Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-28506

SIGSEGV's in find_field_in_table[s][_ref], Item_field::fix_fields, create_view_field and MemcmpInterceptorCommon | Assertions `(*select_ref)->fixed' or '->is_fixed' and `table_list->table' failed

Details

    Description

      Original testcase (reduced version in comments below):

      CREATE TABLE v959 ( v960 BOOLEAN NOT NULL ) ;
      		 
       ( ( SELECT v960 FROM v959 WHERE v960 = 85 AND ( ( v960 , v960 ) NOT IN ( SELECT ( 'x' = ( v960 IN ( SELECT v960 FROM v959 WHERE v960 = CASE WHEN v960 * ( SELECT 36 FROM v959 AS v961 WHERE v960 BETWEEN 4460921.000000 AND -128 WINDOW v965 AS ( PARTITION BY v960 ORDER BY ( SELECT v960 FROM ( SELECT DISTINCT ( ( NOT ( 94563372.000000 AND v960 = 24 ) ) = 19 AND 19725896.000000 = 35 ) % 13 , ( v960 = 4 OR v960 > 'x' ) FROM v959 WHERE v960 = 82 AND ( v960 = 0 OR v960 = 0 OR v960 = 45 ) ) AS v962 NATURAL JOIN v959 AS v963 GROUP BY v960 WINDOW v966 AS ( PARTITION BY v960 ORDER BY v960 DESC ) ) DESC RANGE BETWEEN 62132272.000000 FOLLOWING AND 8262676.000000 FOLLOWING ) ) ^ v960 THEN 'x' WHEN 43 THEN 'x' ELSE v960 END / 2147483647 ) ) ) , 'x' FROM v959 ) OR v960 = 69 OR v960 = -1 ) ORDER BY v960 + v960 , v960 + v960 ) ) ;
      		 
       UPDATE v959 SET v960 = 127 WHERE v960 = 48 ;
      		 
       INSERT INTO v959 ( v960 ) VALUES ( 16 ) , ( 0 ) ;
      		 
       SELECT FIRST_VALUE ( v960 ) OVER v967 , VAR_POP ( v960 ) OVER v967 FROM v959 WINDOW v967 AS ( PARTITION BY v960 ORDER BY v960 DESC ) ;

      Leads to:

      10.9.0 0b14dbd45b5a1c02616d611876158d44b92b77bf (Optimized)

      		 
      Core was generated by `/test/MD030522-mariadb-10.9.0-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x000055bbd49ad7e1 in find_field_in_table (thd=thd@entry=0x146b6c000c58, 
          table=0x0, name=name@entry=0x146b6c0221e0 "v960", length=length@entry=4, 
          allow_rowid=false, 
          cached_field_index_ptr=cached_field_index_ptr@entry=0x146b6c0222d0)
      		 
          at /test/10.9_opt/sql/sql_base.cc:6005
      		 
      6005	  field_index_t cached_field_index= *cached_field_index_ptr;
      		 
      [Current thread is 1 (Thread 0x146ba8053700 (LWP 3469335))]
      		 
      (gdb) bt
      		 
      #0  0x000055bbd49ad7e1 in find_field_in_table (thd=thd@entry=0x146b6c000c58, table=0x0, name=name@entry=0x146b6c0221e0 "v960", length=length@entry=4, allow_rowid=false, cached_field_index_ptr=cached_field_index_ptr@entry=0x146b6c0222d0) at /test/10.9_opt/sql/sql_base.cc:6005
      		 
      #1  0x000055bbd49adf97 in find_field_in_table_ref (thd=thd@entry=0x146b6c000c58, table_list=table_list@entry=0x146b6c020c38, name=name@entry=0x146b6c0221e0 "v960", length=length@entry=4, item_name=0x146b6c0221e0 "v960", db_name=db_name@entry=0x0, table_name=0x0, ignored_tables=0x0, ref=0x146b6c022310, check_privileges=true, allow_rowid=false, cached_field_index_ptr=0x146b6c0222d0, register_tree_change=true, actual_table=0x146ba804fdc8) at /test/10.9_opt/sql/sql_base.cc:6171
      		 
      #2  0x000055bbd49ae5e2 in find_field_in_tables (thd=thd@entry=0x146b6c000c58, item=item@entry=0x146b6c0221e8, first_table=<optimized out>, last_table=last_table@entry=0x0, ignored_tables=0x0, ref=ref@entry=0x146b6c022310, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true) at /test/10.9_opt/sql/sql_base.cc:6485
      		 
      #3  0x000055bbd4c7e366 in Item_field::fix_fields (this=0x146b6c0221e8, thd=0x146b6c000c58, reference=0x146b6c022310) at /test/10.9_opt/sql/item.cc:6014
      		 
      #4  0x000055bbd4a4dc14 in Item::fix_fields_if_needed (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0221e8) at /test/10.9_opt/sql/item.h:1142
      		 
      #5  Item::fix_fields_if_needed (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0221e8) at /test/10.9_opt/sql/item.h:1142
      		 
      #6  Item::fix_fields_if_needed_for_scalar (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0221e8) at /test/10.9_opt/sql/item.h:1148
      		 
      #7  Item::fix_fields_if_needed_for_order_by (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0221e8) at /test/10.9_opt/sql/item.h:1156
      		 
      #8  find_order_in_list (thd=0x146b6c000c58, ref_pointer_array=<optimized out>, tables=0x146b6c013bd8, order=0x146b6c022300, fields=<optimized out>, all_fields=@0x146b6c05d408: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c013b80, last = 0x146b6c013b80, elements = 1}, <No data fields>}, is_group_field=true, add_to_all_fields=true, from_window_spec=false) at /test/10.9_opt/sql/sql_select.cc:25040
      		 
      #9  0x000055bbd4a76f7f in setup_group (thd=thd@entry=0x146b6c000c58, ref_pointer_array={m_array = 0x146b6c05d658, m_size = 43}, tables=0x146b6c013bd8, fields=@0x146b6c013928: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c013b80, last = 0x146b6c013b80, elements = 1}, <No data fields>}, all_fields=@0x146b6c05d408: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c013b80, last = 0x146b6c013b80, elements = 1}, <No data fields>}, order=0x146b6c022300, hidden_group_fields=0x146b6c05d3b7, from_window_spec=false) at /test/10.9_opt/sql/sql_select.cc:25166
      		 
      #10 0x000055bbd4a7a99b in setup_without_group (reserved=<optimized out>, hidden_group_fields=0x146b6c05d3b7, win_funcs=<optimized out>, win_specs=<optimized out>, group=<optimized out>, order=<optimized out>, conds=0x146b6c05d4f0, all_fields=<optimized out>, fields=<optimized out>, leaves=<optimized out>, tables=<optimized out>, ref_pointer_array=<optimized out>, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_select.cc:878
      		 
      #11 JOIN::prepare (this=0x146b6c05d0a0, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.9_opt/sql/sql_select.cc:1430
      		 
      #12 0x000055bbd4d33458 in subselect_single_select_engine::prepare (this=0x146b6c023d28, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_lex.h:1363
      		 
      #13 0x000055bbd4d32ac8 in Item_subselect::fix_fields (this=0x146b6c023ba0, thd_param=<optimized out>, ref=0x146b6c023f00) at /test/10.9_opt/sql/item_subselect.cc:295
      		 
      #14 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c023f00, thd=0x146b6c000c58, this=0x146b6c023ba0) at /test/10.9_opt/sql/item.h:1142
      		 
