[MDEV-23654] Assertion `args[0]->max_length <= ((9 * 9) + 2)' failed in Item_func_int_val::fix_length_and_dec_int_or_decimal Created: 2020-09-02  Updated: 2023-11-28

Status: Confirmed
Project: MariaDB Server
Component/s: Data types
Affects Version/s: 10.4, 10.5, 10.6, 10.7, 10.8, 10.9, 10.10, 10.11, 11.0, 11.1, 11.2
Fix Version/s: 10.4, 10.5, 10.6, 10.11, 11.0, 11.1

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Alexander Barkov
Resolution: Unresolved Votes: 0
Labels: crash


 Description    

SET collation_connection= utf32_unicode_520_ci;
 
SELECT CEIL(@f := (TIMESTAMP('2012-12-12 00:00:00.0000')) / 1);

10.4 0f080dd6

 
mysqld: /data/src/10.4/sql/item_func.cc:2179: void Item_func_int_val::fix_length_and_dec_int_or_decimal(): Assertion `args[0]->max_length <= ((9 * 9) + 2)' failed.
 
200903  0:10:58 [ERROR] mysqld got signal 6 ;
 
 
 
#7  0x00007f95ab775f12 in __GI___assert_fail (assertion=0x5623b0ac03f0 "args[0]->max_length <= ((9 * 9) + 2)", file=0x5623b0ac00b0 "/data/src/10.4/sql/item_func.cc", line=2179, function=0x5623b0ac1f20 <Item_func_int_val::fix_length_and_dec_int_or_decimal()::__PRETTY_FUNCTION__> "void Item_func_int_val::fix_length_and_dec_int_or_decimal()") at assert.c:101
 
#8  0x00005623affea530 in Item_func_int_val::fix_length_and_dec_int_or_decimal (this=0x7f9594013d60) at /data/src/10.4/sql/item_func.cc:2179
 
#9  0x00005623afe218be in Type_handler_decimal_result::Item_func_int_val_fix_length_and_dec (this=0x5623b13dac98 <type_handler_newdecimal>, item=0x7f9594013d60) at /data/src/10.4/sql/sql_type.cc:5919
 
#10 0x00005623affea7cb in Item_func_int_val::fix_length_and_dec (this=0x7f9594013d60) at /data/src/10.4/sql/item_func.cc:2256
 
#11 0x00005623affe2e09 in Item_func::fix_fields (this=0x7f9594013d60, thd=0x7f9594000af0, ref=0x7f9594013e38) at /data/src/10.4/sql/item_func.cc:370
 
#12 0x00005623afae763b in Item::fix_fields_if_needed (this=0x7f9594013d60, thd=0x7f9594000af0, ref=0x7f9594013e38) at /data/src/10.4/sql/item.h:960
 
#13 0x00005623afae7669 in Item::fix_fields_if_needed_for_scalar (this=0x7f9594013d60, thd=0x7f9594000af0, ref=0x7f9594013e38) at /data/src/10.4/sql/item.h:964
 
#14 0x00005623afb660bb in setup_fields (thd=0x7f9594000af0, ref_pointer_array=..., fields=..., column_usage=MARK_COLUMNS_READ, sum_func_list=0x7f9594014ad8, pre_fix=0x7f95940133d8, allow_sum_func=true) at /data/src/10.4/sql/sql_base.cc:7685
 
#15 0x00005623afc440cb in JOIN::prepare (this=0x7f95940147b8, tables_init=0x0, wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f9594013278, unit_arg=0x7f9594004a18) at /data/src/10.4/sql/sql_select.cc:1250
 
#16 0x00005623afc50dd5 in mysql_select (thd=0x7f9594000af0, tables=0x0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f9594014790, unit=0x7f9594004a18, select_lex=0x7f9594013278) at /data/src/10.4/sql/sql_select.cc:4658
 
#17 0x00005623afc40936 in handle_select (thd=0x7f9594000af0, lex=0x7f9594004958, result=0x7f9594014790, setup_tables_done_option=0) at /data/src/10.4/sql/sql_select.cc:422
 
#18 0x00005623afc070b8 in execute_sqlcom_select (thd=0x7f9594000af0, all_tables=0x0) at /data/src/10.4/sql/sql_parse.cc:6355
 
#19 0x00005623afbfd6ef in mysql_execute_command (thd=0x7f9594000af0) at /data/src/10.4/sql/sql_parse.cc:3889
 
#20 0x00005623afc0b065 in mysql_parse (thd=0x7f9594000af0, rawbuf=0x7f9594013198 "SELECT CEIL(@f := (TIMESTAMP('2012-12-12 00:00:00.0000')) / 1)", length=62, parser_state=0x7f95a591f570, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7896
 
