Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-23914

Mariadb 10.4.15 crash on trigger update, repeatable

Details

    Description

      Crash on a trigger on update.
      Error is:

      crash

      201008  0:54:01 [ERROR] mysqld got signal 11 ;
      This could be because you hit a bug. It is also possible that this binary
      or one of the libraries it was linked against is corrupt, improperly built,
      or misconfigured. This error can also be caused by malfunctioning hardware.
      To report this bug, see https://mariadb.com/kb/en/reporting-bugs
      We will try our best to scrape up some info that will hopefully help
      diagnose the problem, but since we have already crashed,
      something is definitely wrong and this may fail.
      Server version: 10.4.14-MariaDB-1:10.4.14+maria~bionic-log
      key_buffer_size=134217728
      read_buffer_size=2097152
      max_used_connections=1
      max_threads=102
      thread_count=8
      It is possible that mysqld could use up to
      key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 760256 K  bytes of memory
      Hope that's ok; if not, decrease some variables in the equation.
      Thread pointer: 0x7feb240013a8
      Attempting backtrace. You can use the following information to find out
      where mysqld died. If you see no messages after this, something went
      terribly wrong...
      stack_bottom = 0x7feb8c495dd8 thread_stack 0x49000
      /usr/sbin/mysqld(my_print_stacktrace+0x2e)[0x55698b4f455e]
      /usr/sbin/mysqld(handle_fatal_signal+0x515)[0x55698af6fea5]
      /lib/x86_64-linux-gnu/libpthread.so.0(+0x128a0)[0x7feb9618b8a0]
      /usr/sbin/mysqld(_ZN13st_join_table7cleanupEv+0xa)[0x55698ada066a]
      /usr/sbin/mysqld(_ZN4JOIN7cleanupEb+0x88)[0x55698ada0a28]
      /usr/sbin/mysqld(_ZN4JOIN7destroyEv+0x46)[0x55698ada1156]
      /usr/sbin/mysqld(_ZN13st_select_lex7cleanupEv+0x69)[0x55698ae00f39]
      /usr/sbin/mysqld(_ZN30subselect_single_select_engine7prepareEP3THD+0x3c)[0x55698b0203ac]
      /usr/sbin/mysqld(_ZN14Item_subselect10fix_fieldsEP3THDPP4Item+0x139)[0x55698b01fda9]
      /usr/sbin/mysqld(_ZN9Item_func10fix_fieldsEP3THDPP4Item+0x153)[0x55698afd3b93]
      /usr/sbin/mysqld(_ZN13Item_func_not10fix_fieldsEP3THDPP4Item+0x1be)[0x55698afa7f4e]
      /usr/sbin/mysqld(_ZN9Item_cond10fix_fieldsEP3THDPP4Item+0x447)[0x55698afa8a87]
      /usr/sbin/mysqld(_ZN3THD16sp_fix_func_itemEPP4Item+0x90)[0x55698acc75b0]
      /usr/sbin/mysqld(_ZN3THD20sp_prepare_func_itemEPP4Itemj+0xf)[0x55698acc75cf]
      /usr/sbin/mysqld(_ZN20sp_instr_jump_if_not9exec_coreEP3THDPj+0x1e)[0x55698acc762e]
      /usr/sbin/mysqld(_ZN13sp_lex_keeper23reset_lex_and_exec_coreEP3THDPjbP8sp_instr+0x111)[0x55698accd4b1]
      /usr/sbin/mysqld(_ZN7sp_head7executeEP3THDb+0x93d)[0x55698acc918d]
      /usr/sbin/mysqld(_ZN7sp_head15execute_triggerEP3THDPK25st_mysql_const_lex_stringS4_P13st_grant_info+0x1b1)[0x55698acc9d01]
      /usr/sbin/mysqld(_ZN19Table_triggers_list16process_triggersEP3THD14trg_event_type20trg_action_time_typeb+0x10c)[0x55698adf9d6c]
      /usr/sbin/mysqld(_Z36fill_record_n_invoke_before_triggersP3THDP5TABLER4ListI4ItemES6_b14trg_event_type+0x86)[0x55698ad05226]
      /usr/sbin/mysqld(_Z12mysql_updateP3THDP10TABLE_LISTR4ListI4ItemES6_PS4_jP8st_orderybPySA_+0x1749)[0x55698ae081c9]
      /usr/sbin/mysqld(_Z21mysql_execute_commandP3THD+0x11c6)[0x55698ad5ee06]
      /usr/sbin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x1ea)[0x55698ad6608a]
      /usr/sbin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x13d5)[0x55698ad684e5]
      /usr/sbin/mysqld(_Z10do_commandP3THD+0x104)[0x55698ad69c64]
      /usr/sbin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x25e)[0x55698ae46c3e]
      /usr/sbin/mysqld(handle_one_connection+0x3d)[0x55698ae46cfd]
      /lib/x86_64-linux-gnu/libpthread.so.0(+0x76db)[0x7feb961806db]
      /lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7feb94ba2a3f]
      Trying to get some variables.
      Some pointers may be invalid and cause the dump to abort.
      Query (0x7feb24012b40): update tbl_thing set name = concat(name)
      Connection ID (thread ID): 50
      Status: NOT_KILLED
      Oct  8 00:54:01 ip-172-31-23-250 kernel: [  179.178884] mysqld[3415]: segfault at 1bef69 ip 000055698ada066a sp 00007feb8c4925d0 error 4 in mysqld[55698a6f2000+1442000]
      Oct  8 00:54:01 ip-172-31-23-250 kernel: [  179.178890] Code: 49 8b 04 24 49 8b 7c 24 08 48 8b b0 98 02 00 00 e8 ab 80 1d 00 eb a6 90 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 54 53 48 89 fb <48> 8b 7f 08 48 85 ff 74 2d e8 08 fc 11 00 84 c0 74 24 48 8b 43 08
      Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on
      

      Repeatable test case: create a ubuntu 18.04 x86_64 on AWS.

      install

      $ apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8
      $ add-apt-repository "deb [arch=amd64,arm64,ppc64el] http://mariadb.mirror.liquidtelecom.com/repo/10.4/ubuntu $(lsb_release -cs) main"
      $ apt-get install mariadb-client mariadb-server
      

      reproduce crash

      $ mysql
       
      create database main;
      use main;
       
      drop table tbl_thing_split; drop table tbl_thing_else; drop table tbl_thing;
       
