Server crashes in Bitmap<64u>::merge on INSERT .. SELECT executed as PS, with derived_merge=on, NATURAL JOIN, constant table, MyISAM or Aria
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
MariaDB |
Fix Released
|
High
|
Oleksandr "Sanja" Byelkin |
Bug Description
#5 0x08210bff in Bitmap<64u>::merge (this=0xe0, map2=...)
at sql_bitmap.h:161
#6 0x0835c044 in add_key_field (join=0x948f680, key_fields=
and_level=0, cond=0x94903d0, field=0x9492708, eq_func=true,
value=
sargables=
#7 0x0835d108 in add_key_fields (join=0x948f680, key_fields=
and_
usable_
at sql_select.cc:4365
#8 0x0835dd0e in update_ref_and_keys (thd=0x93f0728, keyuse=0x948f860,
join_
normal_
sargables=
#9 0x0835a085 in make_join_
conds=
#10 0x083532c5 in JOIN::optimize (this=0x948f680) at sql_select.cc:1150
#11 0x08359140 in mysql_select (thd=0x93f0728, rref_pointer_
tables=
order=0x0, group=0x0, having=0x0, proc_param=0x0,
select_
select_
#12 0x08350e43 in handle_select (thd=0x93f0728, lex=0x9471428,
result=
at sql_select.cc:285
#13 0x082e6053 in mysql_execute_
#14 0x083a5da6 in Prepared_
expanded_
#15 0x083a52bb in Prepared_
expanded_
at sql_prepare.cc:3413
#16 0x083a3b83 in mysql_sql_
at sql_prepare.cc:2638
#17 0x082e329b in mysql_execute_
#18 0x082ee4d4 in mysql_parse (thd=0x93f0728,
rawbuf=
at sql_parse.cc:6152
#19 0x082e0eb5 in dispatch_command (command=COM_QUERY, thd=0x93f0728,
packet=
#20 0x082e035f in do_command (thd=0x93f0728) at sql_parse.cc:923
#21 0x082dd2e5 in handle_
at sql_connect.cc:1193
#22 0xb782bb25 in start_thread () from /lib/libpthread
bzr version-info
revision-id: <email address hidden>
date: 2012-03-29 21:58:40 +0200
build-date: 2012-03-30 03:22:23 +0400
revno: 3482
Notes:
Also crashes on MariaDB 5.5 revno 3353.
No crash on MariaDB 5.2, MySQL trunk.
No crash when t1 has more than 1 row.
No crash if t1 is an InnoDB table.
No crash if FROM subquery is replaced with a view (either MERGE or TEMPTABLE).
No crash if executed as SELECT, without INSERT.
No if executed outside the prepared statement.
Minimal optimizer_switch: derived_merge=on
Full optimizer_switch (default): on,index_
EXPLAIN for the SELECT part with minimal optimizer_switch (derived_merge=on, everything else OFF):
id select_type table type possible_keys key key_len ref rows filtered Extra
1 SIMPLE t1 system a NULL NULL NULL 1 100.00
1 SIMPLE alias2 ref a a 5 const 1 100.00Using index
Warnings:
Note 1003 select 1 AS `a` from `test`.`t1` join `test`.`t2` `alias2` where (`test`
Test case:
SET optimizer_switch = 'derived_merge=on';
CREATE TABLE t1 ( a INT, INDEX(a) ) ENGINE=MyISAM;
INSERT INTO t1 VALUES (1);
CREATE TABLE t2 ( a INT, INDEX(a) );
INSERT INTO t2 VALUES (1),(2);
EXPLAIN EXTENDED
SELECT a FROM
( SELECT a FROM test.t1 ) AS alias1
NATURAL JOIN t2 AS alias2;
PREPARE stmt FROM "
INSERT INTO t1
SELECT a FROM
( SELECT a FROM test.t1 ) AS alias1
NATURAL JOIN t2 AS alias2
";
EXECUTE stmt;
# End of test case
Changed in maria: | |
status: | New → Confirmed |
Changed in maria: | |
status: | Confirmed → In Progress |
Changed in maria: | |
assignee: | Igor Babaev (igorb-seattle) → Oleksandr "Sanja" Byelkin (sanja-byelkin) |
Changed in maria: | |
status: | In Progress → Fix Released |
Setting importance to High (rather than Critical) for now due to the combination of PS, NATURAL JOIN, constant table -- looks like an edge case. Please adjust if needed.