[MDEV-13352] Server crashes in st_join_table::remove_duplicates - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 10.2(EOL)
Fix Version/s: 10.2.13
Component/s: Optimizer - Window functions
Labels:
None

Sprint:
10.2.10, 10.2.12

Description

CREATE TABLE t1 (i INT);

INSERT INTO t1 VALUES (1),(2);

SELECT DISTINCT ROW_NUMBER() OVER(), i FROM t1 WHERE 0;

10.2 bc75c57cfc18be64f167d91c431076f581b0382b
#3 <signal handler called>
#4 0x00007fe7a608f32e in st_join_table::remove_duplicates (this=0x7fe78c0136e0) at /data/src/10.2/sql/sql_select.cc:21785
#5 0x00007fe7a608965d in join_init_read_record (tab=0x7fe78c0136e0) at /data/src/10.2/sql/sql_select.cc:19449
#6 0x00007fe7a609bf7e in AGGR_OP::end_send (this=0x7fe78c013c20) at /data/src/10.2/sql/sql_select.cc:26432
#7 0x00007fe7a6087192 in sub_select_postjoin_aggr (join=0x7fe78c013020, join_tab=0x7fe78c0136e0, end_of_records=true) at /data/src/10.2/sql/sql_select.cc:18263
#8 0x00007fe7a6086cce in do_select (join=0x7fe78c013020, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18094
#9 0x00007fe7a6061527 in JOIN::exec_inner (this=0x7fe78c013020) at /data/src/10.2/sql/sql_select.cc:3477
#10 0x00007fe7a60609f6 in JOIN::exec (this=0x7fe78c013020) at /data/src/10.2/sql/sql_select.cc:3278
#11 0x00007fe7a6061b9f in mysql_select (thd=0x7fe78c000b00, tables=0x7fe78c012878, wild_num=0, fields=..., conds=0x7fe78c012ea8, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748609, result=0x7fe78c013000, unit=0x7fe78c0045e8, select_lex=0x7fe78c004d20) at /data/src/10.2/sql/sql_select.cc:3672
#12 0x00007fe7a60564ea in handle_select (thd=0x7fe78c000b00, lex=0x7fe78c004520, result=0x7fe78c013000, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:373
#13 0x00007fe7a60223c8 in execute_sqlcom_select (thd=0x7fe78c000b00, all_tables=0x7fe78c012878) at /data/src/10.2/sql/sql_parse.cc:6443
#14 0x00007fe7a6018407 in mysql_execute_command (thd=0x7fe78c000b00) at /data/src/10.2/sql/sql_parse.cc:3458
#15 0x00007fe7a6025d88 in mysql_parse (thd=0x7fe78c000b00, rawbuf=0x7fe78c012378 "SELECT DISTINCT ROW_NUMBER() OVER(), i FROM t1 WHERE 0", length=54, parser_state=0x7fe79dc0f200, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7879
#16 0x00007fe7a6013e34 in dispatch_command (command=COM_QUERY, thd=0x7fe78c000b00, packet=0x7fe78c168011 "", packet_length=54, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1817
#17 0x00007fe7a6012775 in do_command (thd=0x7fe78c000b00) at /data/src/10.2/sql/sql_parse.cc:1362
#18 0x00007fe7a615e4e7 in do_handle_one_connection (connect=0x7fe7a9a8b760) at /data/src/10.2/sql/sql_connect.cc:1354
#19 0x00007fe7a615e274 in handle_one_connection (arg=0x7fe7a9a8b760) at /data/src/10.2/sql/sql_connect.cc:1260
#20 0x00007fe7a64a5922 in pfs_spawn_thread (arg=0x7fe7a9b2df40) at /data/src/10.2/storage/perfschema/pfs.cc:1862
#21 0x00007fe7a5635064 in start_thread (arg=0x7fe79dc10700) at pthread_create.c:309
#22 0x00007fe7a381a62d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

Attachments

Issue Links

relates to

MDEV-13344 Server crashes in in AGGR_OP::put_record on subquery with window function and constant table

Closed

MDEV-16990 server crashes in base_list_iterator::next

Closed

Activity

Ascending order - Click to sort in descending order

View 11 older comments

Sergei Petrunia added a comment - 2018-01-03 20:54 - edited

Example #3:

select max(b), row_number() over (order by a ) from t1 where 1 = 2 ;

join_tab[0]

  // join->first_select = sub_select_postjoin_aggr

  table= <temp. table>

  window_funcs_step = <pointer>

The join_tab does not have a sub_select call. Execution starts directly with sub_select_postjoin_aggr call. Inside that call, a record is written into the temp. table. Then, window function computation step is performed.

select distinct max(b), row_number() over (order by a ) from t1 where 1 = 2 ;

has the same data structure as above but also join_tab[0].distinct=true.

Sergei Petrunia added a comment - 2018-01-03 20:54 - edited Example #3: select max(b), row_number() over (order by a ) from t1 where 1 = 2 ; join_tab[0] // join->first_select = sub_select_postjoin_aggr table= <temp. table> window_funcs_step = <pointer> The join_tab does not have a sub_select call. Execution starts directly with sub_select_postjoin_aggr call. Inside that call, a record is written into the temp. table. Then, window function computation step is performed. select distinct max(b), row_number() over (order by a ) from t1 where 1 = 2 ; has the same data structure as above but also join_tab [0] .distinct=true .

Sergei Petrunia added a comment - 2018-01-18 12:27

http://lists.askmonty.org/pipermail/commits/2018-January/011841.html

Sergei Petrunia added a comment - 2018-01-18 12:27 http://lists.askmonty.org/pipermail/commits/2018-January/011841.html

Sergei Petrunia added a comment - 2018-01-18 12:28

As discussed on the previous optimizer call: Igor, please review.

Sergei Petrunia added a comment - 2018-01-18 12:28 As discussed on the previous optimizer call: Igor, please review.

Igor Babaev (Inactive) added a comment - 2018-01-22 07:04

Sergey,
It's OK to push your patch.

Igor Babaev (Inactive) added a comment - 2018-01-22 07:04 Sergey, It's OK to push your patch.

Sergei Petrunia added a comment - 2018-01-22 10:47

Fix pushed.

Sergei Petrunia added a comment - 2018-01-22 10:47 Fix pushed.

People

Assignee:: Sergei Petrunia

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 2017-07-19 13:57

Updated:: 2024-07-08 00:38

Resolved:: 2018-01-22 10:47

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server