Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Fixed
-
10.3(EOL), 10.4(EOL), 10.5, 10.6
Description
CREATE TABLE t1 (a GEOMETRY); |
CREATE TABLE t2 (b INT); |
|
|
# Data does not make any difference, it fails with empty tables too |
INSERT INTO t1 VALUES (GeomFromText('POINT(0 0)')),(GeomFromText('POINT(1 1)')); |
INSERT INTO t2 VALUES (1),(2); |
|
|
PREPARE stmt FROM "SELECT * from t1 WHERE a IN (SELECT b FROM t2)"; |
--error ER_ILLEGAL_PARAMETER_DATA_TYPES2_FOR_OPERATION
|
EXECUTE stmt; |
--error ER_ILLEGAL_PARAMETER_DATA_TYPES2_FOR_OPERATION
|
EXECUTE stmt; |
|
|
# Cleanup
|
DROP TABLE t1, t2; |
|
10.3 5b2fa078 |
#3 <signal handler called>
|
#4 0x000056270cb51df7 in JOIN::transform_in_predicates_into_in_subq (this=0x0, thd=0x7f4f5c000b00) at /data/src/10.3/sql/sql_tvc.cc:1001
|
#5 0x000056270cafae06 in convert_join_subqueries_to_semijoins (join=0x7f4f5c012a58) at /data/src/10.3/sql/opt_subselect.cc:1068
|
#6 0x000056270c979785 in JOIN::optimize_inner (this=0x7f4f5c012a58) at /data/src/10.3/sql/sql_select.cc:1565
|
#7 0x000056270c97920b in JOIN::optimize (this=0x7f4f5c012a58) at /data/src/10.3/sql/sql_select.cc:1449
|
#8 0x000056270c98312a in mysql_select (thd=0x7f4f5c000b00, tables=0x7f4f5c16e908, wild_num=0, fields=..., conds=0x7f4f5c1703e8, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2416184064, result=0x7f4f5c170630, unit=0x7f4f5c16d068, select_lex=0x7f4f5c16d7e8) at /data/src/10.3/sql/sql_select.cc:4225
|
#9 0x000056270c974c4a in handle_select (thd=0x7f4f5c000b00, lex=0x7f4f5c16cfa0, result=0x7f4f5c170630, setup_tables_done_option=0) at /data/src/10.3/sql/sql_select.cc:370
|
#10 0x000056270c93c9b9 in execute_sqlcom_select (thd=0x7f4f5c000b00, all_tables=0x7f4f5c16e908) at /data/src/10.3/sql/sql_parse.cc:6286
|
#11 0x000056270c9333ee in mysql_execute_command (thd=0x7f4f5c000b00) at /data/src/10.3/sql/sql_parse.cc:3816
|
#12 0x000056270c96006a in Prepared_statement::execute (this=0x7f4f5c16cb40, expanded_query=0x7f4f6cf1bc70, open_cursor=false) at /data/src/10.3/sql/sql_prepare.cc:4807
|
#13 0x000056270c95e2e8 in Prepared_statement::execute_loop (this=0x7f4f5c16cb40, expanded_query=0x7f4f6cf1bc70, open_cursor=false, packet=0x0, packet_end=0x0) at /data/src/10.3/sql/sql_prepare.cc:4235
|
#14 0x000056270c95bd9d in mysql_sql_stmt_execute (thd=0x7f4f5c000b00) at /data/src/10.3/sql/sql_prepare.cc:3343
|
#15 0x000056270c933433 in mysql_execute_command (thd=0x7f4f5c000b00) at /data/src/10.3/sql/sql_parse.cc:3832
|
#16 0x000056270c940cc3 in mysql_parse (thd=0x7f4f5c000b00, rawbuf=0x7f4f5c012818 "EXECUTE stmt", length=12, parser_state=0x7f4f6cf1c5e0, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:7829
|
#17 0x000056270c92d8fd in dispatch_command (command=COM_QUERY, thd=0x7f4f5c000b00, packet=0x7f4f5c008c71 "EXECUTE stmt", packet_length=12, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1855
|
#18 0x000056270c92c245 in do_command (thd=0x7f4f5c000b00) at /data/src/10.3/sql/sql_parse.cc:1400
|
#19 0x000056270caa2c18 in do_handle_one_connection (connect=0x5627106421b0) at /data/src/10.3/sql/sql_connect.cc:1403
|
#20 0x000056270caa297a in handle_one_connection (arg=0x5627106421b0) at /data/src/10.3/sql/sql_connect.cc:1308
|
#21 0x000056270d44d86e in pfs_spawn_thread (arg=0x56271065d170) at /data/src/10.3/storage/perfschema/pfs.cc:1862
|
#22 0x00007f4f748934a4 in start_thread (arg=0x7f4f6cf1d700) at pthread_create.c:456
|
#23 0x00007f4f72ddad0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
|
Reproducible on 10.3-10.5, all of debug, non-debug, ASAN, with at least InnoDB, MyISAM, Aria.
