Details
-
Bug
-
Status: Closed (View Workflow)
-
Critical
-
Resolution: Cannot Reproduce
-
10.5, 10.6, 10.11, 10.4(EOL), 10.7(EOL), 10.8(EOL), 10.9(EOL), 10.10(EOL)
Description
CREATE TABLE t(c INT) ENGINE=InnoDB; |
INSERT INTO t(c) VALUES (0); |
SELECT * FROM t WHERE(c,c)<(0,(SELECT 1 FROM t WINDOW y AS(PARTITION BY c AND 1 BETWEEN (SELECT 1 FROM t AS v WINDOW z AS(PARTITION BY c AND + 1 BETWEEN(SELECT c GROUP BY c>c + 1 WINDOW d AS(PARTITION BY c)) AND 0)) AND 0))); |
Leads to:
10.10.0 081a284712bb661349e2e3802077b12211cede3e (Optimized) |
Core was generated by `/test/MD310522-mariadb-10.10.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x0000558f9422dcc0 in AGGR_OP::put_record (this=0x0, end_of_records=false)
|
at /test/10.10_opt/sql/sql_select.cc:29576
|
[Current thread is 1 (Thread 0x14df582a9700 (LWP 755745))]
|
(gdb) bt
|
#0 0x0000558f9422dcc0 in AGGR_OP::put_record (this=0x0, end_of_records=false) at /test/10.10_opt/sql/sql_select.cc:29576
|
#1 0x0000558f941f8173 in evaluate_join_record (join=join@entry=0x14df2c048a28, join_tab=join_tab@entry=0x14df2c053540, error=<optimized out>) at /test/10.10_opt/sql/sql_select.cc:21421
|
#2 0x0000558f9420aebb in sub_select (end_of_records=false, join_tab=0x14df2c053540, join=0x14df2c048a28) at /test/10.10_opt/sql/sql_select.cc:21191
|
#3 sub_select (join=0x14df2c048a28, join_tab=0x14df2c053540, end_of_records=false) at /test/10.10_opt/sql/sql_select.cc:21120
|
#4 0x0000558f94237681 in do_select (procedure=<optimized out>, join=0x14df2c048a28) at /test/10.10_opt/sql/sql_select.cc:20736
|
#5 JOIN::exec_inner (this=0x14df2c048a28) at /test/10.10_opt/sql/sql_select.cc:4786
|
#6 0x0000558f94237a48 in JOIN::exec (this=0x14df2c048a28) at /test/10.10_opt/sql/sql_select.cc:4564
|
#7 0x0000558f944d8d46 in subselect_single_select_engine::exec (this=0x14df2c0474a0) at /test/10.10_opt/sql/item_subselect.cc:4144
|
#8 0x0000558f944d839c in Item_subselect::exec (this=0x14df2c047318) at /test/10.10_opt/sql/item_subselect.cc:854
|
#9 0x0000558f944d9887 in Item_singlerow_subselect::bring_value (this=0x14df2c047318) at /test/10.10_opt/sql/item_subselect.cc:1462
|
#10 0x0000558f944a0f66 in Item_row::bring_value (this=0x14df2c047518) at /test/10.10_opt/sql/item_row.cc:179
|
#11 0x0000558f94415fa0 in Item_cache_row::bring_value (this=0x14df2c059550) at /test/10.10_opt/sql/item.cc:10651
|
#12 0x0000558f94436e27 in Arg_comparator::compare_row (this=0x14df2c047670) at /test/10.10_opt/sql/item_cmpfunc.cc:1050
|
#13 0x0000558f94437254 in Arg_comparator::compare (this=0x14df2c047670) at /test/10.10_opt/sql/item_cmpfunc.h:103
|
#14 Item_func_lt::val_int (this=0x14df2c0475c0) at /test/10.10_opt/sql/item_cmpfunc.cc:1817
|
#15 0x0000558f941f7fa1 in evaluate_join_record (join=join@entry=0x14df2c0480f0, join_tab=join_tab@entry=0x14df2c058ca0, error=<optimized out>) at /test/10.10_opt/sql/sql_select.cc:21289
|
#16 0x0000558f9420aebb in sub_select (end_of_records=false, join_tab=0x14df2c058ca0, join=0x14df2c0480f0) at /test/10.10_opt/sql/sql_select.cc:21191
|
#17 sub_select (join=0x14df2c0480f0, join_tab=0x14df2c058ca0, end_of_records=false) at /test/10.10_opt/sql/sql_select.cc:21120
|
#18 0x0000558f94237681 in do_select (procedure=<optimized out>, join=0x14df2c0480f0) at /test/10.10_opt/sql/sql_select.cc:20736
|
#19 JOIN::exec_inner (this=0x14df2c0480f0) at /test/10.10_opt/sql/sql_select.cc:4786
|
#20 0x0000558f94237a48 in JOIN::exec (this=this@entry=0x14df2c0480f0) at /test/10.10_opt/sql/sql_select.cc:4564
|
#21 0x0000558f94235c51 in mysql_select (thd=0x14df2c000c58, tables=0x14df2c010f08, fields=@0x14df2c010bd0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14df2c010ec0, last = 0x14df2c010ec0, elements = 1}, <No data fields>}, conds=0x14df2c0475c0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x14df2c0480c8, unit=0x14df2c004cb8, select_lex=0x14df2c010930) at /test/10.10_opt/sql/sql_select.cc:5044
|
