Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-4285

Server crashes in ptr_compare on NOW and CAST in ORDER BY

Details

    Description

      Also reproducible on MySQL 5.6 and filed as http://bugs.mysql.com/bug.php?id=68694

      CREATE TABLE t1 (pk INT PRIMARY KEY) ENGINE=MyISAM;
      INSERT INTO t1 VALUES (1),(2),(3),(4),(5),(6),(7),(8),(9),(10);
      SELECT * FROM t1 ORDER BY NOW(), CAST( pk AS CHAR(0) );

      #3  <signal handler called>
      #4  ptr_compare (compare_length=0x7f77c37dadf8, a=0x7f77b4024290, b=0x7f77b4107948) at 10.0/mysys/ptr_cmp.c:97
      #5  0x0000000000d5f91f in my_qsort2 (base_ptr=0x7f77b4024268, count=10, size=8, cmp=0xd78fb6 <ptr_compare>, cmp_argument=0x7f77c37dadf8) at 10.0/mysys/mf_qsort.c:162
      #6  0x0000000000973a72 in Filesort_buffer::sort_buffer (this=0x7f77c37dafa0, param=0x7f77c37daf20, count=10) at 10.0/sql/filesort_utils.cc:142
      #7  0x00000000007e656b in Filesort_info::sort_buffer (this=0x7f77c37dafa0, param=0x7f77c37daf20, count=10) at 10.0/sql/table.h:329
      #8  0x00000000007e4288 in save_index (param=0x7f77c37daf20, count=10, table_sort=0x7f77c37dafa0) at 10.0/sql/filesort.cc:1148
      #9  0x00000000007e1c42 in filesort (thd=0x2661aa8, table=0x7f77b401d498, sortorder=0x7f77b4024020, s_length=1, select=0x7f77b4023df0, max_rows=18446744073709551615, sort_positions=false, examined_rows=0x7f77c37db4d0, found_rows=0x7f77c37db4d8) at 10.0/sql/filesort.cc:302
      #10 0x0000000000679cb6 in create_sort_index (thd=0x2661aa8, join=0x7f77b4022a80, order=0x7f77b40fcfe0, filesort_limit=18446744073709551615, select_limit=18446744073709551615, is_order_by=true) at 10.0/sql/sql_select.cc:19220
      #11 0x0000000000652574 in JOIN::exec_inner (this=0x7f77b4022a80) at 10.0/sql/sql_select.cc:2934
      #12 0x000000000064fa1d in JOIN::exec (this=0x7f77b4022a80) at 10.0/sql/sql_select.cc:2255
      #13 0x0000000000653058 in mysql_select (thd=0x2661aa8, rref_pointer_array=0x2664ed8, tables=0x7f77b4046060, wild_num=1, fields=..., conds=0x0, og_num=2, order=0x7f77b4048f70, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f77b40443f0, unit=0x2664530, select_lex=0x2664c28) at 10.0/sql/sql_select.cc:3192
      #14 0x0000000000649851 in handle_select (thd=0x2661aa8, lex=0x2664478, result=0x7f77b40443f0, setup_tables_done_option=0) at 10.0/sql/sql_select.cc:363
      #15 0x0000000000620ade in execute_sqlcom_select (thd=0x2661aa8, all_tables=0x7f77b4046060) at 10.0/sql/sql_parse.cc:5004
      #16 0x00000000006190c9 in mysql_execute_command (thd=0x2661aa8) at 10.0/sql/sql_parse.cc:2472
      #17 0x00000000006233b9 in mysql_parse (thd=0x2661aa8, rawbuf=0x7f77b4041c90 "SELECT * FROM t1 ORDER BY NOW(), CAST( pk AS CHAR(0) )", length=54, parser_state=0x7f77c37dc4e0) at 10.0/sql/sql_parse.cc:6124
      #18 0x00000000006162bd in dispatch_command (command=COM_QUERY, thd=0x2661aa8, packet=0x2666d29 "SELECT * FROM t1 ORDER BY NOW(), CAST( pk AS CHAR(0) )", packet_length=54) at 10.0/sql/sql_parse.cc:1266
      #19 0x0000000000615444 in do_command (thd=0x2661aa8) at 10.0/sql/sql_parse.cc:982
      #20 0x000000000072a38d in do_handle_one_connection (thd_arg=0x2661aa8) at 10.0/sql/sql_connect.cc:1267
      #21 0x0000000000729d5d in handle_one_connection (arg=0x2661aa8) at 10.0/sql/sql_connect.cc:1181
      #22 0x0000000000afd752 in pfs_spawn_thread (arg=0x25f8258) at 10.0/storage/perfschema/pfs.cc:1800
      #23 0x00007f77d5125e9a in start_thread (arg=0x7f77c37dd700) at pthread_create.c:308
      #24 0x00007f77d4419cbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

      revision-id: wlad@montyprogram.com-20130219194433-n0p9yx9hmqbcuh77
      revno: 3503
      branch-nick: 10.0

      Reproducible with the default optimizer_switch as well as with all OFF values.
      EXPLAIN (with the default optimizer_switch):

      id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
      1	SIMPLE	t1	index	NULL	PRIMARY	4	NULL	10	100.00	Using index; Using filesort
      Warnings:
      Note	1003	select `test`.`t1`.`pk` AS `pk` from `test`.`t1` order by now(),cast(`test`.`t1`.`pk` as char(0) charset latin1)

      Attachments

        Issue Links

          Activity

            The upstream bug is said to be fixed in 5.6.12, so the bugfix should make it to 10.0 eventually, with the merge. Thus, I'm reducing the priority.

            elenst Elena Stepanova added a comment - The upstream bug is said to be fixed in 5.6.12, so the bugfix should make it to 10.0 eventually, with the merge. Thus, I'm reducing the priority.

            Still reproducible on the current 10.0 tree, revno 4471.
            Since we don't merge non-InnoDB fixes automatically, I'm raising the priority.

            Bugfix in 5.6 tree:

            revno: 4961
            revision-id: tor.didriksen@oracle.com-20130326140615-u4yve4nsx3nl5kkn
            parent: marko.makela@oracle.com-20130326125541-yuqr5hxvt2pq5jrh
            committer: Tor Didriksen <tor.didriksen@oracle.com>
            branch nick: 5.6
            timestamp: Tue 2013-03-26 15:06:15 +0100
            message:
              Bug#16503160 SERVER CRASHES IN PTR_COMPARE ON NOW AND CAST IN ORDER BY
              
              Skip sorting of filesort buffer if sort_length == 0

            elenst Elena Stepanova added a comment - Still reproducible on the current 10.0 tree, revno 4471. Since we don't merge non-InnoDB fixes automatically, I'm raising the priority. Bugfix in 5.6 tree: revno: 4961 revision-id: tor.didriksen@oracle.com-20130326140615-u4yve4nsx3nl5kkn parent: marko.makela@oracle.com-20130326125541-yuqr5hxvt2pq5jrh committer: Tor Didriksen <tor.didriksen@oracle.com> branch nick: 5.6 timestamp: Tue 2013-03-26 15:06:15 +0100 message: Bug#16503160 SERVER CRASHES IN PTR_COMPARE ON NOW AND CAST IN ORDER BY Skip sorting of filesort buffer if sort_length == 0

            People

              serg Sergei Golubchik
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.