Earlier 10.3 versions are also affected.
Not reproducible on 10.2.
Same failure with SP instead of PS.
#3 <signal handler called>
|
#4 0x00005654ec749df7 in JOIN::transform_in_predicates_into_in_subq (this=0x0, thd=0x7f59d4000b00) at /data/src/10.3/sql/sql_tvc.cc:1001
|
#5 0x00005654ec6f2e06 in convert_join_subqueries_to_semijoins (join=0x7f59d403cfc8) at /data/src/10.3/sql/opt_subselect.cc:1068
|
#6 0x00005654ec571785 in JOIN::optimize_inner (this=0x7f59d403cfc8) at /data/src/10.3/sql/sql_select.cc:1565
|
#7 0x00005654ec57120b in JOIN::optimize (this=0x7f59d403cfc8) at /data/src/10.3/sql/sql_select.cc:1449
|
#8 0x00005654ec57b12a in mysql_select (thd=0x7f59d4000b00, tables=0x7f59d416d998, wild_num=0, fields=..., conds=0x7f59d416e6b0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7f59d403cfa0, unit=0x7f59d416ecc0, select_lex=0x7f59d416f440) at /data/src/10.3/sql/sql_select.cc:4225
|
#9 0x00005654ec56cc4a in handle_select (thd=0x7f59d4000b00, lex=0x7f59d416ebf8, result=0x7f59d403cfa0, setup_tables_done_option=0) at /data/src/10.3/sql/sql_select.cc:370
|
#10 0x00005654ec5349b9 in execute_sqlcom_select (thd=0x7f59d4000b00, all_tables=0x7f59d416d998) at /data/src/10.3/sql/sql_parse.cc:6286
|
#11 0x00005654ec52b3ee in mysql_execute_command (thd=0x7f59d4000b00) at /data/src/10.3/sql/sql_parse.cc:3816
|
#12 0x00005654ec44e98e in sp_instr_stmt::exec_core (this=0x7f59d416e8f8, thd=0x7f59d4000b00, nextp=0x7f59e69321c4) at /data/src/10.3/sql/sp_head.cc:3596
|
#13 0x00005654ec44dddc in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f59d416e940, thd=0x7f59d4000b00, nextp=0x7f59e69321c4, open_tables=false, instr=0x7f59d416e8f8) at /data/src/10.3/sql/sp_head.cc:3324
|
#14 0x00005654ec44e56e in sp_instr_stmt::execute (this=0x7f59d416e8f8, thd=0x7f59d4000b00, nextp=0x7f59e69321c4) at /data/src/10.3/sql/sp_head.cc:3502
|
#15 0x00005654ec44813c in sp_head::execute (this=0x7f59d416cb58, thd=0x7f59d4000b00, merge_da_on_success=true) at /data/src/10.3/sql/sp_head.cc:1356
|
#16 0x00005654ec44abf4 in sp_head::execute_procedure (this=0x7f59d416cb58, thd=0x7f59d4000b00, args=0x7f59d4005780) at /data/src/10.3/sql/sp_head.cc:2296
|
#17 0x00005654ec528b3c in do_execute_sp (thd=0x7f59d4000b00, sp=0x7f59d416cb58) at /data/src/10.3/sql/sql_parse.cc:2991
|
#18 0x00005654ec5297b2 in Sql_cmd_call::execute (this=0x7f59d40128d0, thd=0x7f59d4000b00) at /data/src/10.3/sql/sql_parse.cc:3231
|
#19 0x00005654ec533550 in mysql_execute_command (thd=0x7f59d4000b00) at /data/src/10.3/sql/sql_parse.cc:6023
|
#20 0x00005654ec538cc3 in mysql_parse (thd=0x7f59d4000b00, rawbuf=0x7f59d4012818 "CALL p", length=6, parser_state=0x7f59e69335e0, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:7829
|
#21 0x00005654ec5258fd in dispatch_command (command=COM_QUERY, thd=0x7f59d4000b00, packet=0x7f59d4008c71 "CALL p", packet_length=6, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1855
|
