Bug #119601 Crash for show processlist when use cursor
Submitted: 28 Dec 11:55 Modified: 28 Dec 11:59
Reporter: Qingping Zhu Email Updates:
Status: Open Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:8.0.41 OS:CentOS
Assigned to: CPU Architecture:Any (x86)

[28 Dec 11:55] Qingping Zhu 
Description:
If choose memory as tmp table engine, SQL show processlist trigger crash when use cursor.

The reason is that in function 'mysqld_list_processes', we do not call 'Query_result::start_execution', result in tmp table was created but do not open, then trigger crash in funcion 'heap_scan_init' since 'ha_heap::file' is nullptr.

How to repeat:
./mtr --mysqld=--internal_tmp_mem_storage_engine='memory' main.mysql_client_test

2025-12-28T10:19:34Z UTC - mysqld got signal 11 ;
Most likely, you have hit a bug, but this error can also be caused by malfunctioning hardware.
BuildID[sha1]=3913b0ea74972bc83cad0126e719dac36d81247e
Thread pointer: 0x7f0b98000940
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
2025-12-28T18:19:34.231919+08:00 0 139693696390912 [Note] [MY-011953] [InnoDB] Page cleaner took 1250539ms to flush 0 and evict 0 pages
stack_bottom = 7f0cf8264ea0 thread_stack 0x100000
install/bin/mysqld(my_print_stacktrace(unsigned char const*, unsigned long)+0x43) [0x55738f7fbe1a]
install/bin/mysqld(print_fatal_signal(int)+0x38a) [0x55738e37b1bb]
install/bin/mysqld(handle_fatal_signal+0x69) [0x55738e37b39d]
/lib64/libpthread.so.0(+0xf6d0) [0x7f0d1b0646d0]
install/bin/mysqld(heap_scan_init(HP_INFO*)+0x30) [0x5573907c53ce]
install/bin/mysqld(ha_heap::rnd_init(bool)+0x2a) [0x5573907bd13c]
install/bin/mysqld(handler::ha_rnd_init(bool)+0x10a) [0x55738e51257a]
install/bin/mysqld(Materialized_cursor::open(THD*)+0xa6) [0x55738e07b40a]
install/bin/mysqld(Prepared_statement::execute(THD*, String*, bool)+0x9fb) [0x55738e16d913]
install/bin/mysqld(Prepared_statement::execute_loop(THD*, String*, bool)+0x394) [0x55738e16bd14]
install/bin/mysqld(mysqld_stmt_execute(THD*, Prepared_statement*, bool, unsigned long, PS_PARAM*)+0x204) [0x55738e168def]
install/bin/mysqld(dispatch_command(THD*, COM_DATA const*, enum_server_command)+0x1111) [0x55738e10e764]
install/bin/mysqld(do_command(THD*)+0x5b0) [0x55738e10c8db]
install/bin/mysqld(+0x3f294b0) [0x55738e3664b0]
install/bin/mysqld(+0x64033b9) [0x5573908403b9]
/lib64/libpthread.so.0(+0x7df5) [0x7f0d1b05cdf5]
/lib64/libc.so.6(clone+0x6d) [0x7f0d17bf3f4d]

Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (7f0b982b6f90): SHOW PROCESSLIST
Connection ID (thread ID): 9
Status: NOT_KILLED

The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.
Writing a core file

Suggested fix:
Refer to the Performance Schema is configured to support show processlist scenario, we call 'Query_result::start_execution' before 'THD::send_result_metadata'.

diff --git a/mysql-test/t/mysql_client_test.test b/mysql-test/t/mysql_client_test.test
index 1c96d39..a9daded 100644
--- a/mysql-test/t/mysql_client_test.test
+++ b/mysql-test/t/mysql_client_test.test
@@ -93,6 +93,21 @@ EOF
 --echo #   Delete log files.
 --remove_files_wildcard $MYSQL_TMP_DIR *.log
 
+--echo #
+--echo # BUG2025121128255 Crash in functin 'heap_scan_init' for SHOW PROCESSLIST
+--echo #
+--echo # Restart the server with memory as default tmp storage engine.
+--let $restart_parameters= restart: --internal_tmp_mem_storage_engine=memory
+--source include/start_mysqld.inc
+
+--echo # Run the single test.
+--echo # Following command would crash if run without fix.
+--exec $MYSQL_CLIENT_TEST test_cursor_for_show >> $MYSQLTEST_VARDIR/log/mysql_client_test.out.log 2>&1
+
+--echo # Shutdown server.
+--let $shutdown_server_timeout= 300
+--source include/shutdown_mysqld.inc
+
 --echo # Restart server without --lower-case-table-names
 --let $restart_parameters= restart:
 --source include/start_mysqld.inc
diff --git a/sql/sql_show.cc b/sql/sql_show.cc
index 9936cd2..2e43dcc 100644
--- a/sql/sql_show.cc
+++ b/sql/sql_show.cc
@@ -592,6 +592,8 @@ bool Sql_cmd_show_processlist::execute_inner(THD *thd) {
     return Sql_cmd_show::execute_inner(thd);
   } else {
     DEBUG_SYNC(thd, "pfs_show_processlist_legacy");
+    /* Prepare for execution of show processlist statement. */
+    if (query_result()->start_execution(thd)) return true;
     mysqld_list_processes(thd,
                           thd->security_context()->check_access(PROCESS_ACL)
                               ? NullS
[28 Dec 11:59] Qingping Zhu 
Crash issue I think should be serious.