#22 0x0000558f94236397 in handle_select (thd=thd@entry=0x14df2c000c58, lex=lex@entry=0x14df2c004be0, result=result@entry=0x14df2c0480c8, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.10_opt/sql/sql_select.cc:578
|
#23 0x0000558f941b99b1 in execute_sqlcom_select (thd=0x14df2c000c58, all_tables=0x14df2c010f08) at /test/10.10_opt/sql/sql_parse.cc:6260
|
#24 0x0000558f941c752d in mysql_execute_command (thd=0x14df2c000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.10_opt/sql/sql_parse.cc:3944
|
#25 0x0000558f941b4bb5 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x14df2c000c58) at /test/10.10_opt/sql/sql_parse.cc:8036
|
#26 mysql_parse (thd=0x14df2c000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.10_opt/sql/sql_parse.cc:7958
|
#27 0x0000558f941c06ca in dispatch_command (command=COM_QUERY, thd=0x14df2c000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.10_opt/sql/sql_class.h:1364
|
#28 0x0000558f941c25f2 in do_command (thd=0x14df2c000c58, blocking=blocking@entry=true) at /test/10.10_opt/sql/sql_parse.cc:1407
|
#29 0x0000558f942d88af in do_handle_one_connection (connect=<optimized out>, connect@entry=0x558f96be1ef8, put_in_cache=put_in_cache@entry=true) at /test/10.10_opt/sql/sql_connect.cc:1418
|
#30 0x0000558f942d8b8d in handle_one_connection (arg=0x558f96be1ef8) at /test/10.10_opt/sql/sql_connect.cc:1312
|
#31 0x000014df84d3e609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#32 0x000014df8492a133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
10.10.0 081a284712bb661349e2e3802077b12211cede3e (Debug) |
mysqld: /test/10.10_dbg/sql/sql_select.cc:20888: enum_nested_loop_state sub_select_postjoin_aggr(JOIN*, JOIN_TAB*, bool): Assertion `aggr != __null' failed.
|
10.10.0 081a284712bb661349e2e3802077b12211cede3e (Debug) |
Core was generated by `/test/MD310522-mariadb-10.10.0-linux-x86_64-dbg/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGABRT, Aborted.
|
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
[Current thread is 1 (Thread 0x152d0a60d700 (LWP 755900))]
|
(gdb) bt
|
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
|
#1 0x0000152d26d88859 in __GI_abort () at abort.c:79
|
#2 0x0000152d26d88729 in __assert_fail_base (fmt=0x152d26f1e588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55852f7e92c2 "aggr != __null", file=0x55852f7e9768 "/test/10.10_dbg/sql/sql_select.cc", line=20888, function=<optimized out>) at assert.c:92
|
#3 0x0000152d26d99fd6 in __GI___assert_fail (assertion=assertion@entry=0x55852f7e92c2 "aggr != __null", file=file@entry=0x55852f7e9768 "/test/10.10_dbg/sql/sql_select.cc", line=line@entry=20888, function=function@entry=0x55852f7ec838 "enum_nested_loop_state sub_select_postjoin_aggr(JOIN*, JOIN_TAB*, bool)") at assert.c:101
|
#4 0x000055852ec71bb3 in sub_select_postjoin_aggr (join=0x152cd406f9b8, join_tab=0x152cd407d850, end_of_records=<optimized out>) at /test/10.10_dbg/sql/sql_select.cc:20888
|
#5 0x000055852ec3502e in evaluate_join_record (join=join@entry=0x152cd406f9b8, join_tab=join_tab@entry=0x152cd407d4a0, error=error@entry=0) at /test/10.10_dbg/sql/sql_select.cc:21421
|
#6 0x000055852ec4a999 in sub_select (join=0x152cd406f9b8, join_tab=0x152cd407d4a0, end_of_records=false) at /test/10.10_dbg/sql/sql_select.cc:21191
|
#7 0x000055852ec7e27b in do_select (procedure=<optimized out>, join=0x152cd406f9b8) at /test/10.10_dbg/sql/sql_select.cc:20736
|
#8 JOIN::exec_inner (this=this@entry=0x152cd406f9b8) at /test/10.10_dbg/sql/sql_select.cc:4786
|
#9 0x000055852ec7e814 in JOIN::exec (this=0x152cd406f9b8) at /test/10.10_dbg/sql/sql_select.cc:4564
|
#10 0x000055852efe4e22 in subselect_single_select_engine::exec (this=0x152cd406e430) at /test/10.10_dbg/sql/item_subselect.cc:4144
|
#11 0x000055852efe4470 in Item_subselect::exec (this=0x152cd406e2a8) at /test/10.10_dbg/sql/item_subselect.cc:854
|
#12 0x000055852efe235d in Item_singlerow_subselect::bring_value (this=0x152cd406e2a8) at /test/10.10_dbg/sql/item_subselect.cc:1462
