Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24898

Server crashes in st_select_lex::next_select / Item_subselect::is_expensive

    XMLWordPrintable

Details

    Description

      CREATE TABLE t1 (a INT);
      		 
      INSERT INTO t1 VALUES (1),(2); # Optional, fails either way
      		 
      CREATE TABLE t2 (b INT);
      		 
      INSERT INTO t2 VALUES (3),(4); # Optional, fails either way
      		 
       
      		 
      --error ER_SUBQUERY_NO_1_ROW
      		 
      SELECT 1 IN (SELECT (SELECT a FROM t1) AS x FROM t2 GROUP BY x);
      		 
       
      		 
      # Cleanup
      		 
      DROP TABLE t1, t2;

      10.2 7e9a6b7f09

      		 
      #3  <signal handler called>
      		 
      #4  0x0000556159df5b20 in st_select_lex::next_select (this=0x0) at /data/src/10.2-bug/sql/sql_lex.h:992
      		 
      #5  0x000055615a16f460 in Item_subselect::is_expensive (this=0x7fd7d8014668) at /data/src/10.2-bug/sql/item_subselect.cc:579
      		 
      #6  0x000055615a18159b in Item_subselect::is_expensive_processor (this=0x7fd7d8014668, arg=0x0) at /data/src/10.2-bug/sql/item_subselect.h:251
      		 
      #7  0x000055615a16f9ce in Item_subselect::walk (this=0x7fd7d8014668, processor=&virtual table offset 864, walk_subquery=false, argument=0x0) at /data/src/10.2-bug/sql/item_subselect.cc:697
      		 
      #8  0x0000556159dc0cfb in Item_args::walk_args (this=0x7fd7d8017650, processor=&virtual table offset 864, walk_subquery=false, arg=0x0) at /data/src/10.2-bug/sql/item.h:4097
      		 
      #9  0x0000556159dc1129 in Item_func_or_sum::walk (this=0x7fd7d80175c8, processor=&virtual table offset 864, walk_subquery=false, arg=0x0) at /data/src/10.2-bug/sql/item.h:4383
      		 
      #10 0x0000556159d4a3ae in Item::is_expensive (this=0x7fd7d80175c8) at /data/src/10.2-bug/sql/item.h:1994
      		 
      #11 0x000055615a0f460a in Item_cond::fix_fields (this=0x7fd7d80178b8, thd=0x7fd7d8000d90, ref=0x0) at /data/src/10.2-bug/sql/item_cmpfunc.cc:4641
      		 
      #12 0x000055615a174610 in Item_in_subselect::create_single_in_to_exists_cond (this=0x7fd7d8015010, join=0x7fd7d8015a88, where_item=0x7fd7d8015f88, having_item=0x7fd7d8015f90) at /data/src/10.2-bug/sql/item_subselect.cc:2211
      		 
      #13 0x000055615a176437 in Item_in_subselect::create_in_to_exists_cond (this=0x7fd7d8015010, join_arg=0x7fd7d8015a88) at /data/src/10.2-bug/sql/item_subselect.cc:2589
      		 
      #14 0x0000556159fd8dc3 in JOIN::choose_subquery_plan (this=0x7fd7d8015a88, join_tables=1) at /data/src/10.2-bug/sql/opt_subselect.cc:5774
      		 
      #15 0x0000556159e71932 in make_join_statistics (join=0x7fd7d8015a88, tables_list=..., keyuse_array=0x7fd7d8015d78) at /data/src/10.2-bug/sql/sql_select.cc:4621
      		 
      #16 0x0000556159e66f9f in JOIN::optimize_inner (this=0x7fd7d8015a88) at /data/src/10.2-bug/sql/sql_select.cc:1588
      		 
      #17 0x0000556159e65496 in JOIN::optimize (this=0x7fd7d8015a88) at /data/src/10.2-bug/sql/sql_select.cc:1118
      		 
      #18 0x0000556159e14301 in st_select_lex::optimize_unflattened_subqueries (this=0x7fd7d80050c8, const_only=true) at /data/src/10.2-bug/sql/sql_lex.cc:3871
      		 
      #19 0x0000556159fd7cc9 in JOIN::optimize_constant_subqueries (this=0x7fd7d8015418) at /data/src/10.2-bug/sql/opt_subselect.cc:5360
      		 
      #20 0x0000556159e65fb2 in JOIN::optimize_inner (this=0x7fd7d8015418) at /data/src/10.2-bug/sql/sql_select.cc:1340
      		 
      #21 0x0000556159e65496 in JOIN::optimize (this=0x7fd7d8015418) at /data/src/10.2-bug/sql/sql_select.cc:1118
      		 
