` int(10) unsigned NOT NULL DEFAULT 0,
`xfmg_media_count` int(10) unsigned NOT NULL DEFAULT 0,
`xfmg_album_count` int(10) unsigned NOT NULL DEFAULT 0,
`xfmg_media_quota` int(10) unsigned NOT NULL DEFAULT 0,
`is_staff` tinyint(3) unsigned NOT NULL DEFAULT 0,
`xfrm_resource_count` int(10) unsigned NOT NULL DEFAULT 0,
`activity_visible` tinyint(3) unsigned NOT NULL DEFAULT 1,
`secret_key` varbinary(32) NOT NULL,
`th_view_count` int(10) unsigned NOT NULL DEFAULT 0,
`privacy_policy_accepted` int(10) unsigned NOT NULL DEFAULT 0,
`terms_accepted` int(10) unsigned NOT NULL DEFAULT 0,
`vote_score` int(11) NOT NULL DEFAULT 0,
PRIMARY KEY (`user_id`),
UNIQUE KEY `username` (`username`),
KEY `email` (`email`),
KEY `user_state` (`user_state`),
KEY `last_activity` (`last_activity`),
KEY `message_count` (`message_count`),
KEY `trophy_points` (`trophy_points`),
KEY `register_date` (`register_date`),
KEY `staff_username` (`is_staff`,`username`),
KEY `resource_count` (`xfrm_resource_count`),
KEY `xengallery_media_count` (`xfmg_media_count`),
KEY `xengallery_album_count` (`xfmg_album_count`),
KEY `reaction_score` (`reaction_score`),
KEY `vote_score` (`vote_score`),
KEY `last_summary_email_date` (`last_summary_email_date`),
KEY `permission_combination_id` (`permission_combination_id`),
KEY `question_solution_count` (`question_solution_count`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_general_ci;

– To reproduce:
– SHOW COLUMNS FROM xf_user;