[MDEV-23202] Server crashes in maria_status and/or heap_info upon 2nd execution of SP Created: 2020-07-17  Updated: 2023-11-28

Status: Confirmed
Project: MariaDB Server
Component/s: Optimizer, Storage Engine - Aria, Stored routines
Affects Version/s: 10.1, 10.2, 10.3, 10.4, 10.5, 10.6, 10.7, 10.8, 10.9, 10.10
Fix Version/s: 10.4, 10.5, 10.6, 10.11, 11.0, 11.1

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Dmitry Shulga
Resolution: Unresolved Votes: 0
Labels: affects-tests

Issue Links:
Relates
relates to MDEV-21413 ASAN heap-use-after-free in ha_maria:... Closed
relates to MDEV-24383 SIGSEGV in heap_info from make_join_s... Closed
relates to MDEV-24651 SIGSEGV in maria_scan_init on EXECUTE... Open
relates to MDEV-25570 Use of RAND() in procedure crashes se... Closed

 Description   

PSEUDO_THREAD_ID in the test case makes it much less important, as it's intended for "internal use only". However, it's possible that there is a use case where this internal use is triggered and similarly affected. It needs to be investigated at least.

CREATE TABLE t (a INT);
 
CREATE VIEW v AS SELECT 1 FROM t;
 
SET big_tables= 1; # Not needed for 10.5+
 
CREATE PROCEDURE p() SELECT 2 FROM v;
 
CREATE TEMPORARY TABLE v SELECT 3 AS b;
 
CALL p();
 
SET PSEUDO_THREAD_ID= 111;
 
CALL p();
 
 
 
# Cleanup
 
DROP PROCEDURE p;
 
DROP VIEW v;
 
DROP TABLE t;

10.2 debug a1e52e7f

 
#3  <signal handler called>
 
#4  0x0000560e0fb934f5 in maria_status (info=0x0, x=0x7f173c2f3dd0, flag=18) at /data/src/10.2/storage/maria/ma_info.c:43
 
#5  0x0000560e0fbaa71d in ha_maria::info (this=0x7f17200400e8, flag=18) at /data/src/10.2/storage/maria/ha_maria.cc:2516
 
#6  0x0000560e0f4b0eb1 in TABLE_LIST::fetch_number_of_rows (this=0x7f1720085e40) at /data/src/10.2/sql/table.cc:8286
 
#7  0x0000560e0f3e5b42 in make_join_statistics (join=0x7f1720038d00, tables_list=..., keyuse_array=0x7f1720038ff0) at /data/src/10.2/sql/sql_select.cc:3969
 
#8  0x0000560e0f3dd9b8 in JOIN::optimize_inner (this=0x7f1720038d00) at /data/src/10.2/sql/sql_select.cc:1584
 
#9  0x0000560e0f3dbe81 in JOIN::optimize (this=0x7f1720038d00) at /data/src/10.2/sql/sql_select.cc:1113
 
#10 0x0000560e0f3e53d8 in mysql_select (thd=0x7f1720000af0, tables=0x7f1720085e40, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7f1720038ce0, unit=0x7f1720087978, select_lex=0x7f17200880b8) at /data/src/10.2/sql/sql_select.cc:3819
 
#11 0x0000560e0f3d9626 in handle_select (thd=0x7f1720000af0, lex=0x7f17200878b8, result=0x7f1720038ce0, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361
 
#12 0x0000560e0f3a5070 in execute_sqlcom_select (thd=0x7f1720000af0, all_tables=0x7f1720085e40) at /data/src/10.2/sql/sql_parse.cc:6218
 
#13 0x0000560e0f39b8f1 in mysql_execute_command (thd=0x7f1720000af0) at /data/src/10.2/sql/sql_parse.cc:3524
 
#14 0x0000560e0f2f0562 in sp_instr_stmt::exec_core (this=0x7f1720086468, thd=0x7f1720000af0, nextp=0x7f173c2f55ec) at /data/src/10.2/sql/sp_head.cc:3332
 
#15 0x0000560e0f2efbdb in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f17200864a8, thd=0x7f1720000af0, nextp=0x7f173c2f55ec, open_tables=false, instr=0x7f1720086468) at /data/src/10.2/sql/sp_head.cc:3095
 
#16 0x0000560e0f2f0213 in sp_instr_stmt::execute (this=0x7f1720086468, thd=0x7f1720000af0, nextp=0x7f173c2f55ec) at /data/src/10.2/sql/sp_head.cc:3248
 
#17 0x0000560e0f2eb26d in sp_head::execute (this=0x7f17200851d8, thd=0x7f1720000af0, merge_da_on_success=true) at /data/src/10.2/sql/sp_head.cc:1326
 
#18 0x0000560e0f2ed45a in sp_head::execute_procedure (this=0x7f17200851d8, thd=0x7f1720000af0, args=0x7f1720005430) at /data/src/10.2/sql/sp_head.cc:2202
 
#19 0x0000560e0f399e94 in do_execute_sp (thd=0x7f1720000af0, sp=0x7f17200851d8) at /data/src/10.2/sql/sql_parse.cc:2946
 
#20 0x0000560e0f3a2717 in mysql_execute_command (thd=0x7f1720000af0) at /data/src/10.2/sql/sql_parse.cc:5564
 
#21 0x0000560e0f3a8da7 in mysql_parse (thd=0x7f1720000af0, rawbuf=0x7f1720012458 "CALL p()", length=8, parser_state=0x7f173c2f6610, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7733
 
#22 0x0000560e0f3970d3 in dispatch_command (command=COM_QUERY, thd=0x7f1720000af0, packet=0x7f172008d4a1 "CALL p()", packet_length=8, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1824
 
#23 0x0000560e0f395b4e in do_command (thd=0x7f1720000af0) at /data/src/10.2/sql/sql_parse.cc:1377
 
#24 0x0000560e0f4ebb29 in do_handle_one_connection (connect=0x560e11659960) at /data/src/10.2/sql/sql_connect.cc:1336
 