#21 0x00005623afbf7599 in dispatch_command (command=COM_QUERY, thd=0x7f9594000af0, packet=0x7f95941364f1 "SELECT CEIL(@f := (TIMESTAMP('2012-12-12 00:00:00.0000')) / 1)", packet_length=62, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1835
 
#22 0x00005623afbf5d3b in do_command (thd=0x7f9594000af0) at /data/src/10.4/sql/sql_parse.cc:1353
 
#23 0x00005623afd7fd9c in do_handle_one_connection (connect=0x5623b279bcf0) at /data/src/10.4/sql/sql_connect.cc:1412
 
#24 0x00005623afd7faeb in handle_one_connection (arg=0x5623b279bcf0) at /data/src/10.4/sql/sql_connect.cc:1316
 
#25 0x00005623b0784995 in pfs_spawn_thread (arg=0x5623b27b7870) at /data/src/10.4/storage/perfschema/pfs.cc:1869
 
#26 0x00007f95ad6fe4a4 in start_thread (arg=0x7f95a5920700) at pthread_create.c:456
 
#27 0x00007f95ab832d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Reproducible on 10.4+.

The failure started happening on 10.4 after this commit:

commit 6a2ee9c8bbec437e7eb50b1a273a017cdefc6e15
 
Author: Alexander Barkov <bar@mariadb.com>
 
Date:   Mon Aug 3 13:56:10 2020 +0400
 
 
 
    MDEV-23032 FLOOR()/CEIL() incorrectly calculate the precision of a DECIMAL(M,D) column

but it could be just because the commit added the assertion. I have no information whether the underlying issue existed before (unless the assertion itself is wrong).

 Comments   
Comment by Alice Sherepa [ 2021-06-23 ]

test case with FLOOR:

 
 
CREATE TABLE t (i mediumint(60) );
 
INSERT INTO t VALUES (5);
 
 
 
SELECT floor(sum(avg(i)) over () ) FROM t;

Comment by Roel Van de Paar [ 2023-04-29 ]

I also ran into this one. Updated versions etc:

CREATE TABLE t (c DECIMAL(65,10));
 
SET SESSION div_precision_increment=65550;
 
SELECT CEILING (AVG(c)) FROM t;

Leads to:

11.1.0 2b61ff8f2221745f0a96855a0feb0825c426f993 (Debug)

 
mariadbd: /test/11.1_dbg/sql/item_func.cc:2287: void Item_func_int_val::fix_length_and_dec_int_or_decimal(): Assertion `args[0]->max_length <= ((9 * 9) + 2)' failed.

11.1.0 2b61ff8f2221745f0a96855a0feb0825c426f993 (Debug)

 
Core was generated by `/test/MD070423-mariadb-11.1.0-linux-x86_64-dbg/bin/mariadbd --no-defaults --cor'.
 
Program terminated with signal SIGABRT, Aborted.
 
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=22849092798016)
 
    at ./nptl/pthread_kill.c:44
 
[Current thread is 1 (Thread 0x14c7f80f4640 (LWP 486620))]
 
(gdb) bt
 
#0  __pthread_kill_implementation (no_tid=0, signo=6, threadid=22849092798016) at ./nptl/pthread_kill.c:44
 
#1  __pthread_kill_internal (signo=6, threadid=22849092798016) at ./nptl/pthread_kill.c:78
 
#2  __GI___pthread_kill (threadid=22849092798016, signo=signo@entry=6) at ./nptl/pthread_kill.c:89
 
#3  0x000014c81527d476 in __GI_raise (sig=sig@entry=6) at ../sysdeps/posix/raise.c:26
 
#4  0x000014c8152637f3 in __GI_abort () at ./stdlib/abort.c:79
 
#5  0x000014c81526371b in __assert_fail_base (fmt=0x14c815418150 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55dd2b911660 "args[0]->max_length <= ((9 * 9) + 2)", file=0x55dd2b90fec8 "/test/11.1_dbg/sql/item_func.cc", line=2287, function=<optimized out>) at ./assert/assert.c:92
 
#6  0x000014c815274e96 in __GI___assert_fail (assertion=0x55dd2b911660 "args[0]->max_length <= ((9 * 9) + 2)", file=0x55dd2b90fec8 "/test/11.1_dbg/sql/item_func.cc", line=2287, function=0x55dd2b9115f0 "void Item_func_int_val::fix_length_and_dec_int_or_decimal()") at ./assert/assert.c:101
 
#7  0x000055dd2afc228b in Item_func_int_val::fix_length_and_dec_int_or_decimal (this=0x14c7b8013a70) at /test/11.1_dbg/sql/item_func.cc:2287
 
#8  0x000055dd2ae52da2 in Type_handler_decimal_result::Item_func_int_val_fix_length_and_dec (this=<optimized out>, item=<optimized out>) at /test/11.1_dbg/sql/sql_type.cc:6482
 
