Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Duplicate
-
11.3.0
-
None
-
Ubuntu 20.04
Description
Run these queries in release build:
CREATE TABLE t0 ( c3 DECIMAL ( 35 ) NOT NULL ) ;
INSERT INTO t0 VALUES ( 107 ) , ( 16 ) ;
CREATE UNIQUE INDEX i0 ON t0 ( c3 ) ;
INSERT INTO t0 VALUES ( -49 ) , ( 6359926900298652327 ) ;
( SELECT c3 NOT IN ( DEGREES ( -105 < 32 AND 106 > -4 ) IS NOT NULL = SUM( t0 . c3 IN ( SELECT t0 . c3 AS c38 FROM t0 ) ) - AVG ( c3 ) OVER ( PARTITION BY t0 . c3 , LTRIM ( RTRIM ( t0 . c3 ) / EXP ( RAND ( ) + EXISTS ( SELECT t0 . c3 AS c43 FROM t0 JOIN t0 AS t1 LEFT OUTER JOIN t0 AS t2 ON TRUE ON t2 . c3 = t0 . c3 ) ) NOT LIKE REPLACE ( -105 , SUM( -110 = 7630906268540546188 LIKE EXP ( -95 ) XOR ROUND ( 83 , ( CONCAT ( 94 , '~3{>*:sRe
2U1^xW9ixo76cT,!L' ) + TAN ( -52 ) ^ OCT ( 51 ) = 85 IS NULL ) ) NOT BETWEEN -35 AND -52 ) OVER ( PARTITION BY t0 . c3 ROWS UNBOUNDED PRECEDING ) ^ COS ( MOD ( -87 , -2787301830726818039 ) SOUNDS LIKE IFNULL ( 2997521584933561420 , SUBSTRING( t0 . c3 , 'B#k zTEh_5mjL\'z[[5*.+.w[!e7T"e}VE)T<IRc<}$-v~m7n' ) >= 121 ) ) , 'a>No7qX==+2dW~%cxSrrL-hZ
{bkFF9}zq01gK>,JT"S5X|T]M^Y5AnAh5RmxJNbf' ) ) ) , -54 , ACOS ( 40 ) | + + FLOOR ( 78 ) / EXP ( -85 ) NOT LIKE - ROUND ( -58 , -32.342714 ) ) AS c53 FROM t0 GROUP BY c3 , c3 ) ;
Will trigger Segmentation fault.
GDB info:
Thread 16 "mariadbd" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffe011a700 (LWP 46364)]
0x0000000000000004 in ?? ()
(gdb) frame 1
#1 0x0000555556010caf in Arg_comparator::compare (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.h:104
104 inline int compare()
#0 0x0000000000000004 in ?? ()
#1 0x0000555556010caf in Arg_comparator::compare (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.h:104
#2 Item_func_eq::val_int (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.cc:1780
#3 0x0000555556011e2c in Item_func_xor::val_int (this=0x7fff94074cd0)
at /home/wx/mariadb-11.3.0/sql/item_cmpfunc.cc:6497
#4 0x00005555560464b2 in Item_int_func::val_real (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_func.cc:753
#5 0x00005555560c5342 in Item_sum_sum::add_helper (this=0x7fff94074d88,
perform_removal=perform_removal@entry=false)
at /home/wx/mariadb-11.3.0/sql/item_sum.cc:1695
#6 0x00005555560c567f in Item_sum_sum::add (this=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/item_sum.cc:1622
#7 0x0000555555f445d9 in Frame_cursor::add_value_to_items (this=0x7fff94085b28)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:1166
#8 Frame_cursor::add_value_to_items (this=0x7fff94085b28)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:1157
#9 Frame_rows_current_row_bottom::pre_next_partition (this=0x7fff94085b28, rownum=0)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:2012
#10 0x0000555555f41ff9 in Cursor_manager::notify_cursors_partition_changed (rownum=0,
this=0x7fff94026190) at /home/wx/mariadb-11.3.0/sql/sql_window.cc:1225
#11 compute_window_func (thd=thd@entry=0x7fff94000c58, window_functions=...,
cursor_managers=..., tbl=tbl@entry=0x7fff9408b160,
filesort_result=filesort_result@entry=0x7fff9403de40)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:2907
#12 0x0000555555f4249e in Window_func_runner::exec (this=this@entry=0x7fff94085198,
thd=thd@entry=0x7fff94000c58, tbl=0x7fff9408b160, filesort_result=0x7fff9403de40)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:3039
