Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.4, 10.5, 10.6, 10.9, 10.10, 10.11, 11.0, 11.1, 11.2, 11.3.0
-
None
-
Ubuntu 20.04
Description
Run these queries in debug build:
CREATE TABLE x ( x INT ) ;
INSERT INTO x ( x ) VALUES ( 1 ) ;
UPDATE x SET x = 1 WHERE x = 1 ;
INSERT INTO x ( x ) VALUES ( 1 ) , ( 1 ) ;
WITH RECURSIVE x ( x ) AS ( WITH x ( x ) AS ( SELECT 1 EXCEPT SELECT x + 1 ORDER BY ( x = 'x' AND x BETWEEN 1 AND 1 ) OR ( ( SELECT ( SELECT x WHERE x = x ) FROM x AS x GROUP BY x ORDER BY 1 , 1 DESC ) != ( SELECT 1 FROM x WHERE x != 'x' WINDOW x AS ( PARTITION BY x ORDER BY 1 DESC ) ) AND x = 1 ) ASC ) SELECT 1 EXCEPT SELECT x + 1 FROM x ) SELECT - x , x FROM x ;
Will trigger Segmentation fault.
GDB info:
#0 0x00007ffff761e379 in __interceptor_memcpy (dst=0x7fffc29d60da, src=0x6290000f52c5, size=0) at ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:790
#1 0x00005555571885fd in Lex_input_stream::skip_binary (this=0x7fffd0d1a7e0, n=0) at /home/wx/mariadb-11.3.0/sql/sql_lex.h:2537
#2 0x0000555557137ab2 in Lex_input_stream::scan_ident_middle (this=0x7fffd0d1a7e0, thd=0x62c0001e0288, str=0x7fffd0d198b0, introducer=0x7fffd0d198b0, st=0x7fffd0d17ca0) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:2740
#3 0x0000555557133c8f in Lex_input_stream::lex_one_token (this=0x7fffd0d1a7e0, yylval=0x7fffd0d198b0, thd=0x62c0001e0288) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:2154
#4 0x000055555713281f in Lex_input_stream::lex_token (this=0x7fffd0d1a7e0, yylval=0x7fffd0d198b0, thd=0x62c0001e0288) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:1901
#5 0x000055555713260d in MYSQLlex (yylval=0x7fffd0d198b0, thd=0x62c0001e0288) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:1873
#6 0x0000555557987035 in MYSQLparse (thd=0x62c0001e0288) at /home/wx/mariadb-11.3.0/build/sql/yy_mariadb.cc:28015
#7 0x0000555557079406 in THD::sql_parser (this=0x62c0001e0288, old_lex=0x7fffc29c8728, lex=0x7fffc29d4428, str=0x6290000f52c3 " WITH x ( x ) AS ( SELECT 1 EXCEPT SELECT x + 1 ORDER BY ( x = 'x' AND x BETWEEN 1 AND 1 ) OR ( ( SELECT ( SELECT x WHERE x = x ) FROM x AS x GROUP BY x ORDER BY 1 , 1 DESC ) != ( SELECT 1 FROM x WHER"..., str_len=314, stmt_prepare_mode=false) at /home/wx/mariadb-11.3.0/sql/sql_class.cc:2919
#8 0x000055555791e1f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc29c8728, with_table=0x7fffc29ce400) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1074
#9 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc29c8728, tables=0x7fffc29ce400, tables_last=0x7fffc29d3820) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#10 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc29bca28, with_table=0x7fffc29c2700) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#11 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc29bca28, tables=0x7fffc29c2700, tables_last=0x7fffc29c7b20) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#12 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc29b0d28, with_table=0x7fffc29b6a00) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#13 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc29b0d28, tables=0x7fffc29b6a00, tables_last=0x7fffc29bbe20) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#14 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc29a5028, with_table=0x7fffc29aad00) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#15 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc29a5028, tables=0x7fffc29aad00, tables_last=0x7fffc29b0120) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#16 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc2999328, with_table=0x7fffc299f000) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#17 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc2999328, tables=0x7fffc299f000, tables_last=0x7fffc29a4420) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#18 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc298d628, with_table=0x7fffc2993300) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#19 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc298d628, tables=0x7fffc2993300, tables_last=0x7fffc2998720) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#20 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x629000165648, old_lex=0x7fffc2981928, with_table=0x7fffc2987600) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#21 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x7fffc2981928, tables=0x7fffc2987600, tables_last=0x7fffc298ca20) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
.....................................
