Drizzle

crash-in-cmpfunc

Bug #693309 reported by Brian Aker
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Drizzle
Fix Released
High
Brian Aker
Drizzle 2011-01-03
7.0
Fix Released
High
Brian Aker
Drizzle 2011-01-03

Bug Description

--disable_warnings
DROP TABLE IF EXISTS `aa`;
DROP TABLE IF EXISTS `bb`;
--enable_warnings

CREATE TABLE `aa` (
  `pk` INT NOT NULL AUTO_INCREMENT,
  `col_char_1024` VARCHAR(1024) COLLATE utf8_general_ci DEFAULT NULL,
  `col_int` INT DEFAULT NULL,
  `col_text_not_null` TEXT NOT NULL COLLATE utf8_general_ci,
  `col_bigint_key` BIGINT DEFAULT NULL,
  `col_int_not_null` INT NOT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_bigint_key` (`col_bigint_key`)
) ENGINE='InnoDB' COLLATE='utf8_general_ci';

INSERT INTO `aa` VALUES (1,'w',9,'',NULL,-1974206464),(2,'n',-1692139520,'',NULL,3),(3,'r',4,'',-2842897264777625600,-274595840),(4,'PUKQU',9,'',NULL,295501824),(5,'not',-1091567616,'',3557843705622691840,9),(6,'NZDDR',126156800,'',-4628011567076605952,2),(7,'have',534904832,'',-5755881798756204544,-1601306624),(8,'OGLVA',8,'',NULL,-1770323968),(9,'didn\'t',NULL,'',NULL,256311296),(10,'t',NULL,'',-5719290051783819264,4);

CREATE TABLE `bb` (
  `col_char_10_not_null_key` VARCHAR(10) NOT NULL COLLATE utf8_general_ci,
  `col_bigint_key` BIGINT DEFAULT NULL,
  `pk` INT NOT NULL AUTO_INCREMENT,
  `col_text_key` TEXT COLLATE utf8_general_ci DEFAULT NULL,
  `col_int_not_null_key` INT NOT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_char_10_not_null_key` (`col_char_10_not_null_key`),
  KEY `col_bigint_key` (`col_bigint_key`),
  KEY `col_text_key` (`col_text_key`(255)),
  KEY `col_int_not_null_key` (`col_int_not_null_key`)
) ENGINE='InnoDB' COLLATE='utf8_general_ci';

INSERT INTO `bb` VALUES ('DCJRX',NULL,1,'',1),('x',NULL,2,'',1),('ZMHDL',-647673921411219456,3,'',-1536425984),('SJGHS',-5702401553181179904,4,'',-1443495936),('his',NULL,5,'',2),('m',4,6,'',0),('i',NULL,7,'',8),('d',8,8,'',476315648),('from',NULL,9,'',5),('h',NULL,10,'',5);

SELECT DISTINCT OUTR . `col_char_1024` AS X FROM AA AS OUTR WHERE ( OUTR . `col_bigint_key` , OUTR . `col_int` ) IN ( SELECT DISTINCT INNR . `col_int_not_null_key` AS X , INNR . `col_bigint_key` AS Y FROM BB AS INNR WHERE INNR . `col_text_key` <> INNR . `col_char_10_not_null_key` OR OUTR . `col_bigint_key` < 1 ) AND ( OUTR . `pk` > 2 XOR OUTR . `col_text_not_null` > 'f' ) ORDER BY OUTR . `col_int_not_null` , OUTR . `pk`;

DROP TABLE `aa`,`bb`;

Andrew Hutchings (linuxjedi)
Changed in drizzle:
assignee: nobody → Andrew Hutchings (linuxjedi)
Revision history for this message
Andrew Hutchings (linuxjedi) wrote :
Download full text (4.3 KiB)

