MariaDB

RQG: Crash in copy_fields() with subquery cache enabled

Bug #608834 reported by Philip Stoev on 2010-07-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	MariaDB	Fix Released	High	Oleksandr "Sanja" Byelkin	MariaDB 5.3

Bug Description

The query for this bug is a superset of the query for bug #608824, but the backtrace is different. For some reason, automatic simplification was not possible so the originally generated, unsimplified query will be provided for this report.

backtrace:

#3 0x0827e8f8 in handle_segfault (sig=11) at mysqld.cc:2703
#4 <signal handler called>
#5 0x08327aa1 in copy_fields (param=0xb5e7877c) at sql_select.cc:17246
#6 0x083202ab in end_send_group (join=0xb5e73ae8, join_tab=0xb5e8b438, end_of_records=false) at sql_select.cc:14236
#7 0x0831df08 in evaluate_join_record (join=0xb5e73ae8, join_tab=0xb5e8b278, error=0) at sql_select.cc:13294
#8 0x0831d8af in sub_select (join=0xb5e73ae8, join_tab=0xb5e8b278, end_of_records=false) at sql_select.cc:13103
#9 0x0831df08 in evaluate_join_record (join=0xb5e73ae8, join_tab=0xb5e8b0b8, error=0) at sql_select.cc:13294
#10 0x0831d8af in sub_select (join=0xb5e73ae8, join_tab=0xb5e8b0b8, end_of_records=false) at sql_select.cc:13103
#11 0x0831ccae in do_select (join=0xb5e73ae8, fields=0xb5e78888, table=0x0, procedure=0x0) at sql_select.cc:12649
#12 0x083030cf in JOIN::exec (this=0xb5e73ae8) at sql_select.cc:2355
#13 0x082352b1 in subselect_single_select_engine::exec (this=0xb5e5e0f8) at item_subselect.cc:2716
#14 0x0822f9e3 in Item_subselect::exec (this=0xb5e5e038) at item_subselect.cc:481
#15 0x082308cd in Item_singlerow_subselect::val_int (this=0xb5e5e038) at item_subselect.cc:918
#16 0x081cf2fc in Item::val_int_result (this=0xb5e5e038) at item.h:779
#17 0x081cb196 in Item_cache_int::cache_value (this=0xb5e882c0) at item.cc:7712
#18 0x081d2f4c in Item_cache_wrapper::cache (this=0xb5e88260) at item.cc:6725
#19 0x081c8812 in Item_cache_wrapper::val_int (this=0xb5e88260) at item.cc:6779
#20 0x081cf2fc in Item::val_int_result (this=0xb5e88260) at item.h:779
#21 0x083c2cbc in make_sortkey (param=0xb6d48c18,
    to=0xb5eeb216 "\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245"...,
    ref_pos=0xb5ead4a8 "\030\236\300\265\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245\245h4z\025\355\003") at filesort.cc:852
#22 0x083c2318 in find_all_keys (param=0xb6d48c18, select=0x0, sort_keys=0xb5ee9c08, buffpek_pointers=0xb6d48a50, tempfile=0xb6d48b34, indexfile=0x0)
    at filesort.cc:625
#23 0x083c0ed1 in filesort (thd=0xa274fd0, table=0xb5eac240, sortorder=0xb5ecd488, s_length=4, select=0x0, max_rows=18446744073709551615,
    sort_positions=false, examined_rows=0xb6d48d80) at filesort.cc:246
#24 0x08324a74 in create_sort_index (thd=0xa274fd0, join=0xb5e69e08, order=0xb5e60e58, filesort_limit=18446744073709551615,
    select_limit=18446744073709551615, is_order_by=false) at sql_select.cc:15849
#25 0x08301d02 in JOIN::exec (this=0xb5e69e08) at sql_select.cc:2068
#26 0x08303802 in mysql_select (thd=0xa274fd0, rref_pointer_array=0xa276a44, tables=0xb5e5e840, wild_num=0, fields=..., conds=0xb5e60c40, og_num=12,
    order=0xb5e611d0, group=0xb5e60d88, having=0x0, proc_param=0x0, select_options=2147764736, result=0xb5e616f8, unit=0xa2766a8, select_lex=0xa276940)
    at sql_select.cc:2556
#27 0x082fbecf in handle_select (thd=0xa274fd0, lex=0xa27664c, result=0xb5e616f8, setup_tables_done_option=0) at sql_select.cc:276
#28 0x0829a5f0 in execute_sqlcom_select (thd=0xa274fd0, all_tables=0xb5e5e840) at sql_parse.cc:5081
#29 0x08290fd0 in mysql_execute_command (thd=0xa274fd0) at sql_parse.cc:2265
#30 0x0829c7d1 in mysql_parse (thd=0xa274fd0,
    inBuf=0xb5e31900 "/* cache is on */ SELECT (\nSELECT 4\nFROM DUAL ) AS field1 , SUM( DISTINCT table1 . `pk` ) AS field2 , (\nSELECT MAX( SUBQUERY2_t1 . `col_int_nokey` ) AS SUBQUERY2_field1\nFROM ( C AS SUBQUERY2_t"..., length=1049, found_semicolon=0xb6d4a230) at sql_parse.cc:6027
#31 0x0828ea02 in dispatch_command (command=COM_QUERY, thd=0xa274fd0,
    packet=0xa28d329 "/* cache is on */ SELECT (\nSELECT 4\nFROM DUAL ) AS field1 , SUM( DISTINCT table1 . `pk` ) AS field2 , (\nSELECT MAX( SUBQUERY2_t1 . `col_int_nokey` ) AS SUBQUERY2_field1\nFROM ( C AS SUBQUERY2_t"..., packet_length=1050) at sql_parse.cc:1184
#32 0x0828dea8 in do_command (thd=0xa274fd0) at sql_parse.cc:890
#33 0x0828b008 in handle_one_connection (arg=0xa274fd0) at sql_connect.cc:1153
#34 0x00a08919 in start_thread () from /lib/libpthread.so.0
#35 0x00951e5e in clone () from /lib/libc.so.6

