[MDEV-22856] Assertion `!str || str != Ptr' and Assertion `!str || str != Ptr || !is_alloced()' failed in String::copy Created: 2020-06-10  Updated: 2023-07-20  Resolved: 2023-07-20

Status: Closed
Project: MariaDB Server
Component/s: Character Sets
Affects Version/s: 10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7, 10.8
Fix Version/s: 10.4.23, 10.5.14, 10.6.6, 10.8.1

Type: Bug Priority: Major
Reporter: Roel Van de Paar Assignee: Alexander Barkov
Resolution: Duplicate Votes: 0
Labels: regression-10.4

Issue Links:
Duplicate
duplicates MDEV-26953 Assertion `!str || str != Ptr || !is_... Closed

 Description    

USE test;
 
SET collation_connection='utf16_general_ci';
 
SET sql_buffer_result=1;
 
CREATE TABLE t(c INT);
 
INSERT INTO t VALUES(NULL);
 
SELECT PASSWORD(c) FROM t;

Leads to:

10.5.4 6877ef9a7c9c7ee55d67e4baaf4e8f7b874c9f89

 
mysqld: /test/10.5_dbg/sql/sql_string.cc:430: bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*): Assertion `!str || str != Ptr' failed.

10.5.4 6877ef9a7c9c7ee55d67e4baaf4e8f7b874c9f89

 
Core was generated by `/test/MD060620-mariadb-10.5.4-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
 
Program terminated with signal SIGABRT, Aborted.
 
#0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=6)
 
    at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
 
[Current thread is 1 (Thread 0x14b31a50c700 (LWP 220065))]
 
(gdb) bt
 
(gdb) (gdb) #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
 
#1  0x0000563ecc1de00d in my_write_core (sig=sig@entry=6) at /test/10.5_dbg/mysys/stacktrace.c:518
 
#2  0x0000563ecb987bbc in handle_fatal_signal (sig=6) at /test/10.5_dbg/sql/signal_handler.cc:330
 
#3  <signal handler called>
 
#4  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
 
#5  0x000014b322e65801 in __GI_abort () at abort.c:79
 
#6  0x000014b322e5539a in __assert_fail_base (fmt=0x14b322fdc7d8 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x563ecc376b71 "!str || str != Ptr", file=file@entry=0x563ecc376c60 "/test/10.5_dbg/sql/sql_string.cc", line=line@entry=430, function=function@entry=0x563ecc376fc0 <String::copy(char const*, unsigned long, charset_info_st const*, charset_info_st const*, unsigned int*)::__PRETTY_FUNCTION__> "bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*)") at assert.c:92
 
#7  0x000014b322e55412 in __GI___assert_fail (assertion=assertion@entry=0x563ecc376b71 "!str || str != Ptr", file=file@entry=0x563ecc376c60 "/test/10.5_dbg/sql/sql_string.cc", line=line@entry=430, function=function@entry=0x563ecc376fc0 <String::copy(char const*, unsigned long, charset_info_st const*, charset_info_st const*, unsigned int*)::__PRETTY_FUNCTION__> "bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*)") at assert.c:101
 
#8  0x0000563ecb7978ee in String::copy (this=this@entry=0x14b301474728, str=0x14b31a509f10 "`\241P\032\263\024", arg_length=0, from_cs=0x563ecced2e80 <my_charset_latin1>, to_cs=0x563eccef4dc0 <my_charset_utf16_general_ci>, errors=errors@entry=0x14b31a509ecc) at /test/10.5_dbg/sql/sql_string.cc:430
 
#9  0x0000563ecba57d80 in Item_func::val_str_from_val_str_ascii (this=0x14b3014746f0, str=0x14b301474728, ascii_buffer=0x14b3014747b8) at /test/10.5_dbg/sql/item_strfunc.cc:111
 
