[#MDEV-33139] Segmentation fault at /mariadb-11.3.0/sql/sql_select.cc:7667

[MDEV-33139] Segmentation fault at /mariadb-11.3.0/sql/sql_select.cc:7667 Created: 2023-12-29 Updated: 2023-12-29
Status:	Confirmed
Project:	MariaDB Server
Component/s:	Optimizer
Affects Version/s:	10.4, 10.5, 10.6, 10.11, 11.0, 11.1, 11.2, 11.3.0
Fix Version/s:	10.4, 10.5, 10.6, 10.11, 11.0, 11.1, 11.2, 11.3

Type:

Bug

Priority:

Major

Reporter:

Xin Wen

Assignee:

Sergei Petrunia

Resolution:

Unresolved

Votes:

0

Labels:

None

Environment:

Ubuntu 20.04

Issue Links:

Relates
relates to	~~MDEV-28901~~	SIGSEGV in optimize_keyuse on INSERT	Closed

Description

Run these queries in debug build:

CREATE TABLE v0 ( v1 INT UNIQUE ) ;
INSERT INTO v0 ( v1 ) VALUES ( ( SELECT 1 FROM ( SELECT v1 FROM v0 GROUP BY v1 ) AS v6 NATURAL JOIN v0 AS v2 NATURAL JOIN v0 AS v4 NATURAL JOIN v0 AS v3 NATURAL JOIN ( SELECT v1 FROM v0 ) AS v7 ) ) ;

Will trigger Segmentation fault.
GDB info:
#0 0x00005555572f3e53 in optimize_keyuse (join=0x62900012e928, keyuse_array=0x62900012ec90)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:7667
#1 0x000055555793d67c in JOIN::add_keyuses_for_splitting (this=0x62900012e928) at /home/wx/mariadb-11.3.0/sql/opt_split.cc:847
#2 0x000055555793daee in st_join_table::add_keyuses_for_splitting (this=0x62d00000a4a8) at /home/wx/mariadb-11.3.0/sql/opt_split.cc:874
#3 0x00005555572e509c in make_join_statistics (join=0x62900012e228, tables_list=..., keyuse_array=0x62900012e590)
at /home/wx/mariadb-11.3.0/sql/sql_select.cc:6020
#4 0x00005555572c2c36 in JOIN::optimize_inner (this=0x62900012e228) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:2624
#5 0x00005555572bbba6 in JOIN::optimize (this=0x62900012e228) at /home/wx/mariadb-11.3.0/sql/sql_select.cc:1944
#6 0x0000555557143851 in st_select_lex::optimize_unflattened_subqueries (this=0x6290000f5d80, const_only=false)
at /home/wx/mariadb-11.3.0/sql/sql_lex.cc:4916
#7 0x00005555570f2cc5 in mysql_insert (thd=0x62c0001d0288, table_list=0x6290000f5508, fields=..., values_list=..., update_fields=...,
update_values=..., duplic=DUP_ERROR, ignore=false, result=0x0) at /home/wx/mariadb-11.3.0/sql/sql_insert.cc:875
#8 0x00005555571c1ecb in mysql_execute_command (thd=0x62c0001d0288, is_called_from_prepared_stmt=false)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:4417
#9 0x00005555571d95e2 in mysql_parse (thd=0x62c0001d0288,
rawbuf=0x6290000f52a8 "INSERT INTO v0 ( v1 ) VALUES ( ( SELECT 1 FROM ( SELECT v1 FROM v0 GROUP BY v1 ) AS v6 NATURAL JOIN v0 AS v2 NATURAL JOIN v0 AS v4 NATURAL JOIN v0 AS v3 NATURAL JOIN ( SELECT v1 FROM v0 ) AS v7 ) )", length=197, parser_state=0x7fffe33c0870)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:7734
#10 0x00005555571b1237 in dispatch_command (command=COM_QUERY, thd=0x62c0001d0288,
packet=0x6290000eb289 "INSERT INTO v0 ( v1 ) VALUES ( ( SELECT 1 FROM ( SELECT v1 FROM v0 GROUP BY v1 ) AS v6 NATURAL JOIN v0 AS v2 NATURAL JOIN v0 AS v4 NATURAL JOIN v0 AS v3 NATURAL JOIN ( SELECT v1 FROM v0 ) AS v7 ) )", packet_length=197, blocking=true)
at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1893
#11 0x00005555571adf7c in do_command (thd=0x62c0001d0288, blocking=true) at /home/wx/mariadb-11.3.0/sql/sql_parse.cc:1406
#12 0x000055555768e557 in do_handle_one_connection (connect=0x61100004df08, put_in_cache=true)
at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1445
#13 0x000055555768deb4 in handle_one_connection (arg=0x61100004df08) at /home/wx/mariadb-11.3.0/sql/sql_connect.cc:1347
#14 0x00005555582fa350 in pfs_spawn_thread (arg=0x618000005108) at /home/wx/mariadb-11.3.0/storage/perfschema/pfs.cc:2201
#15 0x00007ffff7115609 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#16 0x00007ffff6ce8133 in clone () from /lib/x86_64-linux-gnu/libc.so.6