Tags:

Revision history for this message

Philip Stoev (pstoev-askmonty) wrote on 2010-07-22:

Download full text (5.3 KiB)

Test case:

--disable_warnings
DROP TABLE /*! IF EXISTS */ CC;
DROP TABLE /*! IF EXISTS */ C;
--enable_warnings

CREATE TABLE `CC` (
  `pk` int(11) NOT NULL AUTO_INCREMENT,
  `col_int_nokey` int(11) DEFAULT NULL,
  `col_int_key` int(11) DEFAULT NULL,
  `col_time_key` time DEFAULT NULL,
  `col_varchar_key` varchar(1) DEFAULT NULL,
  `col_varchar_nokey` varchar(1) DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_int_key` (`col_int_key`),
  KEY `col_time_key` (`col_time_key`),
  KEY `col_varchar_key` (`col_varchar_key`,`col_int_key`)
) ENGINE=MyISAM AUTO_INCREMENT=30 DEFAULT CHARSET=latin1;
INSERT INTO `CC` VALUES (10,7,8,'01:27:35','v','v');
INSERT INTO `CC` VALUES (11,1,9,'19:48:31','r','r');
INSERT INTO `CC` VALUES (12,5,9,'00:00:00','a','a');
INSERT INTO `CC` VALUES (13,3,186,'19:53:05','m','m');
INSERT INTO `CC` VALUES (14,6,NULL,'19:18:56','y','y');
INSERT INTO `CC` VALUES (15,92,2,'10:55:12','j','j');
INSERT INTO `CC` VALUES (16,7,3,'00:25:00','d','d');
INSERT INTO `CC` VALUES (17,NULL,0,'12:35:47','z','z');
INSERT INTO `CC` VALUES (18,3,133,'19:53:03','e','e');
INSERT INTO `CC` VALUES (19,5,1,'17:53:30','h','h');
INSERT INTO `CC` VALUES (20,1,8,'11:35:49','b','b');
INSERT INTO `CC` VALUES (21,2,5,NULL,'s','s');
INSERT INTO `CC` VALUES (22,NULL,5,'06:01:40','e','e');
INSERT INTO `CC` VALUES (23,1,8,'05:45:11','j','j');
INSERT INTO `CC` VALUES (24,0,6,'00:00:00','e','e');
INSERT INTO `CC` VALUES (25,210,51,'00:00:00','f','f');
INSERT INTO `CC` VALUES (26,8,4,'06:11:01','v','v');
INSERT INTO `CC` VALUES (27,7,7,'13:02:46','x','x');
INSERT INTO `CC` VALUES (28,5,6,'21:44:25','m','m');
INSERT INTO `CC` VALUES (29,NULL,4,'22:43:58','c','c');
CREATE TABLE `C` (
  `pk` int(11) NOT NULL AUTO_INCREMENT,
  `col_int_nokey` int(11) DEFAULT NULL,
  `col_int_key` int(11) DEFAULT NULL,
  `col_time_key` time DEFAULT NULL,
  `col_varchar_key` varchar(1) DEFAULT NULL,
  `col_varchar_nokey` varchar(1) DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_int_key` (`col_int_key`),
  KEY `col_time_key` (`col_time_key`),
  KEY `col_varchar_key` (`col_varchar_key`,`col_int_key`)
) ENGINE=MyISAM AUTO_INCREMENT=21 DEFAULT CHARSET=latin1;
INSERT INTO `C` VALUES (1,NULL,2,'11:28:45','w','w');
INSERT INTO `C` VALUES (2,7,9,'20:25:14','m','m');
INSERT INTO `C` VALUES (3,9,3,'13:47:24','m','m');
INSERT INTO `C` VALUES (4,7,9,'19:24:11','k','k');
INSERT INTO `C` VALUES (5,4,NULL,'15:59:13','r','r');
INSERT INTO `C` VALUES (6,2,9,'00:00:00','t','t');
INSERT INTO `C` VALUES (7,6,3,'15:15:04','j','j');
INSERT INTO `C` VALUES (8,8,8,'11:32:06','u','u');
INSERT INTO `C` VALUES (9,NULL,8,'18:32:33','h','h');
INSERT INTO `C` VALUES (10,5,53,'15:19:25','o','o');
INSERT INTO `C` VALUES (11,NULL,0,'19:03:19',NULL,NULL);
INSERT INTO `C` VALUES (12,6,5,'00:39:46','k','k');
INSERT INTO `C` VALUES (13,188,166,NULL,'e','e');
INSERT INTO `C` VALUES (14,2,3,'00:00:00','n','n');
INSERT INTO `C` VALUES (15,1,0,'13:12:11','t','t');
INSERT INTO `C` VALUES (16,1,1,'04:56:48','c','c');
INSERT INTO `C` VALUES (17,0,9,'19:56:05','m','m');
INSERT INTO `C` VALUES (18,9,5,'19:35:19','y','y');
INSERT INTO `C` VALUES (19,NULL,6,'05:03:03','f','f');
INSERT INTO `C` VALUES (20,4,2,'18:38:59','d','d');

