We're updating the issue view to help you get more done. 

MariaDB 10.0.21 crashes during PREPARE

Description

MariaDB 10.0.21 crashes during preparation of an UPDATE statement with a SELECT subquery in combination with ONLY_FULL_GROUP_BY.

One can reproduce the issue using docker as follows:

First start the MariaDB database container:

1 docker run -it --rm --name crasher -e MYSQL_ROOT_PASSWORD=root mariadb:10.0.21

Afterwards connect with the MariaDB command line client:

1 docker run -ti --rm --link crasher:mariadb mariadb mysql --host=mariadb -proot

Inside the command line client perform the following querys:

1 2 3 4 5 6 7 8 9 10 -- create test database CREATE DATABASE IF NOT EXISTS db; use db; -- drop test tables DROP TABLE IF EXISTS t1; DROP TABLE IF EXISTS t2; -- create test tables CREATE TABLE t1 ( id INT(10), value INT(10) ); CREATE TABLE t2 ( id INT(10) ); -- enable full group by SET SESSION sql_mode = 'ONLY_FULL_GROUP_BY'; -- try to prepare query PREPARE stmt FROM 'UPDATE t1 t1 SET value = (SELECT 1 FROM t2 WHERE id = t1.id)';

The last query will return:

1 ERROR 2013 (HY000): Lost connection to MySQL server during query

And the server crashes because of signal 11. The stack trace is a follows:

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 Thread pointer: 0x0x7fa1d3641008 Attempting backtrace. You can use the following information to find out where mysqld died. If you see no messages after this, something went terribly wrong... stack_bottom = 0x7fa1f779ce70 thread_stack 0x48000 mysqld(my_print_stacktrace+0x3d)[0x7fa1f7195a2d] mysqld(handle_fatal_signal+0x31a)[0x7fa1f6cd375a] /lib/x86_64-linux-gnu/libpthread.so.0(+0xf8d0)[0x7fa1f633d8d0] mysqld(_ZN10Item_field15fix_outer_fieldEP3THDPP5FieldPP4Item+0x14c)[0x7fa1f6cf8a1c] mysqld(_ZN10Item_field10fix_fieldsEP3THDPP4Item+0x4f2)[0x7fa1f6cf9742] mysqld(_ZN9Item_func10fix_fieldsEP3THDPP4Item+0x1b3)[0x7fa1f6d2f3a3] mysqld(_Z11setup_condsP3THDP10TABLE_LISTR4ListIS1_EPP4Item+0x1c3)[0x7fa1f6b09573] mysqld(+0x42f111)[0x7fa1f6b9d111] mysqld(_ZN30subselect_single_select_engine7prepareEv+0x688)[0x7fa1f6d62788] mysqld(_ZN14Item_subselect10fix_fieldsEP3THDPP4Item+0xed)[0x7fa1f6d60aed] mysqld(_Z12setup_fieldsP3THDPP4ItemR4ListIS1_E17enum_mark_columnsPS5_b+0x184)[0x7fa1f6b07594] mysqld(+0x3f7f7a)[0x7fa1f6b65f7a] mysqld(_ZN18Prepared_statement7prepareEPKcj+0x6dd)[0x7fa1f6b6771d] mysqld(_Z22mysql_sql_stmt_prepareP3THD+0x39f)[0x7fa1f6b67caf] mysqld(_Z21mysql_execute_commandP3THD+0x90e)[0x7fa1f6b4edfe] mysqld(_Z11mysql_parseP3THDPcjP12Parser_state+0x1e2)[0x7fa1f6b551d2] mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x1787)[0x7fa1f6b56f87] mysqld(_Z24do_handle_one_connectionP3THD+0x28b)[0x7fa1f6c2da5b] mysqld(handle_one_connection+0x40)[0x7fa1f6c2dac0] /lib/x86_64-linux-gnu/libpthread.so.0(+0x80a4)[0x7fa1f63360a4] /lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fa1f493e04d] Trying to get some variables. Some pointers may be invalid and cause the dump to abort. Query (0x7fa1be042408): is an invalid pointer Connection ID (thread ID): 2 Status: NOT_KILLED

Environment

MariaDB 10.0.21 Docker Container running on Ubuntu 15.04.

Status

Assignee

Oleksandr Byelkin

Reporter

Tim Düsterhus

Sprint

None

Fix versions

Affects versions

5.5
10.0
10.1

Priority

Major