CREATE TABLE t1 (pk int,i2 int,i1 int,v1 varchar(1)) ;
|
CREATE TABLE t2 (pk int,i2 int,i1 int,v1 varchar(1)) ;
|
CREATE TABLE t31 (pk int,i2 int,i1 int,v1 varchar(1)) ;
|
|
SELECT t1.v1, 10 as kk
|
FROM (t1 JOIN ((select * from t31) as t3 JOIN t2 ON (t2.pk = t3.pk)) ON (t2.i2 = t3.pk))
|
WHERE EXISTS(SELECT t2.v1 FROM (t2 JOIN t2 as t1 ON (t1.v1 = t2.v1))
|
WHERE t3.i1 IN (SELECT tmp1.i1 FROM t1 as tmp1 HAVING tmp1.i1 < 's'))
|
HAVING kk <= 1;
|
10.4 5abc79dd7ab2fccb4b05ca
|
#4 0x000055849ab8e706 in Bitmap<64u>::merge (this=0x1b0, map2=...) at 10.4/sql/sql_bitmap.h:196
|
#5 0x000055849ab5568a in add_key_field (join=0x7f5b540491a0, key_fields=0x7f5b64a16e48, and_level=0, cond=0x7f5b54050a78, field=0x7f5b54188510, eq_func=true, value=0x7f5b64a16d00, num_values=1, usable_tables=18446744073709551615, sargables=0x7f5b64a16fc8, row_col_no=0) at 10.4/sql/sql_select.cc:5398
|
#6 0x000055849ab56c5b in Item_equal::add_key_fields (this=0x7f5b54050a78, join=0x7f5b540491a0, key_fields=0x7f5b64a16e48, and_level=0x7f5b64a16e38, usable_tables=18446744073709551615, sargables=0x7f5b64a16fc8) at 10.4/sql/sql_select.cc:5869
|
#7 0x000055849ab55cce in Item_cond_and::add_key_fields (this=0x7f5b54050bd8, join=0x7f5b540491a0, key_fields=0x7f5b64a16e48, and_level=0x7f5b64a16e38, usable_tables=18446744073709551615, sargables=0x7f5b64a16fc8) at 10.4/sql/sql_select.cc:5593
|
#8 0x000055849ab57f26 in update_ref_and_keys (thd=0x7f5b54000b00, keyuse=0x7f5b54049490, join_tab=0x7f5b54050d10, tables=3, cond=0x7f5b54050bd8, normal_tables=18446744073709551615, select_lex=0x7f5b54019430, sargables=0x7f5b64a16fc8) at 10.4/sql/sql_select.cc:6273
|
#9 0x000055849ab52938 in make_join_statistics (join=0x7f5b540491a0, tables_list=..., keyuse_array=0x7f5b54049490) at 10.4/sql/sql_select.cc:4575
|
#10 0x000055849ab49562 in JOIN::optimize_inner (this=0x7f5b540491a0) at 10.4/sql/sql_select.cc:1933
|
#11 0x000055849ab4783b in JOIN::optimize (this=0x7f5b540491a0) at 10.4/sql/sql_select.cc:1448
|
#12 0x000055849aad871d in st_select_lex::optimize_unflattened_subqueries (this=0x7f5b54015100, const_only=false) at 10.4/sql/sql_lex.cc:4102
|
#13 0x000055849acc42d4 in JOIN::optimize_unflattened_subqueries (this=0x7f5b540f9a10) at 10.4/sql/opt_subselect.cc:5292
|
#14 0x000055849ab4bcf9 in JOIN::optimize_stage2 (this=0x7f5b540f9a10) at 10.4/sql/sql_select.cc:2672
|
#15 0x000055849ab4965a in JOIN::optimize_inner (this=0x7f5b540f9a10) at 10.4/sql/sql_select.cc:1959
|
#16 0x000055849ab4783b in JOIN::optimize (this=0x7f5b540f9a10) at 10.4/sql/sql_select.cc:1448
|
#17 0x000055849ab518df in mysql_select (thd=0x7f5b54000b00, tables=0x7f5b54015750, wild_num=0, fields=..., conds=0x7f5b540f8c08, og_num=0, order=0x0, group=0x0, having=0x7f5b540f8f80, proc_param=0x0, select_options=2147748608, result=0x7f5b540f99f0, unit=0x7f5b540049a8, select_lex=0x7f5b54015100) at 10.4/sql/sql_select.cc:4268
|
#18 0x000055849ab432de in handle_select (thd=0x7f5b54000b00, lex=0x7f5b540048e0, result=0x7f5b540f99f0, setup_tables_done_option=0) at 10.4/sql/sql_select.cc:382
|
#19 0x000055849ab0dba7 in execute_sqlcom_select (thd=0x7f5b54000b00, all_tables=0x7f5b54015750) at 10.4/sql/sql_parse.cc:6549
|
