[MDEV-7690] Server crashes in Item_field::used_tables on 2nd execution of PS with view, ONLY_FULL_GROUP_BY, WHERE subquery - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 5.5(EOL), 10.0(EOL), 10.1(EOL)
Fix Version/s: 5.5.45, 10.0.21
Component/s: Optimizer, Prepared Statements, Views
Labels:
None

Sprint:
5.5.47-1

Description

Attention: I am only getting the crash on a VALGRIND build
cmake . -DCMAKE_BUILD_TYPE=Debug -DWITH_VALGRIND=YES

See also ~~MDEV-7688~~, ~~MDEV-7689~~, ~~MDEV-7696~~, ~~MDEV-7751~~ - they all are somewhat similar, probably there are duplicates among them; but effects are different everywhere.

The problem appeared in 5.5 tree with the following revision:

revno: 4255

revision-id: sanja@askmonty.org-20140731071110-4uyuza0ykesfxe1b

parent: monty@mariadb.org-20140730102752-3ilbpvmbhr2r9a4x

committer: sanja@askmonty.org

branch nick: work-maria-5.5-MDEV-6441

timestamp: Thu 2014-07-31 10:11:10 +0300

message:

  MDEV-6441: memory leak

  mysql_derived_prepare() was executed on the statement memory.

  Now it is executed on the runtime memory.

  All bugs induced by this were fixed.

Stack trace from 5.5 commit 34f37aa0c0aa87cfb6908500e937516ff37ea6f0
#3 <signal handler called>
#4 0x00000000008066e9 in Item_field::used_tables (this=0x7f205c046198) at sql/item.cc:2720
#5 0x000000000077c7b7 in optimize_semijoin_nests (join=0x7f205c053c18, all_table_map=127) at sql/opt_subselect.cc:2193
#6 0x000000000066fbed in make_join_statistics (join=0x7f205c053c18, tables_list=..., conds=0x7f205c047958, keyuse_array=0x7f205c053f50) at sql/sql_select.cc:3790
#7 0x0000000000666b44 in JOIN::optimize (this=0x7f205c053c18) at sql/sql_select.cc:1229
#8 0x000000000066d551 in mysql_select (thd=0x7f205cd18000, rref_pointer_array=0x7f205c0e0a88, tables=0x7f205c050c18, wild_num=0, fields=..., conds=0x7f205c047958, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2416184064, result=0x7f205c044058, unit=0x7f205c0e00c8, select_lex=0x7f205c0e07c8) at sql/sql_select.cc:3080
#9 0x0000000000663e63 in handle_select (thd=0x7f205cd18000, lex=0x7f205c0e0018, result=0x7f205c044058, setup_tables_done_option=0) at sql/sql_select.cc:319
#10 0x000000000063c293 in execute_sqlcom_select (thd=0x7f205cd18000, all_tables=0x7f205c050c18) at sql/sql_parse.cc:4689
#11 0x000000000063546c in mysql_execute_command (thd=0x7f205cd18000) at sql/sql_parse.cc:2234
#12 0x0000000000656b1b in Prepared_statement::execute (this=0x7f205c0d6600, expanded_query=0x7f205cbb4c50, open_cursor=false) at sql/sql_prepare.cc:3928
#13 0x0000000000655c32 in Prepared_statement::execute_loop (this=0x7f205c0d6600, expanded_query=0x7f205cbb4c50, open_cursor=false, packet=0x0, packet_end=0x0) at sql/sql_prepare.cc:3587
#14 0x0000000000653d56 in mysql_sql_stmt_execute (thd=0x7f205cd18000) at sql/sql_prepare.cc:2737
#15 0x000000000063549a in mysql_execute_command (thd=0x7f205cd18000) at sql/sql_parse.cc:2244
#16 0x000000000063ed98 in mysql_parse (thd=0x7f205cd18000, rawbuf=0x7f205c01c0d8 "EXECUTE stmt", length=12, parser_state=0x7f205cbb5610) at sql/sql_parse.cc:5909
#17 0x00000000006329b3 in dispatch_command (command=COM_QUERY, thd=0x7f205cd18000, packet=0x7f205cd8c001 "EXECUTE stmt", packet_length=12) at sql/sql_parse.cc:1079
#18 0x0000000000631b3f in do_command (thd=0x7f205cd18000) at sql/sql_parse.cc:793
#19 0x0000000000739b14 in do_handle_one_connection (thd_arg=0x7f205cd18000) at sql/sql_connect.cc:1266
#20 0x00000000007395d3 in handle_one_connection (arg=0x7f205cd18000) at sql/sql_connect.cc:1181
#21 0x0000000000b836e3 in pfs_spawn_thread (arg=0x7f2060fed760) at storage/perfschema/pfs.cc:1015
#22 0x00007f2062d6cb50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#23 0x00007f206167a70d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