#13 0x0000555555f425c6 in Window_funcs_sort::exec (this=0x7fff94085190,
join=join@entry=0x7fff94079048, keep_filesort_result=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:3067
#14 0x0000555555f42efb in Window_funcs_computation::exec (this=0x7fff94085170,
join=join@entry=0x7fff94079048,
keep_last_filesort_result=keep_last_filesort_result@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_window.cc:3196
#15 0x0000555555de7e01 in AGGR_OP::end_send (this=0x7fff94084a20)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:32300
#16 0x0000555555de8150 in sub_select_postjoin_aggr (join=0x7fff94079048,
join_tab=0x7fff9407fef0, end_of_records=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:23128
#17 0x0000555555df1814 in do_select (procedure=<optimized out>, join=0x7fff94079048)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:22963
#18 JOIN::exec_inner (this=this@entry=0x7fff94079048)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:4941
#19 0x0000555555df1d78 in JOIN::exec (this=this@entry=0x7fff94079048)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:4718
#20 0x0000555555defe1c in mysql_select (thd=thd@entry=0x7fff94000c58, tables=0x7fff94077cb0,
fields=..., conds=0x0, og_num=3, order=0x0, group=0x7fff94016380, having=0x0,
proc_param=0x0, select_options=<optimized out>, result=0x7fff94079020,
unit=0x7fff94004ee8, select_lex=0x7fff94013448)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:5249
#21 0x0000555555df0607 in handle_select (thd=thd@entry=0x7fff94000c58,
lex=lex@entry=0x7fff94004e08, result=result@entry=0x7fff94079020,
setup_tables_done_option=setup_tables_done_option@entry=0)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:628
#22 0x0000555555d6de41 in execute_sqlcom_select (thd=thd@entry=0x7fff94000c58,
all_tables=0x7fff94077cb0) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:6013
#23 0x0000555555d7c2aa in mysql_execute_command (thd=thd@entry=0x7fff94000c58,
is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:3912
#24 0x0000555555d68c27 in mysql_parse (thd=0x7fff94000c58, rawbuf=<optimized out>,
length=<optimized out>, parser_state=<optimized out>)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:7734
#25 0x0000555555d74fdd in dispatch_command (command=command@entry=COM_QUERY,
thd=thd@entry=0x7fff94000c58, packet=packet@entry=0x7fff94008509 "",
packet_length=packet_length@entry=978, blocking=blocking@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_class.h:251
#26 0x0000555555d7721e in do_command (thd=0x7fff94000c58, blocking=blocking@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1406
#27 0x0000555555e9a617 in do_handle_one_connection (connect=<optimized out>,
connect@entry=0x555557e11218, put_in_cache=put_in_cache@entry=true)
at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1445
#28 0x0000555555e9a94d in handle_one_connection (arg=arg@entry=0x555557e11218)
at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1347
#29 0x00005555561e658d in pfs_spawn_thread (arg=0x555557dbaf88)
at /home/wx/mariadb-11.3.0/storage/perfschema/pfs.cc:2201
#30 0x00007ffff7b48609 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#31 0x00007ffff7719133 in clone () from /lib/x86_64-linux-gnu/libc.so.6
Attachments
Issue Links
- duplicates
-
-
- Confirmed
-
Thanks! This is the same as MDEV-32415