#20 0x000055849ab04000 in mysql_execute_command (thd=0x7f5b54000b00) at 10.4/sql/sql_parse.cc:3771
|
#21 0x000055849ab11984 in mysql_parse (thd=0x7f5b54000b00, rawbuf=0x7f5b54014e88 "SELECT t1.v1, 10 as kk\nFROM (t1 JOIN ((select * from t31) as t3 JOIN t2 ON (t2.pk = t3.pk)) ON (t2.i2 = t3.pk))\nWHERE EXISTS(SELECT t2.v1 FROM (t2 JOIN t2 as t1 ON (t1.v1 = t2.v1))\nWHERE t3.i1 IN (SEL"..., length=265, parser_state=0x7f5b64a18470, is_com_multi=false, is_next_command=false) at 10.4/sql/sql_parse.cc:8078
|
#22 0x000055849aafea62 in dispatch_command (command=COM_QUERY, thd=0x7f5b54000b00, packet=0x7f5b54092ae1 "SELECT t1.v1, 10 as kk\nFROM (t1 JOIN ((select * from t31) as t3 JOIN t2 ON (t2.pk = t3.pk)) ON (t2.i2 = t3.pk))\nWHERE EXISTS(SELECT t2.v1 FROM (t2 JOIN t2 as t1 ON (t1.v1 = t2.v1))\nWHERE t3.i1 IN (SEL"..., packet_length=265, is_com_multi=false, is_next_command=false) at 10.4/sql/sql_parse.cc:1850
|
#23 0x000055849aafd47f in do_command (thd=0x7f5b54000b00) at 10.4/sql/sql_parse.cc:1395
|
#24 0x000055849ac64333 in do_handle_one_connection (connect=0x55849dc976f0) at 10.4/sql/sql_connect.cc:1402
|
#25 0x000055849ac64084 in handle_one_connection (arg=0x55849dc976f0) at 10.4/sql/sql_connect.cc:1308
|
#26 0x000055849b548b44 in pfs_spawn_thread (arg=0x55849dd1ba00) at 10.4/storage/perfschema/pfs.cc:1862
|
#27 0x00007f5b6c3066ba in start_thread (arg=0x7f5b64a19700) at pthread_create.c:333
|
#28 0x00007f5b6b79b41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
|
|
{"report":{"fcp":801.6999998092651,"ttfb":190.69999980926514,"pageVisibility":"visible","entityId":69292,"key":"jira.project.issue.view-issue","isInitial":true,"threshold":1000,"elementTimings":{},"userDeviceMemory":8,"userDeviceProcessors":64,"apdex":1,"journeyId":"aeebf62f-5465-4634-8296-723622ed81f8","navigationType":0,"readyForUser":882.8999998569489,"redirectCount":0,"resourceLoadedEnd":542.6999998092651,"resourceLoadedStart":202.89999985694885,"resourceTiming":[{"duration":18,"initiatorType":"link","name":"https://jira.mariadb.org/s/2c21342762a6a02add1c328bed317ffd-CDN/lu2bu7/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/css/_super/batch.css","startTime":202.89999985694885,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":202.89999985694885,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":220.89999985694885,"responseStart":0,"secureConnectionStart":0},{"duration":17.90000009536743,"initiatorType":"link","name":"https://jira.mariadb.org/s/7ebd35e77e471bc30ff0eba799ebc151-CDN/lu2bu7/820016/12ta74/8679b4946efa1a0bb029a3a22206fb5d/_/download/contextbatch/css/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.css?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&slack-enabled=true","startTime":203.09999990463257,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":203.09999990463257,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":221,"responseStart":0,"secureConnectionStart":0},{"duration":200.59999990463257,"initiatorType":"script","name":"https://jira.mariadb.org/s/fbf975c0cce4b1abf04784eeae9ba1f4-CDN/lu2bu7/820016/12ta74/0a8bac35585be7fc6c9cc5a0464cd4cf/_/download/contextbatch/js/_super/batch.js?locale=en","startTime":203.09999990463257,"connectEnd":203.09999990463257,"connectStart":203.09