Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-30292

Server crashes in Static_binary_string::length / save_window_function_values

    XMLWordPrintable

Details

    Description

      CREATE TABLE t (a varchar(8));
      		 
      INSERT INTO t VALUES ('foo'),(NULL);
      		 
      SELECT PERCENTILE_DISC(2) WITHIN GROUP (ORDER BY a) OVER () FROM t;
      		 
       
      		 
      # Cleanup
      		 
      DROP TABLE t;

      10.5 b8f4b984

      		 
      #3  <signal handler called>
      		 
      #4  0x0000555a7de76fad in Static_binary_string::length (this=0x8) at /src/sql/sql_string.h:223
      		 
      #5  0x0000555a7e9c145f in Item::save_str_in_field (this=0x62b000038c48, field=0x61900009d4a8, no_conversions=true) at /src/sql/item.cc:6743
      		 
      #6  0x0000555a7e6f6506 in Type_handler_string_result::Item_save_in_field (this=0x555a82462760 <type_handler_varchar>, item=0x62b000038c48, field=0x61900009d4a8, no_conversions=true) at /src/sql/sql_type.cc:4330
      		 
      #7  0x0000555a7e9c1b51 in Item::save_in_field (this=0x62b000038c48, field=0x61900009d4a8, no_conversions=true) at /src/sql/item.cc:6781
      		 
      #8  0x0000555a7e74e2ba in save_window_function_values (window_functions=..., tbl=0x61f000016cb8, rowid_buf=0x60300003cd48 "0\310\b") at /src/sql/sql_window.cc:2769
      		 
      #9  0x0000555a7e74ed77 in compute_window_func (thd=0x62b000069218, window_functions=..., cursor_managers=..., tbl=0x61f000016cb8, filesort_result=0x615000011380) at /src/sql/sql_window.cc:2921
      		 
      #10 0x0000555a7e74f3ea in Window_func_runner::exec (this=0x62b00003c490, thd=0x62b000069218, tbl=0x61f000016cb8, filesort_result=0x615000011380) at /src/sql/sql_window.cc:3032
      		 
      #11 0x0000555a7e74f61e in Window_funcs_sort::exec (this=0x62b00003c488, join=0x62b000039f10, keep_filesort_result=true) at /src/sql/sql_window.cc:3060
      		 
      #12 0x0000555a7e7503d7 in Window_funcs_computation::exec (this=0x62b00003c460, join=0x62b000039f10, keep_last_filesort_result=true) at /src/sql/sql_window.cc:3187
      		 
      #13 0x0000555a7e2d4890 in AGGR_OP::end_send (this=0x62b00003c2d0) at /src/sql/sql_select.cc:29382
      		 
      #14 0x0000555a7e294e7c in sub_select_postjoin_aggr (join=0x62b000039f10, join_tab=0x62b00003b5f8, end_of_records=true) at /src/sql/sql_select.cc:20755
      		 
      #15 0x0000555a7e2957d0 in sub_select (join=0x62b000039f10, join_tab=0x62b00003b250, end_of_records=true) at /src/sql/sql_select.cc:20990
      		 
      #16 0x0000555a7e2940ae in do_select (join=0x62b000039f10, procedure=0x0) at /src/sql/sql_select.cc:20579
      		 
      #17 0x0000555a7e2207ec in JOIN::exec_inner (this=0x62b000039f10) at /src/sql/sql_select.cc:4569
      		 
      #18 0x0000555a7e21de0d in JOIN::exec (this=0x62b000039f10) at /src/sql/sql_select.cc:4349
      		 
      #19 0x0000555a7e222100 in mysql_select (thd=0x62b000069218, tables=0x62b000038e50, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x62b000039ee0, unit=0x62b00006d3c8, select_lex=0x62b000038330) at /src/sql/sql_select.cc:4826
      		 
      #20 0x0000555a7e1f374d in handle_select (thd=0x62b000069218, lex=0x62b00006d300, result=0x62b000039ee0, setup_tables_done_option=0) at /src/sql/sql_select.cc:445
      		 
      #21 0x0000555a7e15f342 in execute_sqlcom_select (thd=0x62b000069218, all_tables=0x62b000038e50) at /src/sql/sql_parse.cc:6317
      		 
      #22 0x0000555a7e14e33c in mysql_execute_command (thd=0x62b000069218) at /src/sql/sql_parse.cc:4008
      		 
      #23 0x0000555a7e16a112 in mysql_parse (thd=0x62b000069218, rawbuf=0x62b000038238 "SELECT PERCENTILE_DISC(2) WITHIN GROUP (ORDER BY a) OVER () FROM t", length=66, parser_state=0x7f98e8486bb0, is_com_multi=false, is_next_command=false) at /src/sql/sql_parse.cc:8089
      		 
      #24 0x0000555a7e140742 in dispatch_command (command=COM_QUERY, thd=0x62b000069218, packet=0x62900024e219 "", packet_length=66, is_com_multi=false, is_next_command=false) at /src/sql/sql_parse.cc:1891
      		 
      #25 0x0000555a7e13d15f in do_command (thd=0x62b000069218) at /src/sql/sql_parse.cc:1375
      		 
      #26 0x0000555a7e57a1a2 in do_handle_one_connection (connect=0x608000002538, put_in_cache=true) at /src/sql/sql_connect.cc:1416
      		 
      #27 0x0000555a7e579b3f in handle_one_connection (arg=0x6080000024b8) at /src/sql/sql_connect.cc:1318
      		 
      #28 0x0000555a7f19e72a in pfs_spawn_thread (arg=0x615000005d18) at /src/storage/perfschema/pfs.cc:2201
      		 
      #29 0x00007f98f1ea7ea7 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #30 0x00007f98f1a94aef in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      The failure started happening after this commit in 10.5.4:

      commit 33b839b2e767775d2345caf73ff4eecd155f0518
      		 
      Author: Alexander Barkov
      		 
      Date:   Mon Jun 1 14:30:21 2020 +0400
      		 
       
      		 
          MDEV-20280 PERCENTILE_DISC() rejects temporal and string input

      Attachments

        Issue Links

          is caused by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-20280 PERCENTILE_DISC() rejects temporal and string input

          • Major - Major loss of function.
          • Closed

          Activity

            People

              bar Alexander Barkov
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.