Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-24919

Crash with subselect formed by table value constructor and used in set function

    XMLWordPrintable

Details

    Description

      select  sum((values(1)));

      repeatable with other aggregate functions too (min/max/avg/group_concat,..)

      10.3 da88e1ec12b0ba39552bf54

      		 
      Version: '10.3.28-MariaDB-debug-log'  
      mysqld:/10.3/sql/item_sum.cc:163: bool Item_sum::check_sum_func(THD*, Item**): Assertion `!curr_sel->name_visibility_map.is_clear_all()' failed.
      		 
      210218 16:04:00 [ERROR] mysqld got signal 6 ;
      		 
       
      		 
      linux/raise.c:51(__GI_raise)[0x7fb786aa77bb]
      		 
      stdlib/abort.c:81(__GI_abort)[0x7fb786a92535]
      		 
      intl/loadmsgcat.c:1177(_nl_load_domain)[0x7fb786a9240f]
      		 
      /lib/x86_64-linux-gnu/libc.so.6(+0x30102)[0x7fb786aa0102]
      		 
      sql/item_sum.cc:170(Item_sum::check_sum_func(THD*, Item**))[0x55a6c437095b]
      		 
      sql/item_sum.cc:1132(Item_sum_num::fix_fields(THD*, Item**))[0x55a6c4378e0e]
      		 
      sql/item.h:830(Item::fix_fields_if_needed(THD*, Item**))[0x55a6c36e7bdb]
      		 
      sql/item.h:833(Item::fix_fields_if_needed_for_scalar(THD*, Item**))[0x55a6c36e7c09]
      		 
      sql/sql_base.cc:7562(setup_fields(THD*, Bounds_checked_array<Item*>, List<Item>&, enum_column_usage, List<Item>*, List<Item>*, bool))[0x55a6c380d23c]
      		 
      sql/sql_select.cc:1151(JOIN::prepare(TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55a6c3a1bc29]
      		 
      sql/sql_select.cc:4301(mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55a6c3a3d564]
      		 
      sql/sql_select.cc:370(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55a6c3a14270]
      		 
      sql/sql_parse.cc:6316(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55a6c39806b0]
      		 
      sql/sql_parse.cc:3847(mysql_execute_command(THD*))[0x55a6c396e1f0]
      		 
      sql/sql_parse.cc:7840(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55a6c398a7a7]
      		 
      sql/sql_parse.cc:1855(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55a6c3960e7c]
      		 
      sql/sql_parse.cc:1398(do_command(THD*))[0x55a6c395d5b7]
      		 
      sql/sql_connect.cc:1403(do_handle_one_connection(CONNECT*))[0x55a6c3d4e3d0]
      		 
      sql/sql_connect.cc:1309(handle_one_connection)[0x55a6c3d4dc88]
      		 
      perfschema/pfs.cc:1871(pfs_spawn_thread)[0x55a6c54b3c8f]
      		 
      nptl/pthread_create.c:487(start_thread)[0x7fb7871e5fa3]
      		 
      x86_64/clone.S:97(clone)[0x7fb786b694cf]
      		 
       
      		 
      Query (0x62b000000410): select  sum((values(1)))

      No visible effect on non-debug build, but if the query is executed via prepared statement,
      then the server crashes:

      Version: '10.5.9-MariaDB' 
      210218 16:07:08 [ERROR] mysqld got signal 11 ;
      		 
       
      		 
      Server version: 10.5.9-MariaDB
      		 
       
      		 
      mysys/stacktrace.c:213(my_print_stacktrace)[0x55bab60e1b85]
      		 
      ??:0(__restore_rt)[0x7fa2f95ae730]
      		 
      sql/sql_class.h:4128(THD::change_item_tree(Item**, Item*))[0x55bab5e9f9a7]
      		 
      sql/sql_select.cc:1397(JOIN::prepare(TABLE_LIST*, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*))[0x55bab5f43fc0]
      		 
      sql/sql_select.cc:4695(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55bab5f53808]
      		 
      sql/sql_select.cc:417(handle_select(THD*, LEX*, select_result*, unsigned long))[0x55bab5f53a7e]
      		 
      sql/sql_parse.cc:6281(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55bab5ef48c3]
      		 
      sql/sql_parse.cc:6023(mysql_execute_command(THD*))[0x55bab5efda06]
      		 
      sql/sql_prepare.cc:4996(Prepared_statement::execute(String*, bool))[0x55bab5f104f5]
      		 
      sql/sql_prepare.cc:4459(Prepared_statement::execute_loop(String*, bool, unsigned char*, unsigned char*))[0x55bab5f106ae]
      		 
      sql/sql_class.h:1474(mysql_sql_stmt_execute(THD*))[0x55bab5f1098b]
      		 
      sql/sql_parse.cc:3993(mysql_execute_command(THD*))[0x55bab5effa9c]
      		 
      sql/sql_parse.cc:8079(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x55bab5eefe92]
      		 
      sql/sql_parse.cc:1892(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x55bab5efad22]
      		 
      sql/sql_parse.cc:1370(do_command(THD*))[0x55bab5efbbdf]
      		 
      sql/sql_connect.cc:1410(do_handle_one_connection(CONNECT*, bool))[0x55bab5fe4180]
      		 
      sql/sql_connect.cc:1312(handle_one_connection)[0x55bab5fe455d]
      		 
      perfschema/pfs.cc:2204(pfs_spawn_thread)[0x55bab63121cb]
      		 
      nptl/pthread_create.c:487(start_thread)[0x7fa2f95a3fa3]
      		 
      x86_64/clone.S:97(clone)[0x7fa2f8bac4cf]
      		 
       
      		 
      Query (0x7fa2ac079c60): select  sum((values(1)))

      Attachments

        Activity

          People

            igor Igor Babaev
            alice Alice Sherepa
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.