Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-10885

Server crashes in Field::is_null / Protocol_text::store

    XMLWordPrintable

    Details

      Description

      CREATE TABLE t1 (a INT, b VARCHAR(8));
      INSERT INTO t1 VALUES (1,'foo'),(2,'bar');
       
      CREATE TABLE t2 (c INT);
      INSERT INTO t2 VALUES (3),(4);
       
      CREATE TABLE t3 (d INT);
      INSERT INTO t3 VALUES (5),(6);
       
      SELECT a, MAX(a), AVG(a) OVER (PARTITION BY b) FROM t1
      WHERE EXISTS ( SELECT * FROM t2 WHERE c IN ( SELECT MAX(d) FROM t3 ) );
      

      Note: PARTITION might be empty as well, it is there just to signify that the crash is not related to empty partition.

      Stack trace 10.2 20d7f933e2

      #3  <signal handler called>
      #4  0x00007fd8a9ea05e8 in Field::is_null (this=0x7fd89e82a938, row_offset=0) at /data/src/10.2/sql/field.h:1085
      #5  0x00007fd8a9e9e8b5 in Protocol_text::store (this=0x7fd89e816600, field=0x7fd89e82a938) at /data/src/10.2/sql/protocol.cc:1229
      #6  0x00007fd8aa1eaf89 in Item_field::send (this=0x7fd89e864200, protocol=0x7fd89e816600, buffer=0x7fd8ab06c660) at /data/src/10.2/sql/item.cc:6749
      #7  0x00007fd8a9e9da86 in Protocol::send_result_set_row (this=0x7fd89e816600, row_items=0x7fd89e81a390) at /data/src/10.2/sql/protocol.cc:978
      #8  0x00007fd8a9f1c2ce in select_send::send_data (this=0x7fd89e867e38, items=...) at /data/src/10.2/sql/sql_class.cc:2914
      #9  0x00007fd8a9fbe87c in return_zero_rows (join=0x7fd89e867e58, result=0x7fd89e867e38, tables=..., fields=..., send_row=true, select_options=2147748608, info=0x7fd8aa9d8cf0 "Impossible WHERE noticed after reading const tables", having=0x0, all_fields=...) at /data/src/10.2/sql/sql_select.cc:12431
      #10 0x00007fd8a9fa6d46 in JOIN::exec_inner (this=0x7fd89e867e58) at /data/src/10.2/sql/sql_select.cc:3310
      #11 0x00007fd8a9fa6582 in JOIN::exec (this=0x7fd89e867e58) at /data/src/10.2/sql/sql_select.cc:3184
      #12 0x00007fd8a9fa76d9 in mysql_select (thd=0x7fd89e816070, tables=0x7fd89e864bc8, wild_num=0, fields=..., conds=0x7fd89e867b60, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fd89e867e38, unit=0x7fd89e819b30, select_lex=0x7fd89e81a268) at /data/src/10.2/sql/sql_select.cc:3569
      #13 0x00007fd8a9f9c7f5 in handle_select (thd=0x7fd89e816070, lex=0x7fd89e819a68, result=0x7fd89e867e38, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:373
      #14 0x00007fd8a9f6a38b in execute_sqlcom_select (thd=0x7fd89e816070, all_tables=0x7fd89e864bc8) at /data/src/10.2/sql/sql_parse.cc:6347
      #15 0x00007fd8a9f5fe79 in mysql_execute_command (thd=0x7fd89e816070) at /data/src/10.2/sql/sql_parse.cc:3376
      #16 0x00007fd8a9f6dd4a in mysql_parse (thd=0x7fd89e816070, rawbuf=0x7fd89e864088 "SELECT a, MAX(a), AVG(a) OVER (PARTITION BY b) FROM t1\nWHERE EXISTS ( SELECT * FROM t2 WHERE c IN ( SELECT MAX(d) FROM t3 ) )", length=125, parser_state=0x7fd8ab06ddd0, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7790
      #17 0x00007fd8a9f5bacd in dispatch_command (command=COM_QUERY, thd=0x7fd89e816070, packet=0x7fd89e858071 "", packet_length=125, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1805
      #18 0x00007fd8a9f5a4a7 in do_command (thd=0x7fd89e816070) at /data/src/10.2/sql/sql_parse.cc:1365
      #19 0x00007fd8aa09fd86 in do_handle_one_connection (connect=0x7fd8a6c6d410) at /data/src/10.2/sql/sql_connect.cc:1354
      #20 0x00007fd8aa09fb13 in handle_one_connection (arg=0x7fd8a6c6d410) at /data/src/10.2/sql/sql_connect.cc:1260
      #21 0x00007fd8aa3cb73e in pfs_spawn_thread (arg=0x7fd8a6c519f0) at /data/src/10.2/storage/perfschema/pfs.cc:1862
      #22 0x00007fd8a95c90a4 in start_thread (arg=0x7fd8ab06f300) at pthread_create.c:309
      #23 0x00007fd8a778187d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
      

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              igor Igor Babaev
              Reporter:
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Git Integration