999990463257,"domainLookupEnd":203.09999990463257,"domainLookupStart":203.09999990463257,"fetchStart":203.09999990463257,"redirectEnd":0,"redirectStart":0,"requestStart":224.89999985694885,"responseEnd":403.69999980926514,"responseStart":258.69999980926514,"secureConnectionStart":203.09999990463257},{"duration":61.59999990463257,"initiatorType":"script","name":"https://jira.mariadb.org/s/94c15bff32baef80f4096a08aceae8bc-CDN/lu2bu7/820016/12ta74/c92c0caa9a024ae85b0ebdbed7fb4bd7/_/download/contextbatch/js/atl.global,-_super/batch.js?locale=en","startTime":203.29999995231628,"connectEnd":203.29999995231628,"connectStart":203.29999995231628,"domainLookupEnd":203.29999995231628,"domainLookupStart":203.29999995231628,"fetchStart":203.29999995231628,"redirectEnd":0,"redirectStart":0,"requestStart":227,"responseEnd":264.89999985694885,"responseStart":261.5,"secureConnectionStart":203.29999995231628},{"duration":339.39999985694885,"initiatorType":"script","name":"https://jira.mariadb.org/s/099b33461394b8015fc36c0a4b96e19f-CDN/lu2bu7/820016/12ta74/8679b4946efa1a0bb029a3a22206fb5d/_/download/contextbatch/js/jira.browse.project,project.issue.navigator,jira.view.issue,jira.general,jira.global,atl.general,-_super/batch.js?agile_global_admin_condition=true&jag=true&jira.create.linked.issue=true&locale=en&slack-enabled=true","startTime":203.29999995231628,"connectEnd":203.29999995231628,"connectStart":203.29999995231628,"domainLookupEnd":203.29999995231628,"domainLookupStart":203.29999995231628,"fetchStart":203.29999995231628,"redirectEnd":0,"redirectStart":0,"requestStart":226.69999980926514,"responseEnd":542.6999998092651,"responseStart":277.39999985694885,"secureConnectionStart":203.29999995231628},{"duration":62.09999990463257,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-en/jira.webresources:calendar-en.js","startTime":203.5,"connectEnd":203.5,"connectStart":203.5,"domainLookupEnd":203.5,"domainLookupStart":203.5,"fetchStart":203.5,"redirectEnd":0,"redirectStart":0,"requestStart":227.39999985694885,"responseEnd":265.59999990463257,"responseStart":262.7999999523163,"secureConnectionStart":203.5},{"duration":62.299999952316284,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:calendar-localisation-moment/jira.webresources:calendar-localisation-moment.js","startTime":203.59999990463257,"connectEnd":203.59999990463257,"connectStart":203.59999990463257,"domainLookupEnd":203.59999990463257,"domainLookupStart":203.59999990463257,"fetchStart":203.59999990463257,"redirectEnd":0,"redirectStart":0,"requestStart":227.69999980926514,"responseEnd":265.89999985694885,"responseStart":263.7999999523163,"secureConnectionStart":203.59999990463257},{"duration":22.300000190734863,"initiatorType":"link","name":"https://jira.mariadb.org/s/b04b06a02d1959df322d9cded3aeecc1-CDN/lu2bu7/820016/12ta74/a2ff6aa845ffc9a1d22fe23d9ee791fc/_/download/contextbatch/css/jira.global.look-and-feel,-_super/batch.css","startTime":203.69999980926514,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":203.69999980926514,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":226,"responseStart":0,"secureConnectionStart":0},{"duration":23,"initiatorType":"link","name":"https://jira.mariadb.