#10 0x0000563ecba04c0e in Item_str_ascii_func::val_str (this=<optimized out>, str=<optimized out>) at /test/10.5_dbg/sql/item_strfunc.h:88
 
#11 0x0000563ecb9bb5a5 in Item::save_str_in_field (this=0x14b3014746f0, field=0x14b3014566a0, no_conversions=<optimized out>) at /test/10.5_dbg/sql/item.cc:6557
 
#12 0x0000563ecb8afa4a in Type_handler_string_result::Item_save_in_field (this=<optimized out>, item=<optimized out>, field=<optimized out>, no_conversions=<optimized out>) at /test/10.5_dbg/sql/sql_type.cc:4184
 
#13 0x0000563ecb9a63b0 in Item::save_in_field (this=0x14b3014746f0, field=0x14b3014566a0, no_conversions=<optimized out>) at /test/10.5_dbg/sql/item.cc:6605
 
#14 0x0000563ecb6870ff in Item_result_field::save_in_result_field (this=<optimized out>, no_conversions=<optimized out>) at /test/10.5_dbg/sql/item.h:3255
 
#15 0x0000563ecb734cd6 in copy_funcs (func_ptr=0x14b301574420, thd=0x14b301415088) at /test/10.5_dbg/sql/sql_select.cc:25722
 
#16 0x0000563ecb734d8a in end_write (join=0x14b301475870, join_tab=0x14b301476e60, end_of_records=<optimized out>) at /test/10.5_dbg/sql/sql_select.cc:22057
 
#17 0x0000563ecb73a9bf in AGGR_OP::put_record (this=this@entry=0x14b3014776e0, end_of_records=end_of_records@entry=false) at /test/10.5_dbg/sql/sql_select.cc:28848
 
#18 0x0000563ecb73b06e in AGGR_OP::put_record (this=0x14b3014776e0) at /test/10.5_dbg/sql/sql_select.h:1048
 
#19 sub_select_postjoin_aggr (join=0x14b301475870, join_tab=0x14b301476e60, end_of_records=<optimized out>) at /test/10.5_dbg/sql/sql_select.cc:20345
 
#20 0x0000563ecb71bb79 in evaluate_join_record (join=join@entry=0x14b301475870, join_tab=join_tab@entry=0x14b301476ab8, error=error@entry=0) at /test/10.5_dbg/sql/sql_select.cc:20852
 
#21 0x0000563ecb722f35 in sub_select (join=0x14b301475870, join_tab=0x14b301476ab8, end_of_records=<optimized out>) at /test/10.5_dbg/sql/sql_select.cc:20629
 
#22 0x0000563ecb75bd44 in do_select (procedure=0x0, join=0x14b301475870) at /test/10.5_dbg/sql/sql_select.cc:20163
 
#23 JOIN::exec_inner (this=this@entry=0x14b301475870) at /test/10.5_dbg/sql/sql_select.cc:4475
 
#24 0x0000563ecb75c35f in JOIN::exec (this=this@entry=0x14b301475870) at /test/10.5_dbg/sql/sql_select.cc:4256
 
#25 0x0000563ecb75a674 in mysql_select (thd=thd@entry=0x14b301415088, tables=<optimized out>, fields=@0x14b301474288: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14b301474810, last = 0x14b301474810, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=<optimized out>, group=0x0, having=0x0, proc_param=0x0, select_options=2147879680, result=0x14b301475848, unit=0x14b3014190a0, select_lex=0x14b301474138) at /test/10.5_dbg/sql/sql_select.cc:4680
 
#26 0x0000563ecb75a9a3 in handle_select (thd=thd@entry=0x14b301415088, lex=lex@entry=0x14b301418fd8, result=result@entry=0x14b301475848, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.5_dbg/sql/sql_select.cc:417
 
#27 0x0000563ecb6e43a0 in execute_sqlcom_select (thd=thd@entry=0x14b301415088, all_tables=0x14b301474868) at /test/10.5_dbg/sql/sql_parse.cc:6208
 