#22 0x00005654ec524245 in do_command (thd=0x7f59d4000b00) at /data/src/10.3/sql/sql_parse.cc:1400
|
#23 0x00005654ec69ac18 in do_handle_one_connection (connect=0x5654effbb1b0) at /data/src/10.3/sql/sql_connect.cc:1403
|
#24 0x00005654ec69a97a in handle_one_connection (arg=0x5654effbb1b0) at /data/src/10.3/sql/sql_connect.cc:1308
|
#25 0x00005654ed04586e in pfs_spawn_thread (arg=0x5654effd6170) at /data/src/10.3/storage/perfschema/pfs.cc:1862
|
#26 0x00007f59ee2aa4a4 in start_thread (arg=0x7f59e6934700) at pthread_create.c:456
|
#27 0x00007f59ec7f1d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
|
Attachments
Issue Links
- relates to
-
-
- Closed
-
Activity
CREATE PROCEDURE p (INOUT i1 INT,OUT i2 INT) MODIFIES SQL DATA SELECT c FROM t WHERE (c) IN (SELECT c3 FROM t);
|
CREATE TABLE t (c INT,c2 INT,c3 POLYGON);
|
CALL p (@b,@b);
|
CALL p (@c,@a);
|
Leads to:
|
10.6.0 a3e3225cd3b816d47621e749e21a71b6a864a96a (Debug) |
Core was generated by `/test/MD150421-mariadb-10.6.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 JOIN::transform_in_predicates_into_in_subq (this=0x0, thd=thd@entry=
|
0x1554f8000db8) at /test/10.6_dbg/sql/sql_tvc.cc:1141
|
1141 if (!select_lex->in_funcs.elements)
|
[Current thread is 1 (Thread 0x1555261f0700 (LWP 2270392))]
|
(gdb) bt
|
#0 JOIN::transform_in_predicates_into_in_subq (this=0x0, thd=thd@entry=0x1554f8000db8) at /test/10.6_dbg/sql/sql_tvc.cc:1141
|
#1 0x00005599e0688eb4 in convert_join_subqueries_to_semijoins (join=join@entry=0x1554f809b370) at /test/10.6_dbg/sql/opt_subselect.cc:1125
|
#2 0x00005599e0558421 in JOIN::optimize_inner (this=this@entry=0x1554f809b370) at /test/10.6_dbg/sql/sql_select.cc:1854
|
#3 0x00005599e0559b40 in JOIN::optimize (this=this@entry=0x1554f809b370) at /test/10.6_dbg/sql/sql_select.cc:1630
|
#4 0x00005599e055a4a4 in mysql_select (thd=thd@entry=0x1554f8000db8, tables=0x1554f80440b8, fields=@0x1554f8043be8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x1554f8044070, last = 0x1554f8044070, elements = 1}, <No data fields>}, conds=0x1554f8046718, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x1554f809b348, unit=0x1554f8044be8, select_lex=0x1554f8043a98) at /test/10.6_dbg/sql/sql_select.cc:4735
|
#5 0x00005599e055a7b9 in handle_select (thd=thd@entry=0x1554f8000db8, lex=lex@entry=0x1554f8044b20, result=result@entry=0x1554f809b348, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.6_dbg/sql/sql_select.cc:419
|
#6 0x00005599e04cd8b5 in execute_sqlcom_select (thd=thd@entry=0x1554f8000db8, all_tables=0x1554f80440b8) at /test/10.6_dbg/sql/sql_parse.cc:6244
|
#7 0x00005599e04da77d in mysql_execute_command (thd=0x1554f8000db8) at /test/10.6_dbg/sql/sql_parse.cc:3940
|
#8 0x00005599e03f958f in sp_instr_stmt::exec_core (this=0x1554f80469c0, thd=<optimized out>, nextp=0x1555261ee24c) at /test/10.6_dbg/sql/sp_head.cc:3770
|
