A Lightweight SQL Database for Cloud Infrastructure and Web Applications

crash / assertion in add_found_match_trig_cond

Reported by Patrick Crews on 2010-05-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Drizzle
Low
Prafulla Tekawade
Dexter
Low
Prafulla Tekawade

Bug Description

There is a crash in add_found_match_trig_cond, which is a carry-over from the MySQL codebase:
http://bugs.mysql.com/bug.php?id=51780 - randgen outer_join.yy causes crash in add_found_match_trig_cond
http://bugs.mysql.com/bug.php?id=48971 - is the original bug, but has been marked private.

This happens with some regularity with the outer_join grammar, which focuses on creating some hairy multi-table (up to 15 or so) queries.

MySQL stacktrace:
...
# 2010-03-05T22:39:42 #0 0xb80d1430 in __kernel_vsyscall ()
# 2010-03-05T22:39:42 #0 0xb80d1430 in __kernel_vsyscall ()
# 2010-03-05T22:39:42 #1 0xb80aa1c8 in pthread_kill () from
/lib/tls/i686/cmov/libpthread.so.0
# 2010-03-05T22:39:42 #2 0x0860acd9 in my_write_core (sig=11) at stacktrace.c:329
# 2010-03-05T22:39:42 #3 0x08282372 in handle_segfault (sig=11) at mysqld.cc:2569
# 2010-03-05T22:39:42 #4 <signal handler called>
# 2010-03-05T22:39:42 #5 0x082fee3f in add_found_match_trig_cond (tab=0x0,
cond=0xa680c28, root_tab=0xa67f6b8) at sql_select.cc:6042
# 2010-03-05T22:39:42 #6 0x083107d7 in make_join_select (join=0xa4ac590,
select=0xa5ef3a0, cond=0xa4ac070) at sql_select.cc:6489
# 2010-03-05T22:39:42 #7 0x0831cb5a in JOIN::optimize (this=0xa4ac590) at
sql_select.cc:1115
# 2010-03-05T22:39:42 #8 0x0831ff67 in mysql_select (thd=0xa2de3d8,
rref_pointer_array=0xa2df878, tables=0xa2af998, wild_num=0, fields=@0xa2df814,
conds=0xa4ac070, og_num=5, order=0x0, group=0xa4ac1a8, having=0x0,
# 2010-03-05T22:39:42 proc_param=0x0, select_options=2147764738, result=0xa4ac578,
unit=0xa2df510, select_lex=0xa2df780) at sql_select.cc:2471
# 2010-03-05T22:39:42 #9 0x0832597b in handle_select (thd=0xa2de3d8, lex=0xa2df4b4,
result=0xa4ac578, setup_tables_done_option=0) at sql_select.cc:269
# 2010-03-05T22:39:42 #10 0x08293015 in execute_sqlcom_select (thd=0xa2de3d8,
all_tables=0xa2af998) at sql_parse.cc:5052
# 2010-03-05T22:39:42 #11 0x082952bc in mysql_execute_command (thd=0xa2de3d8) at
sql_parse.cc:2248
# 2010-03-05T22:39:42 #12 0x0829ed0a in mysql_parse (thd=0xa2de3d8,
# 2010-03-05T22:39:42 inBuf=0xa2aec60 "SELECT STRAIGHT_JOIN MIN( table2 .
`col_int` ) AS field1 , table1 . `col_int_key` AS field2 , table3 . `col_int_key` AS
field3 , table1 . `pk` AS field4 , table2 . `pk` AS field5 , table1 . `col_in"...,
length=904, found_semicolon=0xb2ffd080) at sql_parse.cc:5971
# 2010-03-05T22:39:42 #13 0x0829fb2e in dispatch_command (command=COM_QUERY,
thd=0xa2de3d8,
# 2010-03-05T22:39:42 packet=0xa2c0b91 " SELECT STRAIGHT_JOIN MIN( table2 .
`col_int` ) AS field1 , table1 . `col_int_key` AS field2 , table3 . `col_int_key` AS
field3 , table1 . `pk` AS field4 , table2 . `pk` AS field5 , table1 . `col_"...,
packet_length=909) at sql_parse.cc:1233
# 2010-03-05T22:39:42 #14 0x082a1093 in do_command (thd=0xa2de3d8) at sql_parse.cc:874
# 2010-03-05T22:39:42 #15 0x0828c153 in handle_one_connection (arg=0xa2de3d8) at
sql_connect.cc:1127
# 2010-03-05T22:39:42 #16 0xb80a54ff in start_thread () from
/lib/tls/i686/cmov/libpthread.so.0
# 2010-03-05T22:39:42 #17 0xb7f9449e in clone () from /lib/tls/i686/cmov/libc.so.6