#28 0x0000563ecb6dd4cc in mysql_execute_command (thd=thd@entry=0x14b301415088) at /test/10.5_dbg/sql/sql_parse.cc:3939
 
#29 0x0000563ecb6ea322 in mysql_parse (thd=thd@entry=0x14b301415088, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14b31a50b350, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:7992
 
#30 0x0000563ecb6d6e1c in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b301415088, packet=packet@entry=0x14b301467089 "", packet_length=packet_length@entry=25, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_dbg/sql/sql_parse.cc:1874
 
#31 0x0000563ecb6d55f6 in do_command (thd=0x14b301415088) at /test/10.5_dbg/sql/sql_parse.cc:1355
 
#32 0x0000563ecb8309f9 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x14b304515808, put_in_cache=put_in_cache@entry=true) at /test/10.5_dbg/sql/sql_connect.cc:1411
 
#33 0x0000563ecb831115 in handle_one_connection (arg=arg@entry=0x14b304515808) at /test/10.5_dbg/sql/sql_connect.cc:1313
 
#34 0x0000563ecbc90104 in pfs_spawn_thread (arg=0x14b321845888) at /test/10.5_dbg/storage/perfschema/pfs.cc:2201
 
#35 0x000014b323b486db in start_thread (arg=0x14b31a50c700) at pthread_create.c:463
 
#36 0x000014b322f4688f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.1.46 (dbg), 10.2.33 (dbg), 10.3.24 (dbg), 10.4.14 (dbg), 10.5.4 (dbg)

Bug confirmed not present in:
MariaDB: 10.1.46 (opt), 10.2.33 (opt), 10.3.24 (opt), 10.4.14 (opt), 10.5.4 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt)

 Comments   
Comment by Alexander Barkov [ 2020-06-13 ]

The crash is also repeatable with CREATE..SELECT, instead of setting sql_buffer_result=1

SET collation_connection='utf16_general_ci';
 
CREATE OR REPLACE TABLE t1(c INT);
 
INSERT INTO t1 VALUES(NULL);
 
CREATE OR REPLACE TABLE t2 AS SELECT PASSWORD(c) FROM t1;

Comment by Alexander Barkov [ 2020-06-13 ]

Also repeatable with:

SET collation_connection='utf16_general_ci';
 
CREATE OR REPLACE TABLE t1 AS SELECT PASSWORD(CAST(NULL AS SIGNED));

Comment by Roel Van de Paar [ 2022-01-11 ]

New assert, and new set of versions affected with this testcase, and these versions:

SET @@sql_buffer_result=ON;
 
SET collation_connection='utf16_bin';
 
CREATE TABLE t (c CHAR(1));
 
INSERT INTO t VALUES (1),(1),(1),(NULL);
 
INSERT INTO t SELECT * FROM t;
 
SELECT PASSWORD(c) FROM t;

Leads to:

10.8.0 ccdf5711a8fff0cd610a91fdcf37c8ff1182878c (Debug)

 
mysqld: /test/10.8_dbg/sql/sql_string.cc:450: bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*): Assertion `!str || str != Ptr || !is_alloced()' failed.

10.8.0 ccdf5711a8fff0cd610a91fdcf37c8ff1182878c (Debug)

 
Core was generated by `/test/MD121221-mariadb-10.8.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
 
Program terminated with signal SIGABRT, Aborted.
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
[Current thread is 1 (Thread 0x14d07436c700 (LWP 2572289))]
 
(gdb) bt
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
#1  0x000014d0755cf859 in __GI_abort () at abort.c:79
 
#2  0x000014d0755cf729 in __assert_fail_base (fmt=0x14d075765588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x558033cb7480 "!str || str != Ptr || !is_alloced()", file=0x558033cb7248 "/test/10.8_dbg/sql/sql_string.cc", line=450, function=<optimized out>) at assert.c:92
 