#25 0x0000560e0f4eb894 in handle_one_connection (arg=0x560e11659960) at /data/src/10.2/sql/sql_connect.cc:1241
 
#26 0x0000560e0fd02352 in pfs_spawn_thread (arg=0x560e11664750) at /data/src/10.2/storage/perfschema/pfs.cc:1869
 
#27 0x00007f1742fa54a4 in start_thread (arg=0x7f173c2f7700) at pthread_create.c:456
 
#28 0x00007f17410d9d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

10.2 non-debug a1e52e7f

 
#3  <signal handler called>
 
#4  maria_status (info=0x0, x=x@entry=0x7ff83c2219e0, flag=flag@entry=18) at /data/src/10.2/storage/maria/ma_info.c:47
 
#5  0x0000563613a653dd in ha_maria::info (this=0x7ff8200996d0, flag=18) at /data/src/10.2/storage/maria/ha_maria.cc:2516
 
#6  0x000056361350f006 in make_join_statistics (join=join@entry=0x7ff820095458, tables_list=..., keyuse_array=keyuse_array@entry=0x7ff820095748) at /data/src/10.2/sql/sql_select.cc:3969
 
#7  0x0000563613516aeb in JOIN::optimize_inner (this=this@entry=0x7ff820095458) at /data/src/10.2/sql/sql_select.cc:1584
 
#8  0x0000563613519092 in JOIN::optimize (this=0x7ff820095458) at /data/src/10.2/sql/sql_select.cc:1113
 
#9  0x0000563613519ad1 in mysql_select (thd=thd@entry=0x7ff8200009a8, tables=0x7ff82008df48, wild_num=0, fields=..., conds=<optimized out>, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7ff820095438, unit=0x7ff82008f3d0, select_lex=0x7ff82008fb10) at /data/src/10.2/sql/sql_select.cc:3819
 
#10 0x0000563613519c75 in handle_select (thd=thd@entry=0x7ff8200009a8, lex=lex@entry=0x7ff82008f310, result=result@entry=0x7ff820095438, setup_tables_done_option=setup_tables_done_option@entry=0) at /data/src/10.2/sql/sql_select.cc:361
 
#11 0x00005636133f738f in execute_sqlcom_select (thd=thd@entry=0x7ff8200009a8, all_tables=0x7ff82008df48) at /data/src/10.2/sql/sql_parse.cc:6218
 
#12 0x00005636134c43a1 in mysql_execute_command (thd=0x7ff8200009a8) at /data/src/10.2/sql/sql_parse.cc:3524
 
#13 0x000056361344c4f5 in sp_instr_stmt::exec_core (this=0x7ff82008e570, thd=<optimized out>, nextp=0x7ff83c223c64) at /data/src/10.2/sql/sp_head.cc:3332
 
#14 0x00005636134528ed in sp_lex_keeper::reset_lex_and_exec_core (this=this@entry=0x7ff82008e5b0, thd=thd@entry=0x7ff8200009a8, nextp=nextp@entry=0x7ff83c223c64, open_tables=open_tables@entry=false, instr=instr@entry=0x7ff82008e570) at /data/src/10.2/sql/sp_head.cc:3095
 
#15 0x0000563613452f04 in sp_instr_stmt::execute (this=0x7ff82008e570, thd=0x7ff8200009a8, nextp=0x7ff83c223c64) at /data/src/10.2/sql/sp_head.cc:3248
 
#16 0x000056361344f500 in sp_head::execute (this=this@entry=0x7ff82008d2e0, thd=thd@entry=0x7ff8200009a8, merge_da_on_success=merge_da_on_success@entry=true) at /data/src/10.2/sql/sp_head.cc:1326
 
#17 0x0000563613450c0e in sp_head::execute_procedure (this=0x7ff82008d2e0, thd=thd@entry=0x7ff8200009a8, args=0x7ff820005128) at /data/src/10.2/sql/sp_head.cc:2202
 
#18 0x00005636134bafd0 in do_execute_sp (thd=thd@entry=0x7ff8200009a8, sp=<optimized out>) at /data/src/10.2/sql/sql_parse.cc:2946
 
#19 0x00005636134c42b3 in mysql_execute_command (thd=thd@entry=0x7ff8200009a8) at /data/src/10.2/sql/sql_parse.cc:5574
 
#20 0x00005636134ca6aa in mysql_parse (thd=thd@entry=0x7ff8200009a8, rawbuf=<optimized out>, length=8, parser_state=parser_state@entry=0x7ff83c225620, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7733
 
#21 0x00005636134ccf30 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7ff8200009a8, packet=packet@entry=0x7ff820006d09 "CALL p()", packet_length=packet_length@entry=8, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:1824
 
#22 0x00005636134cdcf0 in do_command (thd=0x7ff8200009a8) at /data/src/10.2/sql/sql_parse.cc:1377
 
#23 0x000056361359a592 in do_handle_one_connection (connect=connect@entry=0x5636161c8b28) at /data/src/10.2/sql/sql_connect.cc:1336
 
#24 0x000056361359a6ed in handle_one_connection (arg=arg@entry=0x5636161c8b28) at /data/src/10.2/sql/sql_connect.cc:1241
 
#25 0x0000563613b5c7d1 in pfs_spawn_thread (arg=0x56361615d9e8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
 
#26 0x00007ff84219f4a4 in start_thread (arg=0x7ff83c226700) at pthread_create.c:456
 
#27 0x00007ff84121dd0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Until 10.5, the test case needs BIG_TABLES to crash. Without it, it instead causes an error upon 2nd execution:

CURRENT_TEST: bug2.fetch2
 
mysqltest: At line 8: query 'CALL p()' failed: 1030: Got error 1 "Operation not permitted" from storage engine MEMORY

Starting from 10.5, BIG_TABLES is irrelevant, the crash happens either way.

Both debug and non-debug builds are affected.