Comments

Comment by Alice Sherepa [ 2023-12-29 ]

Thanks! I repeated as described on 10.4-11.3 with InnoDB, not Myisam/Aria

231229 11:39:32 [ERROR] mysqld got signal 11 ;

Server version: 10.4.33-MariaDB-debug-log source revision: 1b747ffd05dd524f8d43b35a2b583dc4c00d767b

sql/signal_handler.cc:235(handle_fatal_signal)[0x5619400c817f]

sigaction.c:0(__restore_rt)[0x7f25bcbb9420]

sql/sql_select.cc:7139(optimize_keyuse(JOIN*, st_dynamic_array*))[0x56193f9f4faa]

sql/opt_split.cc:837(JOIN::add_keyuses_for_splitting())[0x56193fefb3c9]

sql/opt_split.cc:863(st_join_table::add_keyuses_for_splitting())[0x56193fefb83e]

sql/sql_select.cc:5569(make_join_statistics(JOIN*, List<TABLE_LIST>&, st_dynamic_array*))[0x56193f9e669a]

sql/sql_select.cc:2388(JOIN::optimize_inner())[0x56193f9c5897]

sql/sql_select.cc:1731(JOIN::optimize())[0x56193f9be8ad]

sql/sql_lex.cc:4344(st_select_lex::optimize_unflattened_subqueries(bool))[0x56193f88f888]

sql/sql_insert.cc:826(mysql_insert(THD*, TABLE_LIST*, List<Item>&, List<List<Item> >&, List<Item>&, List<Item>&, enum_duplicates, bool))[0x56193f84640c]

sql/sql_parse.cc:4617(mysql_execute_command(THD*))[0x56193f9085a6]

sql/sql_parse.cc:8062(mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool))[0x56193f92087f]

sql/sql_parse.cc:1860(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool))[0x56193f8f6a2b]

sql/sql_parse.cc:1378(do_command(THD*))[0x56193f8f3556]

sql/sql_connect.cc:1419(do_handle_one_connection(CONNECT*))[0x56193fd085cc]

sql/sql_connect.cc:1324(handle_one_connection)[0x56193fd07e70]

perfschema/pfs.cc:1871(pfs_spawn_thread)[0x5619409a60d4]

nptl/pthread_create.c:478(start_thread)[0x7f25bcbad609]

Query (0x62b0000a1290): INSERT INTO v0 ( v1 ) VALUES ( ( SELECT 1 FROM ( SELECT v1 FROM v0 GROUP BY v1 ) AS v6 NATURAL JOIN v0 AS v2 NATURAL JOIN v0 AS v4 NATURAL JOIN v0 AS v3 NATURAL JOIN ( SELECT v1 FROM v0 ) AS v7 ) )

Generated at Thu Feb 08 10:36:41 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.