|
The testcase was simplified to not use table DDL; the same issue is present when actual tables are used.
The crash between dbg vs opt is slightly different as of the 4th frame:
SIGSEGV|st_select_lex_node::exclude_from_tree|st_select_lex_node::exclude|Item_subselect::eliminate_subselect_processor|Item_in_subselect::walk # opt
|
SIGSEGV|st_select_lex_node::exclude_from_tree|st_select_lex_node::exclude|Item_subselect::eliminate_subselect_processor|Item_subselect::walk # dbg
|
Testcase:
SELECT 1 WHERE 1 IN (SELECT 1 FROM (SELECT (SELECT 1 FROM (SELECT 1) AS v1) IN (SELECT 1 FROM (SELECT 1) AS v2) AS v3 FROM (SELECT 1) AS v4) AS v5 GROUP BY v3);
|
Leads to:
|
10.10.2 87e8463e0454a04c2bbaa38d44227c491fb07dc1 (Optimized)
|
Core was generated by `/test/MD200822-mariadb-10.10.2-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x0000565229b1291b in st_select_lex_node::exclude_from_tree (
|
this=this@entry=0x153e1c013298) at /test/10.10_opt/sql/sql_lex.cc:3225
|
3225 if ((*prev= next))
|
[Current thread is 1 (Thread 0x153e5dc56700 (LWP 110797))]
|
(gdb) bt
|
#0 0x0000565229b1291b in st_select_lex_node::exclude_from_tree (this=this@entry=0x153e1c013298) at /test/10.10_opt/sql/sql_lex.cc:3225
|
#1 0x0000565229b12996 in st_select_lex_node::exclude (this=0x153e1c013298) at /test/10.10_opt/sql/sql_lex.cc:3237
|
#2 0x0000565229e5984e in Item_subselect::eliminate_subselect_processor (this=0x153e1c013a98, arg=<optimized out>) at /test/10.10_opt/sql/item_subselect.cc:395
|
#3 0x0000565229e67c78 in Item_in_subselect::walk (this=0x153e1c01a368, processor=&virtual table offset 968, walk_subquery=false, arg=0x0) at /test/10.10_opt/sql/item_subselect.h:757
|
#4 0x0000565229a681ec in Item_args::walk_args (arg=0x0, walk_subquery=false, processor=<optimized out>, this=0x153e1c022520) at /test/10.10_opt/sql/item.h:2757
|
#5 Item_func_or_sum::walk (this=0x153e1c0224b0, processor=&virtual table offset 968, walk_subquery=false, arg=0x0) at /test/10.10_opt/sql/item.h:5445
|
#6 0x0000565229daf121 in Item_direct_view_ref::walk (this=0x153e1c024c90, processor=<optimized out>, walk_subquery=<optimized out>, arg=0x0) at /test/10.10_opt/sql/item.h:6052
|
#7 0x0000565229ba4f26 in remove_redundant_subquery_clauses (subq_select_lex=0x153e1c010fb0) at /test/10.10_opt/sql/sql_select.cc:818
|
#8 JOIN::prepare (this=0x153e1c01e730, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.10_opt/sql/sql_select.cc:1478
|
#9 0x0000565229e610e8 in subselect_single_select_engine::prepare (this=0x153e1c01cb38, thd=0x153e1c000c58) at /test/10.10_opt/sql/sql_lex.h:1367
|
#10 0x0000565229e60748 in Item_subselect::fix_fields (this=this@entry=0x153e1c01d4a0, thd_param=thd_param@entry=0x153e1c000c58, ref=ref@entry=0x153e1c01e310) at /test/10.10_opt/sql/item_subselect.cc:295
|
#11 0x0000565229e60ac9 in Item_in_subselect::fix_fields (this=0x153e1c01d4a0, thd_arg=0x153e1c000c58, ref=0x153e1c01e310) at /test/10.10_opt/sql/item_subselect.cc:3588
|
#12 0x0000565229ad7d5f in Item::fix_fields_if_needed (ref=0x153e1c01e310, thd=0x153e1c000c58, this=0x153e1c01d4a0) at /test/10.10_opt/sql/item.h:1142
|
#13 Item::fix_fields_if_needed (ref=0x153e1c01e310, thd=0x153e1c000c58, this=0x153e1c01d4a0) at /test/10.10_opt/sql/item.h:1142
|
#14 Item::fix_fields_if_needed_for_scalar (ref=0x153e1c01e310, thd=0x153e1c000c58, this=0x153e1c01d4a0) at /test/10.10_opt/sql/item.h:1148
|
#15 Item::fix_fields_if_needed_for_bool (ref=0x153e1c01e310, thd=0x153e1c000c58, this=0x153e1c01d4a0) at /test/10.10_opt/sql/item.h:1152
|