      CREATE TABLE `tbl_thing` (
        `THING_ID` varchar(50) CHARACTER SET ascii NOT NULL DEFAULT 'SOMEDEFAULT',
        `OIUYTRE_ID` int(10) unsigned NOT NULL DEFAULT 2610,
        `NAME` varchar(100) NOT NULL DEFAULT 'YSAM',
        `LOCATION` varchar(100) NOT NULL DEFAULT '',
        `xx_jhiusgdje` varchar(100) DEFAULT NULL,
        `JHGFDS_ID` int(10) unsigned NOT NULL DEFAULT 40,
        `MTHING_ID` varchar(50) CHARACTER SET ascii DEFAULT NULL,
        `BCD_EFG_CATEGORY_ID` int(10) unsigned NOT NULL DEFAULT 1291785531,
        `id_yuiop_thingid_set` varchar(20) DEFAULT NULL,
        `ZYXWVU_SET_ID` int(10) unsigned NOT NULL DEFAULT 400,
        `ABCDE_ID` int(10) NOT NULL DEFAULT 3,
        `YUI_SET_ID` int(10) NOT NULL DEFAULT 4113,
        `JHGFDSA_ID` int(10) NOT NULL DEFAULT 1,
        `OTHERTHING_ID` varchar(20) NOT NULL DEFAULT '11',
        `WELCOME_ID` int(10) unsigned NOT NULL DEFAULT 40002,
        `ABCDEF_SET_ID` int(20) NOT NULL DEFAULT 4000,
        `QWERTY_ID` int(10) NOT NULL DEFAULT 40,
        `MNBVCV_ID` int(10) NOT NULL DEFAULT 40,
        `sms_abcdeq_id` int(10) NOT NULL DEFAULT 41001,
        `id_affiliate` int(10) NOT NULL DEFAULT 0,
        `rfvgthnf_attribute_id` int(10) unsigned DEFAULT NULL,
        `NHYTGBVFR_ID` int(10) NOT NULL DEFAULT 50,
        `xyzzy_verification_something_type` enum('thing1','thing2','thing3','thing4') DEFAULT NULL,
        `send_missing_thing` bit(1) NOT NULL DEFAULT b'0',
        `send_plugh_eo` bit(1) NOT NULL DEFAULT b'0',
        `is_question` bit(1) NOT NULL DEFAULT b'0',
        `somewhere_page` varchar(100) default null,
        `somewhere_page_addtnl_params` text DEFAULT NULL,
        `last_modified` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
        `last_modifying_user` varchar(81) CHARACTER SET utf8 DEFAULT 'unknown',
        `IS_ACTIVE` int(11) NOT NULL DEFAULT 1,
        PRIMARY KEY (`THING_ID`),
        KEY `IDX_THING_OIUYTRE_ID` (`OIUYTRE_ID`),
        KEY `IDX_THING_JHGFDS_ID` (`JHGFDS_ID`),
        KEY `IDX_THING_WELCOME_ID` (`WELCOME_ID`),
        KEY `FK_THING_ABCDEF_SET_ID` (`ABCDEF_SET_ID`),
        KEY `FK_THING_CONTENT_MNBVCV_ID` (`MNBVCV_ID`),
        KEY `FK_THING_CONTENT_ABCDE_ID` (`ABCDE_ID`),
        KEY `FK_THING_YUI_SET_ID` (`YUI_SET_ID`),
        KEY `FK_THING_NHYTGBVFR_ID` (`NHYTGBVFR_ID`),
        KEY `FK_THING_OTHERTHING_ID` (`OTHERTHING_ID`),
        KEY `FK_THING_BCD_EFG_CAT` (`BCD_EFG_CATEGORY_ID`),
        KEY `fk_tbl_thing_privacy_policy_id` (`QWERTY_ID`),
        KEY `fk_tbl_thing_testimonial_id` (`JHGFDSA_ID`),
        KEY `fk_tbl_thing_footer_set_id` (`ZYXWVU_SET_ID`),
        KEY `tbl_thing_ibfk_16` (`MTHING_ID`),
        KEY `tbl_thing_ibfk_17` (`rfvgthnf_attribute_id`),
        KEY `fk_id_yuiop_thingid_set` (`id_yuiop_thingid_set`),
        KEY `fk_id_affiliate` (`id_affiliate`)
      ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Managed by P2 ContentServices and ehcache';
       
       
      delimiter ;;
      drop trigger main.tbl_thing_update;;
       
      CREATE DEFINER=`root`@`localhost` TRIGGER `tbl_thing_update` BEFORE UPDATE ON `tbl_thing` FOR EACH ROW proc:BEGIN
          SET     NEW.THING_ID = UPPER(NEW.THING_ID) ;
          IF NOT (EXISTS (SELECT *
                             FROM    tbl_thing_split
                             WHERE   child_thingid = NEW.THING_ID
                                     AND start_date < now())
                     OR EXISTS (SELECT *
                                FROM tbl_thing_else
                                WHERE id_thing = NEW.THING_ID)) THEN
              SET     NEW.last_modified = now();
              IF USER() NOT LIKE 'baduser@%' OR new.last_modifying_user IS NULL THEN
                      SET new.last_modifying_user = USER();
              END IF;
          ELSE
              SIGNAL SQLSTATE '45000'
              SET MESSAGE_TEXT = 'some message which was here';
          END IF;
      END
      ;;
      delimiter ;
       
      create table tbl_thing_split ( child_thingid int(10),start_date datetime );
      create table tbl_thing_else ( id_thing varchar(50) );
       
      insert into `tbl_thing` (
      `THING_ID`,
      `OIUYTRE_ID`,
      `NAME`,
      `LOCATION`,
      `xx_jhiusgdje`,
      `JHGFDS_ID`,
      `MTHING_ID`,
      `BCD_EFG_CATEGORY_ID`,
      `id_yuiop_thingid_set`,
      `ZYXWVU_SET_ID` ) values ( 
      'testthing',
      '1234',
      'testname',
      'testloc',
      'testnothing',
      '4567',
      'testmthing',
      '9876',
      'abcdef',
      '76384'
      );
       
      update tbl_thing set name = concat(name);
      update tbl_thing set name = concat(name);
      update tbl_thing set name = concat(name);
      update tbl_thing set name = concat(name);
      -- crashes before here ---
      

      Attachments

        Issue Links

          Activity

            danblack Daniel Black added a comment -

            I was able to reproduce this on the 10.4.14 as described (below) however the 10.4.15 (very recently release and security release) I was unable to reproduce this so I suspect its fixed. Can you please confirm?

