[MDEV-25903] Server crashes in Explain_node::print_explain_for_children upon ANALYZE with nested SQ Created: 2021-06-12  Updated: 2023-04-27

Status: Open
Project: MariaDB Server
Component/s: Optimizer
Affects Version/s: 10.3, 10.4, 10.5, 10.6
Fix Version/s: 10.4, 10.5

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Sergei Petrunia
Resolution: Unresolved Votes: 2
Labels: None


 Description   

Unlike MDEV-18157, MDEV-23160 and MDEV-25564, this is not about UNION.

CREATE TABLE t1 (f INT PRIMARY KEY);
 
INSERT INTO t1 VALUES (1),(2);
 
CREATE VIEW v1 AS SELECT f FROM t1 GROUP BY f;
 
 
 
ANALYZE SELECT * FROM (SELECT DISTINCT f FROM v1 LIMIT 0) sq;
 
 
 
# Cleanup
 
DROP VIEW v1;
 
DROP TABLE t1;

10.3 75a65d32

 
#3  <signal handler called>
 
#4  0x0000561f9e3982f2 in Explain_node::print_explain_for_children (this=0x7f6ed40a5110, query=0x7f6ed40187d8, output=0x7f6ed4018ac0, explain_flags=0 '\000', is_analyze=true) at /data/src/10.3/sql/sql_explain.cc:640
 
#5  0x0000561f9e398b6c in Explain_select::print_explain (this=0x7f6ed40a5110, query=0x7f6ed40187d8, output=0x7f6ed4018ac0, explain_flags=0 '\000', is_analyze=true) at /data/src/10.3/sql/sql_explain.cc:824
 
#6  0x0000561f9e398319 in Explain_node::print_explain_for_children (this=0x7f6ed40a62e0, query=0x7f6ed40187d8, output=0x7f6ed4018ac0, explain_flags=0 '\000', is_analyze=true) at /data/src/10.3/sql/sql_explain.cc:640
 
#7  0x0000561f9e398b6c in Explain_select::print_explain (this=0x7f6ed40a62e0, query=0x7f6ed40187d8, output=0x7f6ed4018ac0, explain_flags=0 '\000', is_analyze=true) at /data/src/10.3/sql/sql_explain.cc:824
 
#8  0x0000561f9e39667b in Explain_query::print_explain (this=0x7f6ed40187d8, output=0x7f6ed4018ac0, explain_flags=0 '\000', is_analyze=true) at /data/src/10.3/sql/sql_explain.cc:208
 
#9  0x0000561f9e39653d in Explain_query::send_explain (this=0x7f6ed40187d8, thd=0x7f6ed4000d90) at /data/src/10.3/sql/sql_explain.cc:174
 
#10 0x0000561f9e1eb02e in execute_sqlcom_select (thd=0x7f6ed4000d90, all_tables=0x7f6ed4014178) at /data/src/10.3/sql/sql_parse.cc:6351
 
#11 0x0000561f9e1e1943 in mysql_execute_command (thd=0x7f6ed4000d90) at /data/src/10.3/sql/sql_parse.cc:3870
 
#12 0x0000561f9e1ef312 in mysql_parse (thd=0x7f6ed4000d90, rawbuf=0x7f6ed4012ae8 "ANALYZE SELECT * FROM (SELECT DISTINCT f FROM v1 LIMIT 0) sq", length=60, parser_state=0x7f6ee5dc2530, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:7870
 
#13 0x0000561f9e1db9cf in dispatch_command (command=COM_QUERY, thd=0x7f6ed4000d90, packet=0x7f6ed4008f41 "", packet_length=60, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1852
 
#14 0x0000561f9e1da36f in do_command (thd=0x7f6ed4000d90) at /data/src/10.3/sql/sql_parse.cc:1398
 
#15 0x0000561f9e35a2e0 in do_handle_one_connection (connect=0x561fa0368590) at /data/src/10.3/sql/sql_connect.cc:1403
 
#16 0x0000561f9e35a03c in handle_one_connection (arg=0x561fa0368590) at /data/src/10.3/sql/sql_connect.cc:1308
 
#17 0x0000561f9ed3004d in pfs_spawn_thread (arg=0x561fa034b5b0) at /data/src/10.3/storage/perfschema/pfs.cc:1869
 
#18 0x00007f6eec0af609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#19 0x00007f6eebfd6293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Reproducible on 10.3-10.6, debug- and non-debug alike, with at least MyISAM and InnoDB.
Not reproducible on 10.2.
Generated at Thu Feb 08 09:41:16 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.