#16 setup_conds (thd=thd@entry=0x153e1c000c58, tables=tables@entry=0x0, leaves=@0x153e1c010c40: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x56522acc06b0 <end_of_list>, last = 0x153e1c010c40, elements = 0}, <No data fields>}, conds=conds@entry=0x153e1c01e310) at /test/10.10_opt/sql/sql_base.cc:8801
|
#17 0x0000565229ba40ea in setup_without_group (reserved=0x153e1c010de4, hidden_group_fields=0x153e1c01e1d7, win_funcs=@0x153e1c010e78: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x56522acc06b0 <end_of_list>, last = 0x153e1c010e78, elements = 0}, <No data fields>}, win_specs=@0x153e1c010e60: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x56522acc06b0 <end_of_list>, last = 0x153e1c010e60, elements = 0}, <No data fields>}, group=0x0, order=0x0, conds=0x153e1c01e310, all_fields=@0x153e1c01e228: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153e1c010f20, last = 0x153e1c010f20, elements = 1}, <No data fields>}, fields=@0x153e1c010cc8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153e1c010f20, last = 0x153e1c010f20, elements = 1}, <No data fields>}, leaves=@0x153e1c010c40: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x56522acc06b0 <end_of_list>, last = 0x153e1c010c40, elements = 0}, <No data fields>}, tables=0x0, ref_pointer_array=<optimized out>, thd=0x153e1c000c58) at /test/10.10_opt/sql/sql_select.cc:884
|
#18 JOIN::prepare (this=0x153e1c01de98, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=<optimized out>, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.10_opt/sql/sql_select.cc:1456
|
#19 0x0000565229bb654f in mysql_select (thd=0x153e1c000c58, tables=0x0, fields=@0x153e1c010cc8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153e1c010f20, last = 0x153e1c010f20, elements = 1}, <No data fields>}, conds=0x153e1c01d4a0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x153e1c01cc30, unit=0x153e1c004cd0, select_lex=0x153e1c010a28) at /test/10.10_opt/sql/sql_select.cc:5045
|
#20 0x0000565229bb67f7 in handle_select (thd=thd@entry=0x153e1c000c58, lex=lex@entry=0x153e1c004bf8, result=result@entry=0x153e1c01cc30, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.10_opt/sql/sql_select.cc:581
|
#21 0x0000565229b384f1 in execute_sqlcom_select (thd=0x153e1c000c58, all_tables=0x153e1c012b90) at /test/10.10_opt/sql/sql_parse.cc:6261
|
#22 0x0000565229b46138 in mysql_execute_command (thd=0x153e1c000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.10_opt/sql/sql_parse.cc:3945
|
#23 0x0000565229b336f5 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x153e1c000c58) at /test/10.10_opt/sql/sql_parse.cc:8035
|
#24 mysql_parse (thd=0x153e1c000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.10_opt/sql/sql_parse.cc:7957
|
#25 0x0000565229b3f20a in dispatch_command (command=COM_QUERY, thd=0x153e1c000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.10_opt/sql/sql_class.h:1339
|
#26 0x0000565229b41132 in do_command (thd=0x153e1c000c58, blocking=blocking@entry=true) at /test/10.10_opt/sql/sql_parse.cc:1407
|
#27 0x0000565229c593af in do_handle_one_connection (connect=<optimized out>, connect@entry=0x56522c3501c8, put_in_cache=put_in_cache@entry=true) at /test/10.10_opt/sql/sql_connect.cc:1418
|
#28 0x0000565229c5968d in handle_one_connection (arg=0x56522c3501c8) at /test/10.10_opt/sql/sql_connect.cc:1312
|
#29 0x0000153e76c9a609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#30 0x0000153e76886133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
|
10.10.2 87e8463e0454a04c2bbaa38d44227c491fb07dc1 (Debug)
|
Core was generated by `/test/MD200822-mariadb-10.10.2-linux-x86_64-dbg/bin/mysqld --no-defaults --core'.
|
Program terminated with signal SIGSEGV, Segmentation fault.