#3  0x000014d0755e0f36 in __GI___assert_fail (assertion=assertion@entry=0x558033cb7480 "!str || str != Ptr || !is_alloced()", file=file@entry=0x558033cb7248 "/test/10.8_dbg/sql/sql_string.cc", line=line@entry=450, function=function@entry=0x558033cb74a8 "bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*)") at assert.c:101
 
#4  0x00005580330ab1d8 in String::copy (this=this@entry=0x14cfb0014420, str=0x14cfb002a2e8 "", arg_length=0, from_cs=0x5580345afa60 <my_charset_latin1>, to_cs=0x5580345d2e00 <my_charset_utf16_bin>, errors=errors@entry=0x14d074369e1c) at /test/10.8_dbg/sql/sql_string.h:430
 
#5  0x00005580333c022b in Item_func::val_str_from_val_str_ascii (this=0x14cfb00143f8, str=0x14cfb0014420, ascii_buffer=0x14cfb00144a0) at /test/10.8_dbg/sql/sql_string.h:278
 
#6  0x0000558033264a32 in Item_str_ascii_func::val_str (this=<optimized out>, str=<optimized out>) at /test/10.8_dbg/sql/item_strfunc.h:94
 
#7  0x000055803330e4e9 in Item::save_str_in_field (this=0x14cfb00143f8, field=0x14cfb00726e0, no_conversions=<optimized out>) at /test/10.8_dbg/sql/item.cc:6780
 
#8  0x00005580331e73a2 in Type_handler_string_result::Item_save_in_field (this=<optimized out>, item=<optimized out>, field=<optimized out>, no_conversions=<optimized out>) at /test/10.8_dbg/sql/sql_type.cc:4330
 
#9  0x00005580332f4699 in Item::save_in_field (this=0x14cfb00143f8, field=0x14cfb00726e0, no_conversions=<optimized out>) at /test/10.8_dbg/sql/item.cc:6828
 
#10 0x0000558032ebdfb0 in Item_result_field::save_in_result_field (this=<optimized out>, no_conversions=<optimized out>) at /test/10.8_dbg/sql/item.h:3436
 
#11 0x000055803305162a in copy_funcs (func_ptr=0x14cfb0072380, thd=0x14cfb0000db8) at /test/10.8_dbg/sql/sql_select.cc:26286
 
#12 0x00005580330516e5 in end_write (join=0x14cfb0015548, join_tab=0x14cfb0016ba8, end_of_records=<optimized out>) at /test/10.8_dbg/sql/sql_select.cc:22556
 
#13 0x0000558033061741 in AGGR_OP::put_record (this=this@entry=0x14cfb0017438, end_of_records=end_of_records@entry=false) at /test/10.8_dbg/sql/sql_select.cc:29452
 
#14 0x0000558033061f3e in AGGR_OP::put_record (this=0x14cfb0017438) at /test/10.8_dbg/sql/sql_select.h:1056
 
#15 sub_select_postjoin_aggr (join=0x14cfb0015548, join_tab=0x14cfb0016ba8, end_of_records=<optimized out>) at /test/10.8_dbg/sql/sql_select.cc:20786
 
#16 0x0000558033020e3d in evaluate_join_record (join=join@entry=0x14cfb0015548, join_tab=join_tab@entry=0x14cfb00167f8, error=error@entry=0) at /test/10.8_dbg/sql/sql_select.cc:21300
 
#17 0x000055803303701c in sub_select (join=0x14cfb0015548, join_tab=0x14cfb00167f8, end_of_records=<optimized out>) at /test/10.8_dbg/sql/sql_select.cc:21109
 
#18 0x000055803306ef96 in do_select (procedure=0x0, join=0x14cfb0015548) at /test/10.8_dbg/sql/sql_select.cc:20617
 
#19 JOIN::exec_inner (this=this@entry=0x14cfb0015548) at /test/10.8_dbg/sql/sql_select.cc:4735
 