org/s/3ac36323ba5e4eb0af2aa7ac7211b4bb-CDN/lu2bu7/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/css/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.css?jira.create.linked.issue=true","startTime":203.79999995231628,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":203.79999995231628,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":226.79999995231628,"responseStart":0,"secureConnectionStart":0},{"duration":105.89999985694885,"initiatorType":"script","name":"https://jira.mariadb.org/rest/api/1.0/shortcuts/820016/47140b6e0a9bc2e4913da06536125810/shortcuts.js?context=issuenavigation&context=issueaction","startTime":203.79999995231628,"connectEnd":203.79999995231628,"connectStart":203.79999995231628,"domainLookupEnd":203.79999995231628,"domainLookupStart":203.79999995231628,"fetchStart":203.79999995231628,"redirectEnd":0,"redirectStart":0,"requestStart":231,"responseEnd":309.69999980926514,"responseStart":308,"secureConnectionStart":203.79999995231628},{"duration":64.69999980926514,"initiatorType":"script","name":"https://jira.mariadb.org/s/3339d87fa2538a859872f2df449bf8d0-CDN/lu2bu7/820016/12ta74/d176f0986478cc64f24226b3d20c140d/_/download/contextbatch/js/com.atlassian.jira.projects.sidebar.init,-_super,-project.issue.navigator,-jira.view.issue/batch.js?jira.create.linked.issue=true&locale=en","startTime":204,"connectEnd":204,"connectStart":204,"domainLookupEnd":204,"domainLookupStart":204,"fetchStart":204,"redirectEnd":0,"redirectStart":0,"requestStart":231.39999985694885,"responseEnd":268.69999980926514,"responseStart":266.89999985694885,"secureConnectionStart":204},{"duration":259.2999999523163,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-js/jira.webresources:bigpipe-js.js","startTime":207,"connectEnd":207,"connectStart":207,"domainLookupEnd":207,"domainLookupStart":207,"fetchStart":207,"redirectEnd":0,"redirectStart":0,"requestStart":242.39999985694885,"responseEnd":466.2999999523163,"responseStart":460.2999999523163,"secureConnectionStart":207},{"duration":251.79999995231628,"initiatorType":"script","name":"https://jira.mariadb.org/s/d41d8cd98f00b204e9800998ecf8427e-CDN/lu2bu7/820016/12ta74/1.0/_/download/batch/jira.webresources:bigpipe-init/jira.webresources:bigpipe-init.js","startTime":215.29999995231628,"connectEnd":215.29999995231628,"connectStart":215.29999995231628,"domainLookupEnd":215.29999995231628,"domainLookupStart":215.29999995231628,"fetchStart":215.29999995231628,"redirectEnd":0,"redirectStart":0,"requestStart":252.89999985694885,"responseEnd":467.09999990463257,"responseStart":464.59999990463257,"secureConnectionStart":215.29999995231628},{"duration":110.29999995231628,"initiatorType":"xmlhttprequest","name":"https://jira.mariadb.org/rest/webResources/1.0/resources","startTime":545.5,"connectEnd":545.5,"connectStart":545.5,"domainLookupEnd":545.5,"domainLookupStart":545.5,"fetchStart":545.5,"redirectEnd":0,"redirectStart":0,"requestStart":629.3999998569489,"responseEnd":655.7999999523163,"responseStart":655.2999999523163,"secureConnectionStart":545.5},{"duration":149.09999990463257,"initiatorType":"xmlhttprequest","name":"https://jira.mariadb.org/rest/webResources/1.0/resources","startTime":758.5999999046