      #22 0x0000556159e6e9d4 in mysql_select (thd=0x7fd7d8000d90, tables=0x0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fd7d80153f8, unit=0x7fd7d8004988, select_lex=0x7fd7d80050c8) at /data/src/10.2-bug/sql/sql_select.cc:3823
      		 
      #23 0x0000556159e62bde in handle_select (thd=0x7fd7d8000d90, lex=0x7fd7d80048c8, result=0x7fd7d80153f8, setup_tables_done_option=0) at /data/src/10.2-bug/sql/sql_select.cc:361
      		 
      #24 0x0000556159e2d2e8 in execute_sqlcom_select (thd=0x7fd7d8000d90, all_tables=0x7fd7d8014038) at /data/src/10.2-bug/sql/sql_parse.cc:6248
      		 
      #25 0x0000556159e23c97 in mysql_execute_command (thd=0x7fd7d8000d90) at /data/src/10.2-bug/sql/sql_parse.cc:3559
      		 
      #26 0x0000556159e31091 in mysql_parse (thd=0x7fd7d8000d90, rawbuf=0x7fd7d80126f8 "SELECT 1 IN (SELECT (SELECT a FROM t1) AS x FROM t2 GROUP BY x)", length=63, parser_state=0x7fd7f44375f0, is_com_multi=false, is_next_command=false) at /data/src/10.2-bug/sql/sql_parse.cc:7763
      		 
      #27 0x0000556159e1f36a in dispatch_command (command=COM_QUERY, thd=0x7fd7d8000d90, packet=0x7fd7d8008b51 "SELECT 1 IN (SELECT (SELECT a FROM t1) AS x FROM t2 GROUP BY x)", packet_length=63, is_com_multi=false, is_next_command=false) at /data/src/10.2-bug/sql/sql_parse.cc:1827
      		 
      #28 0x0000556159e1de65 in do_command (thd=0x7fd7d8000d90) at /data/src/10.2-bug/sql/sql_parse.cc:1381
      		 
      #29 0x0000556159f78972 in do_handle_one_connection (connect=0x55615be52890) at /data/src/10.2-bug/sql/sql_connect.cc:1336
      		 
      #30 0x0000556159f786d7 in handle_one_connection (arg=0x55615be52890) at /data/src/10.2-bug/sql/sql_connect.cc:1241
      		 
      #31 0x000055615a7a0dda in pfs_spawn_thread (arg=0x55615be35b40) at /data/src/10.2-bug/storage/perfschema/pfs.cc:1869
      		 
      #32 0x00007fd7f9fec609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #33 0x00007fd7f9bc8293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Reproducible with at least MyISAM, InnoDB, Aria, debug and non-debug alike.
      Non-debug builds, however, don't have st_select_lex::next_select in the stack trace, and there are some other slight differences:

      10.2 067465cd

      		 
      #3  <signal handler called>
      		 
      #4  0x0000560eb3df0b66 in Item_subselect::is_expensive (this=0x7f81a80112c0) at /data/src/10.2/sql/sql_lex.h:992
      		 
      #5  0x0000560eb3b6ae50 in Item_args::walk_args (arg=0x0, walk_subquery=false, processor=<optimized out>, this=0x7f81a80142a8) at /data/src/10.2/sql/item.h:4097
      		 
      #6  Item_func_or_sum::walk (this=0x7f81a8014220, processor=&virtual table offset 864, walk_subquery=false, arg=0x0) at /data/src/10.2/sql/item.h:4383
      		 
      #7  0x0000560eb3b086d1 in Item::is_expensive (this=0x7f81a8014220) at /data/src/10.2/sql/item.h:1994
      		 
      #8  0x0000560eb3d7fa25 in Item_cond::fix_fields (this=0x7f81a8014510, thd=0x7f81a8000c48, ref=<optimized out>) at /data/src/10.2/sql/item_cmpfunc.cc:4640
      		 
      #9  0x0000560eb3df4ac9 in Item_in_subselect::create_single_in_to_exists_cond (this=0x7f81a8011c68, join=<optimized out>, where_item=0x7f81a8012be0, having_item=<optimized out>) at /data/src/10.2/sql/item_subselect.cc:2231
      		 
      #10 0x0000560eb3df8545 in Item_in_subselect::create_in_to_exists_cond (this=this@entry=0x7f81a8011c68, join_arg=join_arg@entry=0x7f81a80126e0) at /data/src/10.2/sql/item_subselect.cc:2609
      		 
