Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Duplicate
-
11.8, 12.3, 13.0
-
Can result in hang or crash
Description
The following crash was found while testing MDEV-37608 on debug build but its release build sees a crash as in MDEV-28506.
Branch preview-13.0-preview
Commit c5f6fd3e7c8a430f8d27a505bb8d2ae00f6396a6
SET @@optimizer_switch='semijoin=off,partial_match_table_scan=off';
|
SELECT x FROM (SELECT * FROM (SELECT 0 AS x) AS x) AS x WHERE x IN (SELECT * FROM (SELECT 0) AS x WHERE x IN (SELECT x IN (0) AS x)) GROUP BY x HAVING NOT x;
|
leads to
Core was generated by `/test/MDEV-37608-MD100426-mariadb-13.0.0-linux-x86_64-dbg/bin/mariadbd --no-def'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x00006261aec419bc in my_strnncoll_utf8mb3_general1400_as_ci (cs=0x6261afb91430 <my_charset_utf8mb3_general1400_as_ci>, a=0x0, a_length=0, b=0x0, b_length=0,
|
b_is_prefix=0x0) at /test/preview-13.0-preview_dbg/strings/strcoll.inl:229
|
229 {
|
[Current thread is 1 (LWP 3998277)]
|
(gdb) bt
|
#0 0x00006261aec419bc in my_strnncoll_utf8mb3_general1400_as_ci (cs=0x6261afb91430 <my_charset_utf8mb3_general1400_as_ci>, a=0x0, a_length=0, b=0x0, b_length=0,
|
b_is_prefix=0x0) at /test/preview-13.0-preview_dbg/strings/strcoll.inl:229
|
#1 0x00006261adc4d97c in charset_info_st::strnncoll (this=0x6261afb91430 <my_charset_utf8mb3_general1400_as_ci>, a=..., b=..., b_is_prefix=0x0)
|
at /test/preview-13.0-preview_dbg/include/m_ctype.h:1154
|
#2 0x00006261adc4d81a in charset_info_st::streq (this=0x6261afb91430 <my_charset_utf8mb3_general1400_as_ci>, a=..., b=...)
|
at /test/preview-13.0-preview_dbg/include/m_ctype.h:1146
|
#3 0x00006261adc4ce6c in Lex_ident<Compare_ident_ci>::streq (this=0x885a003d0f8, rhs=...) at /test/preview-13.0-preview_dbg/sql/lex_ident.h:122
|
#4 0x00006261adf58cba in TABLE::find_field_by_name (this=0x885a003c240, str=0x885a0025968) at /test/preview-13.0-preview_dbg/sql/table.cc:11074
|
#5 0x00006261adce4f36 in find_field_in_table (thd=0x885a0000d58, table=0x885a003c240, name=..., allow_rowid=true, cached_field_index_ptr=0x885a0025988)
|
at /test/preview-13.0-preview_dbg/sql/sql_base.cc:6548
|
#6 0x00006261adce5792 in find_field_in_table_ref (thd=0x885a0000d58, table_list=0x885a001ebb8, name=..., item_name=0x885a00259c0 "x", db_name=0x0,
|
table_name=0x885a00259b8 "x", ignored_tables=0x0, ref=0x885a0025ab0, check_privileges=true, allow_rowid=true, cached_field_index_ptr=0x885a0025988,
|
register_tree_change=true, actual_table=0x1085d801c4e8) at /test/preview-13.0-preview_dbg/sql/sql_base.cc:6705
|
#7 0x00006261adce7372 in find_field_in_tables (thd=0x885a0000d58, item=0x885a0025890, first_table=0x885a001ebb8, last_table=0x0, ignored_tables=0x0,
|
ref=0x885a0025ab0, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true)
|
at /test/preview-13.0-preview_dbg/sql/sql_base.cc:7018
|
#8 0x00006261ae24d622 in Item_field::fix_fields (this=0x885a0025890, thd=0x885a0000d58, reference=0x885a0025ab0)
|
at /test/preview-13.0-preview_dbg/sql/item.cc:6490
|
#9 0x00006261adf4d532 in create_view_field (thd=0x885a0000d58, view=0x885a001ceb8, field_ref=0x885a0025ab0, name=0x885a0025ab8)
|
at /test/preview-13.0-preview_dbg/sql/table.cc:7407
|
#10 0x00006261adf4e03d in Field_iterator_view::create_item (this=0x1085d801caf8, thd=0x885a0000d58) at /test/preview-13.0-preview_dbg/sql/table.cc:7382
|
#11 0x00006261adce5d6d in find_field_in_view (thd=0x885a0000d58, table_list=0x885a001ceb8, name=..., item_name=0x885a00259c0 "x", ref=0x885a0025ab0,
|
register_tree_change=true) at /test/preview-13.0-preview_dbg/sql/sql_base.cc:6346
|
#12 0x00006261adce56ba in find_field_in_table_ref (thd=0x885a0000d58, table_list=0x885a001ceb8, name=..., item_name=0x885a00259c0 "x", db_name=0x0,
|
table_name=0x885a00259b8 "x", ignored_tables=0x0, ref=0x885a0025ab0, check_privileges=true, allow_rowid=true, cached_field_index_ptr=0x885a0025988,
|
register_tree_change=true, actual_table=0x1085d801ce98) at /test/preview-13.0-preview_dbg/sql/sql_base.cc:6697
|
#13 0x00006261adce7372 in find_field_in_tables (thd=0x885a0000d58, item=0x885a0025890, first_table=0x885a001ceb8, last_table=0x0, ignored_tables=0x0,
|
ref=0x885a0025ab0, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true)
|
at /test/preview-13.0-preview_dbg/sql/sql_base.cc:7018
|
#14 0x00006261ae24ba71 in Item_field::fix_outer_field (this=0x885a0025890, thd=0x885a0000d58, from_field=0x1085d801d568, reference=0x885a0025ab0)