#20 0x000055803306f542 in JOIN::exec (this=this@entry=0x14cfb0015548) at /test/10.8_dbg/sql/sql_select.cc:4513
 
#21 0x000055803306d553 in mysql_select (thd=thd@entry=0x14cfb0000db8, tables=0x14cfb0014568, fields=@0x14cfb0014100: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14cfb00144f8, last = 0x14cfb00144f8, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147879680, result=0x14cfb0015520, unit=0x14cfb00051c0, select_lex=0x14cfb0013e60) at /test/10.8_dbg/sql/sql_select.cc:4993
 
#22 0x000055803306d808 in handle_select (thd=thd@entry=0x14cfb0000db8, lex=lex@entry=0x14cfb00050e8, result=result@entry=0x14cfb0015520, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.8_dbg/sql/sql_select.cc:545
 
#23 0x0000558032fccc1e in execute_sqlcom_select (thd=thd@entry=0x14cfb0000db8, all_tables=0x14cfb0014568) at /test/10.8_dbg/sql/sql_parse.cc:6253
 
#24 0x0000558032fd9af1 in mysql_execute_command (thd=thd@entry=0x14cfb0000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.8_dbg/sql/sql_parse.cc:3944
 
#25 0x0000558032fc5e0f in mysql_parse (thd=thd@entry=0x14cfb0000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14d07436b400) at /test/10.8_dbg/sql/sql_parse.cc:8028
 
#26 0x0000558032fd4aab in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14cfb0000db8, packet=packet@entry=0x14cfb000b879 "", packet_length=packet_length@entry=25, blocking=blocking@entry=true) at /test/10.8_dbg/sql/sql_class.h:1360
 
#27 0x0000558032fd7eea in do_command (thd=0x14cfb0000db8, blocking=blocking@entry=true) at /test/10.8_dbg/sql/sql_parse.cc:1402
 
#28 0x000055803315189c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x558035890e58, put_in_cache=put_in_cache@entry=true) at /test/10.8_dbg/sql/sql_connect.cc:1418
 
#29 0x0000558033151ea1 in handle_one_connection (arg=arg@entry=0x558035890e58) at /test/10.8_dbg/sql/sql_connect.cc:1312
 
#30 0x00005580335d3442 in pfs_spawn_thread (arg=0x5580357a44c8) at /test/10.8_dbg/storage/perfschema/pfs.cc:2201
 
#31 0x000014d075ade609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#32 0x000014d0756cc293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.4.23 (dbg), 10.5.14 (dbg), 10.6.6 (dbg), 10.7.2 (dbg), 10.8.0 (dbg)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.42 (dbg), 10.2.42 (opt), 10.3.33 (dbg), 10.3.33 (opt), 10.4.23 (opt), 10.5.14 (opt), 10.6.6 (opt), 10.7.2 (opt), 10.8.0 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.36 (dbg), 5.7.36 (opt), 8.0.27 (dbg), 8.0.27 (opt)

Comment by Roel Van de Paar [ 2022-01-11 ]

bar Any idea what may have caused the change in/around 10.4?

Comment by Roel Van de Paar [ 2022-01-11 ]

An additional interesting testcase 

SET sql_mode='';
 
SET SESSION sql_buffer_result=1;
 
CREATE TABLE t1 (c1 INT) ENGINE=InnoDB;
 
INSERT INTO t1 VALUES ();
 
INSERT IGNORE INTO t1 VALUES (@a);
 
SET collation_connection='ucs2_bin';
 
SELECT PASSWORD(c1) FROM t1;

Leads to:

10.8.0 ccdf5711a8fff0cd610a91fdcf37c8ff1182878c (Debug)

 
mysqld: /test/10.8_dbg/sql/sql_string.cc:450: bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*): Assertion `!str || str != Ptr || !is_alloced()' failed.