      #11 0x0000560eb3cb9881 in JOIN::choose_subquery_plan (this=this@entry=0x7f81a80126e0, join_tables=join_tables@entry=1) at /data/src/10.2/sql/opt_subselect.cc:5774
      		 
      #12 0x0000560eb3bed4a2 in make_join_statistics (join=0x7f81a80126e0, tables_list=..., keyuse_array=0x7f81a80129d0) at /data/src/10.2/sql/sql_select.cc:4621
      		 
      #13 0x0000560eb3bf4b50 in JOIN::optimize_inner (this=0x7f81a80126e0) at /data/src/10.2/sql/sql_select.cc:1588
      		 
      #14 0x0000560eb3bf7909 in JOIN::optimize (this=0x7f81a80126e0) at /data/src/10.2/sql/sql_select.cc:1118
      		 
      #15 JOIN::optimize (this=this@entry=0x7f81a80126e0) at /data/src/10.2/sql/sql_select.cc:1110
      		 
      #16 0x0000560eb3b8d6ae in st_select_lex::optimize_unflattened_subqueries (this=0x7f81a8004dc0, const_only=const_only@entry=true) at /data/src/10.2/sql/sql_lex.cc:3871
      		 
      #17 0x0000560eb3cb89b5 in JOIN::optimize_constant_subqueries (this=this@entry=0x7f81a8012070) at /data/src/10.2/sql/opt_subselect.cc:5360
      		 
      #18 0x0000560eb3bf44d8 in JOIN::optimize_inner (this=0x7f81a8012070) at /data/src/10.2/sql/sql_select.cc:1340
      		 
      #19 0x0000560eb3bf7909 in JOIN::optimize (this=0x7f81a8012070) at /data/src/10.2/sql/sql_select.cc:1118
      		 
      #20 JOIN::optimize (this=0x7f81a8012070) at /data/src/10.2/sql/sql_select.cc:1110
      		 
      #21 0x0000560eb3bf9a48 in mysql_select (thd=0x7f81a8000c48, tables=0x0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f81a8012050, unit=0x7f81a8004680, select_lex=0x7f81a8004dc0) at /data/src/10.2/sql/sql_select.cc:3823
      		 
      #22 0x0000560eb3bf9d17 in handle_select (thd=thd@entry=0x7f81a8000c48, lex=lex@entry=0x7f81a80045c0, result=result@entry=0x7f81a8012050, setup_tables_done_option=setup_tables_done_option@entry=0) at /data/src/10.2/sql/sql_select.cc:361
      		 
      #23 0x0000560eb3b8f1e1 in execute_sqlcom_select (thd=0x7f81a8000c48, all_tables=0x7f81a8010c90) at /data/src/10.2/sql/sql_parse.cc:6248
      		 
      #24 0x0000560eb3b9c8c5 in mysql_execute_command (thd=0x7f81a8000c48) at /data/src/10.2/sql/sql_parse.cc:3559
      		 
      #25 0x0000560eb3b9f86b in mysql_parse (thd=thd@entry=0x7f81a8000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7f81b8b6d5b0, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /data/src/10.2/sql/sql_parse.cc:7763
      		 
      #26 0x0000560eb3ba2a7d in dispatch_command (command=COM_QUERY, thd=0x7f81a8000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /data/src/10.2/sql/sql_class.h:1096
      		 
      #27 0x0000560eb3ba3cc7 in do_command (thd=0x7f81a8000c48) at /data/src/10.2/sql/sql_parse.cc:1381
      		 
      #28 0x0000560eb3c7cc76 in do_handle_one_connection (connect=connect@entry=0x560eb5fd52f8) at /data/src/10.2/sql/sql_connect.cc:1336
      		 
      #29 0x0000560eb3c7cdef in handle_one_connection (arg=arg@entry=0x560eb5fd52f8) at /data/src/10.2/sql/sql_connect.cc:1241
      		 
      #30 0x0000560eb4217ce6 in pfs_spawn_thread (arg=0x560eb5fe61a8) at /data/src/10.2/storage/perfschema/pfs.cc:1869
      		 
      #31 0x00007f81bef25609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #32 0x00007f81beb1a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      The failure appeared in 10.2 after this commit:

      Author: Varun Gupta
      		 
      Date:   Mon Feb 15 16:28:44 2021 +0530
      		 
       
      		 
          MDEV-24779: main.subselect fails in buildbot with --ps-protocol

      Other versions are not affected so far, since the patch hasn't been merged up yet.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-28621 group by optimization incorrectly removing subquery where subject buried in a function

          • Blocker - Blocks development and/or testing work, production could not run.
          • Stalled

          Activity

            People

              psergei Sergei Petrunia
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.