set ...

Test case:

--disable_warnings
DROP TABLE /*! IF EXISTS */ CC;
DROP TABLE /*! IF EXISTS */ C;
--enable_warnings

set @@optimizer_switch='subquery_cache=off';

/* cache is off */ SELECT     (
SELECT 4
FROM DUAL ) AS field1 , SUM( DISTINCT table1 . `pk` ) AS field2 ,  (
SELECT   MAX(  SUBQUERY2_t1 . `col_int_nokey` ) AS SUBQUERY2_field1
FROM ( C AS SUBQUERY2_t1 INNER JOIN C AS SUBQUERY2_t2 ON (SUBQUERY2_t2 . `col_int_key` = SUBQUERY2_t1 . `pk`  ) )
WHERE SUBQUERY2_t2 . `col_varchar_nokey` <= table1 . `col_varchar_key` OR SUBQUERY2_t1 . `col_int_nokey` < table1 . `pk` ) AS field3 , table1 . `col_time_key` AS field4 , table1 . `col_int_key` AS field5 , CONCAT ( table2 . `col_varchar_nokey` , table1 . `col_varchar_key` ) AS field6
FROM ( C AS table1 INNER JOIN ( ( C AS table2 LEFT JOIN CC AS table3 ON (table3 . `col_varchar_key` = table2 . `col_varchar_key`  ) ) ) ON (table3 . `col_varchar_key` = table2 . `col_varchar_nokey`  ) )
WHERE (  table2 . `col_varchar_nokey` NOT IN (
SELECT 'd' UNION
SELECT 'u' ) ) OR table3 . `col_varchar_nokey` <= table1 . `col_varchar_key`
GROUP BY field1, field3, field4, field5, field6
ORDER BY table1 . `col_int_key`  , field1, field2, field3, field4, field5, field6
;

set @@optimizer_switch='subquery_cache=on';

/* cache is on */ SELECT     (
SELECT 4
FROM DUAL ) AS field1 , SUM( DISTINCT table1 . `pk` ) AS field2 ,  (
SELECT   MAX(  SUBQUERY2_t1 . `col_int_nokey` ) AS SUBQUERY2_field1
FROM ( C AS SUBQUERY2_t1 INNER JOIN C AS SUBQUERY2_t2 ON (SUBQUERY2_t2 . `col_int_key` = SUBQUERY2_t1 . `pk`  ) )
WHERE SUBQUERY2_t2 . `col_varchar_nokey` <= table1 . `col_varchar_key` OR SUBQUERY2_t1 . `col_int_nokey` < table1 . `pk` ) AS field3 , table1 . `col_time_key` AS field4 , table1 . `col_int_key` AS field5 , CONCAT ( table2 . `col_varchar_nokey` , table1 . `col_varchar_key` ) AS field6
FROM ( C AS table1 INNER JOIN ( ( C AS table2 LEFT JOIN CC AS table3 ON (table3 . `col_varchar_key` = table2 . `col_varchar_key`  ) ) ) ON (table3 . `col_varchar_key` = table2 . `col_varchar_nokey`  ) )
WHERE (  table2 . `col_varchar_nokey` NOT IN (
SELECT 'd' UNION
SELECT 'u' ) ) OR table3 . `col_varchar_nokey` <= table1 . `col_varchar_key`
GROUP BY field1, field3, field4, field5, field6
ORDER BY table1 . `col_int_key`  , field1, field2, field3, field4, field5, field6
;

Changed in maria:
importance:	Undecided → High
assignee:	nobody → Oleksandr "Sanja" Byelkin (sanja-byelkin)

Oleksandr "Sanja" Byelkin (sanja-byelkin) on 2010-07-26

Changed in maria:
status:	New → In Progress

Sergei Golubchik (sergii) on 2010-07-27

Changed in maria:
milestone:	none → 5.3

Oleksandr "Sanja" Byelkin (sanja-byelkin) on 2010-07-29

Changed in maria:
status:	In Progress → Fix Committed

Oleksandr "Sanja" Byelkin (sanja-byelkin) on 2011-07-29

Changed in maria:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.