 Comments   
Comment by Elena Stepanova [ 2020-09-10 ]

A slightly different test case (without tampering with PSEUDO_THREAD_ID) causes a slightly different stack trace on 10.5:

CREATE TABLE t (a INT);
 
CREATE VIEW v AS SELECT 1 FROM t;
 
CREATE PROCEDURE p() SELECT 2 FROM v;
 
CREATE TEMPORARY TABLE v SELECT 3 AS b;
 
CALL p();
 
ALTER TABLE v RENAME TO vv;
 
CALL p();
 
 
# Cleanup
 
DROP PROCEDURE p;
 
DROP VIEW vv;
 
DROP TABLE t;

10.5 34212233

 
#3  <signal handler called>
 
#4  heap_info (info=0x0, x=0x7f6fd59ded80, flag=18) at /data/src/10.5/storage/heap/hp_info.c:34
 
#5  0x0000562652ef2677 in ha_heap::info (this=0x7f6fc406cbc0, flag=18) at /data/src/10.5/storage/heap/ha_heap.cc:377
 
#6  0x0000562652880711 in TABLE_LIST::fetch_number_of_rows (this=0x7f6fc421ed68) at /data/src/10.5/sql/table.cc:9288
 
#7  0x000056265278191d in make_join_statistics (join=0x7f6fc41a3200, tables_list=..., keyuse_array=0x7f6fc41a34f0) at /data/src/10.5/sql/sql_select.cc:4891
 
#8  0x0000562652777fa9 in JOIN::optimize_inner (this=0x7f6fc41a3200) at /data/src/10.5/sql/sql_select.cc:2247
 
#9  0x0000562652775af2 in JOIN::optimize (this=0x7f6fc41a3200) at /data/src/10.5/sql/sql_select.cc:1623
 
#10 0x0000562652780de0 in mysql_select (thd=0x7f6fc4000db8, tables=0x7f6fc421ed68, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7f6fc41a31d8, unit=0x7f6fc421fd28, select_lex=0x7f6fc421e808) at /data/src/10.5/sql/sql_select.cc:4649
 
#11 0x0000562652770a6b in handle_select (thd=0x7f6fc4000db8, lex=0x7f6fc421fc60, result=0x7f6fc41a31d8, setup_tables_done_option=0) at /data/src/10.5/sql/sql_select.cc:417
 
#12 0x0000562652733f15 in execute_sqlcom_select (thd=0x7f6fc4000db8, all_tables=0x7f6fc421ed68) at /data/src/10.5/sql/sql_parse.cc:6210
 
#13 0x000056265272b25e in mysql_execute_command (thd=0x7f6fc4000db8) at /data/src/10.5/sql/sql_parse.cc:3932
 
#14 0x000056265263062e in sp_instr_stmt::exec_core (this=0x7f6fc421f468, thd=0x7f6fc4000db8, nextp=0x7f6fd59e006c) at /data/src/10.5/sql/sp_head.cc:3765
 
#15 0x000056265262f97f in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f6fc421f4b0, thd=0x7f6fc4000db8, nextp=0x7f6fd59e006c, open_tables=false, instr=0x7f6fc421f468) at /data/src/10.5/sql/sp_head.cc:3492
 
#16 0x00005626526301d7 in sp_instr_stmt::execute (this=0x7f6fc421f468, thd=0x7f6fc4000db8, nextp=0x7f6fd59e006c) at /data/src/10.5/sql/sp_head.cc:3671
 
#17 0x00005626526297d4 in sp_head::execute (this=0x7f6fc421dbb0, thd=0x7f6fc4000db8, merge_da_on_success=true) at /data/src/10.5/sql/sp_head.cc:1435
 
#18 0x000056265262c645 in sp_head::execute_procedure (this=0x7f6fc421dbb0, thd=0x7f6fc4000db8, args=0x7f6fc4005e18) at /data/src/10.5/sql/sp_head.cc:2446
 
#19 0x00005626527286f4 in do_execute_sp (thd=0x7f6fc4000db8, sp=0x7f6fc421dbb0) at /data/src/10.5/sql/sql_parse.cc:3043
 
#20 0x0000562652729337 in Sql_cmd_call::execute (this=0x7f6fc4013fd0, thd=0x7f6fc4000db8) at /data/src/10.5/sql/sql_parse.cc:3289
 
#21 0x00005626527329d4 in mysql_execute_command (thd=0x7f6fc4000db8) at /data/src/10.5/sql/sql_parse.cc:5952
 
#22 0x0000562652738de8 in mysql_parse (thd=0x7f6fc4000db8, rawbuf=0x7f6fc4013f20 "CALL p()", length=8, parser_state=0x7f6fd59e1510, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:7994
 
#23 0x0000562652725126 in dispatch_command (command=COM_QUERY, thd=0x7f6fc4000db8, packet=0x7f6fc4009099 "CALL p()", packet_length=8, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:1867
 
#24 0x000056265272391a in do_command (thd=0x7f6fc4000db8) at /data/src/10.5/sql/sql_parse.cc:1348
 
#25 0x00005626528cf6f2 in do_handle_one_connection (connect=0x562655cd2f68, put_in_cache=true) at /data/src/10.5/sql/sql_connect.cc:1410
 
#26 0x00005626528cf45a in handle_one_connection (arg=0x562655d87d28) at /data/src/10.5/sql/sql_connect.cc:1312
 
#27 0x0000562652e29f27 in pfs_spawn_thread (arg=0x562655cd2ba8) at /data/src/10.5/storage/perfschema/pfs.cc:2201
 
#28 0x00007f6fdb53c609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#29 0x00007f6fdb110103 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

On earlier versions the corresponding error is

10.4 cf9b3b25

 
mysqltest: At line 7: query 'CALL p()' failed: 1030: Got error 1 "Operation not permitted" from storage engine MEMORY

Comment by Elena Stepanova [ 2020-11-02 ]

Yet another stack trace with a similar test case (procedures, pseudo_thread_id...). Adding the stack trace because couldn't find any in JIRA with heap_scan_init.

