Details
-
Bug
-
Status: Open (View Workflow)
-
Minor
-
Resolution: Unresolved
-
10.0.0, 5.5.28a, 5.3.11
-
None
-
None
Description
==28830== Invalid read of size 8
|
==28830== at 0x74D646: best_access_path(JOIN*, st_join_table*, unsigned long long, unsigned int, bool, double, st_position*, st_position*) (sql_select.cc:5364)
|
==28830== by 0x7502DF: best_extension_by_limited_search(JOIN*, unsigned long long, unsigned int, double, double, unsigned int, unsigned int) (sql_select.cc:6664)
|
==28830== by 0x750650: best_extension_by_limited_search(JOIN*, unsigned long long, unsigned int, double, double, unsigned int, unsigned int) (sql_select.cc:6725)
|
==28830== by 0x74F7FF: greedy_search(JOIN*, unsigned long long, unsigned int, unsigned int) (sql_select.cc:6281)
|
==28830== by 0x74EE7B: choose_plan(JOIN*, unsigned long long) (sql_select.cc:5869)
|
==28830== by 0x7490DC: make_join_statistics(JOIN*, List<TABLE_LIST>&, Item*, st_dynamic_array*) (sql_select.cc:3631)
|
==28830== by 0x740200: JOIN::optimize() (sql_select.cc:1153)
|
==28830== by 0x746CF4: mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2969)
|
==28830== by 0x73D7A2: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:286)
|
==28830== by 0x6C299E: mysql_execute_command(THD*) (sql_parse.cc:3310)
|
==28830== by 0x6CB692: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6158)
|
==28830== by 0x6BD19F: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1228)
|
==28830== by 0x6BC4B3: do_command(THD*) (sql_parse.cc:923)
|
==28830== by 0x6B8F0C: handle_one_connection (sql_connect.cc:1218)
|
==28830== by 0x548BEFB: start_thread (pthread_create.c:304)
|
==28830== by 0x5F18F4C: clone (clone.S:112)
|
==28830== Address 0x1f05e970 is not stack'd, malloc'd or (recently) free'd
|
branch: maria/5.3
|
revision-id: sanja@montyprogram.com-20121205190600-fzhla1o8ecu3hf20
|
date: 2012-12-05 21:06:00 +0200
|
revno: 3606
|
Also reproducible on maria/5.5, maria/10.0, maria/10.0-base, and on older revisions of maria/5.3 (tried tag:mariadb-5.3.9).
Not reproducible with MyISAM or Aria.
Not reproducible with SELECT without INSERT.
Not reproducible with MERGE view, but reproducible with TEMPTABLE view or with FROM subquery.
Could not reproduce after removing at least one more column from the table definition.
Could not reproduce after replacing the TEXT column with INT.
Minimal optimizer_switch: derived_with_keys=on
Full optimizer_switch (default, from 5.3):
index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on
|
Test case:
--source include/have_innodb.inc
|
|
|
SET optimizer_switch = 'derived_with_keys=on'; |
|
|
CREATE TABLE t1 ( |
c01 INT, c02 INT, c03 INT, c04 TEXT, |
c05 INT, c06 INT, c07 INT, c08 INT, |
c09 INT, c10 INT, c11 INT, c12 INT, |
c13 INT, c14 INT, c15 INT, c16 INT, |
c17 INT, c18 INT, c19 INT, c20 INT, |
c21 INT, c22 INT, c23 INT, c24 INT, |
c25 INT, c26 INT, c27 INT, c28 INT, |
c29 INT, c30 INT, c31 INT, c32 INT |
) ENGINE=InnoDB;
|
|
|
CREATE TABLE t2 LIKE t1; |
|
|
INSERT INTO t1 (c01) VALUES (1),(2); |
INSERT INTO t2 (c01) VALUES (1),(2); |
|
|
CREATE ALGORITHM=TEMPTABLE VIEW v1 AS SELECT * FROM t1; |
|
|
INSERT INTO t1 SELECT * FROM v1 NATURAL JOIN t2; |
|
|