Patrick Crews (patrick-crews) wrote :

test case for Drizzle:
try to record the result for it and observe the crash

#/* Begin test case for query 0 */

--disable_warnings
DROP TABLE /*! IF EXISTS */ A;
DROP TABLE /*! IF EXISTS */ C;
DROP TABLE /*! IF EXISTS */ BB;
DROP TABLE /*! IF EXISTS */ B;
--enable_warnings

CREATE TABLE `A` (
  `pk` int NOT NULL AUTO_INCREMENT,
  `int_key` int DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `int_key` (`int_key`),
  KEY `varchar_key` (`int_key`)
) ;
CREATE TABLE `C` (
  `pk` int NOT NULL AUTO_INCREMENT,
  `int_key` int DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `int_key` (`int_key`),
  KEY `varchar_key` (`int_key`)
) AUTO_INCREMENT=21 ;
INSERT INTO `C` VALUES (1,2);
INSERT INTO `C` VALUES (2,9);
INSERT INTO `C` VALUES (3,3);
INSERT INTO `C` VALUES (4,9);
INSERT INTO `C` VALUES (5,NULL);
INSERT INTO `C` VALUES (6,9);
INSERT INTO `C` VALUES (7,3);
INSERT INTO `C` VALUES (8,8);
INSERT INTO `C` VALUES (9,8);
INSERT INTO `C` VALUES (10,53);
INSERT INTO `C` VALUES (11,0);
INSERT INTO `C` VALUES (12,5);
INSERT INTO `C` VALUES (13,166);
INSERT INTO `C` VALUES (14,3);
INSERT INTO `C` VALUES (15,0);
INSERT INTO `C` VALUES (16,1);
INSERT INTO `C` VALUES (17,9);
INSERT INTO `C` VALUES (18,5);
INSERT INTO `C` VALUES (19,6);
INSERT INTO `C` VALUES (20,2);
CREATE TABLE `BB` (
  `pk` int NOT NULL AUTO_INCREMENT,
  `int_key` int DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `int_key` (`int_key`),
  KEY `varchar_key` (`int_key`)
) AUTO_INCREMENT=11 ;
INSERT INTO `BB` VALUES (10,8);
CREATE TABLE `B` (
  `pk` int NOT NULL AUTO_INCREMENT,
  `int_key` int DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `int_key` (`int_key`),
  KEY `varchar_key` (`int_key`)
) AUTO_INCREMENT=2 ;
INSERT INTO `B` VALUES (1,7);

SELECT table1 .`int_key`
FROM BB table1 LEFT JOIN BB table2 LEFT JOIN B table4 JOIN C table5 ON table5
.`pk`
 ON table4 .`pk` LEFT JOIN A JOIN BB table8 ON table8 .`pk` RIGHT JOIN BB table9
JOIN C table10 ON table10 .`int_key` ON table9 .`pk` ON table5 .`int_key` = table9
.`pk` RIGHT JOIN BB table11 LEFT JOIN C table12 JOIN BB table14 ON table12 .`pk`
=
table14 .`int_key` ON table11 .`int_key` = table12 .`pk` ON table5 .`int_key` =
table14 .`int_key` ON table2 .`pk`
WHERE table1 .`pk`
HAVING 55 ;

DROP TABLE A;
DROP TABLE C;
DROP TABLE BB;
DROP TABLE B;
#/* End of test case for query 0 */

Patrick Crews (patrick-crews) wrote :

Setting this to Low as the query involves a large number of tables and a crazy HAVING condition. This is likely to be a rare / corner case.