10.4 5b779c22

 
#3  <signal handler called>
 
#4  heap_scan_init (info=0x0) at /data/src/10.4/storage/heap/hp_scan.c:31
 
#5  0x000055a7bc226a76 in ha_heap::rnd_init (this=0x7f49d41c5c38, scan=true) at /data/src/10.4/storage/heap/ha_heap.cc:339
 
#6  0x000055a7bbc2e0a7 in handler::ha_rnd_init (this=0x7f49d41c5c38, scan=true) at /data/src/10.4/sql/handler.h:3241
 
#7  0x000055a7bbfeee25 in handler::read_first_row (this=0x7f49d41c5c38, buf=0x7f49d408aa10 "\377", primary_key=64) at /data/src/10.4/sql/handler.cc:3107
 
#8  0x000055a7bbd19ceb in handler::ha_read_first_row (this=0x7f49d41c5c38, buf=0x7f49d408aa10 "\377", primary_key=64) at /data/src/10.4/sql/sql_class.h:6619
 
#9  0x000055a7bbcfeb1e in join_read_system (tab=0x7f49d41bcfd8) at /data/src/10.4/sql/sql_select.cc:20935
 
#10 0x000055a7bbcfe666 in join_read_const_table (thd=0x7f49d4000d90, tab=0x7f49d41bcfd8, pos=0x7f49d41bd588) at /data/src/10.4/sql/sql_select.cc:20831
 
#11 0x000055a7bbcd37f0 in make_join_statistics (join=0x7f49d41bbdd8, tables_list=..., keyuse_array=0x7f49d41bc0c8) at /data/src/10.4/sql/sql_select.cc:5116
 
#12 0x000055a7bbcc9473 in JOIN::optimize_inner (this=0x7f49d41bbdd8) at /data/src/10.4/sql/sql_select.cc:2272
 
#13 0x000055a7bbcc6dd5 in JOIN::optimize (this=0x7f49d41bbdd8) at /data/src/10.4/sql/sql_select.cc:1619
 
#14 0x000055a7bbcd22bd in mysql_select (thd=0x7f49d4000d90, tables=0x7f49d4086080, wild_num=0, fields=..., conds=0x7f49d4077470, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7f49d41bbdb0, unit=0x7f49d40759f8, select_lex=0x7f49d41a9418) at /data/src/10.4/sql/sql_select.cc:4685
 
#15 0x000055a7bbcc1d33 in handle_select (thd=0x7f49d4000d90, lex=0x7f49d4075938, result=0x7f49d41bbdb0, setup_tables_done_option=0) at /data/src/10.4/sql/sql_select.cc:410
 
#16 0x000055a7bbc87602 in execute_sqlcom_select (thd=0x7f49d4000d90, all_tables=0x7f49d4086080) at /data/src/10.4/sql/sql_parse.cc:6369
 
#17 0x000055a7bbc7dc05 in mysql_execute_command (thd=0x7f49d4000d90) at /data/src/10.4/sql/sql_parse.cc:3894
 
#18 0x000055a7bbb8a67e in sp_instr_stmt::exec_core (this=0x7f49d40776a8, thd=0x7f49d4000d90, nextp=0x7f4a2113907c) at /data/src/10.4/sql/sp_head.cc:3687
 
#19 0x000055a7bbb89a07 in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f49d40776f0, thd=0x7f49d4000d90, nextp=0x7f4a2113907c, open_tables=false, instr=0x7f49d40776a8) at /data/src/10.4/sql/sp_head.cc:3419
 
#20 0x000055a7bbb8a226 in sp_instr_stmt::execute (this=0x7f49d40776a8, thd=0x7f49d4000d90, nextp=0x7f4a2113907c) at /data/src/10.4/sql/sp_head.cc:3593
 
#21 0x000055a7bbb83902 in sp_head::execute (this=0x7f49d41a83a8, thd=0x7f49d4000d90, merge_da_on_success=true) at /data/src/10.4/sql/sp_head.cc:1364
 
#22 0x000055a7bbb866ba in sp_head::execute_procedure (this=0x7f49d41a83a8, thd=0x7f49d4000d90, args=0x7f49d4005b88) at /data/src/10.4/sql/sp_head.cc:2370
 
#23 0x000055a7bbc7b084 in do_execute_sp (thd=0x7f49d4000d90, sp=0x7f49d41a83a8) at /data/src/10.4/sql/sql_parse.cc:3009
 
#24 0x000055a7bbc7bd37 in Sql_cmd_call::execute (this=0x7f49d4013510, thd=0x7f49d4000d90) at /data/src/10.4/sql/sql_parse.cc:3251
 
#25 0x000055a7bbc86061 in mysql_execute_command (thd=0x7f49d4000d90) at /data/src/10.4/sql/sql_parse.cc:6112
 
#26 0x000055a7bbc8b60d in mysql_parse (thd=0x7f49d4000d90, rawbuf=0x7f49d4013448 "CALL proc_2 (@inout1)", length=21, parser_state=0x7f4a2113a550, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7910
 
#27 0x000055a7bbc77ab6 in dispatch_command (command=COM_QUERY, thd=0x7f49d4000d90, packet=0x7f49d40087a1 "CALL proc_2 (@inout1)", packet_length=21, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1838
 
#28 0x000055a7bbc7631e in do_command (thd=0x7f49d4000d90) at /data/src/10.4/sql/sql_parse.cc:1356
 
#29 0x000055a7bbe04679 in do_handle_one_connection (connect=0x55a7bfad6fc0) at /data/src/10.4/sql/sql_connect.cc:1412
 
#30 0x000055a7bbe043c2 in handle_one_connection (arg=0x55a7bfad6fc0) at /data/src/10.4/sql/sql_connect.cc:1316
 
#31 0x000055a7bc8223aa in pfs_spawn_thread (arg=0x55a7bfac9bb0) at /data/src/10.4/storage/perfschema/pfs.cc:1869
 
#32 0x00007f4a287f6609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#33 0x00007f4a28061293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Comment by Roel Van de Paar [ 2020-12-09 ]

igor On second thoughts, I am not so convinced that MDEV-24383 is a separate bug. The original testcase produces a SIGSEGV in maria_status with these first few frames (using 10.5.7 debug):

SIGSEGV|maria_status|ha_maria::info|TABLE_LIST::fetch_number_of_rows|make_join_statistics

And the testcase from MDEV-24383 produces a SIGSEGV in heap_info with similar followup frames:

SIGSEGV|heap_info|ha_heap::info|TABLE_LIST::fetch_number_of_rows|make_join_statistics

Comment by Roel Van de Paar [ 2022-07-29 ]

Adding two related testcase with slightly different stacks (opt_sum_query). Only difference between them is SET @@big_tables=1;.