|
#0 0x000055cf3655bb75 in st_select_lex_node::exclude_from_tree (
|
this=this@entry=0x1538180167b8) at /test/10.10_dbg/sql/sql_lex.cc:3225
|
3225 if ((*prev= next))
|
[Current thread is 1 (Thread 0x15386200c700 (LWP 111085))]
|
(gdb) bt
|
#0 0x000055cf3655bb75 in st_select_lex_node::exclude_from_tree (this=this@entry=0x1538180167b8) at /test/10.10_dbg/sql/sql_lex.cc:3225
|
#1 0x000055cf3655bbed in st_select_lex_node::exclude (this=0x1538180167b8) at /test/10.10_dbg/sql/sql_lex.cc:3237
|
#2 0x000055cf3698964c in Item_subselect::eliminate_subselect_processor (this=0x153818016fb8, arg=<optimized out>) at /test/10.10_dbg/sql/item_subselect.cc:395
|
#3 0x000055cf36989b18 in Item_subselect::walk (this=0x153818016fb8, processor=<optimized out>, walk_subquery=<optimized out>, argument=0x0) at /test/10.10_dbg/sql/item_subselect.cc:782
|
#4 0x000055cf3699c5ce in Item_in_subselect::walk (this=0x15381801dbc8, processor=&virtual table offset 968, walk_subquery=false, arg=0x0) at /test/10.10_dbg/sql/item_subselect.h:757
|
#5 0x000055cf364903f9 in Item_args::walk_args (arg=0x0, walk_subquery=false, processor=<optimized out>, this=0x153818026020) at /test/10.10_dbg/sql/item.h:2757
|
#6 Item_func_or_sum::walk (this=0x153818025fb0, processor=<optimized out>, walk_subquery=false, arg=0x0) at /test/10.10_dbg/sql/item.h:5445
|
#7 0x000055cf368b42ca in Item_direct_view_ref::walk (this=0x153818028828, processor=&virtual Item::eliminate_subselect_processor(void*), walk_subquery=<optimized out>, arg=0x0) at /test/10.10_dbg/sql/item.h:6052
|
#8 0x000055cf3660864e in remove_redundant_subquery_clauses (subq_select_lex=0x1538180144d0) at /test/10.10_dbg/sql/sql_select.cc:818
|
#9 JOIN::prepare (this=0x153818022008, tables_init=<optimized out>, conds_init=<optimized out>, og_num=<optimized out>, order_init=<optimized out>, skip_order_by=skip_order_by@entry=false, group_init=<optimized out>, having_init=<optimized out>, proc_param_init=<optimized out>, select_lex_arg=<optimized out>, unit_arg=<optimized out>) at /test/10.10_dbg/sql/sql_select.cc:1478
|
#10 0x000055cf3698fe91 in subselect_single_select_engine::prepare (this=0x153818020398, thd=0x153818000db8) at /test/10.10_dbg/sql/sql_lex.h:1367
|
#11 0x000055cf3698f35f in Item_subselect::fix_fields (this=this@entry=0x153818020d70, thd_param=thd_param@entry=0x153818000db8, ref=ref@entry=0x153818021be8) at /test/10.10_dbg/sql/item_subselect.cc:295
|
#12 0x000055cf3698f7a4 in Item_in_subselect::fix_fields (this=0x153818020d70, thd_arg=0x153818000db8, ref=0x153818021be8) at /test/10.10_dbg/sql/item_subselect.cc:3588
|
#13 0x000055cf36510972 in Item::fix_fields_if_needed (ref=0x153818021be8, thd=0x153818000db8, this=0x153818020d70) at /test/10.10_dbg/sql/item.h:1152
|
#14 Item::fix_fields_if_needed_for_scalar (ref=0x153818021be8, thd=0x153818000db8, this=0x153818020d70) at /test/10.10_dbg/sql/item.h:1148
|
#15 Item::fix_fields_if_needed_for_bool (ref=0x153818021be8, thd=0x153818000db8, this=0x153818020d70) at /test/10.10_dbg/sql/item.h:1152
|
#16 setup_conds (thd=thd@entry=0x153818000db8, tables=tables@entry=0x0, leaves=@0x153818014160: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55cf37b5ac20 <end_of_list>, last = 0x153818014160, elements = 0}, <No data fields>}, conds=conds@entry=0x153818021be8) at /test/10.10_dbg/sql/sql_base.cc:8801
|
