Drizzle

Crash / segfault in drizzled::Item_func::arguments (this=0x35) at ./drizzled/function/func.h:165

Bug #628912 reported by Patrick Crews
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Drizzle
Fix Released
High
Andrew Hutchings
Drizzle 2010-12-20
7.0
Fix Released
High
Andrew Hutchings
Drizzle 2010-12-20

Bug Description

Crashing bug / segfault:

Query:
SELECT SQL_SMALL_RESULT table1 . `col_bigint_key` AS field1 FROM ( CC AS table1 RIGHT JOIN ( ( BB AS table2 LEFT JOIN BB AS table3 ON (table3 . `col_char_10_not_null_key` = table2 . `col_char_1024_not_null` ) ) ) ON (table3 . `col_char_10_not_null_key` = table2 . `col_text` ) ) WHERE ( EXISTS ( ( SELECT SUBQUERY1_t1 . `col_char_10` AS SUBQUERY1_field1 FROM ( CC AS SUBQUERY1_t1 STRAIGHT_JOIN AA AS SUBQUERY1_t2 ON (SUBQUERY1_t2 . `col_int_not_null` = SUBQUERY1_t1 . `pk` ) ) ) ) ) AND ( table1 . `col_char_1024_not_null_key` = 'o' AND table1 . `col_char_1024_not_null_key` = table3 . `col_char_10_not_null_key` ) AND ( table1 . `col_int_key` != table3 . `col_int_not_null_key` AND table3 . `col_char_1024_not_null_key` > 'h' ) ORDER BY table1 . `col_char_10_key` , table2 .`pk` DESC , field1 , table1 . `col_bigint_key` DESC, field1 LIMIT 1 OFFSET 3 ;

Backtrace:
#0 0x00000000006b0b28 in drizzled::Item_func::arguments (this=0x35) at ./drizzled/function/func.h:165
#1 0x00000000007c4096 in propagate_cond_constants (session=0x2d6c000, save_list=..., and_father=0x7f66cc017ba8, cond=0x7f66cc017ba8) at drizzled/sql_select.cc:2728
#2 0x00000000007c460a in drizzled::optimize_cond (join=0x7f66cc0944a8, conds=0x7f66cc017ba8, join_list=0x2d6cdb0, cond_value=0x7f66cc095a88)
    at drizzled/sql_select.cc:2924
#3 0x00000000006eeee5 in drizzled::Join::optimize (this=0x7f66cc0944a8) at drizzled/join.cc:476
#4 0x00000000007be72d in drizzled::mysql_select (session=0x2d6c000, rref_pointer_array=0x2d6ce30, tables=0x2d21298, wild_num=0, fields=..., conds=0x7f66cc015ad8,
    og_num=5, order=0x7f66cc015d10, group=0x0, having=0x0, select_options=2147500040, result=0x7f66cc0174c0, unit=0x2d6ca78, select_lex=0x2d6cc78)
    at drizzled/sql_select.cc:412
#5 0x00000000007be071 in drizzled::handle_select (session=0x2d6c000, lex=0x2d6ca58, result=0x7f66cc0174c0, setup_tables_done_option=0) at drizzled/sql_select.cc:146
#6 0x00000000007ba67b in drizzled::execute_sqlcom_select (session=0x2d6c000, all_tables=0x2d21298) at drizzled/sql_parse.cc:544
#7 0x0000000000813ebb in drizzled::statement::Select::execute (this=0x7f66cc0063c0) at drizzled/statement/select.cc:32
#8 0x00000000007ba206 in mysql_execute_command (session=0x2d6c000) at drizzled/sql_parse.cc:479
#9 0x00000000007bafc8 in drizzled::mysql_parse (session=0x2d6c000,
    inBuf=0x7f66cc013e68 "SELECT SQL_SMALL_RESULT table1 . `col_bigint_key` AS field1 FROM ( CC AS table1 RIGHT JOIN ( ( BB AS table2 LEFT JOIN BB AS table3 ON (table3 . `col_char_10_not_null_key` = table2 . `col_char_1024_not"..., length=851) at drizzled/sql_parse.cc:750
#10 0x00000000007b9b5a in drizzled::dispatch_command (command=drizzled::COM_QUERY, session=0x2d6c000,
    packet=0x2d5f841 "SELECT SQL_SMALL_RESULT table1 . `col_bigint_key` AS field1 FROM ( CC AS table1 RIGHT JOIN ( ( BB AS table2 LEFT JOIN BB AS table3 ON (table3 . `col_char_10_not_null_key` = table2 . `col_char_1024_not"..., packet_length=851) at drizzled/sql_parse.cc:224
#11 0x000000000077d2e3 in drizzled::Session::executeStatement (this=0x2d6c000) at drizzled/session.cc:666
#12 0x000000000077cb8f in drizzled::Session::run (this=0x2d6c000) at drizzled/session.cc:522
#13 0x00007f66e472ab54 in MultiThreadScheduler::runSession (this=0x2ce8c10, session=0x2d6c000) at ./plugin/multi_thread/multi_thread.h:67
#14 0x00007f66e47289e2 in session_thread (arg=0x2d6c000) at plugin/multi_thread/multi_thread.cc:52
#15 0x00007f66e84389ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
#16 0x00007f66e81956fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#17 0x0000000000000000 in ?? ()