SIGSEGV|heap_info|ha_heap::info|opt_sum_query|JOIN::optimize_inner


CREATE VIEW v2 (c) as SELECT column_name FROM information_schema.COLUMNs;
 
CREATE TABLE t (a ENUM ('') CHARACTER SET utf32 COLLATE utf32_spanish2_ci) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 2;
 
RENAME TABLE t TO c,v2 TO t;
 
CREATE FUNCTION f() RETURNS INT RETURN (SELECT COUNT(*) FROM t);
 
CREATE TEMPORARY TABLE t (a INT);
 
INSERT INTO t VALUES (f());
 
DROP TEMPORARY TABLE t CASCADE;
 
SELECT f() FROM (SELECT 1) c;


SIGSEGV|maria_status|ha_maria::info|opt_sum_query|JOIN::optimize_inner


CREATE VIEW v2 (c) as SELECT column_name FROM information_schema.COLUMNs;
 
CREATE TABLE t (a ENUM ('') CHARACTER SET utf32 COLLATE utf32_spanish2_ci) ENGINE=InnoDB PARTITION BY KEY(a) PARTITIONS 2;
 
RENAME TABLE t TO c,v2 TO t;
 
SET @@big_tables=1;
 
CREATE FUNCTION f() RETURNS INT RETURN (SELECT COUNT(*) FROM t);
 
CREATE TEMPORARY TABLE t (a INT);
 
INSERT INTO t VALUES (f());
 
DROP TEMPORARY TABLE t CASCADE;
 
SELECT f() FROM (SELECT 1) c;

Comment by Roel Van de Paar [ 2022-08-11 ]

Additional testcase and versions update

SET GLOBAL log_bin_trust_function_creators=1;
 
CREATE VIEW v2 (c) as SELECT column_name FROM information_schema.COLUMNs;
 
CREATE TABLE t (a ENUM ('') CHARACTER SET utf32 COLLATE utf32_spanish2_ci) PARTITION BY KEY(a) PARTITIONS 2;
 
RENAME TABLE t TO c,v2 TO t;
 
CREATE FUNCTION f() RETURNS INT RETURN (SELECT COUNT(*) FROM t);
 
CREATE TEMPORARY TABLE t (a INT);
 
INSERT INTO t VALUES (f());
 
DROP TEMPORARY TABLE t CASCADE;
 
SELECT f() FROM (SELECT 1) c;

Leads to:

10.10.0 e1caa4bd5e8b4645944b85d4b603bf9fc9ef6ca4 (Optimized)

 
Core was generated by `/test/MD290722-mariadb-10.10.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
 
Program terminated with signal SIGSEGV, Segmentation fault.
 
#0  heap_info (info=0x0, x=x@entry=0x14af102f02a0, flag=flag@entry=18)
 
    at /test/10.10_opt/storage/heap/hp_info.c:34
 
34	  x->records         = info->s->records;
 
[Current thread is 1 (Thread 0x14af102f4700 (LWP 1502684))]
 
(gdb) bt
 
#0  heap_info (info=0x0, x=x@entry=0x14af102f02a0, flag=flag@entry=18) at /test/10.10_opt/storage/heap/hp_info.c:34
 
#1  0x000056059940d206 in ha_heap::info (this=0x14aeb40aa080, flag=18) at /test/10.10_opt/storage/heap/ha_heap.cc:370
 
#2  0x0000560598e8f707 in opt_sum_query (thd=0x14aeb4000c58, tables=@0x14aeb404ee30: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14aeb40a0498, last = 0x14aeb40a0498, elements = 1}, <No data fields>}, all_fields=@0x14aeb40a0248: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14aeb404f228, last = 0x14aeb404f228, elements = 1}, <No data fields>}, conds=0x0) at /test/10.10_opt/sql/opt_sum.cc:318
 
#3  0x0000560598fd64ca in JOIN::optimize_inner (this=0x14aeb409feb8) at /test/10.10_opt/sql/sql_select.cc:2429
 
#4  0x0000560598fd85c3 in JOIN::optimize (this=0x14aeb409feb8) at /test/10.10_opt/sql/sql_select.cc:1863
 
#5  0x000056059927c1e0 in subselect_single_select_engine::exec (this=0x14aeb404fb20) at /test/10.10_opt/sql/item_subselect.cc:4060
 
#6  0x000056059927b90c in Item_subselect::exec (this=0x14aeb404f998) at /test/10.10_opt/sql/item_subselect.cc:854
 
#7  0x000056059927dd44 in Item_singlerow_subselect::val_int (this=0x14aeb404f998) at /test/10.10_opt/sql/item_subselect.cc:1504
 
#8  0x00005605991ca643 in Item::save_int_in_field (this=0x14aeb404f998, field=0x14aeb406e208, no_conversions=<optimized out>) at /test/10.10_opt/sql/item.cc:6842
 
#9  0x00005605991ba3e7 in Item::save_in_field (this=0x14aeb404f998, field=0x14aeb406e208, no_conversions=<optimized out>) at /test/10.10_opt/sql/item.cc:6852
 
#10 0x0000560599181a43 in Field::sp_prepare_and_store_item (this=0x14aeb406e208, thd=0x14aeb4000c58, value=<optimized out>) at /test/10.10_opt/sql/field.cc:1488
 