|
#13 0x000055852efa892a in Item_row::bring_value (this=0x152cd406e4a8) at /test/10.10_dbg/sql/item_row.cc:179
|
#14 0x000055852eeefd3a in Item_cache_row::bring_value (this=0x152cd40832f0) at /test/10.10_dbg/sql/item.cc:10651
|
#15 0x000055852ef1eb4f in Arg_comparator::compare_row (this=0x152cd406e600) at /test/10.10_dbg/sql/item_cmpfunc.cc:1050
|
#16 0x000055852ef1efb6 in Arg_comparator::compare (this=0x152cd406e600) at /test/10.10_dbg/sql/item_cmpfunc.h:103
|
#17 Item_func_lt::val_int (this=0x152cd406e550) at /test/10.10_dbg/sql/item_cmpfunc.cc:1817
|
#18 0x000055852ec34d76 in evaluate_join_record (join=join@entry=0x152cd406f080, join_tab=join_tab@entry=0x152cd40829b0, error=error@entry=0) at /test/10.10_dbg/sql/sql_select.cc:21289
|
#19 0x000055852ec4a999 in sub_select (join=0x152cd406f080, join_tab=0x152cd40829b0, end_of_records=false) at /test/10.10_dbg/sql/sql_select.cc:21191
|
#20 0x000055852ec7e27b in do_select (procedure=<optimized out>, join=0x152cd406f080) at /test/10.10_dbg/sql/sql_select.cc:20736
|
#21 JOIN::exec_inner (this=this@entry=0x152cd406f080) at /test/10.10_dbg/sql/sql_select.cc:4786
|
#22 0x000055852ec7e814 in JOIN::exec (this=this@entry=0x152cd406f080) at /test/10.10_dbg/sql/sql_select.cc:4564
|
#23 0x000055852ec7c598 in mysql_select (thd=thd@entry=0x152cd4000db8, tables=0x152cd4014428, fields=@0x152cd40140f0: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x152cd40143e0, last = 0x152cd40143e0, elements = 1}, <No data fields>}, conds=0x152cd406e550, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x152cd406f058, unit=0x152cd4004fd8, select_lex=0x152cd4013e50) at /test/10.10_dbg/sql/sql_select.cc:5044
|
#24 0x000055852ec7cd8e in handle_select (thd=thd@entry=0x152cd4000db8, lex=lex@entry=0x152cd4004f00, result=result@entry=0x152cd406f058, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.10_dbg/sql/sql_select.cc:578
|
#25 0x000055852ebe8b5e in execute_sqlcom_select (thd=thd@entry=0x152cd4000db8, all_tables=0x152cd4014428) at /test/10.10_dbg/sql/sql_parse.cc:6260
|
#26 0x000055852ebf4e70 in mysql_execute_command (thd=thd@entry=0x152cd4000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.10_dbg/sql/sql_parse.cc:3944
|
#27 0x000055852ebe2e3a in mysql_parse (thd=thd@entry=0x152cd4000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x152d0a60c470) at /test/10.10_dbg/sql/sql_parse.cc:8036
|
#28 0x000055852ebf0422 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x152cd4000db8, packet=packet@entry=0x152cd400b6d9 "", packet_length=packet_length@entry=224, blocking=blocking@entry=true) at /test/10.10_dbg/sql/sql_class.h:1364
|
#29 0x000055852ebf2b2c in do_command (thd=0x152cd4000db8, blocking=blocking@entry=true) at /test/10.10_dbg/sql/sql_parse.cc:1407
|
#30 0x000055852ed523c0 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55853124fa28, put_in_cache=put_in_cache@entry=true) at /test/10.10_dbg/sql/sql_connect.cc:1418
|
#31 0x000055852ed528c9 in handle_one_connection (arg=0x55853124fa28) at /test/10.10_dbg/sql/sql_connect.cc:1312
|
#32 0x0000152d27299609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#33 0x0000152d26e85133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Bug confirmed present in:
MariaDB: 10.4.26 (dbg), 10.4.26 (opt), 10.5.17 (dbg), 10.5.17 (opt), 10.6.9 (dbg), 10.6.9 (opt), 10.7.5 (dbg), 10.7.5 (opt), 10.8.4 (dbg), 10.8.4 (opt), 10.9.2 (dbg), 10.9.2 (opt), 10.10.0 (dbg), 10.10.0 (opt)
Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.3.36 (dbg), 10.3.36 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.38 (dbg), 5.7.38 (opt), 8.0.29 (dbg), 8.0.29 (opt)
Attachments
Issue Links
- relates to
-
MDEV-23809 Server crash in JOIN_CACHE::free or in copy_fields, ASAN use-after-poison in JOIN::make_aggr_tables_info
- Closed
-
MDEV-25761 Assertion `aggr != __null' failed in sub_select_postjoin_aggr
- Closed