[#MDEV-30152] Crash bug on select related functions

10.4-07a06022c4e63adc360b42775934f35fa1df5a79
#0 Item_func_not::fix_fields (this=0x7f7554016350, thd=0x7f7554000c58, ref=0x0) at /home/dan/repos/mariadb-server-10.4/sql/item_cmpfunc.cc:6394
6394 rc= (*ref= new_item)->fix_fields(thd, ref);
[Current thread is 1 (Thread 0x7f75f49ff640 (LWP 210478))]
(gdb) bt full
#0 Item_func_not::fix_fields (this=0x7f7554016350, thd=0x7f7554000c58, ref=0x0) at /home/dan/repos/mariadb-server-10.4/sql/item_cmpfunc.cc:6394
backup = {_vptr$Query_arena = 0xf38e30 <vtable for Query_arena+16>, free_list = 0x89d1b7 <Item::cleanup_processor(void)+23>, mem_root = 0x8b3eb0 <Item::cleanup_excluding_immutables_processor(void)>, state = 6869395}
rc = true
arena = 0x0
new_item = 0x7f7554022190
#1 0x00000000006b7df3 in st_select_lex::pushdown_from_having_into_where (this=0x7f75540128f8, thd=0x7f7554000c58, having=0x0) at /home/dan/repos/mariadb-server-10.4/sql/sql_lex.cc:10429
save_curr_select = 0x7f75540128f8
it = {<base_list_iterator> = {list = 0x7f75540129d8, el = 0x7f7554022090, prev = <synthetic pointer>, current = <synthetic pointer>}, <No data fields>}
item = 0x7f7554016350
#2 0x00000000006f3875 in JOIN::optimize_inner (this=this@entry=0x7f7554016fb0) at /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:2114
trace_wrapper = {<Json_writer_struct> = {_vptr$Json_writer_struct = 0xf34ef8 <vtable for Json_writer_object+16>, my_writer = 0x0, context = {writer = 0x0}, closed = false}, <No data fields>}
trace_prepare = {<Json_writer_struct> = {_vptr$Json_writer_struct = 0xf34ef8 <vtable for Json_writer_object+16>, my_writer = 0x0, context = {writer = 0x0}, closed = false}, <No data fields>}
trace_steps = {<Json_writer_struct> = {_vptr$Json_writer_struct = 0xf34f70 <vtable for Json_writer_array+16>, my_writer = 0x0, context = {writer = 0x0}, closed = false}, <No data fields>}
eq_list = {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x16bc7a0 <end_of_list>, last = 0x7f75f49fda90, elements = 0}, <No data fields>}
sel = 0x7f75540128f8
ignore_on_expr = <optimized out>
#3 0x00000000006f1674 in JOIN::optimize (this=this@entry=0x7f7554016fb0) at /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:1685
res = 0
init_state = 1409426230
#4 0x00000000006ec42d in mysql_select (thd=thd@entry=0x7f7554000c58, tables=<optimized out>, wild_num=<optimized out>, fields=@0x7f7554012a40: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x7f7554012e18, last = 0x7f7554012e18, elements = 1}, <No data fields>}, conds=<optimized out>, og_num=<optimized out>, order=<optimized out>, group=<optimized out>, having=<optimized out>, proc_param=<optimized out>, select_options=<optimized out>, result=<optimized out>, unit=<optimized out>, select_lex=<optimized out>) at /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:4781
err = <optimized out>
free_join = true
join = 0x7f7554016fb0
#5 0x00000000006ec316 in handle_select (thd=thd@entry=0x7f7554000c58, lex=lex@entry=0x7f7554004910, result=result@entry=0x7f7554016f88, setup_tables_done_option=setup_tables_done_option@entry=0) at /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:437
unit = 0x7f75540049d0
select_lex = 0x7f75540128f8
res = <optimized out>
#6 0x00000000006cdb42 in execute_sqlcom_select (thd=thd@entry=0x7f7554000c58, all_tables=0x7f7554012e60) at /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:6452
save_protocol = 0x0
lex = 0x7f7554004910
result = 0x7f7554016f88
res = <optimized out>
#7 0x00000000006c8050 in mysql_execute_command (thd=thd@entry=0x7f7554000c58) at /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:3966
privileges_requested = <optimized out>
ots = {ctx = 0x7f75540045f8, traceable = false}
trace_command = {<Json_writer_struct> = {_vptr$Json_writer_struct = 0xf34ef8 <vtable for Json_writer_object+16>, my_writer = 0x0, context = {writer = 0x0}, closed = false}, <No data fields>}
trace_command_steps = {<Json_writer_struct> = {_vptr$Json_writer_struct = 0xf34f70 <vtable for Json_writer_array+16>, my_writer = 0x0, context = {writer = 0x0}, closed = false}, <No data fields>}
