[MDEV-16835] Server crash in Item_sum_hybrid::clear() Created: 2018-07-27  Updated: 2021-03-03  Resolved: 2019-05-05

Status: Closed
Project: MariaDB Server
Component/s: Optimizer - Window functions
Affects Version/s: 10.2, 10.3
Fix Version/s: N/A

Type: Bug Priority: Major
Reporter: Alice Sherepa Assignee: Varun Gupta (Inactive)
Resolution: Duplicate Votes: 0
Labels: None

Issue Links:
Duplicate
duplicates MDEV-14791 Crash with order by expression contai... Closed
Relates
relates to MDEV-14791 Crash with order by expression contai... Closed
relates to MDEV-24376 Server crashes after UPDATE with ORDE... Closed
relates to MDEV-25042 Server crashes after the 2.nd executi... Closed

 Description    

CREATE TABLE t1 (a int, b int, c int);
 
INSERT INTO t1 VALUES (2,3,207), (1,21,909), (7,13,312), (8,64,248);
 
 
 
SELECT * FROM t1 ORDER BY max(t1.a) over ();


 10.2 a12b8ac8e963
 
 
 
#4  0x000055c4394b5ab5 in Item_sum_hybrid::clear (this=0x7f8408012d88) at /git/10.2/sql/item_sum.cc:2066
 
#5  0x000055c43932bc3d in compute_window_func (thd=0x7f8408000b00, window_functions=..., cursor_managers=..., tbl=0x7f8408136658, filesort_result=0x7f8408138820) at /git/10.2/sql/sql_window.cc:2622
 
#6  0x000055c43932c068 in Window_func_runner::exec (this=0x7f8408015bf8, thd=0x7f8408000b00, tbl=0x7f8408136658, filesort_result=0x7f8408138820) at /git/10.2/sql/sql_window.cc:2742
 
#7  0x000055c43932c186 in Window_funcs_sort::exec (this=0x7f8408015bf0, join=0x7f8408013170, keep_filesort_result=false) at /git/10.2/sql/sql_window.cc:2767
 
#8  0x000055c43932c688 in Window_funcs_computation::exec (this=0x7f8408015bd0, join=0x7f8408013170, keep_last_filesort_result=false) at /git/10.2/sql/sql_window.cc:2893
 
#9  0x000055c4391e63b0 in AGGR_OP::end_send (this=0x7f8408015868) at /git/10.2/sql/sql_select.cc:26667
 
#10 0x000055c4391d14f7 in sub_select_postjoin_aggr (join=0x7f8408013170, join_tab=0x7f8408014ac8, end_of_records=true) at /git/10.2/sql/sql_select.cc:18477
 
#11 0x000055c4391d181b in sub_select (join=0x7f8408013170, join_tab=0x7f8408014718, end_of_records=true) at /git/10.2/sql/sql_select.cc:18713
 
#12 0x000055c4391d1033 in do_select (join=0x7f8408013170, procedure=0x0) at /git/10.2/sql/sql_select.cc:18308
 
#13 0x000055c4391aba59 in JOIN::exec_inner (this=0x7f8408013170) at /git/10.2/sql/sql_select.cc:3621
 
#14 0x000055c4391aaf08 in JOIN::exec (this=0x7f8408013170) at /git/10.2/sql/sql_select.cc:3416
 
#15 0x000055c4391ac0ca in mysql_select (thd=0x7f8408000b00, tables=0x7f8408012658, wild_num=1, fields=..., conds=0x0, og_num=1, order=0x7f8408013030, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f8408013150, unit=0x7f84080046e0, select_lex=0x7f8408004e18) at /git/10.2/sql/sql_select.cc:3816
 
#16 0x000055c4391a0388 in handle_select (thd=0x7f8408000b00, lex=0x7f8408004618, result=0x7f8408013150, setup_tables_done_option=0) at /git/10.2/sql/sql_select.cc:376
 
#17 0x000055c43916b9dd in execute_sqlcom_select (thd=0x7f8408000b00, all_tables=0x7f8408012658) at /git/10.2/sql/sql_parse.cc:6478
 
#18 0x000055c439161659 in mysql_execute_command (thd=0x7f8408000b00) at /git/10.2/sql/sql_parse.cc:3484
 
#19 0x000055c43916f869 in mysql_parse (thd=0x7f8408000b00, rawbuf=0x7f8408012448 "SELECT * FROM t1 ORDER BY max(t1.a) over ()", length=43, parser_state=0x7f84545f2080, is_com_multi=false, is_next_command=false) at /git/10.2/sql/sql_parse.cc:8012
 
#20 0x000055c43915ceca in dispatch_command (command=COM_QUERY, thd=0x7f8408000b00, packet=0x7f84080960f1 "", packet_length=43, is_com_multi=false, is_next_command=false) at /git/10.2/sql/sql_parse.cc:1824
 
