Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-25206

Crash with CREATE VIEW .. SELECT with non-existing field in ON condition

Details

    Description

      CREATE TABLE t1 (a INT);
      		 
      INSERT INTO t1 VALUES (1),(2); # Optional, fails either way
      		 
      CREATE TABLE t2 (b INT);
      		 
      INSERT INTO t2 VALUES (3),(4); # Optional, fails either way
      		 
      CREATE VIEW v AS SELECT * FROM t1 JOIN t2 ON t1.x > t2.b;

      10.4 44d70c01f

      		 
      #3  <signal handler called>
      		 
      #4  0x000055d25f7a578a in Item_field::fix_outer_field (this=0x7f2fdc0163d0, thd=0x7f2fdc000d90, from_field=0x7f2ff34edff0, reference=0x7f2fdc016690) at /data/src/10.4-bug/sql/item.cc:5447
      		 
      #5  0x000055d25f7a7d2f in Item_field::fix_fields (this=0x7f2fdc0163d0, thd=0x7f2fdc000d90, reference=0x7f2fdc016690) at /data/src/10.4-bug/sql/item.cc:5861
      		 
      #6  0x000055d25eeb2e05 in Item::fix_fields_if_needed (this=0x7f2fdc0163d0, thd=0x7f2fdc000d90, ref=0x7f2fdc016690) at /data/src/10.4-bug/sql/item.h:964
      		 
      #7  0x000055d25f853037 in Item_func::fix_fields (this=0x7f2fdc016600, thd=0x7f2fdc000d90, ref=0x7f2fdc015cc8) at /data/src/10.4-bug/sql/item_func.cc:352
      		 
      #8  0x000055d25eeb2e05 in Item::fix_fields_if_needed (this=0x7f2fdc016600, thd=0x7f2fdc000d90, ref=0x7f2fdc015cc8) at /data/src/10.4-bug/sql/item.h:964
      		 
      #9  0x000055d25eeb2e65 in Item::fix_fields_if_needed_for_scalar (this=0x7f2fdc016600, thd=0x7f2fdc000d90, ref=0x7f2fdc015cc8) at /data/src/10.4-bug/sql/item.h:968
      		 
      #10 0x000055d25efba9d3 in Item::fix_fields_if_needed_for_bool (this=0x7f2fdc016600, thd=0x7f2fdc000d90, ref=0x7f2fdc015cc8) at /data/src/10.4-bug/sql/item.h:972
      		 
      #11 0x000055d25efb2a22 in setup_on_expr (thd=0x7f2fdc000d90, table=0x7f2fdc015c68, is_update=false) at /data/src/10.4-bug/sql/sql_base.cc:8343
      		 
      #12 0x000055d25efb3450 in setup_conds (thd=0x7f2fdc000d90, tables=0x7f2fdc015568, leaves=..., conds=0x7f2fdc017e10) at /data/src/10.4-bug/sql/sql_base.cc:8460
      		 
      #13 0x000055d25f15fb8f in setup_without_group (thd=0x7f2fdc000d90, ref_pointer_array=..., tables=0x7f2fdc015568, leaves=..., fields=..., all_fields=..., conds=0x7f2fdc017e10, order=0x0, group=0x0, win_specs=..., win_funcs=..., hidden_group_fields=0x7f2fdc017cef, reserved=0x7f2fdc01528c) at /data/src/10.4-bug/sql/sql_select.cc:689
      		 
      #14 0x000055d25f164fa0 in JOIN::prepare (this=0x7f2fdc017a08, tables_init=0x7f2fdc015568, wild_num=1, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f2fdc014f88, unit_arg=0x7f2fdc004cc8) at /data/src/10.4-bug/sql/sql_select.cc:1243
      		 
      #15 0x000055d25f2d256a in st_select_lex_unit::prepare_join (this=0x7f2fdc004cc8, thd_arg=0x7f2fdc000d90, sl=0x7f2fdc014f88, tmp_result=0x0, additional_options=0, is_union_select=false) at /data/src/10.4-bug/sql/sql_union.cc:646
      		 
      #16 0x000055d25f2d5056 in st_select_lex_unit::prepare (this=0x7f2fdc004cc8, derived_arg=0x0, sel_result=0x0, additional_options=0) at /data/src/10.4-bug/sql/sql_union.cc:993
      		 
      #17 0x000055d25f2f6f4f in mysql_create_view (thd=0x7f2fdc000d90, views=0x7f2fdc0148c0, mode=VIEW_CREATE_NEW) at /data/src/10.4-bug/sql/sql_view.cc:534
      		 
      #18 0x000055d25f0e8745 in mysql_execute_command (thd=0x7f2fdc000d90) at /data/src/10.4-bug/sql/sql_parse.cc:6001
      		 
      #19 0x000055d25f0f452c in mysql_parse (thd=0x7f2fdc000d90, rawbuf=0x7f2fdc014788 "CREATE VIEW v AS SELECT * FROM t1 JOIN t2 ON t1.x > t2.b", length=56, parser_state=0x7f2ff34ef550, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:7989
      		 
      #20 0x000055d25f0ca38e in dispatch_command (command=COM_QUERY, thd=0x7f2fdc000d90, packet=0x7f2fdc00abe1 "CREATE VIEW v AS SELECT * FROM t1 JOIN t2 ON t1.x > t2.b", packet_length=56, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:1855
      		 
      #21 0x000055d25f0c7246 in do_command (thd=0x7f2fdc000d90) at /data/src/10.4-bug/sql/sql_parse.cc:1373
      		 
      #22 0x000055d25f3b9466 in do_handle_one_connection (connect=0x55d264d62900) at /data/src/10.4-bug/sql/sql_connect.cc:1412
      		 
      #23 0x000055d25f3b8dd7 in handle_one_connection (arg=0x55d264d62900) at /data/src/10.4-bug/sql/sql_connect.cc:1316
      		 
      #24 0x000055d2606949bb in pfs_spawn_thread (arg=0x55d264d3b700) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
      		 
      #25 0x00007f2ffdda6609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #26 0x00007f2ffd611293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Reproducible with at least MyISAM and InnoDB.

      The failure appeared in 10.4 branch after this merge:

      commit 44d70c01f0aef419bc1325f0cba6a46085042646 (HEAD)
      		 
      Merge: 126725421e5 867724fd304
      		 
      Author: Marko Mäkelä
      		 
      Date:   Fri Mar 19 11:42:44 2021 +0200
      		 
       
      		 
          Merge 10.3 into 10.4

      But it's not reproducible on 10.3 with the provided test case, so I can't say which commit from the merge caused it (or whether it was a result of a bad merge).

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-26214 INSERT from SELECT crashes server on error missing column.

          • Major - Major loss of function.
          • Closed

          Activity

            People

              igor Igor Babaev (Inactive)
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.