326,"connectEnd":758.5999999046326,"connectStart":758.5999999046326,"domainLookupEnd":758.5999999046326,"domainLookupStart":758.5999999046326,"fetchStart":758.5999999046326,"redirectEnd":0,"redirectStart":0,"requestStart":877.0999999046326,"responseEnd":907.6999998092651,"responseStart":905.8999998569489,"secureConnectionStart":758.5999999046326},{"duration":97.90000009536743,"initiatorType":"script","name":"https://www.google-analytics.com/analytics.js","startTime":794.6999998092651,"connectEnd":0,"connectStart":0,"domainLookupEnd":0,"domainLookupStart":0,"fetchStart":794.6999998092651,"redirectEnd":0,"redirectStart":0,"requestStart":0,"responseEnd":892.5999999046326,"responseStart":0,"secureConnectionStart":0}],"fetchStart":0,"domainLookupStart":0,"domainLookupEnd":0,"connectStart":0,"connectEnd":0,"requestStart":22,"responseStart":191,"responseEnd":217,"domLoading":195,"domInteractive":988,"domContentLoadedEventStart":988,"domContentLoadedEventEnd":1038,"domComplete":1397,"loadEventStart":1397,"loadEventEnd":1398,"userAgent":"Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)","marks":[{"name":"bigPipe.sidebar-id.start","time":961.3999998569489},{"name":"bigPipe.sidebar-id.end","time":962.0999999046326},{"name":"bigPipe.activity-panel-pipe-id.start","time":962.3999998569489},{"name":"bigPipe.activity-panel-pipe-id.end","time":964.6999998092651},{"name":"activityTabFullyLoaded","time":1056.2999999523163}],"measures":[],"correlationId":"e2b07873ef5f6f","effectiveType":"4g","downlink":10,"rtt":0,"serverDuration":82,"dbReadsTimeInMs":17,"dbConnsTimeInMs":25,"applicationHash":"9d11dbea5f4be3d4cc21f03a88dd11d8c8687422","experiments":[]}}
Bug
Major
The error occurs because of the
MDEV-12387changes. The bug is similar with he bug fromMDEV-16730.Let’s consider the example from the description.
The server crashes in Bitmap<64u>::merge() method trying to take a field from 0 item.
(gdb) print stat[0]Cannot access memory at address 0x0The failing call is made while processing of the "multiple equal(t31.i1, `<subquery4>`.i1)" condition. If to run the same test in the version of MariaDB before
MDEV-12387it can be found that this multiple equality shouldn’t be transformed into the multiple equality but should remain as equality.This equality is transformed into the multiple equality in the and_new_conditions_to_optimized_cond() method in check_simple_equality() call. If to run the same test in the previous version of MariaDB equality is not transformed because the left item of the equality is of REF_ITEM type. In the current version it is FIELD_ITEM type which is wrong. It is because as the left and right items of the equality real items of these items are passed to the check_simple_equality() method instead of the items themselves. It is a mistake.
After the proper changes the server crashes in the make_join_statistics() method. It can be seen that in the and_new_conditions_to_optimized_cond() method conds is saved in the wrong way. It is because of the case when single equality eq is added to the single multiple equality mult_eq. This case is missing. As the result the multiple equality mult_eq is missing and only equality eq is saved. That causes a crash.