#21 0x000055c43915b826 in do_command (thd=0x7f8408000b00) at /git/10.2/sql/sql_parse.cc:1378
 
#22 0x000055c4392ad8d6 in do_handle_one_connection (connect=0x55c43c262e40) at /git/10.2/sql/sql_connect.cc:1335
 
#23 0x000055c4392ad656 in handle_one_connection (arg=0x55c43c262e40) at /git/10.2/sql/sql_connect.cc:1241
 
#24 0x000055c439adc56a in pfs_spawn_thread (arg=0x55c43c1a95a0) at /git/10.2/storage/perfschema/pfs.cc:1862
 
#25 0x00007f8464c656ba in start_thread (arg=0x7f84545f3700) at pthread_create.c:333
 
#26 0x00007f84640fa41d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109



 Comments   
Comment by Varun Gupta (Inactive) [ 2018-12-13 ]

Should be fixed my MDEV-14791

Comment by sbester1 [ 2019-03-13 ] 

Version: '10.3.13-MariaDB'  socket: ''  port: 3306  mariadb.org binary distribution
 
190313 19:56:57 [ERROR] mysqld got exception 0xc0000005 ;
 
This could be because you hit a bug. It is also possible that this binary
 
or one of the libraries it was linked against is corrupt, improperly built,
 
or misconfigured. This error can also be caused by malfunctioning hardware.
 
 
 
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
 
 
 
We will try our best to scrape up some info that will hopefully help
 
diagnose the problem, but since we have already crashed,
 
something is definitely wrong and this may fail.
 
 
 
Server version: 10.3.13-MariaDB
 
key_buffer_size=134217728
 
read_buffer_size=131072
 
max_used_connections=5
 
max_threads=65537
 
thread_count=11
 
It is possible that mysqld could use up to
 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 136185 K  bytes of memory
 
Hope that's ok; if not, decrease some variables in the equation.
 
 
 
Thread pointer: 0x2181c848
 
Attempting backtrace. You can use the following information to find out
 
where mysqld died. If you see no messages after this, something went
 
terribly wrong...
 
mysqld.exe!Item_sum_hybrid::clear()[item_sum.cc:2307]
 
mysqld.exe!compute_window_func()[sql_window.cc:2806]
 
mysqld.exe!Window_func_runner::exec()[sql_window.cc:2933]
 
mysqld.exe!Window_funcs_sort::exec()[sql_window.cc:2957]
 
mysqld.exe!Window_funcs_computation::exec()[sql_window.cc:3083]
 
mysqld.exe!AGGR_OP::end_send()[sql_select.cc:27394]
 
mysqld.exe!sub_select_postjoin_aggr()[sql_select.cc:19112]
 
mysqld.exe!do_select()[sql_select.cc:18937]
 
mysqld.exe!JOIN::exec_inner()[sql_select.cc:4040]
 
mysqld.exe!JOIN::exec()[sql_select.cc:3835]
 
mysqld.exe!mysql_select()[sql_select.cc:4241]
 
mysqld.exe!handle_select()[sql_select.cc:373]
 
mysqld.exe!execute_sqlcom_select()[sql_parse.cc:6551]
 
mysqld.exe!mysql_execute_command()[sql_parse.cc:3772]
 
mysqld.exe!mysql_parse()[sql_parse.cc:8100]
 
mysqld.exe!dispatch_command()[sql_parse.cc:1856]
 
mysqld.exe!do_command()[sql_parse.cc:1395]
 
mysqld.exe!threadpool_process_request()[threadpool_common.cc:358]
 
mysqld.exe!tp_callback()[threadpool_common.cc:186]
 
ntdll.dll!RtlDllShutdownInProgress()
 
ntdll.dll!DbgUiRemoteBreakin()
 
kernel32.dll!BaseThreadInitThunk()
 
ntdll.dll!RtlUserThreadStart()
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x244b9fb0): select  * from  `t0041`  order by max(distinct   1  )  over()
 
Connection ID (thread ID): 16
 
Status: NOT_KILLED

Comment by Varun Gupta (Inactive) [ 2019-05-05 ]

Fixed after MDEV-14791

MariaDB [test]> SELECT a,b,c , max(t1.a) over () as d FROM t1 ORDER BY max(t1.a) over ();
 
+------+------+------+------+
 
| a    | b    | c    | d    |
 
+------+------+------+------+
 
|    2 |    3 |  207 |    8 |
 
|    1 |   21 |  909 |    8 |
 
|    7 |   13 |  312 |    8 |
 
|    8 |   64 |  248 |    8 |
 
+------+------+------+------+
 
4 rows in set (0.00 sec)

Generated at Thu Feb 08 08:31:54 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.