Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-17257

Server crashes in Item::field_type_for_temporal_comparison or in get_datetime_value on SELECT with YEAR field and IN

Details

    Description

      CREATE TABLE t1 (y YEAR);
      SELECT * FROM t1 WHERE y IN ( CAST( '1993-03-26 10:14:20' AS DATE ), NULL );
       
      # Cleanup
      DROP TABLE t1;
      

      10.0 327b271721

      #3  <signal handler called>
      #4  0x0000000000871618 in get_datetime_value (thd=0x0, item_arg=0x7fea12d4f150, cache_arg=0x0, warn_item=0x0, is_null=0x7fea12d4f14f) at /data/src/10.0/sql/item_cmpfunc.cc:917
      #5  0x000000000087aa29 in in_datetime::set (this=0x7fea094fb650, pos=0, item=0x7fea094fb5b0) at /data/src/10.0/sql/item_cmpfunc.cc:3715
      #6  0x000000000087c520 in Item_func_in::fix_length_and_dec (this=0x7fea094fac88) at /data/src/10.0/sql/item_cmpfunc.cc:4220
      #7  0x000000000089dae7 in Item_func::fix_fields (this=0x7fea094fac88, thd=0x7fea0aea2070, ref=0x7fea094fb2b8) at /data/src/10.0/sql/item_func.cc:230
      #8  0x000000000087ba8f in Item_func_in::fix_fields (this=0x7fea094fac88, thd=0x7fea0aea2070, ref=0x7fea094fb2b8) at /data/src/10.0/sql/item_cmpfunc.cc:4037
      #11 0x00000000006820de in JOIN::prepare (this=0x7fea094fae78, rref_pointer_array=0x7fea0aea63a0, tables_init=0x7fea094fa2e8, wild_num=1, conds_init=0x7fea094fac88, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7fea0aea60f8, unit_arg=0x7fea0aea5a08) at /data/src/10.0/sql/sql_select.cc:800
      #12 0x000000000068b0ee in mysql_select (thd=0x7fea0aea2070, rref_pointer_array=0x7fea0aea63a0, tables=0x7fea094fa2e8, wild_num=1, fields=..., conds=0x7fea094fac88, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fea094fae58, unit=0x7fea0aea5a08, select_lex=0x7fea0aea60f8) at /data/src/10.0/sql/sql_select.cc:3326
      #13 0x0000000000681218 in handle_select (thd=0x7fea0aea2070, lex=0x7fea0aea5940, result=0x7fea094fae58, setup_tables_done_option=0) at /data/src/10.0/sql/sql_select.cc:377
      #14 0x000000000065570b in execute_sqlcom_select (thd=0x7fea0aea2070, all_tables=0x7fea094fa2e8) at /data/src/10.0/sql/sql_parse.cc:5301
      #15 0x000000000064dc61 in mysql_execute_command (thd=0x7fea0aea2070) at /data/src/10.0/sql/sql_parse.cc:2557
      #16 0x0000000000658568 in mysql_parse (thd=0x7fea0aea2070, rawbuf=0x7fea094fa088 "SELECT * FROM t1 WHERE y IN ( CAST( '1993-03-26 10:14:20' AS DATE ), NULL )", length=75, parser_state=0x7fea12d50640) at /data/src/10.0/sql/sql_parse.cc:6637
      #17 0x000000000064ae88 in dispatch_command (command=COM_QUERY, thd=0x7fea0aea2070, packet=0x7fea0c3e5071 "SELECT * FROM t1 WHERE y IN ( CAST( '1993-03-26 10:14:20' AS DATE ), NULL )", packet_length=75) at /data/src/10.0/sql/sql_parse.cc:1300
      #18 0x000000000064a188 in do_command (thd=0x7fea0aea2070) at /data/src/10.0/sql/sql_parse.cc:1003
      #19 0x000000000076b890 in do_handle_one_connection (thd_arg=0x7fea0aea2070) at /data/src/10.0/sql/sql_connect.cc:1377
      #20 0x000000000076b602 in handle_one_connection (arg=0x7fea0aea2070) at /data/src/10.0/sql/sql_connect.cc:1292
      #21 0x0000000000acdc06 in pfs_spawn_thread (arg=0x7fea0ada2370) at /data/src/10.0/storage/perfschema/pfs.cc:1861
      #22 0x00007fea12984494 in start_thread (arg=0x7fea12d51700) at pthread_create.c:333
      #23 0x00007fea10d3d93f in clone () from /lib/x86_64-linux-gnu/libc.so.6
      

      10.1 82524239c48

      #3  <signal handler called>
      #4  0x000055fa69ae4fc3 in Item::field_type_for_temporal_comparison (this=0x7fbaad4445e8, other=0x0) at /data/src/10.1/sql/item.h:1274
      #5  0x000055fa69aff5a9 in Item::val_temporal_packed (this=0x7fbaad4445e8, other=0x0) at /data/src/10.1/sql/item.h:1283
      #6  0x000055fa69af626e in in_datetime::set (this=0x7fbaad444680, pos=0, item=0x7fbaad4445e8) at /data/src/10.1/sql/item_cmpfunc.cc:3820
      #7  0x000055fa69af7ef3 in Item_func_in::fix_length_and_dec (this=0x7fbaad443c58) at /data/src/10.1/sql/item_cmpfunc.cc:4374
      #8  0x000055fa69b1bb75 in Item_func::fix_fields (this=0x7fbaad443c58, thd=0x7fbaaf0d5070, ref=0x7fbaad4442e8) at /data/src/10.1/sql/item_func.cc:236
      #9  0x000055fa69af747b in Item_func_in::fix_fields (this=0x7fbaad443c58, thd=0x7fbaaf0d5070, ref=0x7fbaad4442e8) at /data/src/10.1/sql/item_cmpfunc.cc:4171
      #10 0x000055fa6981ae76 in setup_conds (thd=0x7fbaaf0d5070, tables=0x7fbaad4432d8, leaves=..., conds=0x7fbaad4442e8) at /data/src/10.1/sql/sql_base.cc:8783
      #11 0x000055fa698fb2e7 in setup_without_group (thd=0x7fbaaf0d5070, ref_pointer_array=0x7fbaad444538, tables=0x7fbaad4432d8, leaves=..., fields=..., all_fields=..., conds=0x7fbaad4442e8, order=0x0, group=0x0, hidden_group_fields=0x7fbaad4441c8, reserved=0x7fbaaf0d9574) at /data/src/10.1/sql/sql_select.cc:649
      #12 0x000055fa698b213f in JOIN::prepare (this=0x7fbaad443e90, rref_pointer_array=0x7fbaaf0d9550, tables_init=0x7fbaad4432d8, wild_num=1, conds_init=0x7fbaad443c58, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7fbaaf0d92a8, unit_arg=0x7fbaaf0d8ba8) at /data/src/10.1/sql/sql_select.cc:811
      #13 0x000055fa698bbb1b in mysql_select (thd=0x7fbaaf0d5070, rref_pointer_array=0x7fbaaf0d9550, tables=0x7fbaad4432d8, wild_num=1, fields=..., conds=0x7fbaad443c58, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fbaad443e70, unit=0x7fbaaf0d8ba8, select_lex=0x7fbaaf0d92a8) at /data/src/10.1/sql/sql_select.cc:3477
      #14 0x000055fa698b128a in handle_select (thd=0x7fbaaf0d5070, lex=0x7fbaaf0d8ae0, result=0x7fbaad443e70, setup_tables_done_option=0) at /data/src/10.1/sql/sql_select.cc:388
      #15 0x000055fa69880c19 in execute_sqlcom_select (thd=0x7fbaaf0d5070, all_tables=0x7fbaad4432d8) at /data/src/10.1/sql/sql_parse.cc:5947
      #16 0x000055fa69876ffe in mysql_execute_command (thd=0x7fbaaf0d5070) at /data/src/10.1/sql/sql_parse.cc:2993
      #17 0x000055fa6988485d in mysql_parse (thd=0x7fbaaf0d5070, rawbuf=0x7fbaad443088 "SELECT * FROM t1 WHERE y IN ( CAST( '1993-03-26 10:14:20' AS DATE ), NULL )", length=75, parser_state=0x7fbab823d5e0) at /data/src/10.1/sql/sql_parse.cc:7465
      #18 0x000055fa698730cf in dispatch_command (command=COM_QUERY, thd=0x7fbaaf0d5070, packet=0x7fbab1bf9071 "SELECT * FROM t1 WHERE y IN ( CAST( '1993-03-26 10:14:20' AS DATE ), NULL )", packet_length=75) at /data/src/10.1/sql/sql_parse.cc:1495
      #19 0x000055fa69871e54 in do_command (thd=0x7fbaaf0d5070) at /data/src/10.1/sql/sql_parse.cc:1124
      #20 0x000055fa699ac827 in do_handle_one_connection (thd_arg=0x7fbaaf0d5070) at /data/src/10.1/sql/sql_connect.cc:1330
      #21 0x000055fa699ac58b in handle_one_connection (arg=0x7fbaaf0d5070) at /data/src/10.1/sql/sql_connect.cc:1242
      #22 0x000055fa69d6ae1c in pfs_spawn_thread (arg=0x7fbab5839ef0) at /data/src/10.1/storage/perfschema/pfs.cc:1861
      #23 0x00007fbab7ebd494 in start_thread (arg=0x7fbab823eb00) at pthread_create.c:333
      #24 0x00007fbab627693f in clone () from /lib/x86_64-linux-gnu/libc.so.6
      

      Reproducible on 5.5-10.2. Not reproducible on 10.3, 10.4. However, since it's a non-debug crash, it makes sense to fix it in the active release lines.

      Attachments

        Activity

          There are no comments yet on this issue.

          People

            bar Alexander Barkov
            elenst Elena Stepanova
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.