#11 0x0000560598eb1bec in THD::sp_eval_expr (this=this@entry=0x14aeb4000c58, result_field=<optimized out>, expr_item_ptr=expr_item_ptr@entry=0x14aeb404fbe0) at /test/10.10_opt/sql/sp_head.cc:452
 
#12 0x0000560598ebf6d7 in sp_rcontext::set_return_value (this=<optimized out>, thd=thd@entry=0x14aeb4000c58, return_value_item=return_value_item@entry=0x14aeb404fbe0) at /test/10.10_opt/sql/sp_rcontext.cc:440
 
#13 0x0000560598eb036f in sp_instr_freturn::exec_core (this=0x14aeb404fba8, thd=0x14aeb4000c58, nextp=0x14af102f1974) at /test/10.10_opt/sql/sp_head.cc:4282
 
#14 0x0000560598eb92f6 in sp_lex_keeper::reset_lex_and_exec_core (this=0x14aeb404fbf0, thd=0x14aeb4000c58, nextp=<optimized out>, open_tables=<optimized out>, instr=0x14aeb404fba8) at /test/10.10_opt/sql/sp_head.cc:3581
 
#15 0x0000560598eb3806 in sp_head::execute (this=0x14aeb404dcd0, thd=0x14aeb4000c58, merge_da_on_success=true) at /test/10.10_opt/sql/sp_head.cc:1458
 
#16 0x0000560598eb5bbd in sp_head::execute_function (this=0x14aeb404dcd0, thd=thd@entry=0x14aeb4000c58, argp=argp@entry=0x0, argcount=argcount@entry=0, return_value_fld=<optimized out>, func_ctx=func_ctx@entry=0x14aeb4010f50, call_arena=<optimized out>) at /test/10.10_opt/sql/sp_head.cc:2190
 
#17 0x00005605991c4c71 in Item_sp::execute_impl (this=0x14aeb4010ef0, thd=0x14aeb4000c58, args=0x0, arg_count=0) at /test/10.10_opt/sql/item.cc:2922
 
#18 0x00005605991c4e03 in Item_sp::execute (this=this@entry=0x14aeb4010ef0, thd=0x14aeb4000c58, null_value=null_value@entry=0x14aeb4010eac, args=<optimized out>, arg_count=<optimized out>) at /test/10.10_opt/sql/item.cc:2836
 
#19 0x000056059921e697 in Item_func_sp::execute (this=this@entry=0x14aeb4010e48) at /test/10.10_opt/sql/item_func.cc:6629
 
#20 0x000056059922f675 in Item_func_sp::val_int (this=0x14aeb4010e48) at /test/10.10_opt/sql/item_func.h:3881
 
#21 0x0000560599102c7d in Type_handler::Item_send_long (this=<optimized out>, item=0x14aeb4010e48, protocol=0x14aeb40011d8, buf=<optimized out>) at /test/10.10_opt/sql/sql_type.cc:7499
 
#22 0x0000560598e9424e in Protocol::send_result_set_row (this=this@entry=0x14aeb40011d8, row_items=row_items@entry=0x14aeb4010a58) at /test/10.10_opt/sql/protocol.cc:1328
 
#23 0x0000560598f0bca7 in select_send::send_data (this=0x14aeb40145a8, items=@0x14aeb4010a58: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14aeb4011830, last = 0x14aeb4011830, elements = 1}, <No data fields>}) at /test/10.10_opt/sql/sql_class.cc:3101
 
#24 0x0000560598fc401c in select_result_sink::send_data_with_check (u=<optimized out>, sent=<optimized out>, items=@0x14aeb4010a58: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14aeb4011830, last = 0x14aeb4011830, elements = 1}, <No data fields>}, this=<optimized out>) at /test/10.10_opt/sql/sql_class.h:5699
 
#25 select_result_sink::send_data_with_check (sent=<optimized out>, u=<optimized out>, items=@0x14aeb4010a58: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14aeb4011830, last = 0x14aeb4011830, elements = 1}, <No data fields>}, this=<optimized out>) at /test/10.10_opt/sql/sql_class.h:5689
 
#26 end_send (join=0x14aeb406dad0, join_tab=0x0, end_of_records=<optimized out>) at /test/10.10_opt/sql/sql_select.cc:22976
 
#27 0x0000560598fda31d in do_select (procedure=<optimized out>, join=0x14aeb406dad0) at /test/10.10_opt/sql/sql_select.cc:21224
 
#28 JOIN::exec_inner (this=0x14aeb406dad0) at /test/10.10_opt/sql/sql_select.cc:4804
 
#29 0x0000560598fda4f8 in JOIN::exec (this=this@entry=0x14aeb406dad0) at /test/10.10_opt/sql/sql_select.cc:4582
 
#30 0x0000560598fd8701 in mysql_select (thd=0x14aeb4000c58, tables=0x14aeb40125a8, fields=@0x14aeb4010a58: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14aeb4011830, last = 0x14aeb4011830, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x14aeb40145a8, unit=0x14aeb4004cd0, select_lex=0x14aeb40107b8) at /test/10.10_opt/sql/sql_select.cc:5062
 
#31 0x0000560598fd8e47 in handle_select (thd=thd@entry=0x14aeb4000c58, lex=lex@entry=0x14aeb4004bf8, result=result@entry=0x14aeb40145a8, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.10_opt/sql/sql_select.cc:581
 
#32 0x0000560598f5ab81 in execute_sqlcom_select (thd=0x14aeb4000c58, all_tables=0x14aeb40125a8) at /test/10.10_opt/sql/sql_parse.cc:6261
 
#33 0x0000560598f686ed in mysql_execute_command (thd=0x14aeb4000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.10_opt/sql/sql_parse.cc:3945
 
#34 0x0000560598f55d85 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x14aeb4000c58) at /test/10.10_opt/sql/sql_parse.cc:8037
 
#35 mysql_parse (thd=0x14aeb4000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.10_opt/sql/sql_parse.cc:7959
 
#36 0x0000560598f6189a in dispatch_command (command=COM_QUERY, thd=0x14aeb4000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.10_opt/sql/sql_class.h:1366
 
#37 0x0000560598f637c2 in do_command (thd=0x14aeb4000c58, blocking=blocking@entry=true) at /test/10.10_opt/sql/sql_parse.cc:1407
 
#38 0x000056059907b6ef in do_handle_one_connection (connect=<optimized out>, connect@entry=0x56059c96a3e8, put_in_cache=put_in_cache@entry=true) at /test/10.10_opt/sql/sql_connect.cc:1418
 
#39 0x000056059907b9cd in handle_one_connection (arg=0x56059c96a3e8) at /test/10.10_opt/sql/sql_connect.cc:1312
 
#40 0x000014af3e594609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#41 0x000014af3e180133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

10.10.0 e1caa4bd5e8b4645944b85d4b603bf9fc9ef6ca4 (Debug)

 
Core was generated by `/test/MD290722-mariadb-10.10.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core'.
 