res = 0
up_result = 0
lex = 0x7f7554004910
select_lex = <optimized out>
first_table = 0x7f7554012e60
unit = 0x7f75540049d0
have_table_map_for_update = <optimized out>
all_tables = 0x7f7554000c58
orig_binlog_format = <optimized out>
orig_current_stmt_binlog_format = <optimized out>
rpl_filter = <optimized out>
error = <optimized out>
wsrep_error_label = <optimized out>
#8 0x00000000006c4381 in mysql_parse (thd=thd@entry=0x7f7554000c58, rawbuf=0x7f7554012760 "SELECT 59 FROM v0 GROUP BY v1 , v1 HAVING ( ( SELECT 45 FROM v0 WHERE v1 IS NULL AND v1 IN ( v1 NOT LIKE v1 , 'x' ) ) AND v1 < 52 OR v1 > -128 AND NOT v1 )", length=<optimized out>, parser_state=parser_state@entry=0x7f75f49fe5f0, is_com_multi=false, is_next_command=false) at /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:7984
found_semicolon = <optimized out>
error = <optimized out>
lex = 0x7f7554004910
err = false
#9 0x00000000006c26ce in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7f7554000c58, packet=packet@entry=0x7f7554007d59 "SELECT 59 FROM v0 GROUP BY v1 , v1 HAVING ( ( SELECT 45 FROM v0 WHERE v1 IS NULL AND v1 IN ( v1 NOT LIKE v1 , 'x' ) ) AND v1 < 52 OR v1 > -128 AND NOT v1 )", packet_length=packet_length@entry=155, is_com_multi=false, is_next_command=false) at /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:1857
parser_state = {m_lip = {lookahead_token = -1, lookahead_yylval = 0x0, m_thd = 0x7f7554000c58, m_ptr = 0x7f75540127fc "\004", m_tok_start = 0x7f75540127fc "\004", m_tok_end = 0x7f75540127fc "\004", m_end_of_query = 0x7f75540127fb "", m_tok_start_prev = 0x7f75540127fb "", m_buf = 0x7f7554012760 "SELECT 59 FROM v0 GROUP BY v1 , v1 HAVING ( ( SELECT 45 FROM v0 WHERE v1 IS NULL AND v1 IN ( v1 NOT LIKE v1 , 'x' ) ) AND v1 < 52 OR v1 > -128 AND NOT v1 )", m_buf_length = 155, m_echo = true, m_echo_saved = 101, m_cpp_buf = 0x7f7554012858 "SELECT 59 FROM v0 GROUP BY v1 , v1 HAVING ( ( SELECT 45 FROM v0 WHERE v1 IS NULL AND v1 IN ( v1 NOT LIKE v1 , 'x' ) ) AND v1 < 52 OR v1 > -128 AND NOT v1 )", m_cpp_ptr = 0x7f75540128f3 "", m_cpp_tok_start = 0x7f75540128f3 "", m_cpp_tok_start_prev = 0x7f75540128f3 "", m_cpp_tok_end = 0x7f75540128f3 "", m_body_utf8 = 0x0, m_body_utf8_ptr = 0x0, m_cpp_utf8_processed_ptr = 0x0, next_state = MY_LEX_END, found_semicolon = 0x0, ignore_space = false, stmt_prepare_mode = false, multi_statements = true, yylineno = 1, m_digest = 0x0, in_comment = NO_COMMENT, in_comment_saved = NO_COMMENT, m_cpp_text_start = 0x7f75540128ef "v1 )", m_cpp_text_end = 0x7f75540128f1 " )", m_underscore_cs = 0x0}, m_yacc = {yacc_yyss = 0x0, yacc_yyvs = 0x0, m_set_signal_info = {m_item = {0x0 <repeats 12 times>}}, m_lock_type = TL_READ_DEFAULT, m_mdl_type = MDL_SHARED_READ}, m_digest_psi = 0x0}
packet_end = <optimized out>
net = <optimized out>
error = false
do_end_of_statement = true
drop_more_results = <optimized out>
#10 0x00000000006c4804 in do_command (thd=0x7f7554000c58) at /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:1378
packet = <optimized out>
net = 0x7f7554000f00
packet_length = <optimized out>
command = COM_QUERY
return_value = <optimized out>
#11 0x00000000007a81e9 in do_handle_one_connection (connect=<optimized out>) at /home/dan/repos/mariadb-server-10.4/sql/sql_connect.cc:1419
create_user = true
thr_create_utime = <optimized out>
thd = 0x7f75540223d0
#12 0x00000000007a8023 in handle_one_connection (arg=0x29804e8) at /home/dan/repos/mariadb-server-10.4/sql/sql_connect.cc:1323
connect = 0x29804e8
#13 0x00007f75f6c8cded in start_thread () from /lib64/libc.so.6
No symbol table info available.
#14 0x00007f75f6d12370 in clone3 () from /lib64/libc.so.6
No symbol table info available.

[MDEV-30152] Crash bug on select related functions Created: 2022-12-04 Updated: 2023-01-26 Resolved: 2023-01-26
Status:	Closed
Project:	MariaDB Server
Component/s:	Server
Affects Version/s:	10.4.27, 10.11.1
Fix Version/s:	N/A

[MDEV-30152] Crash bug on select related functions Created: 2022-12-04 Updated: 2023-01-26 Resolved: 2023-01-26