Related branches

lp:~linuxjedi/drizzle/trunk-bug-628912
Drizzle Developers: Pending requested
Diff: 202 lines (+103/-16)
4 files modified
drizzled/sql_select.cc (+13/-11)
drizzled/sql_select.h (+2/-5)
tests/suite/regression/r/628912.result (+39/-0)
tests/suite/regression/t/628912.test (+49/-0)
lp:~linuxjedi/drizzle/trunk-bug-628912-take2
Drizzle Developers: Pending requested
Diff: 110 lines (+89/-1)
3 files modified
drizzled/sql_select.cc (+1/-1)
tests/suite/regression/r/628912.result (+39/-0)
tests/suite/regression/t/628912.test (+49/-0)
Revision history for this message
Patrick Crews (patrick-crews) wrote :
Download full text (6.0 KiB)

Test case:

--disable_warnings
DROP TABLE IF EXISTS `aa`;
DROP TABLE IF EXISTS `bb`;
DROP TABLE IF EXISTS `cc`;
--enable_warnings

CREATE TABLE `aa` (
  `pk` int NOT NULL DEFAULT '0',
  `col_int_not_null` int NOT NULL
) ENGINE=InnoDB COLLATE = utf8_general_ci;

INSERT INTO `aa` VALUES (1,-1974206464),(2,3),(3,-274595840),(4,295501824),(5,9),(6,2),(7,-1601306624),(8,-1770323968),(9,256311296),(10,4);

CREATE TABLE `bb` (
  `pk` int NOT NULL DEFAULT '0',
  `col_char_1024_not_null` varchar(1024) NOT NULL,
  `col_text` text,
  `col_char_10_not_null_key` varchar(10) NOT NULL,
  `col_char_1024_not_null_key` varchar(1024) NOT NULL,
  `col_int_not_null_key` int NOT NULL
) ENGINE=InnoDB COLLATE = utf8_general_ci;

INSERT INTO `bb` VALUES (1,'o',NULL,'DCJRX','IHTVZ',1),(2,'a',NULL,'x','a',1),(3,'have',NULL,'ZMHDL','s',-1536425984),(4,'u',NULL,'SJGHS','d',-1443495936),(5,'o',NULL,'his','TTNNK',2),(6,'r',NULL,'m','GKTRR',0),(7,'on',NULL,'i','ZZDWO',8),(8,'IMULJ',NULL,'d','up',476315648),(9,'DXSXG',NULL,'from','would',5),(10,'y',NULL,'h','JNAFV',5);

