[MDEV-16170] Server crashes in Item_null_result::type_handler on SELECT with ROLLUP Created: 2018-05-14  Updated: 2018-05-15  Resolved: 2018-05-15

Status: Closed
Project: MariaDB Server
Component/s: Temporal Types
Affects Version/s: 10.3
Fix Version/s: 10.3.7

Type: Bug Priority: Critical
Reporter: Elena Stepanova Assignee: Michael Widenius
Resolution: Fixed Votes: 0
Labels: regression


 Description    

CREATE TABLE t1 (d DATE);
 
INSERT INTO t1 VALUES ('2032-10-08');
 
SELECT d != '2023-03-04' AS f, COUNT(*) FROM t1 GROUP BY d WITH ROLLUP;
 
 
 
# Cleanup
 
DROP TABLE t1;

10.3 4a5e23e257e

 
#3  <signal handler called>
 
#4  0x0000560d4241d4ed in Item_null_result::type_handler (this=0x7f04a0017c78) at /data/src/10.3/sql/item.h:3186
 
#5  0x0000560d423143cb in Item_ref::type_handler (this=0x7f04a0016540) at /data/src/10.3/sql/item.h:4725
 
#6  0x0000560d422d08c1 in Item::field_type (this=0x7f04a0016540) at /data/src/10.3/sql/item.h:833
 
#7  0x0000560d425704a1 in Temporal_with_date::make_from_item (this=0x7f04b1b356a0, thd=0x7f04a0000b00, item=0x7f04a0016540, flags=33554433) at /data/src/10.3/sql/sql_type.cc:147
 
#8  0x0000560d4228dc46 in Temporal_with_date::Temporal_with_date (this=0x7f04b1b356a0, thd=0x7f04a0000b00, item=0x7f04a0016540, flags=33554433) at /data/src/10.3/sql/sql_type.h:294
 
#9  0x0000560d4228dd0a in Datetime::Datetime (this=0x7f04b1b356a0, thd=0x7f04a0000b00, item=0x7f04a0016540, flags=33554433) at /data/src/10.3/sql/sql_type.h:369
 
#10 0x0000560d4228e93c in Item::val_datetime_packed (this=0x7f04a0016540) at /data/src/10.3/sql/item.h:1452
 
#11 0x0000560d426bef25 in Arg_comparator::compare_datetime (this=0x7f04a0015078) at /data/src/10.3/sql/item_cmpfunc.cc:736
 
#12 0x0000560d426d31e4 in Arg_comparator::compare (this=0x7f04a0015078) at /data/src/10.3/sql/item_cmpfunc.h:102
 
#13 0x0000560d426c22cd in Item_func_ne::val_int (this=0x7f04a0014fb8) at /data/src/10.3/sql/item_cmpfunc.cc:1749
 
#14 0x0000560d4257b26b in Type_handler::Item_send_long (this=0x560d43b04300 <type_handler_long>, item=0x7f04a0014fb8, protocol=0x7f04a00010e8, buf=0x7f04b1b35860) at /data/src/10.3/sql/sql_type.cc:5304
 
#15 0x0000560d4257f7a2 in Type_handler_long::Item_send (this=0x560d43b04300 <type_handler_long>, item=0x7f04a0014fb8, protocol=0x7f04a00010e8, buf=0x7f04b1b35860) at /data/src/10.3/sql/sql_type.h:2408
 
#16 0x0000560d4228e220 in Item::send (this=0x7f04a0014fb8, protocol=0x7f04a00010e8, buffer=0x7f04b1b35860) at /data/src/10.3/sql/item.h:828
 
#17 0x0000560d4228951e in Protocol::send_result_set_row (this=0x7f04a00010e8, row_items=0x7f04a0016478) at /data/src/10.3/sql/protocol.cc:986
 
#18 0x0000560d423306b0 in select_send::send_data (this=0x7f04a0015c10, items=...) at /data/src/10.3/sql/sql_class.cc:3042
 