#9 0x00005599e0406cca in sp_lex_keeper::reset_lex_and_exec_core (this=this@entry=0x1554f8046a08, thd=thd@entry=0x1554f8000db8, nextp=nextp@entry=0x1555261ee24c, open_tables=open_tables@entry=false, instr=instr@entry=0x1554f80469c0) at /test/10.6_dbg/sql/sp_head.cc:3497
|
#10 0x00005599e040785f in sp_instr_stmt::execute (this=0x1554f80469c0, thd=0x1554f8000db8, nextp=0x1555261ee24c) at /test/10.6_dbg/sql/sp_head.cc:3676
|
#11 0x00005599e03ff4df in sp_head::execute (this=this@entry=0x1554f8042a70, thd=thd@entry=0x1554f8000db8, merge_da_on_success=merge_da_on_success@entry=true) at /test/10.6_dbg/sql/sp_head.cc:1437
|
#12 0x00005599e040155a in sp_head::execute_procedure (this=0x1554f8042a70, thd=thd@entry=0x1554f8000db8, args=0x1554f8005e78) at /test/10.6_dbg/sql/sp_head.cc:2451
|
#13 0x00005599e04cd1b8 in do_execute_sp (thd=thd@entry=0x1554f8000db8, sp=sp@entry=0x1554f8042a70) at /test/10.6_dbg/sql/sql_parse.cc:3016
|
#14 0x00005599e04d2bf2 in Sql_cmd_call::execute (this=0x1554f8013c60, thd=0x1554f8000db8) at /test/10.6_dbg/sql/sql_parse.cc:3262
|
#15 0x00005599e04e03d6 in mysql_execute_command (thd=thd@entry=0x1554f8000db8) at /test/10.6_dbg/sql/sql_parse.cc:5986
|
#16 0x00005599e04c6a06 in mysql_parse (thd=thd@entry=0x1554f8000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1555261ef410) at /test/10.6_dbg/sql/sql_parse.cc:8017
|
#17 0x00005599e04d57df in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x1554f8000db8, packet=packet@entry=0x1554f800b369 "CALL p (@c,@a)", packet_length=packet_length@entry=14, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_class.h:1331
|
#18 0x00005599e04d8bd5 in do_command (thd=0x1554f8000db8, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_parse.cc:1406
|
#19 0x00005599e063277c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x5599e37ff638, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1410
|
#20 0x00005599e0632d81 in handle_one_connection (arg=arg@entry=0x5599e37ff638) at /test/10.6_dbg/sql/sql_connect.cc:1312
|
#21 0x00005599e0ae0a03 in pfs_spawn_thread (arg=0x5599e37159f8) at /test/10.6_dbg/storage/perfschema/pfs.cc:2201
|
#22 0x000015554a5bd609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#23 0x000015554a1ac293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Bug confirmed present in:
MariaDB: 10.3.29 (dbg), 10.3.29 (opt), 10.4.19 (dbg), 10.4.19 (opt), 10.5.10 (dbg), 10.5.10 (opt), 10.6.0 (dbg), 10.6.0 (opt)
Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.38 (dbg), 10.2.38 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.33 (dbg), 5.7.33 (opt), 8.0.23 (dbg), 8.0.23 (opt)
The first procedure call gives:
|
10.6.0 a3e3225cd3b816d47621e749e21a71b6a864a96a (Debug) |
ERROR 4078 (HY000) at line 3 in file: 'in.sql': Illegal parameter data types int and polygon for operation '='
|
Interesting thing with this bug is that the JOIN::transform_in_predicates_into_in_subq frame sometimes does not have an address.
holyfoot, We have the same code in 10.2, why the bug is not present there?