      #15 Item::fix_fields_if_needed (ref=0x146b6c023f00, thd=0x146b6c000c58, this=0x146b6c023ba0) at /test/10.9_opt/sql/item.h:1142
      		 
      #16 Item_func::fix_fields (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c023e88) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #17 Item_func::fix_fields (this=0x146b6c023e88, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #18 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c023fb8, thd=0x146b6c000c58, this=0x146b6c023e88) at /test/10.9_opt/sql/item.h:1142
      		 
      #19 Item::fix_fields_if_needed (ref=0x146b6c023fb8, thd=0x146b6c000c58, this=0x146b6c023e88) at /test/10.9_opt/sql/item.h:1142
      		 
      #20 Item_func::fix_fields (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c023f38) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #21 Item_func::fix_fields (this=0x146b6c023f38, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #22 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c0243f8, thd=0x146b6c000c58, this=0x146b6c023f38) at /test/10.9_opt/sql/item.h:1142
      		 
      #23 Item::fix_fields_if_needed (ref=0x146b6c0243f8, thd=0x146b6c000c58, this=0x146b6c023f38) at /test/10.9_opt/sql/item.h:1142
      		 
      #24 Item_func::fix_fields (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0242f0) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #25 Item_func::fix_fields (this=this@entry=0x146b6c0242f0, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #26 0x000055bbd4c8d313 in Item_func_case::fix_fields (this=0x146b6c0242f0, thd=<optimized out>, ref=<optimized out>) at /test/10.9_opt/sql/item_cmpfunc.cc:3130
      		 
      #27 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c024560, thd=0x146b6c000c58, this=0x146b6c0242f0) at /test/10.9_opt/sql/item.h:1142
      		 
      #28 Item::fix_fields_if_needed (ref=0x146b6c024560, thd=0x146b6c000c58, this=0x146b6c0242f0) at /test/10.9_opt/sql/item.h:1142
      		 
      #29 Item_func::fix_fields (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0244e8) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #30 Item_func::fix_fields (this=0x146b6c0244e8, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #31 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c024620, thd=0x146b6c000c58, this=0x146b6c0244e8) at /test/10.9_opt/sql/item.h:1142
      		 
      #32 Item::fix_fields_if_needed (ref=0x146b6c024620, thd=0x146b6c000c58, this=0x146b6c0244e8) at /test/10.9_opt/sql/item.h:1142
      		 
      #33 Item_func::fix_fields (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c0245a0) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #34 Item_func::fix_fields (this=0x146b6c0245a0, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #35 0x000055bbd49b0d87 in Item::fix_fields_if_needed (ref=0x146b6c05c830, thd=0x146b6c000c58, this=0x146b6c0245a0) at /test/10.9_opt/sql/item.h:1142
      		 
      #36 Item::fix_fields_if_needed (ref=0x146b6c05c830, thd=0x146b6c000c58, this=0x146b6c0245a0) at /test/10.9_opt/sql/item.h:1142
      		 
      #37 Item::fix_fields_if_needed_for_scalar (ref=0x146b6c05c830, thd=0x146b6c000c58, this=0x146b6c0245a0) at /test/10.9_opt/sql/item.h:1148
      		 
      #38 Item::fix_fields_if_needed_for_bool (ref=0x146b6c05c830, thd=0x146b6c000c58, this=0x146b6c0245a0) at /test/10.9_opt/sql/item.h:1152
      		 
      #39 setup_conds (thd=thd@entry=0x146b6c000c58, tables=tables@entry=0x146b6c012d50, leaves=@0x146b6c012988: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c028370, last = 0x146b6c028370, elements = 1}, <No data fields>}, conds=conds@entry=0x146b6c05c830) at /test/10.9_opt/sql/sql_base.cc:8447
      		 
      #40 0x000055bbd4a7a6ba in setup_without_group (reserved=0x146b6c012b2c, hidden_group_fields=0x146b6c05c6f7, win_funcs=@0x146b6c012bc0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55bbd5a916d0 <end_of_list>, last = 0x146b6c012bc0, elements = 0}, <No data fields>}, win_specs=@0x146b6c012ba8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55bbd5a916d0 <end_of_list>, last = 0x146b6c012ba8, elements = 0}, <No data fields>}, group=0x0, order=0x0, conds=0x146b6c05c830, all_fields=@0x146b6c05c748: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c012d08, last = 0x146b6c012d08, elements = 1}, <No data fields>}, fields=@0x146b6c012a10: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c012d08, last = 0x146b6c012d08, elements = 1}, <No data fields>}, leaves=@0x146b6c012988: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c028370, last = 0x146b6c028370, elements = 1}, <No data fields>}, tables=0x146b6c012d50, ref_pointer_array=<optimized out>, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_select.cc:858
      		 
      #41 JOIN::prepare (this=0x146b6c05c3e0, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.9_opt/sql/sql_select.cc:1430
      		 
      #42 0x000055bbd4d33458 in subselect_single_select_engine::prepare (this=0x146b6c0251f8, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_lex.h:1363
      		 
      #43 0x000055bbd4d32ac8 in Item_subselect::fix_fields (this=this@entry=0x146b6c024fd0, thd_param=thd_param@entry=0x146b6c000c58, ref=ref@entry=0x146b6c0252b8) at /test/10.9_opt/sql/item_subselect.cc:295
      		 
      #44 0x000055bbd4d32e39 in Item_in_subselect::fix_fields (this=0x146b6c024fd0, thd_arg=0x146b6c000c58, ref=0x146b6c0252b8) at /test/10.9_opt/sql/item_subselect.cc:3570
      		 
      #45 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c0252b8, thd=0x146b6c000c58, this=0x146b6c024fd0) at /test/10.9_opt/sql/item.h:1142
      		 
      #46 Item::fix_fields_if_needed (ref=0x146b6c0252b8, thd=0x146b6c000c58, this=0x146b6c024fd0) at /test/10.9_opt/sql/item.h:1142
      		 
      #47 Item_func::fix_fields (ref=<optimized out>, thd=0x146b6c000c58, this=0x146b6c025238) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #48 Item_func::fix_fields (this=0x146b6c025238, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #49 0x000055bbd49af14b in Item::fix_fields_if_needed (ref=0x146b6c025468, thd=0x146b6c000c58, this=0x146b6c025238) at /test/10.9_opt/sql/item.h:1142
      		 
      #50 Item::fix_fields_if_needed (ref=0x146b6c025468, thd=0x146b6c000c58, this=0x146b6c025238) at /test/10.9_opt/sql/item.h:1142
      		 
      #51 Item::fix_fields_if_needed_for_scalar (ref=0x146b6c025468, thd=0x146b6c000c58, this=0x146b6c025238) at /test/10.9_opt/sql/item.h:1148
      		 
      #52 setup_fields (thd=0x146b6c000c58, ref_pointer_array=<optimized out>, fields=<optimized out>, column_usage=column_usage@entry=MARK_COLUMNS_READ, sum_func_list=sum_func_list@entry=0x146b6c05b970, pre_fix=0x146b6c012410, allow_sum_func=true) at /test/10.9_opt/sql/sql_base.cc:7695
      		 
      #53 0x000055bbd4a7a5b9 in JOIN::prepare (this=0x146b6c05b608, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.9_opt/sql/sql_select.cc:1424
      		 
      #54 0x000055bbd4d33458 in subselect_single_select_engine::prepare (this=0x146b6c026808, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_lex.h:1363
      		 
      #55 0x000055bbd4d32ac8 in Item_subselect::fix_fields (this=this@entry=0x146b6c026538, thd_param=thd_param@entry=0x146b6c000c58, ref=ref@entry=0x146b6c0268c0) at /test/10.9_opt/sql/item_subselect.cc:295
      		 
      #56 0x000055bbd4d32e39 in Item_in_subselect::fix_fields (this=0x146b6c026538, thd_arg=0x146b6c000c58, ref=0x146b6c0268c0) at /test/10.9_opt/sql/item_subselect.cc:3570
      		 
      #57 0x000055bbd4cc174d in Item::fix_fields_if_needed (ref=0x146b6c0268c0, thd=0x146b6c000c58, this=0x146b6c026538) at /test/10.9_opt/sql/item.h:1142
      		 
      #58 Item::fix_fields_if_needed (ref=0x146b6c0268c0, thd=0x146b6c000c58, this=0x146b6c026538) at /test/10.9_opt/sql/item.h:1142
      		 
      #59 Item_func::fix_fields (ref=0x146b6c0268c8, thd=0x146b6c000c58, this=0x146b6c026848) at /test/10.9_opt/sql/item_func.cc:347
      		 
      #60 Item_func::fix_fields (this=this@entry=0x146b6c026848, thd=thd@entry=0x146b6c000c58, ref=ref@entry=0x146b6c026d98) at /test/10.9_opt/sql/item_func.cc:314
      		 
      #61 0x000055bbd4c96316 in Item_func_not::fix_fields (this=0x146b6c026848, thd=0x146b6c000c58, ref=0x146b6c026d98) at /test/10.9_opt/sql/item_cmpfunc.cc:6451
      		 
      #62 0x000055bbd4c9588b in Item::fix_fields_if_needed (ref=0x146b6c026d98, thd=0x146b6c000c58, this=0x146b6c026848) at /test/10.9_opt/sql/item.h:1142
      		 
      #63 Item::fix_fields_if_needed (ref=0x146b6c026d98, thd=0x146b6c000c58, this=0x146b6c026848) at /test/10.9_opt/sql/item.h:1142
      		 
      #64 Item::fix_fields_if_needed_for_scalar (ref=0x146b6c026d98, thd=0x146b6c000c58, this=0x146b6c026848) at /test/10.9_opt/sql/item.h:1148
      		 
      #65 Item::fix_fields_if_needed_for_bool (ref=0x146b6c026d98, thd=0x146b6c000c58, this=0x146b6c026848) at /test/10.9_opt/sql/item.h:1152
      		 
      #66 Item_cond::fix_fields (this=0x146b6c026cc0, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_cmpfunc.cc:4893
      		 
      #67 0x000055bbd4c9588b in Item::fix_fields_if_needed (ref=0x146b6c027298, thd=0x146b6c000c58, this=0x146b6c026cc0) at /test/10.9_opt/sql/item.h:1142
      		 
      #68 Item::fix_fields_if_needed (ref=0x146b6c027298, thd=0x146b6c000c58, this=0x146b6c026cc0) at /test/10.9_opt/sql/item.h:1142
      		 
      #69 Item::fix_fields_if_needed_for_scalar (ref=0x146b6c027298, thd=0x146b6c000c58, this=0x146b6c026cc0) at /test/10.9_opt/sql/item.h:1148
      		 
      #70 Item::fix_fields_if_needed_for_bool (ref=0x146b6c027298, thd=0x146b6c000c58, this=0x146b6c026cc0) at /test/10.9_opt/sql/item.h:1152
      		 
      #71 Item_cond::fix_fields (this=0x146b6c027188, thd=0x146b6c000c58, ref=<optimized out>) at /test/10.9_opt/sql/item_cmpfunc.cc:4893
      		 
      #72 0x000055bbd49b0d87 in Item::fix_fields_if_needed (ref=0x146b6c05aa50, thd=0x146b6c000c58, this=0x146b6c027188) at /test/10.9_opt/sql/item.h:1142
      		 
      #73 Item::fix_fields_if_needed (ref=0x146b6c05aa50, thd=0x146b6c000c58, this=0x146b6c027188) at /test/10.9_opt/sql/item.h:1142
      		 
      #74 Item::fix_fields_if_needed_for_scalar (ref=0x146b6c05aa50, thd=0x146b6c000c58, this=0x146b6c027188) at /test/10.9_opt/sql/item.h:1148
      		 
      #75 Item::fix_fields_if_needed_for_bool (ref=0x146b6c05aa50, thd=0x146b6c000c58, this=0x146b6c027188) at /test/10.9_opt/sql/item.h:1152
      		 
      #76 setup_conds (thd=thd@entry=0x146b6c000c58, tables=tables@entry=0x146b6c011378, leaves=@0x146b6c010fb0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c028330, last = 0x146b6c028330, elements = 1}, <No data fields>}, conds=conds@entry=0x146b6c05aa50) at /test/10.9_opt/sql/sql_base.cc:8447
      		 
      #77 0x000055bbd4a7a6ba in setup_without_group (reserved=0x146b6c011154, hidden_group_fields=0x146b6c05a917, win_funcs=@0x146b6c0111e8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55bbd5a916d0 <end_of_list>, last = 0x146b6c0111e8, elements = 0}, <No data fields>}, win_specs=@0x146b6c0111d0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55bbd5a916d0 <end_of_list>, last = 0x146b6c0111d0, elements = 0}, <No data fields>}, group=0x0, order=0x146b6c027db0, conds=0x146b6c05aa50, all_fields=@0x146b6c05a968: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c011330, last = 0x146b6c011330, elements = 1}, <No data fields>}, fields=@0x146b6c011038: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c011330, last = 0x146b6c011330, elements = 1}, <No data fields>}, leaves=@0x146b6c010fb0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c028330, last = 0x146b6c028330, elements = 1}, <No data fields>}, tables=0x146b6c011378, ref_pointer_array=<optimized out>, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_select.cc:858
      		 
      #78 JOIN::prepare (this=0x146b6c05a600, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=<optimized out>, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.9_opt/sql/sql_select.cc:1430
      		 
      #79 0x000055bbd4a8ccaf in mysql_select (thd=0x146b6c000c58, tables=0x146b6c011378, fields=@0x146b6c011038: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x146b6c011330, last = 0x146b6c011330, elements = 1}, <No data fields>}, conds=0x146b6c027188, og_num=2, order=0x146b6c027db0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x146b6c028308, unit=0x146b6c004cb8, select_lex=0x146b6c010d98) at /test/10.9_opt/sql/sql_select.cc:5011
      		 
      #80 0x000055bbd4a8cf57 in handle_select (thd=thd@entry=0x146b6c000c58, lex=lex@entry=0x146b6c004be0, result=result@entry=0x146b6c028308, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.9_opt/sql/sql_select.cc:570
      		 
      #81 0x000055bbd4a10a21 in execute_sqlcom_select (thd=0x146b6c000c58, all_tables=0x146b6c011378) at /test/10.9_opt/sql/sql_parse.cc:6271
      		 
      #82 0x000055bbd4a1e363 in mysql_execute_command (thd=0x146b6c000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.9_opt/sql/sql_parse.cc:3961
      		 
      #83 0x000055bbd4a0ba55 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x146b6c000c58) at /test/10.9_opt/sql/sql_parse.cc:8046
      		 
      #84 mysql_parse (thd=0x146b6c000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.9_opt/sql/sql_parse.cc:7968
      		 
      #85 0x000055bbd4a1771a in dispatch_command (command=COM_QUERY, thd=0x146b6c000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.9_opt/sql/sql_class.h:1364
      		 
      #86 0x000055bbd4a19642 in do_command (thd=0x146b6c000c58, blocking=blocking@entry=true) at /test/10.9_opt/sql/sql_parse.cc:1408
      		 
      #87 0x000055bbd4b2e5bf in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55bbd814e1a8, put_in_cache=put_in_cache@entry=true) at /test/10.9_opt/sql/sql_connect.cc:1418
      		 
      #88 0x000055bbd4b2e89d in handle_one_connection (arg=0x55bbd814e1a8) at /test/10.9_opt/sql/sql_connect.cc:1312
      		 
      #89 0x0000146bbf6d5609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #90 0x0000146bbf2c1133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      10.9.0 0b14dbd45b5a1c02616d611876158d44b92b77bf (Debug)

      		 
      mysqld: /test/10.9_dbg/sql/sql_base.cc:6170: Field* find_field_in_table_ref(THD*, TABLE_LIST*, const char*, size_t, const char*, const char*, const char*, ignored_tables_list_t, Item**, bool, bool, field_index_t*, bool, TABLE_LIST**): Assertion `table_list->table' failed.

      10.9.0 0b14dbd45b5a1c02616d611876158d44b92b77bf (Debug)

      		 
      Core was generated by `/test/MD030522-mariadb-10.9.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
      		 
      Program terminated with signal SIGABRT, Aborted.
      		 
      #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
      		 
      [Current thread is 1 (Thread 0x145bdc050700 (LWP 3469815))]
      		 
      (gdb) bt
      		 
      #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
      		 
      #1  0x0000145bf37ea859 in __GI_abort () at abort.c:79
      		 
      #2  0x0000145bf37ea729 in __assert_fail_base (fmt=0x145bf3980588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x563f46d8c086 "table_list->table", file=0x563f46d896d8 "/test/10.9_dbg/sql/sql_base.cc", line=6170, function=<optimized out>) at assert.c:92
      		 
      #3  0x0000145bf37fbfd6 in __GI___assert_fail (assertion=assertion@entry=0x563f46d8c086 "table_list->table", file=file@entry=0x563f46d896d8 "/test/10.9_dbg/sql/sql_base.cc", line=line@entry=6170, function=function@entry=0x563f46d8b220 "Field* find_field_in_table_ref(THD*, TABLE_LIST*, const char*, size_t, const char*, const char*, const char*, ignored_tables_list_t, Item**, bool, bool, field_index_t*, bool, TABLE_LIST**)") at assert.c:101
      		 
      #4  0x0000563f46131c84 in find_field_in_table_ref (thd=thd@entry=0x145ba0000db8, table_list=table_list@entry=0x145ba002ddc8, name=name@entry=0x145ba002f378 "v960", length=length@entry=4, item_name=0x145ba002f378 "v960", db_name=db_name@entry=0x0, table_name=0x0, ignored_tables=0x0, ref=0x145ba002f4a8, check_privileges=true, allow_rowid=false, cached_field_index_ptr=0x145ba002f468, register_tree_change=true, actual_table=0x145bdc04ce88) at /test/10.9_dbg/sql/sql_base.cc:6170
      		 
      #5  0x0000563f46132afc in find_field_in_tables (thd=thd@entry=0x145ba0000db8, item=item@entry=0x145ba002f380, first_table=<optimized out>, last_table=0x0, ignored_tables=0x0, ref=ref@entry=0x145ba002f4a8, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true) at /test/10.9_dbg/sql/sql_base.cc:6485
      		 
      #6  0x0000563f464cafee in Item_field::fix_fields (this=0x145ba002f380, thd=0x145ba0000db8, reference=0x145ba002f4a8) at /test/10.9_dbg/sql/item.cc:6014
      		 
      #7  0x0000563f461fa1e3 in Item::fix_fields_if_needed (ref=<optimized out>, thd=0x145ba0000db8, this=0x145ba002f380) at /test/10.9_dbg/sql/item.h:1156
      		 
      #8  Item::fix_fields_if_needed_for_scalar (ref=<optimized out>, thd=0x145ba0000db8, this=0x145ba002f380) at /test/10.9_dbg/sql/item.h:1148
      		 
      #9  Item::fix_fields_if_needed_for_order_by (ref=<optimized out>, thd=0x145ba0000db8, this=0x145ba002f380) at /test/10.9_dbg/sql/item.h:1156
      		 
      #10 find_order_in_list (thd=thd@entry=0x145ba0000db8, ref_pointer_array=<optimized out>, tables=tables@entry=0x145ba00170f8, order=order@entry=0x145ba002f498, fields=@0x145ba0016e48: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba00170a0, last = 0x145ba00170a0, elements = 1}, <No data fields>}, all_fields=@0x145ba0085168: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba00170a0, last = 0x145ba00170a0, elements = 1}, <No data fields>}, is_group_field=true, add_to_all_fields=true, from_window_spec=false) at /test/10.9_dbg/sql/sql_select.cc:25040
      		 
      #11 0x0000563f462263b5 in setup_group (thd=thd@entry=0x145ba0000db8, ref_pointer_array=<optimized out>, tables=tables@entry=0x145ba00170f8, fields=@0x145ba0016e48: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba00170a0, last = 0x145ba00170a0, elements = 1}, <No data fields>}, all_fields=@0x145ba0085168: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba00170a0, last = 0x145ba00170a0, elements = 1}, <No data fields>}, order=0x145ba002f498, hidden_group_fields=0x145ba0085117, from_window_spec=false) at /test/10.9_dbg/sql/sql_select.cc:25166
      		 
      #12 0x0000563f4622a36a in setup_without_group (reserved=<optimized out>, hidden_group_fields=0x145ba0085117, win_funcs=<optimized out>, win_specs=<optimized out>, group=<optimized out>, order=<optimized out>, conds=0x145ba0085250, all_fields=@0x145ba0085168: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba00170a0, last = 0x145ba00170a0, elements = 1}, <No data fields>}, fields=<optimized out>, leaves=<optimized out>, tables=<optimized out>, ref_pointer_array=<optimized out>, thd=0x145ba0000db8) at /test/10.9_dbg/sql/sql_select.cc:862
      		 
      #13 JOIN::prepare (this=0x145ba0084e00, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.9_dbg/sql/sql_select.cc:1430
      		 
      #14 0x0000563f465aa3bb in subselect_single_select_engine::prepare (this=0x145ba0030ed0, thd=0x145ba0000db8) at /test/10.9_dbg/sql/sql_lex.h:1363
      		 
      #15 0x0000563f465a9889 in Item_subselect::fix_fields (this=0x145ba0030d48, thd_param=<optimized out>, ref=0x145ba00310a8) at /test/10.9_dbg/sql/item_subselect.cc:295
      		 
      #16 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba00310a8, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #17 Item_func::fix_fields (this=0x145ba0031030, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #18 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba0031160, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #19 Item_func::fix_fields (this=0x145ba00310e0, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #20 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba0031660, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #21 Item_func::fix_fields (this=this@entry=0x145ba0031498, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #22 0x0000563f464e0c6d in Item_func_case::fix_fields (this=0x145ba0031498, thd=<optimized out>, ref=<optimized out>) at /test/10.9_dbg/sql/item_cmpfunc.cc:3130
      		 
      #23 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba0031788, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #24 Item_func::fix_fields (this=0x145ba0031710, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #25 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba0031848, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #26 Item_func::fix_fields (this=0x145ba00317c8, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #27 0x0000563f461358c2 in Item::fix_fields_if_needed (ref=0x145ba0084590, thd=0x145ba0000db8, this=0x145ba00317c8) at /test/10.9_dbg/sql/item.h:1152
      		 
      #28 Item::fix_fields_if_needed_for_scalar (ref=0x145ba0084590, thd=0x145ba0000db8, this=0x145ba00317c8) at /test/10.9_dbg/sql/item.h:1148
      		 
      #29 Item::fix_fields_if_needed_for_bool (ref=0x145ba0084590, thd=0x145ba0000db8, this=0x145ba00317c8) at /test/10.9_dbg/sql/item.h:1152
      		 
      #30 setup_conds (thd=thd@entry=0x145ba0000db8, tables=tables@entry=0x145ba0016270, leaves=@0x145ba0015ea8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0035598, last = 0x145ba0035598, elements = 1}, <No data fields>}, conds=conds@entry=0x145ba0084590) at /test/10.9_dbg/sql/sql_base.cc:8447
      		 
      #31 0x0000563f4622a057 in setup_without_group (reserved=0x145ba001604c, hidden_group_fields=0x145ba0084457, win_funcs=@0x145ba00160e0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x563f47683bc0 <end_of_list>, last = 0x145ba00160e0, elements = 0}, <No data fields>}, win_specs=@0x145ba00160c8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x563f47683bc0 <end_of_list>, last = 0x145ba00160c8, elements = 0}, <No data fields>}, group=0x0, order=0x0, conds=0x145ba0084590, all_fields=@0x145ba00844a8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0016228, last = 0x145ba0016228, elements = 1}, <No data fields>}, fields=@0x145ba0015f30: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0016228, last = 0x145ba0016228, elements = 1}, <No data fields>}, leaves=@0x145ba0015ea8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0035598, last = 0x145ba0035598, elements = 1}, <No data fields>}, tables=0x145ba0016270, ref_pointer_array=<optimized out>, thd=0x145ba0000db8) at /test/10.9_dbg/sql/sql_select.cc:858
      		 
      #32 JOIN::prepare (this=0x145ba0084140, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x145ba0015c90, unit_arg=0x145ba0031a00) at /test/10.9_dbg/sql/sql_select.cc:1430
      		 
      #33 0x0000563f465aa3bb in subselect_single_select_engine::prepare (this=0x145ba0032420, thd=0x145ba0000db8) at /test/10.9_dbg/sql/sql_lex.h:1363
      		 
      #34 0x0000563f465a9889 in Item_subselect::fix_fields (this=this@entry=0x145ba00321f8, thd_param=thd_param@entry=0x145ba0000db8, ref=ref@entry=0x145ba00324e0) at /test/10.9_dbg/sql/item_subselect.cc:295
      		 
      #35 0x0000563f465a9cce in Item_in_subselect::fix_fields (this=0x145ba00321f8, thd_arg=0x145ba0000db8, ref=0x145ba00324e0) at /test/10.9_dbg/sql/item_subselect.cc:3570
      		 
      #36 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba00324e0, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #37 Item_func::fix_fields (this=0x145ba0032460, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #38 0x0000563f4613383f in Item::fix_fields_if_needed (ref=0x145ba0032690, thd=0x145ba0000db8, this=0x145ba0032460) at /test/10.9_dbg/sql/item.h:1148
      		 
      #39 Item::fix_fields_if_needed_for_scalar (ref=0x145ba0032690, thd=0x145ba0000db8, this=0x145ba0032460) at /test/10.9_dbg/sql/item.h:1148
      		 
      #40 setup_fields (thd=0x145ba0000db8, ref_pointer_array=<optimized out>, fields=<optimized out>, column_usage=column_usage@entry=MARK_COLUMNS_READ, sum_func_list=sum_func_list@entry=0x145ba00836d0, pre_fix=0x145ba0015930, allow_sum_func=true) at /test/10.9_dbg/sql/sql_base.cc:7695
      		 
      #41 0x0000563f46229e21 in JOIN::prepare (this=0x145ba0083368, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x145ba0015678, unit_arg=0x145ba0032f68) at /test/10.9_dbg/sql/sql_select.cc:1424
      		 
      #42 0x0000563f465aa3bb in subselect_single_select_engine::prepare (this=0x145ba0033a30, thd=0x145ba0000db8) at /test/10.9_dbg/sql/sql_lex.h:1363
      		 
      #43 0x0000563f465a9889 in Item_subselect::fix_fields (this=this@entry=0x145ba0033760, thd_param=thd_param@entry=0x145ba0000db8, ref=ref@entry=0x145ba0033ae8) at /test/10.9_dbg/sql/item_subselect.cc:295
      		 
      #44 0x0000563f465a9cce in Item_in_subselect::fix_fields (this=0x145ba0033760, thd_arg=0x145ba0000db8, ref=0x145ba0033ae8) at /test/10.9_dbg/sql/item_subselect.cc:3570
      		 
      #45 0x0000563f4651f50a in Item::fix_fields_if_needed (ref=0x145ba0033ae8, thd=0x145ba0000db8, this=<optimized out>) at /test/10.9_dbg/sql/item.h:1144
      		 
      #46 Item_func::fix_fields (this=this@entry=0x145ba0033a70, thd=thd@entry=0x145ba0000db8, ref=ref@entry=0x145ba0033fc0) at /test/10.9_dbg/sql/item_func.cc:347
      		 
      #47 0x0000563f464e7412 in Item_func_not::fix_fields (this=0x145ba0033a70, thd=0x145ba0000db8, ref=0x145ba0033fc0) at /test/10.9_dbg/sql/item_cmpfunc.cc:6451
      		 
      #48 0x0000563f464e6056 in Item::fix_fields_if_needed (ref=0x145ba0033fc0, thd=0x145ba0000db8, this=0x145ba0033a70) at /test/10.9_dbg/sql/item.h:1152
      		 
      #49 Item::fix_fields_if_needed_for_scalar (ref=0x145ba0033fc0, thd=0x145ba0000db8, this=0x145ba0033a70) at /test/10.9_dbg/sql/item.h:1148
      		 
      #50 Item::fix_fields_if_needed_for_bool (ref=0x145ba0033fc0, thd=0x145ba0000db8, this=0x145ba0033a70) at /test/10.9_dbg/sql/item.h:1152
      		 
      #51 Item_cond::fix_fields (this=0x145ba0033ee8, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_cmpfunc.cc:4893
      		 
      #52 0x0000563f464e6056 in Item::fix_fields_if_needed (ref=0x145ba00344c0, thd=0x145ba0000db8, this=0x145ba0033ee8) at /test/10.9_dbg/sql/item.h:1152
      		 
      #53 Item::fix_fields_if_needed_for_scalar (ref=0x145ba00344c0, thd=0x145ba0000db8, this=0x145ba0033ee8) at /test/10.9_dbg/sql/item.h:1148
      		 
      #54 Item::fix_fields_if_needed_for_bool (ref=0x145ba00344c0, thd=0x145ba0000db8, this=0x145ba0033ee8) at /test/10.9_dbg/sql/item.h:1152
      		 
      #55 Item_cond::fix_fields (this=0x145ba00343b0, thd=0x145ba0000db8, ref=<optimized out>) at /test/10.9_dbg/sql/item_cmpfunc.cc:4893
      		 
      #56 0x0000563f461358c2 in Item::fix_fields_if_needed (ref=0x145ba00827b0, thd=0x145ba0000db8, this=0x145ba00343b0) at /test/10.9_dbg/sql/item.h:1152
      		 