10.8.0 ccdf5711a8fff0cd610a91fdcf37c8ff1182878c (Debug)

 
Core was generated by `/test/MD121221-mariadb-10.8.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
 
Program terminated with signal SIGABRT, Aborted.
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
[Current thread is 1 (Thread 0x14d8c1d7c700 (LWP 1286108))]
 
(gdb) bt
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
#1  0x000014d8e0a15859 in __GI_abort () at abort.c:79
 
#2  0x000014d8e0a15729 in __assert_fail_base (fmt=0x14d8e0bab588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x556ad406e480 "!str || str != Ptr || !is_alloced()", file=0x556ad406e248 "/test/10.8_dbg/sql/sql_string.cc", line=450, function=<optimized out>) at assert.c:92
 
#3  0x000014d8e0a26f36 in __GI___assert_fail (assertion=assertion@entry=0x556ad406e480 "!str || str != Ptr || !is_alloced()", file=file@entry=0x556ad406e248 "/test/10.8_dbg/sql/sql_string.cc", line=line@entry=450, function=function@entry=0x556ad406e4a8 "bool String::copy(const char*, size_t, CHARSET_INFO*, CHARSET_INFO*, uint*)") at assert.c:101
 
#4  0x0000556ad34621d8 in String::copy (this=this@entry=0x14d818014428, str=0x14d818041148 "", arg_length=0, from_cs=0x556ad4966a60 <my_charset_latin1>, to_cs=0x556ad49892a0 <my_charset_ucs2_bin>, errors=errors@entry=0x14d8c1d79e1c) at /test/10.8_dbg/sql/sql_string.h:430
 
#5  0x0000556ad377722b in Item_func::val_str_from_val_str_ascii (this=0x14d818014400, str=0x14d818014428, ascii_buffer=0x14d8180144a8) at /test/10.8_dbg/sql/sql_string.h:278
 
#6  0x0000556ad361ba32 in Item_str_ascii_func::val_str (this=<optimized out>, str=<optimized out>) at /test/10.8_dbg/sql/item_strfunc.h:94
 
#7  0x0000556ad36c54e9 in Item::save_str_in_field (this=0x14d818014400, field=0x14d818070bf0, no_conversions=<optimized out>) at /test/10.8_dbg/sql/item.cc:6780
 
#8  0x0000556ad359e3a2 in Type_handler_string_result::Item_save_in_field (this=<optimized out>, item=<optimized out>, field=<optimized out>, no_conversions=<optimized out>) at /test/10.8_dbg/sql/sql_type.cc:4330
 
#9  0x0000556ad36ab699 in Item::save_in_field (this=0x14d818014400, field=0x14d818070bf0, no_conversions=<optimized out>) at /test/10.8_dbg/sql/item.cc:6828
 
#10 0x0000556ad3274fb0 in Item_result_field::save_in_result_field (this=<optimized out>, no_conversions=<optimized out>) at /test/10.8_dbg/sql/item.h:3436
 
#11 0x0000556ad340862a in copy_funcs (func_ptr=0x14d818070890, thd=0x14d818000db8) at /test/10.8_dbg/sql/sql_select.cc:26286
 
#12 0x0000556ad34086e5 in end_write (join=0x14d818015550, join_tab=0x14d818016bb0, end_of_records=<optimized out>) at /test/10.8_dbg/sql/sql_select.cc:22556
 
#13 0x0000556ad3418741 in AGGR_OP::put_record (this=this@entry=0x14d818017440, end_of_records=end_of_records@entry=false) at /test/10.8_dbg/sql/sql_select.cc:29452
 
#14 0x0000556ad3418f3e in AGGR_OP::put_record (this=0x14d818017440) at /test/10.8_dbg/sql/sql_select.h:1056
 
#15 sub_select_postjoin_aggr (join=0x14d818015550, join_tab=0x14d818016bb0, end_of_records=<optimized out>) at /test/10.8_dbg/sql/sql_select.cc:20786
 