            10.4.14 WITH_ASAN crash

            Version: '10.4.14-MariaDB'  socket: '/tmp/build-mariadb-server-10.4.sock'  port: 0  Source distribution
            =================================================================
            ==2049046==ERROR: AddressSanitizer: heap-use-after-free on address 0x62500002daf0 at pc 0x000000a619f0 bp 0x7f1a765510f0 sp 0x7f1a765510e8
            READ of size 8 at 0x62500002daf0 thread T31
                #0 0xa619ef in JOIN::destroy() /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:4494:3
                #1 0xbda7cd in st_select_lex::cleanup() /home/dan/repos/mariadb-server-10.4/sql/sql_union.cc:2070:18
                #2 0x1252188 in subselect_single_select_engine::prepare(THD*) /home/dan/repos/mariadb-server-10.4/sql/item_subselect.cc:3730:17
                #3 0x12330ad in Item_subselect::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_subselect.cc:283:22
                #4 0x1137885 in Item::fix_fields_if_needed(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:960:33
                #5 0x1137885 in Item_func::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_func.cc:352:19
                #6 0x10da0f9 in Item_func_not::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_cmpfunc.cc:6351:21
                #7 0x10c5e3d in Item::fix_fields_if_needed(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:960:33
                #8 0x10c5e3d in Item::fix_fields_if_needed_for_scalar(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:964:12
                #9 0x10c5e3d in Item::fix_fields_if_needed_for_bool(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:968:12
                #10 0x10c5e3d in Item_cond::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_cmpfunc.cc:4845:15
                #11 0x795adb in Item::fix_fields_if_needed(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:960:33
                #12 0x795adb in THD::sp_fix_func_item(Item**) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:356:19
                #13 0x795adb in THD::sp_prepare_func_item(Item**, unsigned int) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:342:14
                #14 0x795adb in sp_instr_jump_if_not::exec_core(THD*, unsigned int*) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:3973:12
                #15 0x790734 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:3419:17
                #16 0x77cf02 in sp_head::execute(THD*, bool) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:1364:20
                #17 0x77f925 in sp_head::execute_trigger(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, st_grant_info*) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:1837:15
                #18 0xbc6820 in Table_triggers_list::process_triggers(THD*, trg_event_type, trg_action_time_type, bool) /home/dan/repos/mariadb-server-10.4/sql/sql_trigger.cc:2211:22
                #19 0x84c2db in fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type) /home/dan/repos/mariadb-server-10.4/sql/sql_base.cc:8707:19
                #20 0xbe2f0d in mysql_update(THD*, TABLE_LIST*, List<Item>&, List<Item>&, Item*, unsigned int, st_order*, unsigned long long, bool, unsigned long long*, unsigned long long*) /home/dan/repos/mariadb-server-10.4/sql/sql_update.cc:991:11
                #21 0x98032b in mysql_execute_command(THD*) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:4360:21
                #22 0x9726f4 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:7896:18
                #23 0x96be60 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:1834:7
                #24 0x973228 in do_command(THD*) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:1352:17
                #25 0xcb681f in do_handle_one_connection(CONNECT*) /home/dan/repos/mariadb-server-10.4/sql/sql_connect.cc:1412:11
                #26 0xcb6163 in handle_one_connection /home/dan/repos/mariadb-server-10.4/sql/sql_connect.cc:1316:3
                #27 0x7f1aa4aad431 in start_thread /usr/src/debug/glibc-2.31-48-g64246fccaf/nptl/pthread_create.c:477:8
                #28 0x7f1aa410e912 in clone /usr/src/debug/glibc-2.31-48-g64246fccaf/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
             
            0x62500002daf0 is located 2544 bytes inside of 8160-byte region [0x62500002d100,0x62500002f0e0)
            freed by thread T31 here:
                #0 0x6b1777 in free (/home/dan/repos/build-mariadb-server-10.4/sql/mysqld+0x6b1777)
                #1 0x204d62a in free_root /home/dan/repos/mariadb-server-10.4/mysys/my_alloc.c:420:7
             
            previously allocated by thread T31 here:
                #0 0x6b1a7f in malloc (/home/dan/repos/build-mariadb-server-10.4/sql/mysqld+0x6b1a7f)
                #1 0x2063b1f in my_malloc /home/dan/repos/mariadb-server-10.4/mysys/my_malloc.c:101:10
             
            Thread T31 created by T0 here:
                #0 0x62b5c6 in pthread_create (/home/dan/repos/build-mariadb-server-10.4/sql/mysqld+0x62b5c6)
                #1 0x6fd984 in inline_mysql_thread_create(unsigned int, unsigned long*, pthread_attr_t const*, void* (*)(void*), void*) /home/dan/repos/mariadb-server-10.4/include/mysql/psi/mysql_thread.h:1275:11
                #2 0x6fd984 in create_thread_to_handle_connection(CONNECT*) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6262:15
                #3 0x6fdf99 in create_new_thread(CONNECT*) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6332:3
                #4 0x6fef27 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6430:3
                #5 0x6fcabb in handle_connections_sockets() /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6588:5
                #6 0x6f5ae2 in mysqld_main(int, char**) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:5920:3
                #7 0x7f1aa4034041 in __libc_start_main /usr/src/debug/glibc-2.31-48-g64246fccaf/csu/../csu/libc-start.c:308:16
             
            SUMMARY: AddressSanitizer: heap-use-after-free /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:4494:3 in JOIN::destroy()
            Shadow bytes around the buggy address:
              0x0c4a7fffdb00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
            =>0x0c4a7fffdb50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd
              0x0c4a7fffdb60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdb90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
              0x0c4a7fffdba0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd
            Shadow byte legend (one shadow byte represents 8 application bytes):
              Addressable:           00
              Partially addressable: 01 02 03 04 05 06 07 
              Heap left redzone:       fa
              Freed heap region:       fd
              Stack left redzone:      f1
              Stack mid redzone:       f2
              Stack right redzone:     f3
              Stack after return:      f5
              Stack use after scope:   f8
              Global redzone:          f9
              Global init order:       f6
              Poisoned by user:        f7
              Container overflow:      fc
              Array cookie:            ac
              Intra object redzone:    bb
              ASan internal:           fe
              Left alloca redzone:     ca
              Right alloca redzone:    cb
              Shadow gap:              cc
            ==2049046==ABORTING
            

            danblack Daniel Black added a comment - I was able to reproduce this on the 10.4.14 as described (below) however the 10.4.15 (very recently release and security release) I was unable to reproduce this so I suspect its fixed. Can you please confirm? 10.4.14 WITH_ASAN crash Version: '10.4.14-MariaDB' socket: '/tmp/build-mariadb-server-10.4.sock' port: 0 Source distribution ================================================================= ==2049046==ERROR: AddressSanitizer: heap-use-after-free on address 0x62500002daf0 at pc 0x000000a619f0 bp 0x7f1a765510f0 sp 0x7f1a765510e8 READ of size 8 at 0x62500002daf0 thread T31 #0 0xa619ef in JOIN::destroy() /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:4494:3 #1 0xbda7cd in st_select_lex::cleanup() /home/dan/repos/mariadb-server-10.4/sql/sql_union.cc:2070:18 #2 0x1252188 in subselect_single_select_engine::prepare(THD*) /home/dan/repos/mariadb-server-10.4/sql/item_subselect.cc:3730:17 #3 0x12330ad in Item_subselect::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_subselect.cc:283:22 #4 0x1137885 in Item::fix_fields_if_needed(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:960:33 #5 0x1137885 in Item_func::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_func.cc:352:19 #6 0x10da0f9 in Item_func_not::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_cmpfunc.cc:6351:21 #7 0x10c5e3d in Item::fix_fields_if_needed(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:960:33 #8 0x10c5e3d in Item::fix_fields_if_needed_for_scalar(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:964:12 #9 0x10c5e3d in Item::fix_fields_if_needed_for_bool(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:968:12 #10 0x10c5e3d in Item_cond::fix_fields(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item_cmpfunc.cc:4845:15 #11 0x795adb in Item::fix_fields_if_needed(THD*, Item**) /home/dan/repos/mariadb-server-10.4/sql/item.h:960:33 #12 0x795adb in THD::sp_fix_func_item(Item**) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:356:19 #13 0x795adb in THD::sp_prepare_func_item(Item**, unsigned int) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:342:14 #14 0x795adb in sp_instr_jump_if_not::exec_core(THD*, unsigned int*) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:3973:12 #15 0x790734 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:3419:17 #16 0x77cf02 in sp_head::execute(THD*, bool) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:1364:20 #17 0x77f925 in sp_head::execute_trigger(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, st_grant_info*) /home/dan/repos/mariadb-server-10.4/sql/sp_head.cc:1837:15 #18 0xbc6820 in Table_triggers_list::process_triggers(THD*, trg_event_type, trg_action_time_type, bool) /home/dan/repos/mariadb-server-10.4/sql/sql_trigger.cc:2211:22 #19 0x84c2db in fill_record_n_invoke_before_triggers(THD*, TABLE*, List<Item>&, List<Item>&, bool, trg_event_type) /home/dan/repos/mariadb-server-10.4/sql/sql_base.cc:8707:19 #20 0xbe2f0d in mysql_update(THD*, TABLE_LIST*, List<Item>&, List<Item>&, Item*, unsigned int, st_order*, unsigned long long, bool, unsigned long long*, unsigned long long*) /home/dan/repos/mariadb-server-10.4/sql/sql_update.cc:991:11 #21 0x98032b in mysql_execute_command(THD*) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:4360:21 #22 0x9726f4 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:7896:18 #23 0x96be60 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:1834:7 #24 0x973228 in do_command(THD*) /home/dan/repos/mariadb-server-10.4/sql/sql_parse.cc:1352:17 #25 0xcb681f in do_handle_one_connection(CONNECT*) /home/dan/repos/mariadb-server-10.4/sql/sql_connect.cc:1412:11 #26 0xcb6163 in handle_one_connection /home/dan/repos/mariadb-server-10.4/sql/sql_connect.cc:1316:3 #27 0x7f1aa4aad431 in start_thread /usr/src/debug/glibc-2.31-48-g64246fccaf/nptl/pthread_create.c:477:8 #28 0x7f1aa410e912 in clone /usr/src/debug/glibc-2.31-48-g64246fccaf/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95   0x62500002daf0 is located 2544 bytes inside of 8160-byte region [0x62500002d100,0x62500002f0e0) freed by thread T31 here: #0 0x6b1777 in free (/home/dan/repos/build-mariadb-server-10.4/sql/mysqld+0x6b1777) #1 0x204d62a in free_root /home/dan/repos/mariadb-server-10.4/mysys/my_alloc.c:420:7   previously allocated by thread T31 here: #0 0x6b1a7f in malloc (/home/dan/repos/build-mariadb-server-10.4/sql/mysqld+0x6b1a7f) #1 0x2063b1f in my_malloc /home/dan/repos/mariadb-server-10.4/mysys/my_malloc.c:101:10   Thread T31 created by T0 here: #0 0x62b5c6 in pthread_create (/home/dan/repos/build-mariadb-server-10.4/sql/mysqld+0x62b5c6) #1 0x6fd984 in inline_mysql_thread_create(unsigned int, unsigned long*, pthread_attr_t const*, void* (*)(void*), void*) /home/dan/repos/mariadb-server-10.4/include/mysql/psi/mysql_thread.h:1275:11 #2 0x6fd984 in create_thread_to_handle_connection(CONNECT*) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6262:15 #3 0x6fdf99 in create_new_thread(CONNECT*) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6332:3 #4 0x6fef27 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6430:3 #5 0x6fcabb in handle_connections_sockets() /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:6588:5 #6 0x6f5ae2 in mysqld_main(int, char**) /home/dan/repos/mariadb-server-10.4/sql/mysqld.cc:5920:3 #7 0x7f1aa4034041 in __libc_start_main /usr/src/debug/glibc-2.31-48-g64246fccaf/csu/../csu/libc-start.c:308:16   SUMMARY: AddressSanitizer: heap-use-after-free /home/dan/repos/mariadb-server-10.4/sql/sql_select.cc:4494:3 in JOIN::destroy() Shadow bytes around the buggy address: 0x0c4a7fffdb00: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb10: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb20: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb30: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb40: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd =>0x0c4a7fffdb50: fd fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd 0x0c4a7fffdb60: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb70: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb80: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdb90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd 0x0c4a7fffdba0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb Shadow gap: cc ==2049046==ABORTING
            mikeininfo Mike Ingle added a comment -

            I looked for a 10.4.15 ubuntu build and did not find one. Is there a deb package for it yet? If not I can test with the tar.gz file at AWS.

            mikeininfo Mike Ingle added a comment - I looked for a 10.4.15 ubuntu build and did not find one. Is there a deb package for it yet? If not I can test with the tar.gz file at AWS.
            danblack Daniel Black added a comment -

            I might be still in the mirroring process. Its very new. Make a note if its not here by tomorrow.

            Otherwise the osuosl mirror has it https://ftp.osuosl.org/pub/mariadb/repo/10.4/ubuntu/pool/main/m/mariadb-10.4/ if you change your repo line.

            danblack Daniel Black added a comment - I might be still in the mirroring process. Its very new. Make a note if its not here by tomorrow. Otherwise the osuosl mirror has it https://ftp.osuosl.org/pub/mariadb/repo/10.4/ubuntu/pool/main/m/mariadb-10.4/ if you change your repo line.
            mikeininfo Mike Ingle added a comment -

            Definitely still broken in 10.4.15 ubuntu 18.04 on an AWS t3.medium. I downloaded the tar.gz and tested. Here's the wreckage. Thank you for quick response. This happened on an internal production server, I found out which trigger caused it, and abstracted it to a repeatable case today.

            ubuntu@ip-172-31-16-96:~$ sha256sum mariadb.tar.gz
            be582f7b2df92306fb8c6c93afe08b8fa1b9bedfe83e00f8663a3b45c73bd75b mariadb.tar.gz

            ubuntu@ip-172-31-16-96:~$ sudo /usr/local/mysql/bin/mysql
            Welcome to the MariaDB monitor. Commands end with ; or \g.
            Your MariaDB connection id is 9
            Server version: 10.4.15-MariaDB MariaDB Server

            Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

            Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

            MariaDB [(none)]> create database main;
            Query OK, 1 row affected (0.000 sec)

            MariaDB [(none)]> use main;
            Database changed
            MariaDB [main]> drop table tbl_thing_split; drop table tbl_thing_else; drop table tbl_thing;
            ERROR 1051 (42S02): Unknown table 'main.tbl_thing_split'
            ERROR 1051 (42S02): Unknown table 'main.tbl_thing_else'
            ERROR 1051 (42S02): Unknown table 'main.tbl_thing'
            MariaDB [main]>
            MariaDB [main]> CREATE TABLE `tbl_thing` (
            -> `THING_ID` varchar(50) CHARACTER SET ascii NOT NULL DEFAULT 'SOMEDEFAULT',
            -> `OIUYTRE_ID` int(10) unsigned NOT NULL DEFAULT 2610,
            -> `NAME` varchar(100) NOT NULL DEFAULT 'YSAM',
            -> `LOCATION` varchar(100) NOT NULL DEFAULT '',
            -> `xx_jhiusgdje` varchar(100) DEFAULT NULL,
            -> `JHGFDS_ID` int(10) unsigned NOT NULL DEFAULT 40,
            -> `MTHING_ID` varchar(50) CHARACTER SET ascii DEFAULT NULL,
            -> `BCD_EFG_CATEGORY_ID` int(10) unsigned NOT NULL DEFAULT 1291785531,
            -> `id_yuiop_thingid_set` varchar(20) DEFAULT NULL,
            -> `ZYXWVU_SET_ID` int(10) unsigned NOT NULL DEFAULT 400,
            -> `ABCDE_ID` int(10) NOT NULL DEFAULT 3,
            -> `YUI_SET_ID` int(10) NOT NULL DEFAULT 4113,
            -> `JHGFDSA_ID` int(10) NOT NULL DEFAULT 1,
            -> `OTHERTHING_ID` varchar(20) NOT NULL DEFAULT '11',
            -> `WELCOME_ID` int(10) unsigned NOT NULL DEFAULT 40002,
            -> `ABCDEF_SET_ID` int(20) NOT NULL DEFAULT 4000,
            -> `QWERTY_ID` int(10) NOT NULL DEFAULT 40,
            -> `MNBVCV_ID` int(10) NOT NULL DEFAULT 40,
            -> `sms_abcdeq_id` int(10) NOT NULL DEFAULT 41001,
            -> `id_affiliate` int(10) NOT NULL DEFAULT 0,
            -> `rfvgthnf_attribute_id` int(10) unsigned DEFAULT NULL,
            -> `NHYTGBVFR_ID` int(10) NOT NULL DEFAULT 50,
            -> `xyzzy_verification_something_type` enum('thing1','thing2','thing3','thing4') DEFAULT NULL,
            -> `send_missing_thing` bit(1) NOT NULL DEFAULT b'0',
            -> `send_plugh_eo` bit(1) NOT NULL DEFAULT b'0',
            -> `is_question` bit(1) NOT NULL DEFAULT b'0',
            -> `somewhere_page` varchar(100) default null,
            -> `somewhere_page_addtnl_params` text DEFAULT NULL,
            -> `last_modified` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(),
            -> `last_modifying_user` varchar(81) CHARACTER SET utf8 DEFAULT 'unknown',
            -> `IS_ACTIVE` int(11) NOT NULL DEFAULT 1,
            -> PRIMARY KEY (`THING_ID`),
            -> KEY `IDX_THING_OIUYTRE_ID` (`OIUYTRE_ID`),
            -> KEY `IDX_THING_JHGFDS_ID` (`JHGFDS_ID`),
            -> KEY `IDX_THING_WELCOME_ID` (`WELCOME_ID`),
            -> KEY `FK_THING_ABCDEF_SET_ID` (`ABCDEF_SET_ID`),
            -> KEY `FK_THING_CONTENT_MNBVCV_ID` (`MNBVCV_ID`),
            -> KEY `FK_THING_CONTENT_ABCDE_ID` (`ABCDE_ID`),
            -> KEY `FK_THING_YUI_SET_ID` (`YUI_SET_ID`),
            -> KEY `FK_THING_NHYTGBVFR_ID` (`NHYTGBVFR_ID`),
            -> KEY `FK_THING_OTHERTHING_ID` (`OTHERTHING_ID`),
            -> KEY `FK_THING_BCD_EFG_CAT` (`BCD_EFG_CATEGORY_ID`),
            -> KEY `fk_tbl_thing_privacy_policy_id` (`QWERTY_ID`),
            -> KEY `fk_tbl_thing_testimonial_id` (`JHGFDSA_ID`),
            -> KEY `fk_tbl_thing_footer_set_id` (`ZYXWVU_SET_ID`),
            -> KEY `tbl_thing_ibfk_16` (`MTHING_ID`),
            -> KEY `tbl_thing_ibfk_17` (`rfvgthnf_attribute_id`),
            -> KEY `fk_id_yuiop_thingid_set` (`id_yuiop_thingid_set`),
            -> KEY `fk_id_affiliate` (`id_affiliate`)
            -> ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Managed by P2 ContentServices and ehcache';
            Query OK, 0 rows affected (0.177 sec)

            MariaDB [main]>
            MariaDB [main]>
            MariaDB [main]> delimiter ;;
            MariaDB [main]> drop trigger main.tbl_thing_update;;
            ERROR 1360 (HY000): Trigger does not exist
            MariaDB [main]>
            MariaDB [main]> CREATE DEFINER=`root`@`localhost` TRIGGER `tbl_thing_update` BEFORE UPDATE ON `tbl_thing` FOR EACH ROW proc:BEGIN
            -> SET NEW.THING_ID = UPPER(NEW.THING_ID) ;
            -> IF NOT (EXISTS (SELECT *
            -> FROM tbl_thing_split
            -> WHERE child_thingid = NEW.THING_ID
            -> AND start_date < now())
            -> OR EXISTS (SELECT *
            -> FROM tbl_thing_else
            -> WHERE id_thing = NEW.THING_ID)) THEN
            -> SET NEW.last_modified = now();
            -> IF USER() NOT LIKE 'baduser@%' OR new.last_modifying_user IS NULL THEN
            -> SET new.last_modifying_user = USER();
            -> END IF;
            -> ELSE
            -> SIGNAL SQLSTATE '45000'
            -> SET MESSAGE_TEXT = 'some message which was here';
            -> END IF;
            -> END
            -> ;;
            Query OK, 0 rows affected (0.005 sec)

            MariaDB [main]> delimiter ;
            MariaDB [main]>
            MariaDB [main]> create table tbl_thing_split ( child_thingid int(10),start_date datetime );
            Query OK, 0 rows affected (0.010 sec)

            MariaDB [main]> create table tbl_thing_else ( id_thing varchar(50) );
            Query OK, 0 rows affected (0.013 sec)

            MariaDB [main]>
            MariaDB [main]> insert into `tbl_thing` (
            -> `THING_ID`,
            -> `OIUYTRE_ID`,
            -> `NAME`,
            -> `LOCATION`,
            -> `xx_jhiusgdje`,
            -> `JHGFDS_ID`,
            -> `MTHING_ID`,
            -> `BCD_EFG_CATEGORY_ID`,
            -> `id_yuiop_thingid_set`,
            -> `ZYXWVU_SET_ID` ) values (
            -> 'testthing',
            -> '1234',
            -> 'testname',
            -> 'testloc',
            -> 'testnothing',
            -> '4567',
            -> 'testmthing',
            -> '9876',
            -> 'abcdef',
            -> '76384'
            -> );
            Query OK, 1 row affected (0.004 sec)

            MariaDB [main]>
            MariaDB [main]> update tbl_thing set name = concat(name);
            Query OK, 1 row affected (0.003 sec)
            Rows matched: 1 Changed: 1 Warnings: 0

