[MDEV-2195] LP:802860 - Crash/valgrind warning in JOIN_CACHE::write_record_data with semijoin=on Created: 2011-06-28  Updated: 2015-02-02  Resolved: 2012-10-04

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Bug Priority: Critical
Reporter: Philip Stoev (Inactive) Assignee: Igor Babaev
Resolution: Fixed Votes: 0
Labels: Launchpad

Attachments: XML File LPexportBug802860.xml    

 Description   

Repeatable with maria-5.3 , maria-5.3-subqueries-mwl90.

backtrace:

#3 <signal handler called>
#4 0x00000000006f0a4d in JOIN_CACHE::write_record_data (this=0x855bd88, link=0x0, is_full=0x41681217) at sql_join_cache.cc:1391
#5 0x00000000006f0fef in JOIN_CACHE::put_record (this=0x855bd88) at sql_join_cache.cc:1500
#6 0x00000000007338a8 in sub_select_cache (join=0x8552980, join_tab=0x855b4c0, end_of_records=false) at sql_select.cc:14698
#7 0x000000000072a2c6 in evaluate_join_record (join=0x8552980, join_tab=0x855b1a8, error=0) at sql_select.cc:15099
#8 0x0000000000733560 in sub_select (join=0x8552980, join_tab=0x855b1a8, end_of_records=false) at sql_select.cc:14904
#9 0x0000000000734894 in do_select (join=0x8552980, fields=0x8498b00, table=0x0, procedure=0x0) at sql_select.cc:14569
#10 0x0000000000754016 in JOIN::exec (this=0x8552980) at sql_select.cc:2665
#11 0x000000000074df6e in mysql_select (thd=0x8496098, rref_pointer_array=0x8498c18, tables=0x851d4a0, wild_num=1, fields=..., conds=0x8551550, og_num=0,
order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147764736, result=0x851dc20, unit=0x8498510, select_lex=0x84989f8)
at sql_select.cc:2886
#12 0x0000000000754348 in handle_select (thd=0x8496098, lex=0x8498470, result=0x851dc20, setup_tables_done_option=0) at sql_select.cc:283
#13 0x00000000006a1744 in execute_sqlcom_select (thd=0x8496098, all_tables=0x851d4a0) at sql_parse.cc:5082
#14 0x00000000006a33f7 in mysql_execute_command (thd=0x8496098) at sql_parse.cc:2227
#15 0x00000000006ac18f in mysql_parse (thd=0x8496098,
rawbuf=0x851bc40 "SELECT *\nFROM ( \nSELECT DISTINCT *\nFROM t1\n) AS alias1\nWHERE alias1.f1 = ANY (\nSELECT t2.f1 FROM t2\n)", length=101,
found_semicolon=0x41682f08) at sql_parse.cc:6083
#16 0x00000000006ad027 in dispatch_command (command=COM_QUERY, thd=0x8496098, packet=0x85128c9 "", packet_length=103) at sql_parse.cc:1206
#17 0x00000000006ae635 in do_command (thd=0x8496098) at sql_parse.cc:904
#18 0x00000000006990eb in handle_one_connection (arg=0x8496098) at sql_connect.cc:1178
#19 0x00000033b600673d in start_thread () from /lib64/libpthread.so.0
#20 0x00000033b58d40cd in clone () from /lib64/libc.so.6

optimizer switch in effect:

index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=off,loosescan=off,materialization=off,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=on,mrr_cost_based=off,mrr_sort_keys=on,outer_join_with_cache=off,semijoin_with_cache=off,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on

explain:

id select_type table type possible_keys key key_len ref rows Extra
1 PRIMARY <derived2> ALL key0 NULL NULL NULL 2 Start temporary
1 PRIMARY t2 ALL NULL NULL NULL NULL 2 Using where; End temporary; Using join buffer (flat, BNL join)
2 DERIVED t1 ALL NULL NULL NULL NULL 2 Using temporary

test case:

SET SESSION optimizer_switch='semijoin=on,materialization=off,firstmatch=off,loosescan=off';
SET SESSION join_cache_level = 1;

CREATE TABLE t2 ( f1 int) ;
INSERT IGNORE INTO t2 VALUES (0),(0);

CREATE TABLE t1 ( f1 int) ;
INSERT IGNORE INTO t1 VALUES (0),(0);

SELECT *
FROM (
SELECT DISTINCT *
FROM t1
) AS alias1
WHERE alias1.f1 = ANY (
SELECT t2.f1 FROM t2
) ;

bzr version-info:

revision-id: <email address hidden>
date: 2011-06-28 11:11:26 +0400
build-date: 2011-06-28 11:03:34 +0300
revno: 3066
branch-nick: maria-5.3

 Comments   
Comment by Philip Stoev (Inactive) [ 2011-06-28 ]

Re: Crash/valgrind warning in JOIN_CACHE::write_record_data with semijoin=on
If it does not crash, look for valgrind warning:

==8349== Thread 4:
==8349== Invalid read of size 1
==8349== at 0x6F0A4D: JOIN_CACHE::write_record_data(unsigned char*, bool*) (sql_join_cache.cc:1391)
==8349== by 0x6F0FEE: JOIN_CACHE::put_record() (sql_join_cache.cc:1500)
==8349== by 0x7338A7: sub_select_cache(JOIN*, st_join_table*, bool) (sql_select.cc:14698)
==8349== by 0x72A2C5: evaluate_join_record(JOIN*, st_join_table*, int) (sql_select.cc:15099)
==8349== by 0x73355F: sub_select(JOIN*, st_join_table*, bool) (sql_select.cc:14904)
==8349== by 0x734893: do_select(JOIN*, List<Item>, st_table, Procedure*) (sql_select.cc:14569)
==8349== by 0x754015: JOIN::exec() (sql_select.cc:2665)
==8349== by 0x74DF6D: mysql_select(THD*, Item**, TABLE_LIST, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsi
gned long long, select_result*, st_select_lex_unit*, st_select_lex*) (sql_select.cc:2886)
==8349== by 0x754347: handle_select(THD*, st_lex*, select_result*, unsigned long) (sql_select.cc:283)
==8349== by 0x6A1743: execute_sqlcom_select(THD*, TABLE_LIST*) (sql_parse.cc:5082)
==8349== by 0x6A33F6: mysql_execute_command(THD*) (sql_parse.cc:2227)
==8349== by 0x6AC18E: mysql_parse(THD*, char*, unsigned int, char const**) (sql_parse.cc:6083)
==8349== by 0x6AD026: dispatch_command(enum_server_command, THD*, char*, unsigned int) (sql_parse.cc:1206)
==8349== by 0x6AE634: do_command(THD*) (sql_parse.cc:904)
==8349== by 0x6990EA: handle_one_connection (sql_connect.cc:1178)
==8349== by 0x33B600673C: start_thread (in /lib64/libpthread-2.5.so)
==8349== Address 0x0 is not stack'd, malloc'd or (recently) free'd

Comment by Philip Stoev (Inactive) [ 2011-06-28 ]

Re: Crash/valgrind warning in JOIN_CACHE::write_record_data with semijoin=on
NOT reproducible with maria-5.3 before wl106

bzr version-info
revision-id: psergey@askmonty.org-20110615134018-5g5jbhqhce43onz4
date: 2011-06-15 17:40:18 +0400
build-date: 2011-06-28 11:20:50 +0300
revno: 3048
branch-nick: maria-5.3-noviews

so I am assigning this to Igor

Comment by Rasmus Johansson (Inactive) [ 2011-12-13 ]

Launchpad bug id: 802860

Generated at Thu Feb 08 06:40:13 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.