[MDEV-21946] Server crash in store_length upon GROUP BY WITH ROLLUP with geometry field - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.5
Fix Version/s: 10.5.3
Component/s: GIS, Server
Labels:
None

Description

CREATE TABLE t1 (a GEOMETRY);

INSERT INTO t1 VALUES (ST_GEOMFROMTEXT('Point(0 0)')),(ST_GEOMFROMTEXT('Point(1 1)'));

SELECT IF( 0, NULL, a ) AS f FROM t1 GROUP BY f WITH ROLLUP;

# Cleanup

DROP TABLE t1;

10.5 c8ae3573
#3 <signal handler called>
#4 0x0000559ab5fd974f in store_length (to=0x7f1878066458 <error: Cannot access memory at address 0x7f1878066458>, length=25, pack_length=4) at /data/src/10.5/sql/filesort.cc:1090
#5 0x0000559ab5fd9aa3 in Type_handler_string_result::make_sort_key_part (this=0x559ab77edad0 <type_handler_geometry>, to=0x7f1778066459 '\245' <repeats 200 times>..., item=0x7f17780140e8, sort_field=0x7f1778017c28, param=0x7f178ae820a0) at /data/src/10.5/sql/filesort.cc:1158
#6 0x0000559ab5fdea69 in make_sortkey (param=0x7f178ae820a0, to=0x7f1778066458 "\001", '\245' <repeats 199 times>...) at /data/src/10.5/sql/filesort.cc:3000
#7 0x0000559ab5fda4b9 in make_sortkey (param=0x7f178ae820a0, to=0x7f1778066458 "\001", '\245' <repeats 199 times>..., ref_pos=0x7f17782128d8 "", using_packed_sortkeys=false) at /data/src/10.5/sql/filesort.cc:1340
#8 0x0000559ab5fd9135 in find_all_keys (thd=0x7f1778000b18, param=0x7f178ae820a0, select=0x7f1778017118, fs_info=0x7f17780661d0, buffpek_pointers=0x7f178ae822b0, tempfile=0x7f178ae82140, pq=0x0, found_rows=0x7f17780663c0) at /data/src/10.5/sql/filesort.cc:957
#9 0x0000559ab5fd7121 in filesort (thd=0x7f1778000b18, table=0x7f17780f8c78, filesort=0x7f17780174a8, tracker=0x7f1778017b98, join=0x7f17780153d0, first_table_bit=1) at /data/src/10.5/sql/filesort.cc:363
#10 0x0000559ab5d1f161 in create_sort_index (thd=0x7f1778000b18, join=0x7f17780153d0, tab=0x7f17780167d8, fsort=0x7f17780174a8) at /data/src/10.5/sql/sql_select.cc:23787
#11 0x0000559ab5d19314 in st_join_table::sort_table (this=0x7f17780167d8) at /data/src/10.5/sql/sql_select.cc:21526
#12 0x0000559ab5d18ef0 in join_init_read_record (tab=0x7f17780167d8) at /data/src/10.5/sql/sql_select.cc:21465
#13 0x0000559ab5d16c98 in sub_select (join=0x7f17780153d0, join_tab=0x7f17780167d8, end_of_records=false) at /data/src/10.5/sql/sql_select.cc:20539
#14 0x0000559ab5d16159 in do_select (join=0x7f17780153d0, procedure=0x0) at /data/src/10.5/sql/sql_select.cc:20076
#15 0x0000559ab5cea0cf in JOIN::exec_inner (this=0x7f17780153d0) at /data/src/10.5/sql/sql_select.cc:4459
#16 0x0000559ab5ce91fb in JOIN::exec (this=0x7f17780153d0) at /data/src/10.5/sql/sql_select.cc:4240
#17 0x0000559ab5cea92c in mysql_select (thd=0x7f1778000b18, tables=0x7f1778014228, fields=..., conds=0x0, og_num=1, order=0x0, group=0x7f1778014a58, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f17780153a8, unit=0x7f1778004b20, select_lex=0x7f1778013a00) at /data/src/10.5/sql/sql_select.cc:4664
#18 0x0000559ab5cda4a0 in handle_select (thd=0x7f1778000b18, lex=0x7f1778004a58, result=0x7f17780153a8, setup_tables_done_option=0) at /data/src/10.5/sql/sql_select.cc:429
#19 0x0000559ab5c9fb32 in execute_sqlcom_select (thd=0x7f1778000b18, all_tables=0x7f1778014228) at /data/src/10.5/sql/sql_parse.cc:6147
#20 0x0000559ab5c96790 in mysql_execute_command (thd=0x7f1778000b18) at /data/src/10.5/sql/sql_parse.cc:3899
#21 0x0000559ab5ca49ce in mysql_parse (thd=0x7f1778000b18, rawbuf=0x7f1778013920 "SELECT IF( 0, NULL, a ) AS f FROM t1 GROUP BY f WITH ROLLUP", length=59, parser_state=0x7f178ae83520, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:7926
#22 0x0000559ab5c904d7 in dispatch_command (command=COM_QUERY, thd=0x7f1778000b18, packet=0x7f177816ddb9 "", packet_length=59, is_com_multi=false, is_next_command=false) at /data/src/10.5/sql/sql_parse.cc:1840
#23 0x0000559ab5c8ec0d in do_command (thd=0x7f1778000b18) at /data/src/10.5/sql/sql_parse.cc:1359
#24 0x0000559ab5e305f9 in do_handle_one_connection (connect=0x559ab9213f08, put_in_cache=true) at /data/src/10.5/sql/sql_connect.cc:1422
#25 0x0000559ab5e30328 in handle_one_connection (arg=0x559ab9213f08) at /data/src/10.5/sql/sql_connect.cc:1319
#26 0x0000559ab635f7a2 in pfs_spawn_thread (arg=0x559ab924a248) at /data/src/10.5/storage/perfschema/pfs.cc:2201
#27 0x00007f17922704a4 in start_thread (arg=0x7f178ae84700) at pthread_create.c:456
#28 0x00007f17903a4d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Reproducible on debug and non-debug builds, with at least MyISAM and InnoDB.
The failure appeared in 10.5 tree with this commit:

commit b753ac066bc26acda9deb707a31c112f1bbf9ec2

Author: Varun Gupta <varun.gupta@mariadb.com>

Date:   Tue Mar 10 04:56:38 2020 +0530

    MDEV-21580: Allow packed sort keys in sort buffer

Attachments

Issue Links

is caused by

MDEV-21580 Allow packed sort keys in sort buffer

Closed

Activity

People

Assignee:: Varun Gupta (Inactive)

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2020-03-16 00:30

Updated:: 2020-04-14 12:21

Resolved:: 2020-04-09 08:24

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.