USE test;CREATE TABLE t (a POLYGON NOT NULL, SPATIAL KEY i (a));PREPARE s FROM "SHOW VARIABLES WHERE (1) IN (SELECT * FROM t)";EXECUTE s;EXECUTE s;Leads to:
10.5.6 c5517cd86440b6669509211b1ad10f837a929952 (Optimized)
Core was generated by `/test/MD080920-mariadb-10.5.6-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.Program terminated with signal SIGSEGV, Segmentation fault.#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)at ../sysdeps/unix/sysv/linux/pthread_kill.c:57[Current thread is 1 (Thread 0x14b1b24e3700 (LWP 101910))](gdb) bt#0 __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57#1 0x000056185eecfc37 in my_write_core (sig=sig@entry=11) at /test/10.5_opt/mysys/stacktrace.c:424#2 0x000056185e89f12a in handle_fatal_signal (sig=11) at /test/10.5_opt/sql/signal_handler.cc:330#3 <signal handler called>#4 JOIN::transform_in_predicates_into_in_subq (this=0x0, thd=thd@entry=0x14b18d012018) at /test/10.5_opt/sql/sql_tvc.cc:1094#5 0x000056185e7cdb60 in convert_join_subqueries_to_semijoins (join=join@entry=0x14b18d047340) at /test/10.5_opt/sql/opt_subselect.cc:1121#6 0x000056185e6ff5f8 in JOIN::optimize_inner (this=this@entry=0x14b18d047340) at /test/10.5_opt/sql/sql_select.cc:1847#7 0x000056185e702633 in JOIN::optimize (this=this@entry=0x14b18d047340) at /test/10.5_opt/sql/sql_select.cc:1623#8 0x000056185e702731 in mysql_select (thd=thd@entry=0x14b18d012018, tables=0x14b18d0d67c0, fields=@0x14b18d0d3a50: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14b18d0d6618, last = 0x14b18d0d6770, elements = 2}, <No data fields>}, conds=0x14b18d0d6218, og_num=<optimized out>, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2201707875072, result=0x14b18d0d6e90, unit=0x14b18d0d3100, select_lex=0x14b18d0d3900) at /test/10.5_opt/sql/sql_select.cc:4649#9 0x000056185e703141 in handle_select (thd=thd@entry=0x14b18d012018, lex=lex@entry=0x14b18d0d3038, result=result@entry=0x14b18d0d6e90, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.5_opt/sql/sql_select.cc:417#10 0x000056185e6a8991 in execute_sqlcom_select (thd=thd@entry=0x14b18d012018, all_tables=0x14b18d0d67c0) at /test/10.5_opt/sql/sql_parse.cc:6210#11 0x000056185e6a5071 in mysql_execute_command (thd=0x14b18d012018) at /test/10.5_opt/sql/sql_parse.cc:3932#12 0x000056185e6c1b55 in Prepared_statement::execute (this=this@entry=0x14b18d054418, expanded_query=expanded_query@entry=0x14b1b24e1e30, open_cursor=open_cursor@entry=false) at /test/10.5_opt/sql/sql_prepare.cc:4736#13 0x000056185e6c1c52 in Prepared_statement::execute_loop (this=0x14b18d054418, expanded_query=0x14b1b24e1e30, open_cursor=<optimized out>, packet=<optimized out>, packet_end=<optimized out>) at /test/10.5_opt/sql/sql_prepare.cc:4225#14 0x000056185e6c1f43 in mysql_sql_stmt_execute (thd=thd@entry=0x14b18d012018) at /test/10.5_opt/sql/sql_prepare.cc:3336#15 0x000056185e6a58ef in mysql_execute_command (thd=thd@entry=0x14b18d012018) at /test/10.5_opt/sql/sql_parse.cc:3948#16 0x000056185e6abacc in mysql_parse (thd=0x14b18d012018, rawbuf=<optimized out>, length=9, parser_state=0x14b1b24e2430, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /test/10.5_opt/sql/sql_parse.cc:7994#17 0x000056185e6a0d85 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b18d012018, packet=packet@entry=0x14b18d03a019 "EXECUTE s", packet_length=packet_length@entry=9, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_opt/sql/sql_parse.cc:1867#18 0x000056185e69f0a4 in do_command (thd=0x14b18d012018) at /test/10.5_opt/sql/sql_parse.cc:1348#19 0x000056185e795cf1 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x14b1af0338f8, put_in_cache=put_in_cache@entry=true) at /test/10.5_opt/sql/sql_connect.cc:1410#20 0x000056185e796064 in handle_one_connection (arg=arg@entry=0x14b1af0338f8) at /test/10.5_opt/sql/sql_connect.cc:1312#21 0x000056185eb09baa in pfs_spawn_thread (arg=0x14b1af04f018) at /test/10.5_opt/storage/perfschema/pfs.cc:2201#22 0x000014b1b145c6db in start_thread (arg=0x14b1b24e3700) at pthread_create.c:463#23 0x000014b1b085aa3f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95Bug confirmed present in:
MariaDB: 10.3.25 (dbg), 10.3.25 (opt), 10.4.15 (dbg), 10.4.15 (opt), 10.5.6 (dbg), 10.5.6 (opt)
Bug confirmed not present in:
MariaDB: 10.1.47 (dbg), 10.1.47 (opt), 10.2.34 (dbg), 10.2.34 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt)