Bug #34799 | crash or/and memory overrun with dependant subquery and some joins | ||
---|---|---|---|
Submitted: | 25 Feb 2008 7:35 | Modified: | 20 Nov 2010 23:06 |
Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Optimizer | Severity: | S1 (Critical) |
Version: | 6.0.3-debug | OS: | Windows |
Assigned to: | Sergey Petrunya | CPU Architecture: | Any |
[25 Feb 2008 7:35]
Shane Bester
[25 Feb 2008 7:38]
MySQL Verification Team
testcase. try it multiple times with release binary, crash may occur. else check savemalloc errors from debug binary.
Attachment: bug34799_testcase.sql (application/unknown, text), 8.50 KiB.
[25 Feb 2008 7:58]
MySQL Verification Team
you might get a crash, with stack trace similar to this mysqld.exe!free mysqld.exe!st_join_table::cleanup mysqld.exe!JOIN::cleanup mysqld.exe!JOIN::join_free mysqld.exe!do_select mysqld.exe!JOIN::exec mysqld.exe!mysql_select mysqld.exe!handle_select mysqld.exe!execute_sqlcom_select mysqld.exe!mysql_execute_command mysqld.exe!mysql_parse mysqld.exe!dispatch_command mysqld.exe!do_command mysqld.exe!handle_one_connection mysqld.exe!pthread_start mysqld.exe!_threadstart
[25 Feb 2008 9:01]
Valeriy Kravchuk
Thank you for a bug report. Verified just as described. Non-debug binaries crashes at 10th attempt or so for me. Stack trace on Windows was weird enough: ntdll.dll!7c911e58() [Frames below may be incorrect and/or missing, no symbols loaded for ntdll.dll] ntdll.dll!7c918251() ntdll.dll!7c911c76() mysqld.exe!best_extension_by_limited_search(JOIN * join=, unsigned __int64 remaining_tables=, unsigned int idx=, double record_count=, double read_time=, unsigned int search_depth=, unsigned int prune_level=) Line 6443 + 0x24 bytes C++ mysqld.exe!JOIN::alloc_func_list() Line 17327 + 0x1d bytes C++ > mysqld.exe!_heap_alloc(unsigned int size=0) Line 212 C
[1 May 2008 8:47]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/46257 ChangeSet@1.2629, 2008-05-01 12:45:57+04:00, sergefp@mysql.com +3 -0 BUG#34799: crash or/and memory overrun with dependant subquery and some joins - make join_init_cache() take into account space occupied by table rowid when calculating join cache record length (the relationship with subqueries is that the rowid is used by semi-join duplicate elimination strategy)
[28 May 2008 10:01]
Bugs System
Pushed into 6.0.6-alpha
[30 May 2008 19:01]
Paul DuBois
Noted in 6.0.6 changelog. A server crash or memory overrun could occur with a dependent subquery and joins.
[16 Aug 2010 6:41]
Bugs System
Pushed into mysql-next-mr (revid:alik@sun.com-20100816062819-bluwgdq8q4xysmlg) (version source revid:alik@sun.com-20100816062612-enatdwnv809iw3s9) (pib:20)
[13 Nov 2010 16:16]
Bugs System
Pushed into mysql-trunk 5.6.99-m5 (revid:alexander.nozdrin@oracle.com-20101113155825-czmva9kg4n31anmu) (version source revid:vasil.dimov@oracle.com-20100629074804-359l9m9gniauxr94) (merge vers: 5.6.99-m4) (pib:21)
[20 Nov 2010 23:06]
Paul DuBois
Noted in 5.6.1 changelog.