#16 0x0000556ad33d7e3d in evaluate_join_record (join=join@entry=0x14d818015550, join_tab=join_tab@entry=0x14d818016800, error=error@entry=0) at /test/10.8_dbg/sql/sql_select.cc:21300
 
#17 0x0000556ad33ee01c in sub_select (join=0x14d818015550, join_tab=0x14d818016800, end_of_records=<optimized out>) at /test/10.8_dbg/sql/sql_select.cc:21109
 
#18 0x0000556ad3425f96 in do_select (procedure=0x0, join=0x14d818015550) at /test/10.8_dbg/sql/sql_select.cc:20617
 
#19 JOIN::exec_inner (this=this@entry=0x14d818015550) at /test/10.8_dbg/sql/sql_select.cc:4735
 
#20 0x0000556ad3426542 in JOIN::exec (this=this@entry=0x14d818015550) at /test/10.8_dbg/sql/sql_select.cc:4513
 
#21 0x0000556ad3424553 in mysql_select (thd=thd@entry=0x14d818000db8, tables=0x14d818014570, fields=@0x14d818014108: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14d818014500, last = 0x14d818014500, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147879680, result=0x14d818015528, unit=0x14d8180051c0, select_lex=0x14d818013e68) at /test/10.8_dbg/sql/sql_select.cc:4993
 
#22 0x0000556ad3424808 in handle_select (thd=thd@entry=0x14d818000db8, lex=lex@entry=0x14d8180050e8, result=result@entry=0x14d818015528, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.8_dbg/sql/sql_select.cc:545
 
#23 0x0000556ad3383c1e in execute_sqlcom_select (thd=thd@entry=0x14d818000db8, all_tables=0x14d818014570) at /test/10.8_dbg/sql/sql_parse.cc:6253
 
#24 0x0000556ad3390af1 in mysql_execute_command (thd=thd@entry=0x14d818000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.8_dbg/sql/sql_parse.cc:3944
 
#25 0x0000556ad337ce0f in mysql_parse (thd=thd@entry=0x14d818000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14d8c1d7b400) at /test/10.8_dbg/sql/sql_parse.cc:8028
 
#26 0x0000556ad338baab in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14d818000db8, packet=packet@entry=0x14d81800b879 "", packet_length=packet_length@entry=27, blocking=blocking@entry=true) at /test/10.8_dbg/sql/sql_class.h:1360
 
#27 0x0000556ad338eeea in do_command (thd=0x14d818000db8, blocking=blocking@entry=true) at /test/10.8_dbg/sql/sql_parse.cc:1402
 
#28 0x0000556ad350889c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x556ad5f9d878, put_in_cache=put_in_cache@entry=true) at /test/10.8_dbg/sql/sql_connect.cc:1418
 
#29 0x0000556ad3508ea1 in handle_one_connection (arg=arg@entry=0x556ad5f9d878) at /test/10.8_dbg/sql/sql_connect.cc:1312
 
#30 0x0000556ad398a442 in pfs_spawn_thread (arg=0x556ad5eb1318) at /test/10.8_dbg/storage/perfschema/pfs.cc:2201
 
#31 0x000014d8e0f24609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#32 0x000014d8e0b12293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.4.23 (dbg), 10.5.14 (dbg), 10.6.6 (dbg), 10.7.2 (dbg), 10.8.0 (dbg)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.42 (dbg), 10.2.42 (opt), 10.3.33 (dbg), 10.3.33 (opt), 10.4.23 (opt), 10.5.14 (opt), 10.6.6 (opt), 10.7.2 (opt), 10.8.0 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.36 (dbg), 5.7.36 (opt), 8.0.27 (dbg), 8.0.27 (opt)

Comment by Alexander Barkov [ 2023-07-20 ]

This problem was fixed by MDEV-26953

Generated at Thu Feb 08 09:18:00 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.