Program terminated with signal SIGSEGV, Segmentation fault.
 
#0  heap_info (info=0x0, x=x@entry=0x14a4f8d1b370, flag=flag@entry=18)
 
    at /test/10.10_dbg/storage/heap/hp_info.c:34
 
34	  x->records         = info->s->records;
 
[Current thread is 1 (Thread 0x14a4f8d1f700 (LWP 1499899))]
 
(gdb) bt
 
#0  heap_info (info=0x0, x=x@entry=0x14a4f8d1b370, flag=flag@entry=18) at /test/10.10_dbg/storage/heap/hp_info.c:34
 
#1  0x0000562665478a66 in ha_heap::info (this=0x14a4a40df8e0, flag=18) at /test/10.10_dbg/storage/heap/ha_heap.cc:370
 
#2  0x0000562664d9c16a in opt_sum_query (thd=0x14a4a4000db8, tables=@0x14a4a4075430: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14a4a40d5628, last = 0x14a4a40d5628, elements = 1}, <No data fields>}, all_fields=@0x14a4a40d53d8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14a4a4075828, last = 0x14a4a4075828, elements = 1}, <No data fields>}, conds=0x0) at /test/10.10_dbg/sql/opt_sum.cc:318
 
#3  0x0000562664f23db4 in JOIN::optimize_inner (this=this@entry=0x14a4a40d5048) at /test/10.10_dbg/sql/sql_select.cc:2429
 
#4  0x0000562664f2456e in JOIN::optimize (this=0x14a4a40d5048) at /test/10.10_dbg/sql/sql_select.cc:1863
 
#5  0x000056266528e9fd in subselect_single_select_engine::exec (this=0x14a4a4076120) at /test/10.10_dbg/sql/item_subselect.cc:4060
 
#6  0x000056266528e16e in Item_subselect::exec (this=0x14a4a4075f98) at /test/10.10_dbg/sql/item_subselect.cc:854
 
#7  0x000056266528c783 in Item_singlerow_subselect::val_int (this=0x14a4a4075f98) at /test/10.10_dbg/sql/item_subselect.cc:1504
 
#8  0x00005626651b1dd3 in Item::save_int_in_field (this=0x14a4a4075f98, field=0x14a4a40a1620, no_conversions=<optimized out>) at /test/10.10_dbg/sql/item.cc:6842
 
#9  0x0000562665090d64 in Type_handler_int_result::Item_save_in_field (this=<optimized out>, item=<optimized out>, field=<optimized out>, no_conversions=<optimized out>) at /test/10.10_dbg/sql/sql_type.cc:4362
 
#10 0x00005626651984f1 in Item::save_in_field (this=0x14a4a4075f98, field=0x14a4a40a1620, no_conversions=<optimized out>) at /test/10.10_dbg/sql/item.cc:6852
 
#11 0x00005626651485a0 in Field::sp_prepare_and_store_item (this=0x14a4a40a1620, thd=0x14a4a4000db8, value=<optimized out>) at /test/10.10_dbg/sql/field.cc:1488
 
#12 0x0000562664dc8f5d in THD::sp_eval_expr (this=this@entry=0x14a4a4000db8, result_field=0x14a4a40a1620, expr_item_ptr=expr_item_ptr@entry=0x14a4a40761e0) at /test/10.10_dbg/sql/sp_head.cc:452
 
#13 0x0000562664ddb386 in sp_rcontext::set_return_value (this=0x14a4a40cd7a0, thd=thd@entry=0x14a4a4000db8, return_value_item=return_value_item@entry=0x14a4a40761e0) at /test/10.10_dbg/sql/sp_rcontext.cc:440
 
#14 0x0000562664dc4f67 in sp_instr_freturn::exec_core (this=0x14a4a40761a8, thd=0x14a4a4000db8, nextp=0x14a4f8d1c7d4) at /test/10.10_dbg/sql/sp_head.cc:4282
 
#15 0x0000562664dd2a46 in sp_lex_keeper::reset_lex_and_exec_core (this=0x14a4a40761f0, thd=0x14a4a4000db8, nextp=<optimized out>, open_tables=open_tables@entry=true, instr=<optimized out>) at /test/10.10_dbg/sql/sp_head.cc:3581
 
#16 0x0000562664dd3669 in sp_instr_freturn::execute (this=<optimized out>, thd=<optimized out>, nextp=<optimized out>) at /test/10.10_dbg/sql/sp_head.cc:4239
 
#17 0x0000562664dcb0fc in sp_head::execute (this=this@entry=0x14a4a40742d0, thd=thd@entry=0x14a4a4000db8, merge_da_on_success=merge_da_on_success@entry=true) at /test/10.10_dbg/sql/sp_head.cc:1458
 
#18 0x0000562664dce4ef in sp_head::execute_function (this=0x14a4a40742d0, thd=thd@entry=0x14a4a4000db8, argp=argp@entry=0x0, argcount=argcount@entry=0, return_value_fld=<optimized out>, func_ctx=func_ctx@entry=0x14a4a4014470, call_arena=0x14a4a4014e30) at /test/10.10_dbg/sql/sp_head.cc:2190
 
