Bug #107660 Assertion in val_decimal() failed in MySQL 8.0.29
Submitted: 26 Jun 2022 5:06 Modified: 26 Jun 2022 15:48
Reporter: Wang Ke Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Optimizer Severity:S6 (Debug Builds)
Version:8.0.29 OS:Any
Assigned to: CPU Architecture:Any
Tags: assertion failure

[26 Jun 2022 5:06] Wang Ke
Description:
An assertion failure occurred in mysql-8.0.29-debug-asan.

Test case:

```
CREATE TABLE t1 ( c0 INT , c1 DECIMAL ( 10 , 0 ) , UNIQUE KEY c1 ( c1 ) ) ;
INSERT INTO t1 SELECT 0 , 0 ;
SELECT 'fixme' ca3 FROM t1 ra0 LEFT JOIN ( SELECT - 0 AS ca2 FROM ( ( t1 ra2 JOIN t1 ra3 ON ra3 . c1 = ra2 . c1 ) JOIN t1 ra4 ON ra4 . c1 = ra2 . c1 ) ) AS ra1 ON false HAVING SUM( ra0 . c1 ) > ( SELECT SUM( 'fixme' ) ca0 FROM t1 ra5 LEFT OUTER JOIN ( SELECT - SUM( ra0 . c0 ) AS ca1 FROM t1 ra7 ) AS ra6 ON false ) WINDOW v AS ( ) ;
```

Log file:

```
2022-06-25T16:51:36.279438Z 0 [System] [MY-010931] [Server] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld: ready for connections. Version: '8.0.29-debug-asan'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution.
mysqld: /home/mysql-server/mysql-8.0.29-origin/sql/field.cc:2032: virtual my_decimal *Field_num::val_decimal(my_decimal *) const: Assertion `!table || (!table->read_set || bitmap_is_set(table->read_set, field_index()))' failed.
20:33:41 UTC - mysqld got signal 6 ;
Most likely, you have hit a bug, but this error can also be caused by malfunctioning hardware.
Thread pointer: 0x627000070100
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 7fbd6cda0b20 thread_stack 0x100000
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(__interceptor_backtrace+0x5b) [0x5e4e34b]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(my_print_stacktrace(unsigned char const*, unsigned long)+0x10d) [0xb6ab1cd]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(print_fatal_signal(int)+0x389) [0x8149469]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(handle_fatal_signal+0x175) [0x8149ab5]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x11390) [0x7fbd9f444390]
/lib/x86_64-linux-gnu/libc.so.6(gsignal+0x38) [0x7fbd9d938438]
/lib/x86_64-linux-gnu/libc.so.6(abort+0x16a) [0x7fbd9d93a03a]
/lib/x86_64-linux-gnu/libc.so.6(+0x2dbe7) [0x7fbd9d930be7]
/lib/x86_64-linux-gnu/libc.so.6(+0x2dc92) [0x7fbd9d930c92]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld() [0x6040b5b]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Item_field::val_decimal(my_decimal*)+0x16c) [0x621ac7c]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Item_sum_sum::add()+0x2c6) [0x6959ae6]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(AggregateIterator::Read()+0xb05) [0x6a928a5]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(FilterIterator::Read()+0xd5) [0x6a8fe55]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Query_expression::ExecuteIteratorQuery(THD*)+0x104a) [0x7e1fcaa]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Query_expression::execute(THD*)+0x2bd) [0x7e215dd]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Sql_cmd_dml::execute_inner(THD*)+0x2d7) [0x7b670f7]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Sql_cmd_dml::execute(THD*)+0xe1d) [0x7b6423d]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(mysql_execute_command(THD*, bool)+0x3583) [0x794fbc3]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(dispatch_sql_command(THD*, Parser_state*)+0x1b5d) [0x7945c8d]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(dispatch_command(THD*, COM_DATA const*, enum_server_command)+0x974a) [0x793c61a]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(do_command(THD*)+0xf9c) [0x794149c]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld() [0x80d00a2]
/home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld() [0xd6ac2da]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba) [0x7fbd9f43a6ba]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d) [0x7fbd9da0a51d]

Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (61700020d81c): SELECT 'fixme' ca3 FROM t1 ra0 LEFT JOIN ( SELECT - 0 AS ca2 FROM ( ( t1 ra2 JOIN t1 ra3 ON ra3 . c1 = ra2 . c1 ) JOIN t1 ra4 ON ra4 . c1 = ra2 . c1 ) ) AS ra1 ON false HAVING SUM( ra0 . c1 ) > ( SELECT SUM( 'fixme' ) ca0 FROM t1 ra5 LEFT OUTER JOIN ( SELECT - SUM( ra0 . c0 ) AS ca1 FROM t1 ra7 ) AS ra6 ON false ) WINDOW v AS ( )
Connection ID (thread ID): 42551
Status: NOT_KILLED

The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.
```

How to repeat:
Run the test case:

```
CREATE TABLE t1 ( c0 INT , c1 DECIMAL ( 10 , 0 ) , UNIQUE KEY c1 ( c1 ) ) ;
INSERT INTO t1 SELECT 0 , 0 ;
SELECT 'fixme' ca3 FROM t1 ra0 LEFT JOIN ( SELECT - 0 AS ca2 FROM ( ( t1 ra2 JOIN t1 ra3 ON ra3 . c1 = ra2 . c1 ) JOIN t1 ra4 ON ra4 . c1 = ra2 . c1 ) ) AS ra1 ON false HAVING SUM( ra0 . c1 ) > ( SELECT SUM( 'fixme' ) ca0 FROM t1 ra5 LEFT OUTER JOIN ( SELECT - SUM( ra0 . c0 ) AS ca1 FROM t1 ra7 ) AS ra6 ON false ) WINDOW v AS ( ) ;
```
[26 Jun 2022 15:48] MySQL Verification Team
Hello Wang Ke,

Thank you for the report and test case.
Observed that 8.0.29 debug build is affected with provided test case.

regards,
Umesh
[26 Jun 2022 15:48] MySQL Verification Team
- 5.7.38 release/debug build not affected