#0 0x00007ffff50fdba5 in raise () from /lib/libc.so.6
#1 0x00007ffff51016b0 in abort () from /lib/libc.so.6
#2 0x00007ffff50f6a71 in __assert_fail () from /lib/libc.so.6
#3 0x00000000005dabf6 in drizzled::convert_constant_item (session=0x19026d0, field_item=0x1905280, item=0x19054a8) at drizzled/item/cmpfunc.cc:480
#4 0x00000000005e1e7a in drizzled::Item_bool_func2::fix_length_and_dec (this=0x1905408) at drizzled/item/cmpfunc.cc:539
#5 0x00000000005a08d4 in drizzled::Item_func::fix_fields (this=0x1905408, session=0x19026d0) at drizzled/function/func.cc:177
#6 0x00000000005da6b0 in drizzled::Item_cond::fix_fields (this=0x19055a0, session=0x19026d0) at drizzled/item/cmpfunc.cc:3921
#7 0x000000000067249f in drizzled::Session::setup_conds (this=0x19026d0, leaves=0x1904d78, conds=0x6) at drizzled/sql_base.cc:3761
#8 0x000000000061173e in setup_without_group (this=0x192bb68, rref_pointer_array=0x1904810, tables_init=<value optimised out>, wild_num=<value optimised out>, conds_init=<value optimised out>, og_num=<value optimised out>, order_init=0x0, group_init=0x0, having_init=0x0, select_lex_arg=0x1904658, unit_arg=0x19048c8) at drizzled/join.cc:5454
#9 drizzled::Join::prepare (this=0x192bb68, rref_pointer_array=0x1904810, tables_init=<value optimised out>, wild_num=<value optimised out>, conds_init=<value optimised out>, og_num=<value optimised out>, order_init=0x0, group_init=0x0, having_init=0x0, select_lex_arg=0x1904658, unit_arg=0x19048c8) at drizzled/join.cc:200
#10 0x00000000005fae70 in drizzled::subselect_single_select_engine::prepare (this=0x19057f8) at drizzled/item/subselect.cc:2036
#11 0x00000000005fb91d in drizzled::Item_subselect::fix_fields (this=0x19056b0, session_param=<value optimised out>, ref=0x1905ed0) at drizzled/item/subselect.cc:192
#12 0x00000000005da6b0 in drizzled::Item_cond::fix_fields (this=0x1929168, session=0x19026d0) at drizzled/item/cmpfunc.cc:3921
#13 0x000000000067249f in drizzled::Session::setup_conds (this=0x19026d0, leaves=0x1904238, conds=0x6) at drizzled/sql_base.cc:3761
#14 0x000000000061173e in setup_without_group (this=0x19295e0, rref_pointer_array=0x19034a8, tables_init=<value optimised out>, wild_num=<value optimised out>, conds_init=<value optimised out>, og_num=<value optimised out>, order_init=0x1929390, group_init=0x0, having_init=0x0, select_lex_arg=0x19032f0, unit_arg=0x19030f0) at drizzled/join.cc:5454
#15 drizzled::Join::prepare (this=0x19295e0, rref_pointer_array=0x19034a8, tables_init=<value optimised out>, wild_num=<value optimised out>, conds_init=<value optimised out>, og_num=<value optimised out>, order_init=0x1929390, group_init=0x0, having_init=0x0, select_lex_arg=0x19032f0, unit_arg=0x19030f0) at drizzled/join.cc:200
#16 0x000000000069269b in drizzled::mysql_select (session=0x19026d0, rref_pointer_array=<value optimised out>, tables=0x1904238, wild_num=0, fields=<value optimised out>, conds=0x1929168, og_num=2, order=0x1929390, group=0x0, having=0x0, select_options=2147500033, result=0x19295c0, unit=0x19030f0, select_lex=0x19032f0) at drizzled/sql_select.cc:409
#17 0x0000000000692840 in drizzled::handle_select (session=0x19026d0, lex=0x19030d0, result=0x19295c0, setup_tables_do...

Read more...

Revision history for this message
Andrew Hutchings (linuxjedi) wrote :

This is because we are trying to store a signed bigint (col_bigint_key) but are forcing it to unsigned:

      result= field->store(orig_field_val, true);

(the 'true' bit)

This returns an error condition which in turn triggers the assert.

Revision history for this message
Andrew Hutchings (linuxjedi) wrote :

I fixed it, but so did Brian so re-assigning to Brian :)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.