[MDEV-4285] Server crashes in ptr_compare on NOW and CAST in ORDER BY Created: 2013-03-17  Updated: 2014-11-21  Resolved: 2014-11-21

Status: Closed
Project: MariaDB Server
Component/s: Optimizer
Affects Version/s: 10.0.1, 10.0
Fix Version/s: 10.0.15

Type: Bug Priority: Critical
Reporter: Elena Stepanova Assignee: Sergei Golubchik
Resolution: Fixed Votes: 0
Labels: upstream-fixed

Issue Links:
Blocks
is blocked by MDEV-3932 5.6 merge Closed
PartOf
is part of MDEV-5242 merge 5.6 bugfixes into 10.0 Open
Relates
relates to MDEV-7057 Track most important upstream bugs wh... Closed
relates to MDEV-7056 Upstream bug reports and test cases Closed

 Description   

Also reproducible on MySQL 5.6 and filed as http://bugs.mysql.com/bug.php?id=68694

CREATE TABLE t1 (pk INT PRIMARY KEY) ENGINE=MyISAM;
 
INSERT INTO t1 VALUES (1),(2),(3),(4),(5),(6),(7),(8),(9),(10);
 
SELECT * FROM t1 ORDER BY NOW(), CAST( pk AS CHAR(0) );
 

#3  <signal handler called>
 
#4  ptr_compare (compare_length=0x7f77c37dadf8, a=0x7f77b4024290, b=0x7f77b4107948) at 10.0/mysys/ptr_cmp.c:97
 
#5  0x0000000000d5f91f in my_qsort2 (base_ptr=0x7f77b4024268, count=10, size=8, cmp=0xd78fb6 <ptr_compare>, cmp_argument=0x7f77c37dadf8) at 10.0/mysys/mf_qsort.c:162
 
#6  0x0000000000973a72 in Filesort_buffer::sort_buffer (this=0x7f77c37dafa0, param=0x7f77c37daf20, count=10) at 10.0/sql/filesort_utils.cc:142
 
#7  0x00000000007e656b in Filesort_info::sort_buffer (this=0x7f77c37dafa0, param=0x7f77c37daf20, count=10) at 10.0/sql/table.h:329
 
#8  0x00000000007e4288 in save_index (param=0x7f77c37daf20, count=10, table_sort=0x7f77c37dafa0) at 10.0/sql/filesort.cc:1148
 
#9  0x00000000007e1c42 in filesort (thd=0x2661aa8, table=0x7f77b401d498, sortorder=0x7f77b4024020, s_length=1, select=0x7f77b4023df0, max_rows=18446744073709551615, sort_positions=false, examined_rows=0x7f77c37db4d0, found_rows=0x7f77c37db4d8) at 10.0/sql/filesort.cc:302
 
#10 0x0000000000679cb6 in create_sort_index (thd=0x2661aa8, join=0x7f77b4022a80, order=0x7f77b40fcfe0, filesort_limit=18446744073709551615, select_limit=18446744073709551615, is_order_by=true) at 10.0/sql/sql_select.cc:19220
 
#11 0x0000000000652574 in JOIN::exec_inner (this=0x7f77b4022a80) at 10.0/sql/sql_select.cc:2934
 
#12 0x000000000064fa1d in JOIN::exec (this=0x7f77b4022a80) at 10.0/sql/sql_select.cc:2255
 
#13 0x0000000000653058 in mysql_select (thd=0x2661aa8, rref_pointer_array=0x2664ed8, tables=0x7f77b4046060, wild_num=1, fields=..., conds=0x0, og_num=2, order=0x7f77b4048f70, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f77b40443f0, unit=0x2664530, select_lex=0x2664c28) at 10.0/sql/sql_select.cc:3192
 
#14 0x0000000000649851 in handle_select (thd=0x2661aa8, lex=0x2664478, result=0x7f77b40443f0, setup_tables_done_option=0) at 10.0/sql/sql_select.cc:363
 
#15 0x0000000000620ade in execute_sqlcom_select (thd=0x2661aa8, all_tables=0x7f77b4046060) at 10.0/sql/sql_parse.cc:5004
 
#16 0x00000000006190c9 in mysql_execute_command (thd=0x2661aa8) at 10.0/sql/sql_parse.cc:2472
 
#17 0x00000000006233b9 in mysql_parse (thd=0x2661aa8, rawbuf=0x7f77b4041c90 "SELECT * FROM t1 ORDER BY NOW(), CAST( pk AS CHAR(0) )", length=54, parser_state=0x7f77c37dc4e0) at 10.0/sql/sql_parse.cc:6124
 
#18 0x00000000006162bd in dispatch_command (command=COM_QUERY, thd=0x2661aa8, packet=0x2666d29 "SELECT * FROM t1 ORDER BY NOW(), CAST( pk AS CHAR(0) )", packet_length=54) at 10.0/sql/sql_parse.cc:1266
 
#19 0x0000000000615444 in do_command (thd=0x2661aa8) at 10.0/sql/sql_parse.cc:982
 
#20 0x000000000072a38d in do_handle_one_connection (thd_arg=0x2661aa8) at 10.0/sql/sql_connect.cc:1267
 
#21 0x0000000000729d5d in handle_one_connection (arg=0x2661aa8) at 10.0/sql/sql_connect.cc:1181
 
#22 0x0000000000afd752 in pfs_spawn_thread (arg=0x25f8258) at 10.0/storage/perfschema/pfs.cc:1800
 
#23 0x00007f77d5125e9a in start_thread (arg=0x7f77c37dd700) at pthread_create.c:308
 
#24 0x00007f77d4419cbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
 

revision-id: wlad@montyprogram.com-20130219194433-n0p9yx9hmqbcuh77
 
revno: 3503
 
branch-nick: 10.0

Reproducible with the default optimizer_switch as well as with all OFF values.
EXPLAIN (with the default optimizer_switch):

id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
 
1	SIMPLE	t1	index	NULL	PRIMARY	4	NULL	10	100.00	Using index; Using filesort
 
Warnings:
 
Note	1003	select `test`.`t1`.`pk` AS `pk` from `test`.`t1` order by now(),cast(`test`.`t1`.`pk` as char(0) charset latin1)



 Comments   
Comment by Elena Stepanova [ 2013-05-27 ]

The upstream bug is said to be fixed in 5.6.12, so the bugfix should make it to 10.0 eventually, with the merge. Thus, I'm reducing the priority.

Comment by Elena Stepanova [ 2014-11-09 ]

Still reproducible on the current 10.0 tree, revno 4471.
Since we don't merge non-InnoDB fixes automatically, I'm raising the priority.

Bugfix in 5.6 tree:

revno: 4961
 
revision-id: tor.didriksen@oracle.com-20130326140615-u4yve4nsx3nl5kkn
 
parent: marko.makela@oracle.com-20130326125541-yuqr5hxvt2pq5jrh
 
committer: Tor Didriksen <tor.didriksen@oracle.com>
 
branch nick: 5.6
 
timestamp: Tue 2013-03-26 15:06:15 +0100
 
message:
 
  Bug#16503160 SERVER CRASHES IN PTR_COMPARE ON NOW AND CAST IN ORDER BY
 
  
  Skip sorting of filesort buffer if sort_length == 0

Generated at Thu Feb 08 06:55:14 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.