CREATE TABLE `cc` (
  `pk` int NOT NULL DEFAULT '0',
  `col_char_10_key` varchar(10) DEFAULT NULL,
  `col_bigint_key` bigint DEFAULT NULL,
  `col_char_1024_not_null_key` varchar(1024) NOT NULL,
  `col_int_key` int DEFAULT NULL,
  `col_char_10` varchar(10) DEFAULT NULL
) ENGINE=InnoDB COLLATE = utf8_general_ci;

INSERT INTO `cc` VALUES (1,'the',3,'i',-1463025664,'YUGVN'),(2,'f',NULL,'XECLG',1,'v'),(3,'CHXCP',8,'d',NULL,'DXDTX'),(4,'o',NULL,'t',6,'KPDSD'),(5,'then',-8566972391165526016,'u',6,'good'),(6,'PUPFZ',3465238438284886016,'o',-1792737280,'i'),(7,'GBRLW',5,'c',NULL,'f'),(8,'JIOBF',5086534304138264576,'at',NULL,'hey'),(9,'t',-5575456338684674048,'ZNRQD',-697434112,'oh'),(10,'GSUJC',4584101470709743616,'here',5,'LTSIE'),(11,'h',4,'o',NULL,'do'),(12,'e',-562387003467890688,'x',-590413824,'y'),(13,'IICAV',-4543569074063409152,'u',-1361444864,'AUKYO'),(14,'ICGLZ',NULL,'LDJHS',4,'up'),(15,'s',5726326926201585664,'UPJBO',-1007222784,'got'),(16,'SLJVT',NULL,'m',1,'will'),(17,'h',2685552752796368896,'good',1218904064,'get'),(18,'e',4,'some',-173867008,'t'),(19,'of',5556878990221770752,'your',1303904256,'n'),(20,'CMAUM',NULL,'BDKSY',NULL,'DKZIN'),(21,'p',5,'HOAIC',4,'about'),(22,'there',5,'it\'s',NULL,'h'),(23,'FROKO',8,'EFUWM',-1373306880,'r'),(24,'q',NULL,'h',-1661861888,'c'),(25,'USSFF',6,'back',NULL,'v'),(26,'MHEWI',8460574849968898048,'ZGLZY',NULL,'okay'),(27,'MGUNW',NULL,'h',1,'ARMAV'),(28,'I',8,'SUIER',NULL,'y'),(29,'would',NULL,'h',2,'NJMOR'),(30,'w',5,'yeah',1109327872,'XPTLS'),(31,'QQRWR',-8727694602867310592,'f',-118751232,'z'),(32,'MILUI',2,'b',NULL,'want'),(33,'think',NULL,'e',NULL,'WJNIY'),(34,'OLMSJ',NULL,'TYOJE',1,'just'),(35,'he',NULL,'l',NULL,'NXTLD'),(36,'PRZKV',9,'s',-758710272,'well'),(37,'XSTUZ',4,'TJUWY',NULL,'you\'re'),(38,'AQEZP',4537095149599064064,'i',NULL,'and'),(39,'she',4,'he\'s',7,'FLKCN'),(40,'ASQVK',3300294101932441600,'they',4,'but'),(41,'n',1509550300099248128,'EOKCZ',1064828928,'RYFVG'),(42,'PWKPB',NULL,'have',-228655104,'u'),(43,'SLXQG',1423700432202498048,'AILLJ',1790443520,'of'),(44,'BJDGL',7180145180912123904,'when',1,'y'),(45,'they',NULL,'z',NULL,'HVBAT'),(46,'UYZTE',9,'how...

Read more...

Revision history for this message
Travis Davies (travisdaveez) wrote :
Download full text (3.6 KiB)

CONFIRMED.