            MariaDB [main]> update tbl_thing set name = concat(name);
            ERROR 2013 (HY000): Lost connection to MySQL server during query
            MariaDB [main]> update tbl_thing set name = concat(name);
            ERROR 2006 (HY000): MySQL server has gone away
            No connection. Trying to reconnect...
            ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (111)
            ERROR: Can't connect to the server

            unknown [main]> update tbl_thing set name = concat(name);
            No connection. Trying to reconnect...
            ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (111)
            ERROR: Can't connect to the server

            unknown [main]>

            root@ip-172-31-16-96:/usr/local/mysql/data# cat ip-172-31-16-96.err
            2020-10-08 2:45:39 0 [Note] InnoDB: Using Linux native AIO
            2020-10-08 2:45:39 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
            2020-10-08 2:45:39 0 [Note] InnoDB: Uses event mutexes
            2020-10-08 2:45:39 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
            2020-10-08 2:45:39 0 [Note] InnoDB: Number of pools: 1
            2020-10-08 2:45:39 0 [Note] InnoDB: Using SSE2 crc32 instructions
            2020-10-08 2:45:39 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
            2020-10-08 2:45:39 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
            2020-10-08 2:45:39 0 [Note] InnoDB: Completed initialization of buffer pool
            2020-10-08 2:45:39 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
            2020-10-08 2:45:39 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
            2020-10-08 2:45:39 0 [Note] InnoDB: Creating shared tablespace for temporary tables
            2020-10-08 2:45:39 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
            2020-10-08 2:45:39 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
            2020-10-08 2:45:39 0 [Note] InnoDB: Waiting for purge to start
            2020-10-08 2:45:39 0 [Note] InnoDB: 10.4.15 started; log sequence number 60967; transaction id 21
            2020-10-08 2:45:39 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mariadb-10.4.15-linux-systemd-x86_64/data/ib_buffer_pool
            2020-10-08 2:45:39 0 [Note] Plugin 'FEEDBACK' is disabled.
            2020-10-08 2:45:39 0 [Note] InnoDB: Buffer pool(s) load completed at 201008 2:45:39
            2020-10-08 2:45:39 0 [Note] Server socket created on IP: '::'.
            2020-10-08 2:45:39 0 [Note] Reading of all Master_info entries succeeded
            2020-10-08 2:45:39 0 [Note] Added new Master_info '' to hash table
            2020-10-08 2:45:39 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections.
            Version: '10.4.15-MariaDB' socket: '/tmp/mysql.sock' port: 3306 MariaDB Server
            201008 2:46:38 [ERROR] mysqld got signal 11 ;
            This could be because you hit a bug. It is also possible that this binary
            or one of the libraries it was linked against is corrupt, improperly built,
            or misconfigured. This error can also be caused by malfunctioning hardware.

            To report this bug, see https://mariadb.com/kb/en/reporting-bugs

            We will try our best to scrape up some info that will hopefully help
            diagnose the problem, but since we have already crashed,
            something is definitely wrong and this may fail.

            Server version: 10.4.15-MariaDB
            key_buffer_size=134217728
            read_buffer_size=131072
            max_used_connections=1
            max_threads=153
            thread_count=7
            It is possible that mysqld could use up to
            key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467753 K bytes of memory
            Hope that's ok; if not, decrease some variables in the equation.

            Thread pointer: 0x55ad62e791e8
            Attempting backtrace. You can use the following information to find out
            where mysqld died. If you see no messages after this, something went
            terribly wrong...
            stack_bottom = 0x7f50b8ac8e50 thread_stack 0x49000
            /usr/local/mysql/bin/mysqld(my_print_stacktrace+0x2e)[0x55ad5fff12de]
            /usr/local/mysql/bin/mysqld(handle_fatal_signal+0x30f)[0x55ad5f9fd12f]
            /lib/x86_64-linux-gnu/libpthread.so.0(+0x128a0)[0x7f50bda418a0]
            /usr/local/mysql/bin/mysqld(_ZN13st_join_table7cleanupEv+0xa)[0x55ad5f83229a]
            /usr/local/mysql/bin/mysqld(_ZN4JOIN7cleanupEb+0x368)[0x55ad5f832998]
            /usr/local/mysql/bin/mysqld(_ZN4JOIN7destroyEv+0x46)[0x55ad5f832e36]
            /usr/local/mysql/bin/mysqld(_ZN13st_select_lex7cleanupEv+0x69)[0x55ad5f893959]
            /usr/local/mysql/bin/mysqld(_ZN30subselect_single_select_engine7prepareEP3THD+0x44)[0x55ad5fab2364]
            /usr/local/mysql/bin/mysqld(_ZN14Item_subselect10fix_fieldsEP3THDPP4Item+0x135)[0x55ad5fab1d55]
            /usr/local/mysql/bin/mysqld(_ZN9Item_func10fix_fieldsEP3THDPP4Item+0x15c)[0x55ad5fa69aac]
            /usr/local/mysql/bin/mysqld(_ZN13Item_func_not10fix_fieldsEP3THDPP4Item+0x1be)[0x55ad5fa3954e]
            /usr/local/mysql/bin/mysqld(_ZN9Item_cond10fix_fieldsEP3THDPP4Item+0x2b0)[0x55ad5fa39ee0]
            /usr/local/mysql/bin/mysqld(_ZN3THD16sp_fix_func_itemEPP4Item+0x90)[0x55ad5f7550d0]
            /usr/local/mysql/bin/mysqld(_ZN3THD20sp_prepare_func_itemEPP4Itemj+0xf)[0x55ad5f7550ef]
            /usr/local/mysql/bin/mysqld(_ZN20sp_instr_jump_if_not9exec_coreEP3THDPj+0x1e)[0x55ad5f75513e]
            /usr/local/mysql/bin/mysqld(_ZN13sp_lex_keeper23reset_lex_and_exec_coreEP3THDPjbP8sp_instr+0x119)[0x55ad5f75b429]
            /usr/local/mysql/bin/mysqld(_ZN7sp_head7executeEP3THDb+0x9c7)[0x55ad5f756e67]
            /usr/local/mysql/bin/mysqld(_ZN7sp_head15execute_triggerEP3THDPK25st_mysql_const_lex_stringS4_P13st_grant_info+0x1d7)[0x55ad5f7579b7]
            /usr/local/mysql/bin/mysqld(_ZN19Table_triggers_list16process_triggersEP3THD14trg_event_type20trg_action_time_typeb+0x105)[0x55ad5f88b4e5]
            /usr/local/mysql/bin/mysqld(_Z36fill_record_n_invoke_before_triggersP3THDP5TABLER4ListI4ItemES6_b14trg_event_type+0x7d)[0x55ad5f794dcd]
            /usr/local/mysql/bin/mysqld(Z12mysql_updateP3THDP10TABLE_LISTR4ListI4ItemES6_PS4_jP8st_orderybPySA+0x1677)[0x55ad5f89a607]
            /usr/local/mysql/bin/mysqld(_Z21mysql_execute_commandP3THD+0x3440)[0x55ad5f7f0e40]
            /usr/local/mysql/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x1d2)[0x55ad5f7f6762]
            /usr/local/mysql/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x149e)[0x55ad5f7f843e]
            /usr/local/mysql/bin/mysqld(_Z10do_commandP3THD+0x109)[0x55ad5f7f9cb9]
            /usr/local/mysql/bin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x1fa)[0x55ad5f8d80ba]
            /usr/local/mysql/bin/mysqld(handle_one_connection+0x3d)[0x55ad5f8d819d]
            /lib/x86_64-linux-gnu/libpthread.so.0(+0x76db)[0x7f50bda366db]
            /lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7f50bcc2ca3f]