Test case
SET sql_mode = ONLY_FULL_GROUP_BY;

CREATE TABLE t1 (a INT, f1 INT, f2 INT, f3 INT, f4 INT, f5 INT, f6 INT, f7 INT, f8 INT, f9 INT) ENGINE=MyISAM;
CREATE ALGORITHM=MERGE VIEW v1 AS SELECT * FROM t1;
INSERT INTO t1 VALUES (4, 2, 2, 2, 2, 2, 1, 1, 0, 0),(6, 1, 2, 2, 1, 1, 2, 2, 0, 0);

CREATE TABLE t2 (b INT) ENGINE=MyISAM;
INSERT INTO t2 VALUES (1),(8);

CREATE TABLE t3 (c INT) ENGINE=MyISAM;
INSERT INTO t3 VALUES (8),(3);

PREPARE stmt FROM "
SELECT a, ( b + a ), a, b,
( SELECT MIN(a) FROM t1, t2 WHERE b <> from_sq1.b ) AS select_sq
FROM ( SELECT t2.* FROM t2, t3 ) AS from_sq1, ( SELECT * FROM t1 ) AS from_sq2
WHERE 0 IN (
SELECT a FROM t1
WHERE a IN (
SELECT t1.a FROM t1, v1, t2
WHERE b = v1.a
)
)
";

EXECUTE stmt;
EXECUTE stmt;

Attachments

Issue Links

relates to

MDEV-7688 Server crashes in TABLE_LIST::is_view_or_derived on 2nd execution of PS with ONLY_FULL_GROUP_BY

Closed

MDEV-7689 Server crashes in Item_subselect::recalc_used_tables on 2nd execution of PS with view, ONLY_FULL_GROUP_BY, HAVING subquery

Closed

MDEV-7696 Server goes into an endless loop on 2nd execution of PS with ONLY_FULL_GROUP_BY, subqueries

Closed

MDEV-7751 Server crashes in TABLE_LIST::reset_const_table on 2nd execution of PS with ONLY_FULL_GROUP_BY, view, subqueries

Closed

MDEV-7688 Server crashes in TABLE_LIST::is_view_or_derived on 2nd execution of PS with ONLY_FULL_GROUP_BY

Closed

MDEV-7689 Server crashes in Item_subselect::recalc_used_tables on 2nd execution of PS with view, ONLY_FULL_GROUP_BY, HAVING subquery

Closed

MDEV-7696 Server goes into an endless loop on 2nd execution of PS with ONLY_FULL_GROUP_BY, subqueries

Closed

MDEV-7751 Server crashes in TABLE_LIST::reset_const_table on 2nd execution of PS with ONLY_FULL_GROUP_BY, view, subqueries

Closed

(3 relates to)

Activity

People

Assignee:: Michael Widenius

Reporter:: Elena Stepanova

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2015-03-10 15:58

Updated:: 2015-12-02 15:45

Resolved:: 2015-12-02 15:45

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server