Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-2660

LP:1001500 - Crash on the second execution of the PS for a query with degenerated conjunctive condition

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Critical
    • Resolution: Fixed
    • None
    • None
    • None

    Description

      The following test case causes a crash of the server in MariDB 5.2/5.3/5.5 on the second execution of the prepared statement:

      CREATE TABLE t1 (
      pk INTEGER AUTO_INCREMENT,
      col_int_nokey INTEGER,
      col_int_key INTEGER,

      col_varchar_key VARCHAR(1),
      col_varchar_nokey VARCHAR(1),

      PRIMARY KEY (pk),
      KEY (col_int_key),
      KEY (col_varchar_key, col_int_key)
      );

      INSERT INTO t1 (
      col_int_key, col_int_nokey,
      col_varchar_key, col_varchar_nokey
      ) VALUES
      (4, 2, 'v', 'v'),
      (62, 150, 'v', 'v');

      CREATE TABLE t2 (
      pk INTEGER AUTO_INCREMENT,
      col_int_nokey INTEGER,
      col_int_key INTEGER,

      col_varchar_key VARCHAR(1),
      col_varchar_nokey VARCHAR(1),

      PRIMARY KEY (pk),
      KEY (col_int_key),
      KEY (col_varchar_key, col_int_key)
      );

      INSERT INTO t2 (
      col_int_key, col_int_nokey,
      col_varchar_key, col_varchar_nokey
      ) VALUES
      (8, NULL, 'x', 'x'),
      (7, 8, 'd', 'd');

      PREPARE stmt FROM '
      SELECT
      ( SELECT MAX( SQ1_alias2 .col_int_nokey ) AS SQ1_field1
      FROM ( t2 AS SQ1_alias1 RIGHT JOIN t1 AS SQ1_alias2
      ON ( SQ1_alias2.col_varchar_key = SQ1_alias1.col_varchar_nokey )
      )
      WHERE SQ1_alias2.pk < alias1.col_int_nokey OR alias1.pk
      ) AS field1
      FROM ( t1 AS alias1 JOIN t2 AS alias2 ON alias2.pk )
      GROUP BY field1
      ';

      EXECUTE stmt;
      EXECUTE stmt;

      DEALLOCATE PREPARE stmt;

      DROP TABLE t1, t2;

      If to replace the conjunctive degenerated condition alias1.pk for the equivalent predicate alias.pk<>0
      then there is no problem with the second execution of the PS for the query:

      MariaDB [test]> PREPARE stmt FROM '
      '> SELECT
      '> ( SELECT MAX( SQ1_alias2 .col_int_nokey ) AS SQ1_field1
      '> FROM ( t2 AS SQ1_alias1 RIGHT JOIN t1 AS SQ1_alias2
      '> ON ( SQ1_alias2.col_varchar_key = SQ1_alias1.col_varchar_nokey )
      '> )
      '> WHERE SQ1_alias2.pk < alias1.col_int_nokey OR alias1.pk<>0
      '> ) AS field1
      '> FROM ( t1 AS alias1 JOIN t2 AS alias2 ON alias2.pk )
      '> GROUP BY field1
      '> ';
      Query OK, 0 rows affected (0.01 sec)
      Statement prepared

      MariaDB [test]> EXECUTE stmt;
      --------

      field1

      --------

      150

      --------
      1 row in set (0.00 sec)

      MariaDB [test]> EXECUTE stmt;
      --------

      field1

      --------

      150

      --------
      1 row in set (0.01 sec)

      (See also bug #12582849 from the mysql code line)

      Attachments

        Activity

          People

            sanja Oleksandr Byelkin
            igor Igor Babaev (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.