            Trying to get some variables.
            Some pointers may be invalid and cause the dump to abort.
            Query (0x55ad62e87520): update tbl_thing set name = concat(name)

            Connection ID (thread ID): 9
            Status: NOT_KILLED

            Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on

            The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains
            information that should help you find out what is causing the crash.
            Writing a core file...
            Working directory at /usr/local/mariadb-10.4.15-linux-systemd-x86_64/data
            Resource Limits:
            Limit Soft Limit Hard Limit Units
            Max cpu time unlimited unlimited seconds
            Max file size unlimited unlimited bytes
            Max data size unlimited unlimited bytes
            Max stack size 8388608 unlimited bytes
            Max core file size 0 unlimited bytes
            Max resident set unlimited unlimited bytes
            Max processes 15393 15393 processes
            Max open files 32184 32184 files
            Max locked memory 16777216 16777216 bytes
            Max address space unlimited unlimited bytes
            Max file locks unlimited unlimited locks
            Max pending signals 15393 15393 signals
            Max msgqueue size 819200 819200 bytes
            Max nice priority 0 0
            Max realtime priority 0 0
            Max realtime timeout unlimited unlimited us
            Core pattern: |/usr/share/apport/apport %p %s %c %d %P %E

            2020-10-08 2:46:38 0 [Note] InnoDB: Using Linux native AIO
            2020-10-08 2:46:38 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins
            2020-10-08 2:46:38 0 [Note] InnoDB: Uses event mutexes
            2020-10-08 2:46:38 0 [Note] InnoDB: Compressed tables use zlib 1.2.11
            2020-10-08 2:46:38 0 [Note] InnoDB: Number of pools: 1
            2020-10-08 2:46:38 0 [Note] InnoDB: Using SSE2 crc32 instructions
            2020-10-08 2:46:38 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts)
            2020-10-08 2:46:38 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M
            2020-10-08 2:46:38 0 [Note] InnoDB: Completed initialization of buffer pool
            2020-10-08 2:46:38 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority().
            2020-10-08 2:46:38 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=60967
            2020-10-08 2:46:38 0 [Note] InnoDB: Starting final batch to recover 41 pages from redo log.
            2020-10-08 2:46:39 0 [Note] InnoDB: 128 out of 128 rollback segments are active.
            2020-10-08 2:46:39 0 [Note] InnoDB: Removed temporary tablespace data file: "ibtmp1"
            2020-10-08 2:46:39 0 [Note] InnoDB: Creating shared tablespace for temporary tables
            2020-10-08 2:46:39 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
            2020-10-08 2:46:39 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB.
            2020-10-08 2:46:39 0 [Note] InnoDB: Waiting for purge to start
            2020-10-08 2:46:39 0 [Note] InnoDB: 10.4.15 started; log sequence number 130180; transaction id 56
            2020-10-08 2:46:39 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mariadb-10.4.15-linux-systemd-x86_64/data/ib_buffer_pool
            2020-10-08 2:46:39 0 [Note] Plugin 'FEEDBACK' is disabled.
            2020-10-08 2:46:39 0 [Note] InnoDB: Buffer pool(s) load completed at 201008 2:46:39
            2020-10-08 2:46:39 0 [Note] Server socket created on IP: '::'.
            2020-10-08 2:46:39 0 [Note] Reading of all Master_info entries succeeded
            2020-10-08 2:46:39 0 [Note] Added new Master_info '' to hash table
            2020-10-08 2:46:39 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections.
            Version: '10.4.15-MariaDB' socket: '/tmp/mysql.sock' port: 3306 MariaDB Server