Changed in drizzle:
status: New → Confirmed
importance: Undecided → Medium
importance: Medium → Low
Patrick Crews (patrick-crews) wrote :

backtrace:

#0 drizzled::add_found_match_trig_cond (tab=0x0, cond=0x207df30, root_tab=0x207cf70) at drizzled/sql_select.cc:1205
#1 0x0000000000612621 in drizzled::add_found_match_trig_cond (tab=0x207c4f0, cond=0x207df30, root_tab=0x207cf70) at drizzled/sql_select.cc:1205
#2 0x00000000005945a8 in make_join_select (this=0x2074988) at drizzled/join.cc:4827
#3 drizzled::Join::optimize (this=0x2074988) at drizzled/join.cc:641
#4 0x00000000006147a5 in drizzled::mysql_select (session=0x1702c80, rref_pointer_array=<value optimized out>, tables=0x2050b08, wild_num=0, fields=..., conds=0x0, og_num=0,
    order=0x0, group=0x0, having=0x2067228, select_options=2147500032, result=0x20673f8, unit=0x17036e8, select_lex=0x17038f8) at drizzled/sql_select.cc:412
#5 0x0000000000615120 in drizzled::handle_select (session=0x1702c80, lex=0x17036c8, result=0x20673f8, setup_tables_done_option=0) at drizzled/sql_select.cc:146
#6 0x000000000060ecd5 in drizzled::execute_sqlcom_select (session=0x1702c80, all_tables=0x2050b08) at drizzled/sql_parse.cc:543
#7 0x000000000060e94e in mysql_execute_command (session=0x1702c80, inBuf=<value optimized out>, length=<value optimized out>) at drizzled/sql_parse.cc:478
#8 drizzled::mysql_parse (session=0x1702c80, inBuf=<value optimized out>, length=<value optimized out>) at drizzled/sql_parse.cc:733
#9 0x0000000000610b12 in drizzled::dispatch_command (command=drizzled::COM_QUERY, session=0x1702c80,
    packet=0x2048771 "SELECT table1 .`int_key`\nFROM BB table1 LEFT JOIN BB table2 LEFT JOIN B table4 JOIN C table5 ON table5\n.`pk`\n ON table4 .`pk` LEFT JOIN A JOIN BB table8 ON table8 .`pk` RIGHT JOIN BB table9\nJOIN C tab"..., packet_length=<value optimized out>) at drizzled/sql_parse.cc:223
#10 0x00000000005de61f in drizzled::Session::executeStatement (this=0x1702c80) at drizzled/session.cc:694
#11 0x00000000005dffe2 in drizzled::Session::run (this=0x1702c80) at drizzled/session.cc:553
#12 0x00007f687f787083 in MultiThreadScheduler::runSession (arg=<value optimized out>) at ./plugin/multi_thread/multi_thread.h:67
#13 session_thread (arg=<value optimized out>) at plugin/multi_thread/multi_thread.cc:43
#14 0x00007f688360e9ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
#15 0x00007f688336c6cd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#16 0x0000000000000000 in ?? ()

Fix for 592444 which is in this branch
https://code.launchpad.net/~prafulla-tekawade/drizzle/dr-bug-592444
Fixes this issue too.

Changed in drizzle:
assignee: nobody → Prafulla Tekawade (prafulla-tekawade)
status: Confirmed → In Progress

Fix merged at rev 1664

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers