Details
-
Bug
-
Status: Stalled (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.3.35, 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL)
-
ubuntu 18.04
Description
poc:
CREATE TABLE v1223 ( v1224 INTEGER , v1225 INT , v1226 CHAR ( 1 ) NOT NULL CHECK ( ( NOT ( ( NOT ( v1226 NOT IN ( v1226 ) AND v1226 NOT IN ( 83 ) ) ) + v1226 AND v1226 = 5 ) > 42 OR v1226 > 'x' ) ) , v1227 INT , UNIQUE INDEX v1228 ( v1226 , v1224 ) ) ; |
CREATE TABLE v1229 ( v1230 INTEGER , v1231 INT , v1232 INT , v1233 INT , UNIQUE INDEX v1234 ( v1232 , v1233 ) ) ; |
CREATE UNIQUE INDEX v1235 USING BTREE ON v1229 ( v1232 ASC ) ; |
INSERT INTO v1229 ( v1230 ) VALUES ( 82 ) , ( 13 ) ; |
UPDATE v1229 SET v1232 = NULL WHERE v1230 BETWEEN -1 AND 10 ; |
SELECT v1233 FROM v1229 WHERE EXISTS ( SELECT v1230 FROM ( SELECT v1227 FROM ( SELECT DISTINCT v1227 , 84052104.000000 FROM v1223 UNION SELECT v1227 , v1225 FROM v1223 ) AS v1236 ) AS v1237 NATURAL JOIN v1229 AS v1238 NATURAL JOIN ( SELECT DISTINCT v1233 , ( v1232 = 17 OR v1231 > 'x' ) FROM v1229 ) AS v1239 NATURAL JOIN v1223 AS v1240 NATURAL JOIN v1229 WHERE v1231 IN ( 'x' = v1227 ) GROUP BY ( v1226 = -1 OR v1231 = TRUE OR 87 - v1225 > ( NOT ( v1226 = TRUE OR ( EXISTS ( SELECT DISTINCT v1231 FROM v1229 UNION SELECT v1232 FROM v1229 GROUP BY 'x' , 'x' , 'x' , 41446527.000000 HAVING ( v1232 IN ( CASE v1233 WHEN v1232 THEN 'x' WHEN 65 THEN ( ( ( NOT ( v1232 IS NULL ) ) ) + v1232 ) ELSE TRUE END != ( ( ( v1231 OR NOT v1233 ) BETWEEN 69 AND 10 ) ) ) ) ORDER BY v1231 ) AND v1233 = 53 ) ) ) ) , v1231 ) ; |
output:
SUMMARY: AddressSanitizer: SEGV /server_10.3/sql/item_subselect.cc:6898 in Item_subselect::init_expr_cache_tracker(THD*)
The full error log is in the attachment.
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-
- relates to
-
-
- Confirmed
-
Activity
7a98d232e42b66efc759d584b is in 10.3.38, 10.4.28, 10.5.19, 10.6.12, 10.7.8, 10.8.7, 10.9.5, 10.10.3, 10.11.2, and all 11.x
bb-10.2-release 0ba528fe56f6c637d9fbc9d177a
220519 14:37:32 [ERROR] mysqld got signal 11 ;Server version: 10.2.44-MariaDB-debug-logsql/signal_handler.cc:221(handle_fatal_signal)[0x56101ed7d6f0]sql/item_subselect.cc:6908(Item_subselect::init_expr_cache_tracker(THD*))[0x561a99f296b2]sql/item_subselect.cc:1686(Item_exists_subselect::expr_cache_insert_transformer(THD*, unsigned char*))[0x561a99effd68]sql/item.cc:733(Item::transform(THD*, Item* (Item::*)(THD*, unsigned char*), unsigned char*))[0x561a99d44c5b]sql/sql_select.cc:3187(JOIN::setup_subquery_caches())[0x561a997590c7]sql/sql_select.cc:2095(JOIN::optimize_inner())[0x561a9974d6cc]sql/sql_select.cc:1127(JOIN::optimize())[0x561a99743504]sql/sql_lex.cc:3867(st_select_lex::optimize_unflattened_subqueries(bool))[0x561a99673efe]sql/opt_subselect.cc:5360(JOIN::optimize_constant_subqueries())[0x561a99b20fe2]sql/sql_select.cc:1349(JOIN::optimize_inner())[0x561a997456c5]sql/sql_select.cc:1127(JOIN::optimize())[0x561a99743504]sql/sql_select.cc:3835(mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x561a9975e988]sql/sql_select.cc:361(handle_select(THD*, LEX*, select_result*, unsigned long))[0x561a9973b5e6]sql/sql_parse.cc:6271(execute_sqlcom_select(THD*, TABLE_LIST*))[0x561a996ae5ae]sql/sql_parse.cc:3582(mysql_execute_command(THD*))[0x561a99699d35]sql/sql_parse.cc:7793(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x561a996b78cc]sql/sql_parse.cc:1830(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x561a9968e919]sql/sql_parse.cc:1381(do_command(THD*))[0x561a9968b34a]sql/sql_connect.cc:1336(do_handle_one_connection(CONNECT*))[0x561a99a38222]sql/sql_connect.cc:1242(handle_one_connection)[0x561a99a37ae3]perfschema/pfs.cc:1871(pfs_spawn_thread)[0x561a9aed3796]nptl/pthread_create.c:487(start_thread)[0x7fe4213dffa3]x86_64/clone.S:97(clone)[0x7fe420786eff]Query (0x62b000000290): SELECT 1 FROM t1WHERE EXISTS ( SELECT 1 FROM t1 GROUP BY (EXISTS (SELECT 1 FROM t1 HAVING a )))