[MDEV-5445] Server crashes in Item_func_like::fix_fields on LIKE ExtractValue(..) Created: 2013-12-13  Updated: 2013-12-17  Resolved: 2013-12-17

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: 10.0.6
Fix Version/s: 10.0.7

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Alexander Barkov
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Relates

 Description    

SELECT 'foo' LIKE ExtractValue( 'bar', 'qux' );
 

#3  <signal handler called>
 
#4  0x0000000000889fd7 in Item_func_like::fix_fields (this=0x7f636645f558, thd=0x7f636933d070, ref=0x7f636645f700) at 10.0/sql/item_cmpfunc.cc:5020
 
#5  0x000000000060f92b in setup_fields (thd=0x7f636933d070, ref_pointer_array=0x7f636645fd68, fields=..., mark_used_columns=MARK_COLUMNS_READ, sum_func_list=0x7f636645fb68, allow_sum_func=true) at 10.0/sql/sql_base.cc:7611
 
#6  0x0000000000697806 in JOIN::prepare (this=0x7f636645f830, rref_pointer_array=0x7f6369341688, tables_init=0x0, wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f6369341418, unit_arg=0x7f6369340d38) at 10.0/sql/sql_select.cc:774
 
#7  0x00000000006a0487 in mysql_select (thd=0x7f636933d070, rref_pointer_array=0x7f6369341688, tables=0x0, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7f636645f810, unit=0x7f6369340d38, select_lex=0x7f6369341418) at 10.0/sql/sql_select.cc:3270
 
#8  0x0000000000696c23 in handle_select (thd=0x7f636933d070, lex=0x7f6369340c78, result=0x7f636645f810, setup_tables_done_option=0) at 10.0/sql/sql_select.cc:371
 
#9  0x000000000066bd88 in execute_sqlcom_select (thd=0x7f636933d070, all_tables=0x0) at 10.0/sql/sql_parse.cc:5221
 
#10 0x0000000000664248 in mysql_execute_command (thd=0x7f636933d070) at 10.0/sql/sql_parse.cc:2552
 
#11 0x000000000066e508 in mysql_parse (thd=0x7f636933d070, rawbuf=0x7f636645f088 "SELECT 'foo' LIKE ExtractValue( 'bar', 'qux' )", length=46, parser_state=0x7f6370ce2630) at 10.0/sql/sql_parse.cc:6365
 
#12 0x000000000066144a in dispatch_command (command=COM_QUERY, thd=0x7f636933d070, packet=0x7f6367448071 "SELECT 'foo' LIKE ExtractValue( 'bar', 'qux' )", packet_length=46) at 10.0/sql/sql_parse.cc:1296
 
#13 0x00000000006607ec in do_command (thd=0x7f636933d070) at 10.0/sql/sql_parse.cc:993
 
#14 0x0000000000779735 in do_handle_one_connection (thd_arg=0x7f636933d070) at 10.0/sql/sql_connect.cc:1379
 
#15 0x0000000000779488 in handle_one_connection (arg=0x7f636933d070) at 10.0/sql/sql_connect.cc:1293
 
#16 0x0000000000a9a8a5 in pfs_spawn_thread (arg=0x7f6368613c10) at 10.0/storage/perfschema/pfs.cc:1853
 
#17 0x00007f6370a2fb50 in start_thread (arg=<optimized out>) at pthread_create.c:304
 
#18 0x00007f636f57ea7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
 

revision-id: bar@mnogosearch.org-20131213131810-eejuqpcvgcd8x41b
 
revno: 3945
 
branch-nick: 10.0-bug

Could not reproduce on MariaDB 5.5 or MySQL 5.5-5.6.

 Comments   
Comment by Alexander Barkov [ 2013-12-16 ]

The problem is also repeatable with non-XML functions:

SELECT 'a' LIKE REPEAT('',0);

Comment by Alexander Barkov [ 2013-12-16 ]

The problem was introduced by MDEV-4345.

Patch sent to Sanja for review.

Comment by Alexander Barkov [ 2013-12-17 ]

Fixed in 10.0-base and 10.0.

Generated at Thu Feb 08 07:04:26 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.