// RUN AS TEST CASE

./test-run --suite=broken 628912.test
Logging: ./test-run --suite=broken 628912.test
Drizzle Version 2010.09.1746
Using MTR_BUILD_THREAD = -69.4
Using MASTER_MYPORT = 9306
Using MASTER_MYPORT1 = 9307
Using SLAVE_MYPORT = 9308
Using SLAVE_MYPORT1 = 9309
Using SLAVE_MYPORT2 = 9310
Using MC_PORT = 9316
Killing Possible Leftover Processes
Removing Stale Files
Creating Directories
================================================================================
DEFAULT STORAGE ENGINE: innodb
TEST RESULT TIME (ms)
--------------------------------------------------------------------------------

broken.628912 [ fail ]
drizzletest: The specified result file does not exist: '/home/tdavies/hacking/dizzle/drizzle_latest/tests/suite/broken/r/628912.result'

The result from queries just before the failure was:
< snip >
`col_int_not_null` int NOT NULL
) ENGINE=InnoDB COLLATE = utf8_general_ci;
INSERT INTO `aa` VALUES (1,-1974206464),(2,3),(3,-274595840),(4,295501824),(5,9),(6,2),(7,-1601306624),(8,-1770323968),(9,256311296),(10,4);
CREATE TABLE `bb` (
`pk` int NOT NULL DEFAULT '0',
`col_char_1024_not_null` varchar(1024) NOT NULL,
`col_text` text,
`col_char_10_not_null_key` varchar(10) NOT NULL,
`col_char_1024_not_null_key` varchar(1024) NOT NULL,
`col_int_not_null_key` int NOT NULL
) ENGINE=InnoDB COLLATE = utf8_general_ci;
INSERT INTO `bb` VALUES (1,'o',NULL,'DCJRX','IHTVZ',1),(2,'a',NULL,'x','a',1),(3,'have',NULL,'ZMHDL','s',-1536425984),(4,'u',NULL,'SJGHS','d',-1443495936),(5,'o',NULL,'his','TTNNK',2),(6,'r',NULL,'m','GKTRR',0),(7,'on',NULL,'i','ZZDWO',8),(8,'IMULJ',NULL,'d','up',476315648),(9,'DXSXG',NULL,'from','would',5),(10,'y',NULL,'h','JNAFV',5);
CREATE TABLE `cc` (
`pk` int NOT NULL DEFAULT '0',
`col_char_10_key` varchar(10) DEFAULT NULL,
`col_bigint_key` bigint DEFAULT NULL,
`col_char_1024_not_null_key` varchar(1024) NOT NULL,
`col_int_key` int DEFAULT NULL,
`col_char_10` varchar(10) DEFAULT NULL
) ENGINE=InnoDB COLLATE = utf8_general_ci;

More results from queries before failure can be found in /home/tdavies/hacking/dizzle/drizzle_latest/tests/var/log/628912.log

Aborting: broken.628912 failed in default mode.
To continue, re-run with '--force'.
Stopping All Servers

// RUN IN CLIENT:
// LAST COMMAND GIVEN...

drizzle> SELECT SQL_SMALL_RESULT table1 . `col_bigint_key` AS field1
    -> FROM ( CC AS table1 RIGHT JOIN ( ( BB AS table2 LEFT JOIN BB AS table3
    -> ON (table3 . `col_char_10_not_null_key` = table2 . `col_char_1024_not_null` ) ) )
    -> ON (table3 . `col_char_10_not_null_key` = table2 . `col_text` ) )
    -> WHERE
    -> ( EXISTS ( ( SELECT SUBQUERY1_t1 . `col_char_10` AS SUBQUERY1_field1
    -> FROM ( CC AS SUBQUERY1_t1 STRAIGHT_JOIN AA AS SUBQUERY1_t2 ON (SUBQUERY1_t2 . `col_int_not_null` = SUBQUERY1_t1 . `pk` ) ) ) ) )
    -> AND ( table1 . `col_char_1024_not_null_key` = 'o' AND table1 . `col_char_1024_not_null_key` = table3 . `col_char_10_not_null_key` )
    -> AND ( table1 . `col_int_key` != table3 . `col_int_not_null_key`
   ...

Read more...

Changed in drizzle:
status: New → Confirmed
Andrew Hutchings (linuxjedi)
Changed in drizzle:
assignee: nobody → Andrew Hutchings (linuxjedi)
Revision history for this message
Andrew Hutchings (linuxjedi) wrote :

Original fix had to be reverted due to valgrind problems, take two coming shortly

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.