#19 0x00005626651aafab in Item_sp::execute_impl (this=this@entry=0x14a4a4014410, thd=thd@entry=0x14a4a4000db8, args=args@entry=0x0, arg_count=arg_count@entry=0) at /test/10.10_dbg/sql/item.cc:2922
 
#20 0x00005626651ab1a5 in Item_sp::execute (this=this@entry=0x14a4a4014410, thd=0x14a4a4000db8, null_value=null_value@entry=0x14a4a40143cc, args=args@entry=0x0, arg_count=arg_count@entry=0) at /test/10.10_dbg/sql/item.cc:2836
 
#21 0x0000562665222c87 in Item_func_sp::execute (this=this@entry=0x14a4a4014368) at /test/10.10_dbg/sql/item_func.cc:6629
 
#22 0x00005626652374d1 in Item_func_sp::val_int (this=0x14a4a4014368) at /test/10.10_dbg/sql/item_func.h:3881
 
#23 0x00005626650abc9f in Type_handler::Item_send_long (this=<optimized out>, item=0x14a4a4014368, protocol=0x14a4a40013c0, buf=<optimized out>) at /test/10.10_dbg/sql/sql_type.cc:7499
 
#24 0x00005626650b4ba1 in Type_handler_long::Item_send (this=<optimized out>, item=<optimized out>, protocol=<optimized out>, buf=<optimized out>) at /test/10.10_dbg/sql/sql_type.h:5687
 
#25 0x0000562664d6acee in Item::send (this=0x14a4a4014368, protocol=0x14a4a40013c0, buffer=0x14a4f8d1d010) at /test/10.10_dbg/sql/item.h:1227
 
#26 0x0000562664da1ac9 in Protocol::send_result_set_row (this=this@entry=0x14a4a40013c0, row_items=row_items@entry=0x14a4a4013f78) at /test/10.10_dbg/sql/protocol.cc:1328
 
#27 0x0000562664e2f7bb in select_send::send_data (this=0x14a4a4017bc8, items=@0x14a4a4013f78: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14a4a4014e50, last = 0x14a4a4014e50, elements = 1}, <No data fields>}) at /test/10.10_dbg/sql/sql_class.cc:3101
 
#28 0x0000562664f0aff9 in select_result_sink::send_data_with_check (sent=<optimized out>, u=<optimized out>, items=@0x14a4a4013f78: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14a4a4014e50, last = 0x14a4a4014e50, elements = 1}, <No data fields>}, this=<optimized out>) at /test/10.10_dbg/sql/sql_class.h:5699
 
#29 end_send (join=join@entry=0x14a4a40a0df0, join_tab=join_tab@entry=0x0, end_of_records=end_of_records@entry=false) at /test/10.10_dbg/sql/sql_select.cc:22976
 
#30 0x0000562664f260e1 in do_select (procedure=<optimized out>, join=0x14a4a40a0df0) at /test/10.10_dbg/sql/sql_select.cc:21224
 
#31 JOIN::exec_inner (this=this@entry=0x14a4a40a0df0) at /test/10.10_dbg/sql/sql_select.cc:4804
 
#32 0x0000562664f26930 in JOIN::exec (this=this@entry=0x14a4a40a0df0) at /test/10.10_dbg/sql/sql_select.cc:4582
 
#33 0x0000562664f246b4 in mysql_select (thd=thd@entry=0x14a4a4000db8, tables=0x14a4a4015bc8, fields=@0x14a4a4013f78: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14a4a4014e50, last = 0x14a4a4014e50, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x14a4a4017bc8, unit=0x14a4a4004ff0, select_lex=0x14a4a4013cd8) at /test/10.10_dbg/sql/sql_select.cc:5062
 
#34 0x0000562664f24eaa in handle_select (thd=thd@entry=0x14a4a4000db8, lex=lex@entry=0x14a4a4004f18, result=result@entry=0x14a4a4017bc8, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.10_dbg/sql/sql_select.cc:581
 
#35 0x0000562664e8f258 in execute_sqlcom_select (thd=thd@entry=0x14a4a4000db8, all_tables=0x14a4a4015bc8) at /test/10.10_dbg/sql/sql_parse.cc:6261
 
#36 0x0000562664e9b56a in mysql_execute_command (thd=thd@entry=0x14a4a4000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.10_dbg/sql/sql_parse.cc:3945
 
#37 0x0000562664e89534 in mysql_parse (thd=thd@entry=0x14a4a4000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14a4f8d1e330) at /test/10.10_dbg/sql/sql_parse.cc:8037
 
#38 0x0000562664e96b1c in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14a4a4000db8, packet=packet@entry=0x14a4a400b6e9 "", packet_length=packet_length@entry=28, blocking=blocking@entry=true) at /test/10.10_dbg/sql/sql_class.h:1366
 
#39 0x0000562664e99226 in do_command (thd=0x14a4a4000db8, blocking=blocking@entry=true) at /test/10.10_dbg/sql/sql_parse.cc:1407
 
#40 0x0000562664ffa744 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x562667b19c88, put_in_cache=put_in_cache@entry=true) at /test/10.10_dbg/sql/sql_connect.cc:1418
 
#41 0x0000562664ffac4d in handle_one_connection (arg=0x562667b19c88) at /test/10.10_dbg/sql/sql_connect.cc:1312
 
#42 0x000014a512595609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#43 0x000014a512181133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.3.36 (dbg), 10.3.36 (opt), 10.4.26 (dbg), 10.4.26 (opt), 10.5.17 (dbg), 10.5.17 (opt), 10.6.9 (dbg), 10.6.9 (opt), 10.7.5 (dbg), 10.7.5 (opt), 10.8.4 (dbg), 10.8.4 (opt), 10.9.2 (dbg), 10.9.2 (opt), 10.10.0 (dbg), 10.10.0 (opt)

Bug (or feature/syntax) confirmed not present in:
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.38 (dbg), 5.7.38 (opt), 8.0.29 (dbg), 8.0.29 (opt)

Generated at Thu Feb 08 09:20:38 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.