#17 0x000055cf36607f0f in setup_without_group (reserved=0x153818014304, hidden_group_fields=0x153818021aaf, win_funcs=@0x153818014398: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55cf37b5ac20 <end_of_list>, last = 0x153818014398, elements = 0}, <No data fields>}, win_specs=@0x153818014380: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55cf37b5ac20 <end_of_list>, last = 0x153818014380, elements = 0}, <No data fields>}, group=0x0, order=0x0, conds=0x153818021be8, all_fields=@0x153818021b00: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153818014440, last = 0x153818014440, elements = 1}, <No data fields>}, fields=@0x1538180141e8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153818014440, last = 0x153818014440, elements = 1}, <No data fields>}, leaves=@0x153818014160: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x55cf37b5ac20 <end_of_list>, last = 0x153818014160, elements = 0}, <No data fields>}, tables=0x0, ref_pointer_array=<optimized out>, thd=0x153818000db8) at /test/10.10_dbg/sql/sql_select.cc:884
|
#18 JOIN::prepare (this=this@entry=0x153818021768, tables_init=tables_init@entry=0x0, conds_init=conds_init@entry=0x153818020d70, og_num=og_num@entry=0, order_init=order_init@entry=0x0, skip_order_by=skip_order_by@entry=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x153818013f48, unit_arg=0x153818004ff0) at /test/10.10_dbg/sql/sql_select.cc:1456
|
#19 0x000055cf3661f184 in mysql_select (thd=thd@entry=0x153818000db8, tables=0x0, fields=@0x1538180141e8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153818014440, last = 0x153818014440, elements = 1}, <No data fields>}, conds=0x153818020d70, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164525824, result=0x153818020490, unit=0x153818004ff0, select_lex=0x153818013f48) at /test/10.10_dbg/sql/sql_select.cc:5045
|
#20 0x000055cf3661f3a2 in handle_select (thd=thd@entry=0x153818000db8, lex=lex@entry=0x153818004f18, result=result@entry=0x153818020490, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.10_dbg/sql/sql_select.cc:581
|
#21 0x000055cf365895a6 in execute_sqlcom_select (thd=thd@entry=0x153818000db8, all_tables=0x1538180160b0) at /test/10.10_dbg/sql/sql_parse.cc:6261
|
#22 0x000055cf365958c7 in mysql_execute_command (thd=thd@entry=0x153818000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.10_dbg/sql/sql_parse.cc:3945
|
#23 0x000055cf36583882 in mysql_parse (thd=thd@entry=0x153818000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x15386200b330) at /test/10.10_dbg/sql/sql_parse.cc:8035
|
#24 0x000055cf36590e6a in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x153818000db8, packet=packet@entry=0x15381800b6e9 "SELECT 1 WHERE 1 IN (SELECT 1 FROM (SELECT (SELECT 1 FROM (SELECT 1) AS v1) IN (SELECT 1 FROM (SELECT 1) AS v2) AS v3 FROM (SELECT 1) AS v4) AS v5 GROUP BY v3)", packet_length=packet_length@entry=159, blocking=blocking@entry=true) at /test/10.10_dbg/sql/sql_class.h:1339
|
#25 0x000055cf36593574 in do_command (thd=0x153818000db8, blocking=blocking@entry=true) at /test/10.10_dbg/sql/sql_parse.cc:1407
|
#26 0x000055cf366f51da in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55cf39046988, put_in_cache=put_in_cache@entry=true) at /test/10.10_dbg/sql/sql_connect.cc:1418
|
#27 0x000055cf366f56e3 in handle_one_connection (arg=0x55cf39046988) at /test/10.10_dbg/sql/sql_connect.cc:1312
|
#28 0x000015387b488609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#29 0x000015387b074133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
Bug confirmed present in:
MariaDB: 10.4.27 (dbg), 10.4.27 (opt), 10.5.18 (dbg), 10.5.18 (opt), 10.6.10 (dbg), 10.6.10 (opt), 10.7.6 (dbg), 10.7.6 (opt), 10.8.5 (dbg), 10.8.5 (opt), 10.9.2 (dbg), 10.9.2 (opt), 10.10.2 (dbg), 10.10.2 (opt), 10.11.0 (dbg), 10.11.0 (opt)
Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.3.37 (dbg), 10.3.37 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.38 (dbg), 5.7.38 (opt), 8.0.29 (dbg), 8.0.29 (opt)
|