#9  0x000055dd2afb1c67 in Item_func_int_val::fix_length_and_dec (this=0x14c7b8013a70, thd=<optimized out>) at /test/11.1_dbg/sql/item_func.cc:2354
 
#10 0x000055dd2afb54fd in Item_func::fix_fields (this=0x14c7b8013a70, thd=0x14c7b8000d58, ref=<optimized out>) at /test/11.1_dbg/sql/item_func.cc:362
 
#11 0x000055dd2abe9bcd in Item::fix_fields_if_needed (ref=0x14c7b8013b30, thd=0x14c7b8000d58, this=0x14c7b8013a70) at /test/11.1_dbg/sql/item.h:1147
 
#12 Item::fix_fields_if_needed_for_scalar (ref=0x14c7b8013b30, thd=0x14c7b8000d58, this=0x14c7b8013a70) at /test/11.1_dbg/sql/item.h:1156
 
#13 setup_fields (thd=0x14c7b8000d58, ref_pointer_array=<optimized out>, fields=<optimized out>, column_usage=<optimized out>, sum_func_list=sum_func_list@entry=0x14c7b8015040, pre_fix=0x14c7b80134f0, allow_sum_func=true) at /test/11.1_dbg/sql/sql_base.cc:8034
 
#14 0x000055dd2acd876c in JOIN::prepare (this=this@entry=0x14c7b8014c90, tables_init=tables_init@entry=0x14c7b8013ba8, conds_init=conds_init@entry=0x0, og_num=og_num@entry=0, order_init=order_init@entry=0x0, skip_order_by=skip_order_by@entry=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x14c7b8013218, unit_arg=0x14c7b8004fa0) at /test/11.1_dbg/sql/sql_select.cc:1489
 
#15 0x000055dd2acefe1d in mysql_select (thd=thd@entry=0x14c7b8000d58, tables=0x14c7b8013ba8, fields=@0x14c7b80134d8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x14c7b8013b28, last = 0x14c7b8013b28, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x14c7b8014c68, unit=0x14c7b8004fa0, select_lex=0x14c7b8013218) at /test/11.1_dbg/sql/sql_select.cc:5130
 
#16 0x000055dd2acf001e in handle_select (thd=thd@entry=0x14c7b8000d58, lex=lex@entry=0x14c7b8004ec8, result=result@entry=0x14c7b8014c68, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/11.1_dbg/sql/sql_select.cc:611
 
#17 0x000055dd2ac56314 in execute_sqlcom_select (thd=thd@entry=0x14c7b8000d58, all_tables=0x14c7b8013ba8) at /test/11.1_dbg/sql/sql_parse.cc:6024
 
#18 0x000055dd2ac61974 in mysql_execute_command (thd=thd@entry=0x14c7b8000d58, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/11.1_dbg/sql/sql_parse.cc:3944
 
#19 0x000055dd2ac67f05 in mysql_parse (thd=thd@entry=0x14c7b8000d58, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14c7f80f3230) at /test/11.1_dbg/sql/sql_parse.cc:7760
 
#20 0x000055dd2ac6a099 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14c7b8000d58, packet=packet@entry=0x14c7b800ae49 "SELECT CEILING (AVG(c)) FROM t", packet_length=packet_length@entry=30, blocking=blocking@entry=true) at /test/11.1_dbg/sql/sql_class.h:242
 
#21 0x000055dd2ac6bef5 in do_command (thd=0x14c7b8000d58, blocking=blocking@entry=true) at /test/11.1_dbg/sql/sql_parse.cc:1405
 
#22 0x000055dd2adbdcfc in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55dd2d038de8, put_in_cache=put_in_cache@entry=true) at /test/11.1_dbg/sql/sql_connect.cc:1416
 
#23 0x000055dd2adbdf5b in handle_one_connection (arg=0x55dd2d038de8) at /test/11.1_dbg/sql/sql_connect.cc:1318
 
#24 0x000014c8152cfb43 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
 
#25 0x000014c815361a00 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Bug confirmed present in:
MariaDB: 10.4.29 (dbg), 10.5.20 (dbg), 10.6.13 (dbg), 10.7.8 (dbg), 10.8.8 (dbg), 10.9.6 (dbg), 10.10.4 (dbg), 10.11.3 (dbg), 11.0.2 (dbg), 11.1.0 (dbg), 11.2.0 (dbg)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.4.29 (opt), 10.5.20 (opt), 10.6.13 (opt), 10.7.8 (opt), 10.8.8 (opt), 10.9.6 (opt), 10.10.4 (opt), 10.11.3 (opt), 11.0.2 (opt), 11.1.0 (opt), 11.2.0 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.40 (dbg), 5.7.40 (opt), 8.0.31 (dbg), 8.0.31 (opt)

Generated at Thu Feb 08 09:24:02 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.