Server version: 11.2.2-MariaDB-debug-log source revision: d0f8dfbcf0272cfe8393d1c0816122c3e1115bb9/lib/x86_64-linux-gnu/libc.so.6(+0x33fd6)[0x7f0aa83acfd6]sql/item_func.cc:762(Item_int_func::val_real())[0x55bbaa8ca349]sql/item_sum.cc:1834(Aggregator_simple::arg_val_real())[0x55bbaaa51b3f]sql/item_sum.cc:1695(Item_sum_sum::add_helper(bool))[0x55bbaaa50615]sql/item_sum.cc:1623(Item_sum_sum::add())[0x55bbaaa4f7a3]sql/sql_window.cc:1164(Frame_cursor::add_value_to_items())[0x55bbaa56e0e9]sql/sql_window.cc:2013(Frame_rows_current_row_bottom::pre_next_partition(unsigned long long))[0x55bbaa571c02]sql/sql_window.cc:1224(Cursor_manager::notify_cursors_partition_changed(unsigned long long))[0x55bbaa56e83b]sql/sql_window.cc:2907(compute_window_func(THD*, List<Item_window_func>&, List<Cursor_manager>&, TABLE*, SORT_INFO*))[0x55bbaa56988a]sql/sql_window.cc:3039(Window_func_runner::exec(THD*, TABLE*, SORT_INFO*))[0x55bbaa56a093]sql/sql_window.cc:3067(Window_funcs_sort::exec(JOIN*, bool))[0x55bbaa56a2e2]sql/sql_window.cc:3196(Window_funcs_computation::exec(JOIN*, bool))[0x55bbaa56b108]sql/sql_select.cc:32382(AGGR_OP::end_send())[0x55bba9ffac3c]sql/sql_select.cc:23188(sub_select_postjoin_aggr(JOIN*, st_join_table*, bool))[0x55bba9fb75b0]sql/sql_select.cc:23438(sub_select(JOIN*, st_join_table*, bool))[0x55bba9fb80eb]sql/sql_select.cc:23023(do_select(JOIN*, Procedure*))[0x55bba9fb65bb]sql/sql_select.cc:4943(JOIN::exec_inner())[0x55bba9f340f3]sql/sql_select.cc:4720(JOIN::exec())[0x55bba9f314aa]sql/sql_select.cc:5251(mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*))[0x55bba9f35cb5]sql/sql_select.cc:628(handle_select(THD*, LEX*, select_result*, unsigned long long))[0x55bba9f051d0]sql/sql_parse.cc:6066(execute_sqlcom_select(THD*, TABLE_LIST*))[0x55bba9e26ced]sql/sql_parse.cc:3957(mysql_execute_command(THD*, bool))[0x55bba9e17939]sql/sql_parse.cc:7807(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55bba9e31b6b]sql/sql_parse.cc:1895(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x55bba9e09ed6]sql/sql_parse.cc:1406(do_command(THD*, bool))[0x55bba9e06c20]sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x55bbaa2e4794]sql/sql_connect.cc:1322(handle_one_connection)[0x55bbaa2e40f1]perfschema/pfs.cc:2203(pfs_spawn_thread)[0x55bbaaf57266]nptl/pthread_create.c:478(start_thread)[0x7f0aa88c7609]Query (0x6290001092a8): ( SELECT c3 NOT IN ( DEGREES ( -105 < 32 AND 106 > -4 ) IS NOT NULL = SUM( t0 . c3 IN ( SELECT t0 . c3 AS c38 FROM t0 ) ) - AVG ( c3 ) OVER ( PARTITION BY t0 . c3 , LTRIM ( RTRIM ( t0 . c3 ) / EXP ( RAND ( ) + EXISTS ( SELECT t0 . c3 AS c43 FROM t0 JOIN t0 AS t1 LEFT OUTER JOIN t0 AS t2 ON TRUE ON t2 . c3 = t0 . c3 ) ) NOT LIKE REPLACE ( -105 , SUM( -110 = 7630906268540546188 LIKE EXP ( -95 ) XOR ROUND ( 83 , ( CONCAT ( 94 , '~3{>*:sRe{(\'j%Hq<?]CX3j3v}2U1^xW9ixo76cT,!L' ) + TAN ( -52 ) ^ OCT ( 51 ) = 85 IS NULL ) ) NOT BETWEEN -35 AND -52 ) OVER ( PARTITION BY t0 . c3 ROWS UNBOUNDED PRECEDING ) ^ COS ( MOD ( -87 , -2787301830726818039 ) SOUNDS LIKE IFNULL ( 2997521584933561420 , SUBSTRING( t0 . c3 , 'B#k zTEh_5mjL\'z[[5*.+.w[!e7T"e}VE)T<IRc<}$-v~m7n' ) >= 121 ) ) , 'a>No7qX==+2dW~%cxSrrL-hZ{bkFF9}zq01gK>,JT"S5X|T]M^Y5AnAh5RmxJNbf' ) ) ) , -54 , ACOS ( 40 ) | + + FLOOR ( 78 ) / EXP ( -85 ) NOT LIKE - ROUND ( -58 , -32.342714 ) ) AS c53 FROM t0 GROUP BY c3 , c3 )