#19 0x0000560d424142a9 in JOIN::rollup_send_data (this=0x7f04a0015c30, idx=0) at /data/src/10.3/sql/sql_select.cc:24671
 
#20 0x0000560d42409bc6 in end_send_group (join=0x7f04a0015c30, join_tab=0x0, end_of_records=true) at /data/src/10.3/sql/sql_select.cc:20560
 
#21 0x0000560d42405706 in do_select (join=0x7f04a0015c30, procedure=0x0) at /data/src/10.3/sql/sql_select.cc:18716
 
#22 0x0000560d423de958 in JOIN::exec_inner (this=0x7f04a0015c30) at /data/src/10.3/sql/sql_select.cc:3972
 
#23 0x0000560d423dddc4 in JOIN::exec (this=0x7f04a0015c30) at /data/src/10.3/sql/sql_select.cc:3766
 
#24 0x0000560d423df03a in mysql_select (thd=0x7f04a0000b00, tables=0x7f04a0015368, wild_num=0, fields=..., conds=0x0, og_num=1, order=0x0, group=0x7f04a0015ae8, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f04a0015c10, unit=0x7f04a0004980, select_lex=0x7f04a00050f8) at /data/src/10.3/sql/sql_select.cc:4171
 
#25 0x0000560d423d1323 in handle_select (thd=0x7f04a0000b00, lex=0x7f04a00048b8, result=0x7f04a0015c10, setup_tables_done_option=0) at /data/src/10.3/sql/sql_select.cc:382
 
#26 0x0000560d4239bd23 in execute_sqlcom_select (thd=0x7f04a0000b00, all_tables=0x7f04a0015368) at /data/src/10.3/sql/sql_parse.cc:6545
 
#27 0x0000560d423923bc in mysql_execute_command (thd=0x7f04a0000b00) at /data/src/10.3/sql/sql_parse.cc:3768
 
#28 0x0000560d4239fa05 in mysql_parse (thd=0x7f04a0000b00, rawbuf=0x7f04a0014ce8 "SELECT d != '2023-03-04' AS f, COUNT(*) FROM t1 GROUP BY d WITH ROLLUP", length=70, parser_state=0x7f04b1b375e0, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:8019
 
#29 0x0000560d4238ce47 in dispatch_command (command=COM_QUERY, thd=0x7f04a0000b00, packet=0x7f04a000b1f1 "", packet_length=70, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1846
 
#30 0x0000560d4238b86b in do_command (thd=0x7f04a0000b00) at /data/src/10.3/sql/sql_parse.cc:1391
 
#31 0x0000560d424f08a7 in do_handle_one_connection (connect=0x560d448f6e50) at /data/src/10.3/sql/sql_connect.cc:1402
 
#32 0x0000560d424f062b in handle_one_connection (arg=0x560d448f6e50) at /data/src/10.3/sql/sql_connect.cc:1308
 
#33 0x0000560d4297fe09 in pfs_spawn_thread (arg=0x560d4490a6f0) at /data/src/10.3/storage/perfschema/pfs.cc:1862
 
#34 0x00007f04b9667494 in start_thread (arg=0x7f04b1b38700) at pthread_create.c:333
 
#35 0x00007f04b7a4d93f in clone () from /lib/x86_64-linux-gnu/libc.so.6

The problem appeared in 10.3 tree with this commit:

commit 2ccd6716fc730b3ff5e1bc2f8dc08ac561db3cb4
 
Author: Monty
 
Date:   Thu Apr 26 16:33:05 2018 +0300
 
 
 
    Fix a lot of compiler warnings found by -Wunused



 Comments   
Comment by Michael Widenius [ 2018-05-15 ]

Problem was that I in a previous patch enabled ifdef:ed code intended for 10.3 but that never worked.
Reverted to original code

Generated at Thu Feb 08 08:26:54 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.