      #57 Item::fix_fields_if_needed_for_scalar (ref=0x145ba00827b0, thd=0x145ba0000db8, this=0x145ba00343b0) at /test/10.9_dbg/sql/item.h:1148
      		 
      #58 Item::fix_fields_if_needed_for_bool (ref=0x145ba00827b0, thd=0x145ba0000db8, this=0x145ba00343b0) at /test/10.9_dbg/sql/item.h:1152
      		 
      #59 setup_conds (thd=thd@entry=0x145ba0000db8, tables=tables@entry=0x145ba0014898, leaves=@0x145ba00144d0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0035558, last = 0x145ba0035558, elements = 1}, <No data fields>}, conds=conds@entry=0x145ba00827b0) at /test/10.9_dbg/sql/sql_base.cc:8447
      		 
      #60 0x0000563f4622a057 in setup_without_group (reserved=0x145ba0014674, hidden_group_fields=0x145ba0082677, win_funcs=@0x145ba0014708: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x563f47683bc0 <end_of_list>, last = 0x145ba0014708, elements = 0}, <No data fields>}, win_specs=@0x145ba00146f0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x563f47683bc0 <end_of_list>, last = 0x145ba00146f0, elements = 0}, <No data fields>}, group=0x0, order=0x145ba0034fd8, conds=0x145ba00827b0, all_fields=@0x145ba00826c8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0014850, last = 0x145ba0014850, elements = 1}, <No data fields>}, fields=@0x145ba0014558: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0014850, last = 0x145ba0014850, elements = 1}, <No data fields>}, leaves=@0x145ba00144d0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0035558, last = 0x145ba0035558, elements = 1}, <No data fields>}, tables=0x145ba0014898, ref_pointer_array=<optimized out>, thd=0x145ba0000db8) at /test/10.9_dbg/sql/sql_select.cc:858
      		 
      #61 JOIN::prepare (this=this@entry=0x145ba0082360, tables_init=tables_init@entry=0x145ba0014898, conds_init=conds_init@entry=0x145ba00343b0, og_num=og_num@entry=2, order_init=order_init@entry=0x145ba0034fd8, skip_order_by=skip_order_by@entry=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x145ba00142b8, unit_arg=0x145ba0004fd8) at /test/10.9_dbg/sql/sql_select.cc:1430
      		 
      #62 0x0000563f4624108a in mysql_select (thd=thd@entry=0x145ba0000db8, tables=0x145ba0014898, fields=@0x145ba0014558: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x145ba0014850, last = 0x145ba0014850, elements = 1}, <No data fields>}, conds=0x145ba00343b0, og_num=2, order=0x145ba0034fd8, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x145ba0035530, unit=0x145ba0004fd8, select_lex=0x145ba00142b8) at /test/10.9_dbg/sql/sql_select.cc:5011
      		 
      #63 0x0000563f462412a8 in handle_select (thd=thd@entry=0x145ba0000db8, lex=lex@entry=0x145ba0004f00, result=result@entry=0x145ba0035530, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.9_dbg/sql/sql_select.cc:570
      		 
      #64 0x0000563f461ad6c8 in execute_sqlcom_select (thd=thd@entry=0x145ba0000db8, all_tables=0x145ba0014898) at /test/10.9_dbg/sql/sql_parse.cc:6271
      		 
      #65 0x0000563f461b9935 in mysql_execute_command (thd=thd@entry=0x145ba0000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.9_dbg/sql/sql_parse.cc:3961
      		 
      #66 0x0000563f461a767b in mysql_parse (thd=thd@entry=0x145ba0000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x145bdc04f470) at /test/10.9_dbg/sql/sql_parse.cc:8046
      		 
      #67 0x0000563f461b4f79 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x145ba0000db8, packet=packet@entry=0x145ba000b699 "( ( SELECT v960 FROM v959 WHERE v960 = 85 AND ( ( v960 , v960 ) NOT IN ( SELECT ( 'x' = ( v960 IN ( SELECT v960 FROM v959 WHERE v960 = CASE WHEN v960 * ( SELECT 36 FROM v959 AS v961 WHERE v960 BETWEEN"..., packet_length=packet_length@entry=820, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_class.h:1364
      		 
      #68 0x0000563f461b7686 in do_command (thd=0x145ba0000db8, blocking=blocking@entry=true) at /test/10.9_dbg/sql/sql_parse.cc:1408
      		 
      #69 0x0000563f46314d02 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x563f4878f678, put_in_cache=put_in_cache@entry=true) at /test/10.9_dbg/sql/sql_connect.cc:1418
      		 
      #70 0x0000563f4631520b in handle_one_connection (arg=0x563f4878f678) at /test/10.9_dbg/sql/sql_connect.cc:1312
      		 
      #71 0x0000145bf3cfb609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #72 0x0000145bf38e7133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Bug confirmed present in:
      MariaDB: 10.2.44 (dbg), 10.2.44 (opt), 10.3.35 (dbg), 10.3.35 (opt), 10.4.25 (dbg), 10.4.25 (opt), 10.5.16 (dbg), 10.5.16 (opt), 10.6.8 (dbg), 10.6.8 (opt), 10.7.4 (dbg), 10.7.4 (opt), 10.8.3 (dbg), 10.8.3 (opt), 10.9.0 (dbg), 10.9.0 (opt)

      Bug (or feature/syntax) confirmed not present in:
      MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.37 (dbg), 5.7.37 (opt), 8.0.28 (dbg), 8.0.28 (opt)

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-28510 SIGSEGV in get_sort_by_table and SIGSEGV in subquery_types_allow_materialization

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-28623 Server crash in sql/item.cc:5721: Item** resolve_ref_in_select_and_group(THD*, Item_ident*, SELECT_LEX*)

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-32292 Server crashes at find_field_in_table

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-32417 Segmentation fault at /mariadb-11.3.0/sql/sql_base.cc:6353

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-18163 Assertion `table_share->tmp_table != NO_TMP_TABLE || m_lock_type != 2' failed in handler::ha_rnd_next(); / Assertion `table_list->table' failed in find_field_in_table_ref / ERROR 1901 (on optimized builds)

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19569 Assertion `table_list->table' failed in find_field_in_table_ref and Assertion `table_ref->table || table_ref->view' in Field_iterator_table_ref::set_field_iterator

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-28502 SIGSEGV in Item_subselect::is_expensive (+ other SIGSEGV's in MS 8.0) and 2x UBSAN: runtime error: member call on null pointer of type 'struct st_select_lex' in Item_subselect::is_expensive and in st_select_lex::next_select

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-28515 Assertion `field->table == table' failed in Create_tmp_table::finalize and create_tmp_table and SIGSEGV in hp_rec_hashnr

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29052 SIGSEGV's in hp_rec_hashnr and my_hash_sort_simple (from hp_rec_hashnr and my_ci_hash_sort) on SELECT when using window functions

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29300 Assertion `*ref && (*ref)->fixed()' failed in Item_field::fix_outer_field on SELECT

          • Major - Major loss of function.
          • Confirmed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29351 SIGSEGV when doing forward reference of item in select list

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29353 SIGSEGV's in _ma_unique_hash, _ma_make_key and _ma_calc_blob_length on SELECT (on optimized builds)

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29731 Crash when HAVING in a correlated subquery references columns in the outer query

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-32343 Pushdown from HAVING into WHERE does not remove conditions from HAVING

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-22713 Assertion `(*select_ref)->is_fixed()' failed in resolve_ref_in_select_and_group

          • Major - Major loss of function.
          • Confirmed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-28505 Server crash in sql/sql_select.cc:19830 in sub_select(JOIN*, st_join_table*, bool)

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-29294 OR from subquery: (SELECT x OR y) OR z: Assertion `functype() == ((Item_cond *) new_item)->functype()' failed

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-36428 MariaDB assertion failure: (*select_ref)->fixed()

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            View 29 older comments
            oleg.smirnov Oleg Smirnov added a comment -

            I suspect a problem with merging of derived tables, see the test case below. Same statement is executed successfully with "derived_merge=off" , while producing a weird error message

            "failed: 1054: Unknown column 'v1_const1' in 'on clause'"

            when executed with "derived_merge=on".

            set optimizer_switch="derived_merge=off";
            		 
             
            		 
            SELECT v1_1 AS v2_1 FROM (
            		 
                          SELECT v1_const1 AS v1_1 FROM (
            		 
                                        SELECT 1 AS v1_const1
            		 
                                        ) AS v1
            		 
                           ) AS v2 
               WHERE v2.v1_1 IN (SELECT v2.v1_1)
            		 
               GROUP BY v2.v1_1
            		 
               HAVING v2.v1_1 < 2;
            		 
             
            		 
            set optimizer_switch="derived_merge=on";
            		 
             
            		 
            SELECT v1_1 AS v2_1 FROM (
            		 
                          SELECT v1_const1 AS v1_1 FROM (
            		 
                                        SELECT 1 AS v1_const1
            		 
                                        ) AS v1
            		 
                           ) AS v2 
               WHERE v2.v1_1 IN (SELECT v2.v1_1)
            		 
               GROUP BY v2.v1_1
            		 
               HAVING v2.v1_1 < 2;

            oleg.smirnov Oleg Smirnov added a comment - I suspect a problem with merging of derived tables, see the test case below. Same statement is executed successfully with "derived_merge=off" , while producing a weird error message "failed: 1054: Unknown column 'v1_const1' in 'on clause'" when executed with "derived_merge=on". set optimizer_switch="derived_merge=off";   SELECT v1_1 AS v2_1 FROM ( SELECT v1_const1 AS v1_1 FROM ( SELECT 1 AS v1_const1 ) AS v1 ) AS v2 WHERE v2.v1_1 IN (SELECT v2.v1_1) GROUP BY v2.v1_1 HAVING v2.v1_1 < 2;   set optimizer_switch="derived_merge=on";   SELECT v1_1 AS v2_1 FROM ( SELECT v1_const1 AS v1_1 FROM ( SELECT 1 AS v1_const1 ) AS v1 ) AS v2 WHERE v2.v1_1 IN (SELECT v2.v1_1) GROUP BY v2.v1_1 HAVING v2.v1_1 < 2;
            oleg.smirnov Oleg Smirnov added a comment -

            igor, can you please take this task on? Testers complain on stumbling upon this time after time, so it is not just a fuzzer bug. Related to merging of derived tables, name resolution, condition pushdown from having into where.

            Simplified test case with a table:

            set optimizer_switch="derived_merge=on,condition_pushdown_from_having=on";
            		 
             
            		 
            create table t1 (a int);
            		 
            insert into t1 values (1);
            		 
             
            		 
            SELECT v1_1 AS v2_1 FROM (
            		 
                         SELECT const1 AS v1_1 FROM (
            		 
                                        select max(a) AS const1 from t1
            		 
                                        ) AS v1
            		 
                           ) AS v2 
               WHERE v2.v1_1 IN (SELECT v2.v1_1)
            		 
               GROUP BY v2.v1_1
            		 
               HAVING v2.v1_1 < 2;

            Test case with no tables:

            set optimizer_switch="derived_merge=on,condition_pushdown_from_having=on";
            		 
             
            		 
            create table t1 (a int);
            		 
            insert into t1 values (1);
            		 
             
            		 
            SELECT v1_1 AS v2_1 FROM (
            		 
                         SELECT const1 AS v1_1 FROM (
            		 
                                        select 1 AS const1
            		 
                                        ) AS v1
            		 
                           ) AS v2 
               WHERE v2.v1_1 IN (SELECT v2.v1_1)
            		 
               GROUP BY v2.v1_1
            		 
               HAVING v2.v1_1 < 2;

            oleg.smirnov Oleg Smirnov added a comment - igor , can you please take this task on? Testers complain on stumbling upon this time after time, so it is not just a fuzzer bug. Related to merging of derived tables, name resolution, condition pushdown from having into where. Simplified test case with a table: set optimizer_switch="derived_merge=on,condition_pushdown_from_having=on";   create table t1 (a int); insert into t1 values (1);   SELECT v1_1 AS v2_1 FROM ( SELECT const1 AS v1_1 FROM ( select max(a) AS const1 from t1 ) AS v1 ) AS v2 WHERE v2.v1_1 IN (SELECT v2.v1_1) GROUP BY v2.v1_1 HAVING v2.v1_1 < 2; Test case with no tables: set optimizer_switch="derived_merge=on,condition_pushdown_from_having=on";   create table t1 (a int); insert into t1 values (1);   SELECT v1_1 AS v2_1 FROM ( SELECT const1 AS v1_1 FROM ( select 1 AS const1 ) AS v1 ) AS v2 WHERE v2.v1_1 IN (SELECT v2.v1_1) GROUP BY v2.v1_1 HAVING v2.v1_1 < 2;
            oleg.smirnov Oleg Smirnov added a comment - - edited

            The problem appears during fix_fields() happening in this block of code:

            /*
            		 
                5. Unwrap fields wrapped in Item_ref wrappers contained in the condition
            		 
                   of attach_to_conds so the condition could be pushed into WHERE.
            		 
              */
            		 
              it.rewind();
            		 
              while ((item=it++))
            		 
              {
            		 
                item= item->transform(thd,
            		 
                                      &Item::field_transformer_for_having_pushdown,
            		 
                                      (uchar *)this);
            		 
             
            		 
                if (item->walk(&Item::cleanup_excluding_immutables_processor, 0, STOP_PTR)
            		 
                    || item->fix_fields(thd, NULL))
            		 
                {
            		 
                  attach_to_conds.empty();
            		 
                  goto exit;
            		 
                }
            		 
              }

            item is an instance of Item_func_lt which is supposed to be pushed to WHERE. The first argument of the function is Item_direct_view_ref, but it's first_name_resolution_table is set to "v2" (although "v2" is already merged by the time of the call). There is no "v2" in the statement if we look at dbug_print(select_lex). In my opinion, that prevents successful name resolution. I believe first_name_resolution_table should be set to "v1" to work properly.

            oleg.smirnov Oleg Smirnov added a comment - - edited The problem appears during fix_fields() happening in this block of code: /* 5. Unwrap fields wrapped in Item_ref wrappers contained in the condition of attach_to_conds so the condition could be pushed into WHERE. */ it.rewind(); while ((item=it++)) { item= item->transform(thd, &Item::field_transformer_for_having_pushdown, (uchar *)this);   if (item->walk(&Item::cleanup_excluding_immutables_processor, 0, STOP_PTR) || item->fix_fields(thd, NULL)) { attach_to_conds.empty(); goto exit; } } item is an instance of Item_func_lt which is supposed to be pushed to WHERE. The first argument of the function is Item_direct_view_ref, but it's first_name_resolution_table is set to "v2" (although "v2" is already merged by the time of the call). There is no "v2" in the statement if we look at dbug_print(select_lex). In my opinion, that prevents successful name resolution. I believe first_name_resolution_table should be set to "v1" to work properly.
            oleg.smirnov Oleg Smirnov added a comment -

            Another idea to consider: do we really need cleanup()/fix_fields() step here? If that step is disabled, having_cond_pushdown.test passes and so do the test cases above (however, they still fail when run with --ps-protocol).

            oleg.smirnov Oleg Smirnov added a comment - Another idea to consider: do we really need cleanup()/fix_fields() step here? If that step is disabled, having_cond_pushdown.test passes and so do the test cases above (however, they still fail when run with --ps-protocol).
            igor Igor Babaev (Inactive) added a comment -

            Let's create and populate table t1 with the following commands:

            create table t1 (id int primary key, a int);
            		 
            insert into t1 values
            		 
            (3,17), (7,11), (4,14), (1,17), (5,14), (2,17), (8,11), (6,17), (9,14);

            and consider 2 similar queries

            select c from
            		 
              (
            		 
                select c from
            		 
                (
            		 
                  select a, count(*) as c from t1 group by a
            		 
                ) as v1
            		 
              ) as v2
            		 
            where v2.c = v2.c
            		 
            group by v2.c
            		 
            having v2.c < 4;
            		 
             
            		 
            select c from
            		 
              (
            		 
                select c from
            		 
                (
            		 
                  select a, count(*) as c from t group by a
            		 
                ) as v1
            		 
              ) as v2
            		 
            where v2.c in (select v2.c)
            		 
            group by v2.c
            		 
            having v2.c < 4;

            They are expected to return the same result set. However the first query returns

            MariaDB [test]> select c from
            		 
                ->   (
            		 
                ->     select c from
            		 
                ->     (
            		 
                ->       select a, count(*) as c from t1 group by a
            		 
                ->     ) as v1
            		 
                ->   ) as v2
            		 
                -> where v2.c = v2.c
            		 
                -> group by v2.c
            		 
                -> having v2.c < 4;
            		 
            +---+
            		 
            | c |
            		 
            +---+
            		 
            | 2 |
            		 
            | 3 |
            		 
            +---+

            while the second crashes the server entering an infinite recursion.

            We start experiencing problems with the execution of the second query in the function st_select_lex::pushdown_from_having_into_where() when when trying to execute item->fix_fields(thd, NULL) from this piece of code:

              /*
            		 
                5. Unwrap fields wrapped in Item_ref wrappers contained in the condition
            		 
                   of attach_to_conds so the condition could be pushed into WHERE.
            		 
              */
            		 
              it.rewind();
            		 
              while ((item=it++))
            		 
              {
            		 
                item= item->transform(thd,
            		 
                                      &Item::field_transformer_for_having_pushdown,
            		 
                                      (uchar *)this);
            		 
             
            		 
                if (item->walk(&Item::cleanup_excluding_immutables_processor, 0, STOP_PTR)
            		 
                    || item->fix_fields(thd, NULL))
            		 
                {
            		 
                  attach_to_conds.empty();
            		 
                  goto exit;
            		 
                }
            		 
              }

            This brings us to the infinite sequence of calls of the following functions:

            Item_field::fix_fields
            		 
            find_field_in_tables
            		 
            find_field_in_table_ref
            		 
            find_field_in_view
            		 
            Field_iterator_view::create_item
            		 
            create_view_field
            		 
            Item_field::fix_fields
            		 
            ...

            The item for which we call fix_fields() in the above code is the having condition that we are trying to push into the WHERE clause. When printing it we see:

            (gdb) p dbug_print_item(item)
            		 
            $4 = 0x555557b7d080 <dbug_item_print_buf> "c < 4"

            For the first query the condition pushed into WHERE at the same point looks as if it's the same

            (gdb) p dbug_print_item(item)
            		 
            $5 = 0x555557b7d080 <dbug_item_print_buf> "c < 4"

            If we compare the detailed structure of the first argument of the the pushed condition we see the difference. For both queries the first arguments of the pushed condition have the same structure: Item_ref(Item_direct_view_ref(Item_field(c))). Yet for the first query we see at the very of beginning of Item_field::fix_fields() called for Item_field(c): 

            (gdb) p dbug_print_select(context->select_lex)
            		 
            $7 = 0x555557b7d080 <dbug_item_print_buf> "select c AS c from (select t1.a AS a,count(0) AS c from t1 group by t1.a) v1"

            while for the second query we see:

            $8 = 0x555557b7d080 <dbug_item_print_buf> "select c AS c from (select t1.a AS a,count(0) AS c from t1 group by t1.a) v1 group by c having c < 4"

            igor Igor Babaev (Inactive) added a comment - Let's create and populate table t1 with the following commands: create table t1 (id int primary key , a int ); insert into t1 values (3,17), (7,11), (4,14), (1,17), (5,14), (2,17), (8,11), (6,17), (9,14); and consider 2 similar queries select c from ( select c from ( select a, count (*) as c from t1 group by a ) as v1 ) as v2 where v2.c = v2.c group by v2.c having v2.c < 4;   select c from ( select c from ( select a, count (*) as c from t group by a ) as v1 ) as v2 where v2.c in ( select v2.c) group by v2.c having v2.c < 4; They are expected to return the same result set. However the first query returns MariaDB [test]> select c from -> ( -> select c from -> ( -> select a, count(*) as c from t1 group by a -> ) as v1 -> ) as v2 -> where v2.c = v2.c -> group by v2.c -> having v2.c < 4; +---+ | c | +---+ | 2 | | 3 | +---+ while the second crashes the server entering an infinite recursion. We start experiencing problems with the execution of the second query in the function st_select_lex::pushdown_from_having_into_where() when when trying to execute item->fix_fields(thd, NULL) from this piece of code: /* 5. Unwrap fields wrapped in Item_ref wrappers contained in the condition of attach_to_conds so the condition could be pushed into WHERE. */ it.rewind(); while ((item=it++)) { item= item->transform(thd, &Item::field_transformer_for_having_pushdown, (uchar *)this);   if (item->walk(&Item::cleanup_excluding_immutables_processor, 0, STOP_PTR) || item->fix_fields(thd, NULL)) { attach_to_conds.empty(); goto exit; } } This brings us to the infinite sequence of calls of the following functions: Item_field::fix_fields find_field_in_tables find_field_in_table_ref find_field_in_view Field_iterator_view::create_item create_view_field Item_field::fix_fields ... The item for which we call fix_fields() in the above code is the having condition that we are trying to push into the WHERE clause. When printing it we see: (gdb) p dbug_print_item(item) $4 = 0x555557b7d080 <dbug_item_print_buf> "c < 4" For the first query the condition pushed into WHERE at the same point looks as if it's the same (gdb) p dbug_print_item(item) $5 = 0x555557b7d080 <dbug_item_print_buf> "c < 4" If we compare the detailed structure of the first argument of the the pushed condition we see the difference. For both queries the first arguments of the pushed condition have the same structure: Item_ref(Item_direct_view_ref(Item_field(c))). Yet for the first query we see at the very of beginning of Item_field::fix_fields() called for Item_field(c): (gdb) p dbug_print_select(context->select_lex) $7 = 0x555557b7d080 <dbug_item_print_buf> "select c AS c from (select t1.a AS a,count(0) AS c from t1 group by t1.a) v1" while for the second query we see: $8 = 0x555557b7d080 <dbug_item_print_buf> "select c AS c from (select t1.a AS a,count(0) AS c from t1 group by t1.a) v1 group by c having c < 4"

            People

              oleg.smirnov Oleg Smirnov
              nobody Shihao Wen
              Votes:
              0 Vote for this issue
              Watchers:
              10 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.