|
at /test/preview-13.0-preview_dbg/sql/item.cc:6121
|
#15 0x00006261ae24d9f5 in Item_field::fix_fields (this=0x885a0025890, thd=0x885a0000d58, reference=0x885a0025ab0)
|
at /test/preview-13.0-preview_dbg/sql/item.cc:6582
|
#16 0x00006261adf4d532 in create_view_field (thd=0x885a0000d58, view=0x885a001ceb8, field_ref=0x885a0025ab0, name=0x885a0025ab8)
|
at /test/preview-13.0-preview_dbg/sql/table.cc:7407
|
#17 0x00006261adf4e03d in Field_iterator_view::create_item (this=0x1085d801d728, thd=0x885a0000d58) at /test/preview-13.0-preview_dbg/sql/table.cc:7382
|
#18 0x00006261adce5d6d in find_field_in_view (thd=0x885a0000d58, table_list=0x885a001ceb8, name=..., item_name=0x885a00259c0 "x", ref=0x885a0025ab0,
|
register_tree_change=true) at /test/preview-13.0-preview_dbg/sql/sql_base.cc:6346
|
#19 0x00006261adce56ba in find_field_in_table_ref (thd=0x885a0000d58, table_list=0x885a001ceb8, name=..., item_name=0x885a00259c0 "x", db_name=0x0,
|
table_name=0x885a00259b8 "x", ignored_tables=0x0, ref=0x885a0025ab0, check_privileges=true, allow_rowid=true, cached_field_index_ptr=0x885a0025988,
|
register_tree_change=true, actual_table=0x1085d801dac8) at /test/preview-13.0-preview_dbg/sql/sql_base.cc:6697
|
#20 0x00006261adce7372 in find_field_in_tables (thd=0x885a0000d58, item=0x885a0025890, first_table=0x885a001ceb8, last_table=0x0, ignored_tables=0x0,
|
ref=0x885a0025ab0, report_error=IGNORE_EXCEPT_NON_UNIQUE, check_privileges=true, register_tree_change=true)
|
at /test/preview-13.0-preview_dbg/sql/sql_base.cc:7018
|
|
Bug Detection Matrix |
Rel o/d Build Commit UniqueID observed
|
CS 10.6 dbg 030126 b64db51ad89d78e6a6f8bc238dd2e208b5f7aa92 No bug found
|
CS 10.6 dbg 240925 e1f12f149c198829e130eacbeddc19dce3f55b3b No bug found
|
CS 10.6 opt 030126 b64db51ad89d78e6a6f8bc238dd2e208b5f7aa92 No bug found
|
CS 10.6 opt 240925 e1f12f149c198829e130eacbeddc19dce3f55b3b No bug found
|
CS 10.11 dbg 240925 990b44495c6345fa1198d2f7cb61839d1ada97ef No bug found
|
CS 10.11 opt 240925 990b44495c6345fa1198d2f7cb61839d1ada97ef No bug found
|
CS 11.4 dbg 240925 e8ef8c005545f0163d76077e285c700e2822f533 No bug found
|
CS 11.4 opt 240925 e8ef8c005545f0163d76077e285c700e2822f533 No bug found
|
CS 11.8 dbg 240925 d203a8a5df95e2c5778a304a885fb7aedfbc095e SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|Field_iterator_view::create_item
|
CS 11.8 opt 240925 d203a8a5df95e2c5778a304a885fb7aedfbc095e SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|find_field_in_view
|
CS 12.1 dbg 240925 667c5e0b002a24bc595d60955950200a588f4fb7 SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|Field_iterator_view::create_item
|
CS 12.1 opt 240925 667c5e0b002a24bc595d60955950200a588f4fb7 SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|find_field_in_view
|
CS 12.2 dbg 141025 16c8bcc09a22709fdb770ee267317dac1e033984 SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|Field_iterator_view::create_item
|
CS 12.2 dbg 240925 b8a77289639a3b10ada64cf892f02b5cecdb1603 SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|Field_iterator_view::create_item
|
CS 12.2 opt 141025 16c8bcc09a22709fdb770ee267317dac1e033984 SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|find_field_in_view
|
CS 12.2 opt 240925 b8a77289639a3b10ada64cf892f02b5cecdb1603 SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|find_field_in_view
|
CS 12.3 dbg 200126 e79ed898a613d0f2914eb539a62ea688e347daab SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|Field_iterator_view::create_item
|
CS 12.3 opt 200126 e79ed898a613d0f2914eb539a62ea688e347daab SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|find_field_in_view
|
ES 10.6 dbg 240925 ed866636069dda51daa8570497926ae43af8aa24 No bug found
|
ES 10.6 opt 240925 ed866636069dda51daa8570497926ae43af8aa24 No bug found
|
ES 11.4 dbg 240925 0ddbffaced6c2b50ef4c6e0d8685b1fa25148875 No bug found
|
ES 11.4 opt 240925 0ddbffaced6c2b50ef4c6e0d8685b1fa25148875 No bug found
|
ES 11.8 dbg 240925 543157202acd67ac9b0bb50e0b35bf7790e5467d SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|Field_iterator_view::create_item
|
ES 11.8 opt 240925 543157202acd67ac9b0bb50e0b35bf7790e5467d SIGSEGV|find_field_in_tables|Item_field::fix_fields|create_view_field|find_field_in_view
|
The above bug matrix shows a crash as in MDEV-28506 started CS 11.8 and ES 11.8 onward.
Attachments
Issue Links
- duplicates
-
-
- Stalled
-