#9771 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x62d0000be4a8, tables=0x62d0000c3e48, tables_last=0x62d0000cb298)
at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#9772 0x000055555791e4f2 in With_element::clone_parsed_spec (this=0x6290001015f8, old_lex=0x62c0001d45f8, with_table=0x6290000fc0c0)
at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:1101
#9773 0x000055555791ac0a in LEX::resolve_references_to_cte (this=0x62c0001d45f8, tables=0x6290000faae8, tables_last=0x629000101fa8)
at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:204
#9774 0x000055555791afcf in LEX::check_cte_dependencies_and_resolve_references (this=0x62c0001d45f8) at /home/wx/mariadb-11.3.0/sql/sql_cte.cc:247
#9775 0x0000555557165437 in LEX::check_main_unit_semantics (this=0x62c0001d45f8) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:9159
#9776 0x00005555571707eb in LEX::select_finalize (this=0x62c0001d45f8, expr=0x6290001026e8) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:10475
#9777 0x00005555571708df in LEX::select_finalize (this=0x62c0001d45f8, expr=0x6290001026e8, l=...) at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:10482
#9778 0x00005555579a562b in MYSQLparse (thd=0x62c0001d0288) at /home/wx/mariadb-11.3.0/sql/sql_yacc.yy:8535
#9779 0x00005555571e867f in parse_sql (thd=0x62c0001d0288, parser_state=0x7fffd164c870, creation_ctx=0x0, do_pfs_digest=true)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:10109
#9780 0x00005555571d912b in mysql_parse (thd=0x62c0001d0288,
rawbuf=0x6290000f52a8 "WITH RECURSIVE x ( x ) AS ( WITH x ( x ) AS ( SELECT 1 EXCEPT SELECT x + 1 ORDER BY ( x = 'x' AND x BETWEEN 1 AND 1 ) OR ( ( SELECT ( SELECT x WHERE x = x ) FROM x AS x GROUP BY x ORDER BY 1 , 1 DESC "..., length=364, parser_state=0x7fffd164c870)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:7686
#9781 0x00005555571b1237 in dispatch_command (command=COM_QUERY, thd=0x62c0001d0288,
packet=0x6290000eb289 "WITH RECURSIVE x ( x ) AS ( WITH x ( x ) AS ( SELECT 1 EXCEPT SELECT x + 1 ORDER BY ( x = 'x' AND x BETWEEN 1 AND 1 ) OR ( ( SELECT ( SELECT x WHERE x = x ) FROM x AS x GROUP BY x ORDER BY 1 , 1 DESC "..., packet_length=364, blocking=true) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1893
#9782 0x00005555571adf7c in do_command (thd=0x62c0001d0288, blocking=true) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1406
#9783 0x000055555768e557 in do_handle_one_connection (connect=0x61100005b108, put_in_cache=true) at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1445
#9784 0x000055555768deb4 in handle_one_connection (arg=0x61100005b108) at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1347
#9785 0x00005555582fa350 in pfs_spawn_thread (arg=0x618000006508) at /home/wx/mariadb-11.3.0/storage/perfschema/pfs.cc:2201
#9786 0x00007ffff7115609 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#9787 0x00007ffff6ce8133 in clone () from /lib/x86_64-linux-gnu/libc.so.6
Attachments
Issue Links
- relates to
-
-
- Confirmed
-