            mikeininfo Mike Ingle added a comment - Definitely still broken in 10.4.15 ubuntu 18.04 on an AWS t3.medium. I downloaded the tar.gz and tested. Here's the wreckage. Thank you for quick response. This happened on an internal production server, I found out which trigger caused it, and abstracted it to a repeatable case today. ubuntu@ip-172-31-16-96:~$ sha256sum mariadb.tar.gz be582f7b2df92306fb8c6c93afe08b8fa1b9bedfe83e00f8663a3b45c73bd75b mariadb.tar.gz ubuntu@ip-172-31-16-96:~$ sudo /usr/local/mysql/bin/mysql Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 9 Server version: 10.4.15-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)] > create database main; Query OK, 1 row affected (0.000 sec) MariaDB [(none)] > use main; Database changed MariaDB [main] > drop table tbl_thing_split; drop table tbl_thing_else; drop table tbl_thing; ERROR 1051 (42S02): Unknown table 'main.tbl_thing_split' ERROR 1051 (42S02): Unknown table 'main.tbl_thing_else' ERROR 1051 (42S02): Unknown table 'main.tbl_thing' MariaDB [main] > MariaDB [main] > CREATE TABLE `tbl_thing` ( -> `THING_ID` varchar(50) CHARACTER SET ascii NOT NULL DEFAULT 'SOMEDEFAULT', -> `OIUYTRE_ID` int(10) unsigned NOT NULL DEFAULT 2610, -> `NAME` varchar(100) NOT NULL DEFAULT 'YSAM', -> `LOCATION` varchar(100) NOT NULL DEFAULT '', -> `xx_jhiusgdje` varchar(100) DEFAULT NULL, -> `JHGFDS_ID` int(10) unsigned NOT NULL DEFAULT 40, -> `MTHING_ID` varchar(50) CHARACTER SET ascii DEFAULT NULL, -> `BCD_EFG_CATEGORY_ID` int(10) unsigned NOT NULL DEFAULT 1291785531, -> `id_yuiop_thingid_set` varchar(20) DEFAULT NULL, -> `ZYXWVU_SET_ID` int(10) unsigned NOT NULL DEFAULT 400, -> `ABCDE_ID` int(10) NOT NULL DEFAULT 3, -> `YUI_SET_ID` int(10) NOT NULL DEFAULT 4113, -> `JHGFDSA_ID` int(10) NOT NULL DEFAULT 1, -> `OTHERTHING_ID` varchar(20) NOT NULL DEFAULT '11', -> `WELCOME_ID` int(10) unsigned NOT NULL DEFAULT 40002, -> `ABCDEF_SET_ID` int(20) NOT NULL DEFAULT 4000, -> `QWERTY_ID` int(10) NOT NULL DEFAULT 40, -> `MNBVCV_ID` int(10) NOT NULL DEFAULT 40, -> `sms_abcdeq_id` int(10) NOT NULL DEFAULT 41001, -> `id_affiliate` int(10) NOT NULL DEFAULT 0, -> `rfvgthnf_attribute_id` int(10) unsigned DEFAULT NULL, -> `NHYTGBVFR_ID` int(10) NOT NULL DEFAULT 50, -> `xyzzy_verification_something_type` enum('thing1','thing2','thing3','thing4') DEFAULT NULL, -> `send_missing_thing` bit(1) NOT NULL DEFAULT b'0', -> `send_plugh_eo` bit(1) NOT NULL DEFAULT b'0', -> `is_question` bit(1) NOT NULL DEFAULT b'0', -> `somewhere_page` varchar(100) default null, -> `somewhere_page_addtnl_params` text DEFAULT NULL, -> `last_modified` timestamp NOT NULL DEFAULT current_timestamp() ON UPDATE current_timestamp(), -> `last_modifying_user` varchar(81) CHARACTER SET utf8 DEFAULT 'unknown', -> `IS_ACTIVE` int(11) NOT NULL DEFAULT 1, -> PRIMARY KEY (`THING_ID`), -> KEY `IDX_THING_OIUYTRE_ID` (`OIUYTRE_ID`), -> KEY `IDX_THING_JHGFDS_ID` (`JHGFDS_ID`), -> KEY `IDX_THING_WELCOME_ID` (`WELCOME_ID`), -> KEY `FK_THING_ABCDEF_SET_ID` (`ABCDEF_SET_ID`), -> KEY `FK_THING_CONTENT_MNBVCV_ID` (`MNBVCV_ID`), -> KEY `FK_THING_CONTENT_ABCDE_ID` (`ABCDE_ID`), -> KEY `FK_THING_YUI_SET_ID` (`YUI_SET_ID`), -> KEY `FK_THING_NHYTGBVFR_ID` (`NHYTGBVFR_ID`), -> KEY `FK_THING_OTHERTHING_ID` (`OTHERTHING_ID`), -> KEY `FK_THING_BCD_EFG_CAT` (`BCD_EFG_CATEGORY_ID`), -> KEY `fk_tbl_thing_privacy_policy_id` (`QWERTY_ID`), -> KEY `fk_tbl_thing_testimonial_id` (`JHGFDSA_ID`), -> KEY `fk_tbl_thing_footer_set_id` (`ZYXWVU_SET_ID`), -> KEY `tbl_thing_ibfk_16` (`MTHING_ID`), -> KEY `tbl_thing_ibfk_17` (`rfvgthnf_attribute_id`), -> KEY `fk_id_yuiop_thingid_set` (`id_yuiop_thingid_set`), -> KEY `fk_id_affiliate` (`id_affiliate`) -> ) ENGINE=InnoDB DEFAULT CHARSET=latin1 COMMENT='Managed by P2 ContentServices and ehcache'; Query OK, 0 rows affected (0.177 sec) MariaDB [main] > MariaDB [main] > MariaDB [main] > delimiter ;; MariaDB [main] > drop trigger main.tbl_thing_update;; ERROR 1360 (HY000): Trigger does not exist MariaDB [main] > MariaDB [main] > CREATE DEFINER=`root`@`localhost` TRIGGER `tbl_thing_update` BEFORE UPDATE ON `tbl_thing` FOR EACH ROW proc:BEGIN -> SET NEW.THING_ID = UPPER(NEW.THING_ID) ; -> IF NOT (EXISTS (SELECT * -> FROM tbl_thing_split -> WHERE child_thingid = NEW.THING_ID -> AND start_date < now()) -> OR EXISTS (SELECT * -> FROM tbl_thing_else -> WHERE id_thing = NEW.THING_ID)) THEN -> SET NEW.last_modified = now(); -> IF USER() NOT LIKE 'baduser@%' OR new.last_modifying_user IS NULL THEN -> SET new.last_modifying_user = USER(); -> END IF; -> ELSE -> SIGNAL SQLSTATE '45000' -> SET MESSAGE_TEXT = 'some message which was here'; -> END IF; -> END -> ;; Query OK, 0 rows affected (0.005 sec) MariaDB [main] > delimiter ; MariaDB [main] > MariaDB [main] > create table tbl_thing_split ( child_thingid int(10),start_date datetime ); Query OK, 0 rows affected (0.010 sec) MariaDB [main] > create table tbl_thing_else ( id_thing varchar(50) ); Query OK, 0 rows affected (0.013 sec) MariaDB [main] > MariaDB [main] > insert into `tbl_thing` ( -> `THING_ID`, -> `OIUYTRE_ID`, -> `NAME`, -> `LOCATION`, -> `xx_jhiusgdje`, -> `JHGFDS_ID`, -> `MTHING_ID`, -> `BCD_EFG_CATEGORY_ID`, -> `id_yuiop_thingid_set`, -> `ZYXWVU_SET_ID` ) values ( -> 'testthing', -> '1234', -> 'testname', -> 'testloc', -> 'testnothing', -> '4567', -> 'testmthing', -> '9876', -> 'abcdef', -> '76384' -> ); Query OK, 1 row affected (0.004 sec) MariaDB [main] > MariaDB [main] > update tbl_thing set name = concat(name); Query OK, 1 row affected (0.003 sec) Rows matched: 1 Changed: 1 Warnings: 0 MariaDB [main] > update tbl_thing set name = concat(name); ERROR 2013 (HY000): Lost connection to MySQL server during query MariaDB [main] > update tbl_thing set name = concat(name); ERROR 2006 (HY000): MySQL server has gone away No connection. Trying to reconnect... ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (111) ERROR: Can't connect to the server unknown [main] > update tbl_thing set name = concat(name); No connection. Trying to reconnect... ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/tmp/mysql.sock' (111) ERROR: Can't connect to the server unknown [main] > root@ip-172-31-16-96:/usr/local/mysql/data# cat ip-172-31-16-96.err 2020-10-08 2:45:39 0 [Note] InnoDB: Using Linux native AIO 2020-10-08 2:45:39 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2020-10-08 2:45:39 0 [Note] InnoDB: Uses event mutexes 2020-10-08 2:45:39 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2020-10-08 2:45:39 0 [Note] InnoDB: Number of pools: 1 2020-10-08 2:45:39 0 [Note] InnoDB: Using SSE2 crc32 instructions 2020-10-08 2:45:39 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts) 2020-10-08 2:45:39 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M 2020-10-08 2:45:39 0 [Note] InnoDB: Completed initialization of buffer pool 2020-10-08 2:45:39 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority(). 2020-10-08 2:45:39 0 [Note] InnoDB: 128 out of 128 rollback segments are active. 2020-10-08 2:45:39 0 [Note] InnoDB: Creating shared tablespace for temporary tables 2020-10-08 2:45:39 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ... 2020-10-08 2:45:39 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB. 2020-10-08 2:45:39 0 [Note] InnoDB: Waiting for purge to start 2020-10-08 2:45:39 0 [Note] InnoDB: 10.4.15 started; log sequence number 60967; transaction id 21 2020-10-08 2:45:39 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mariadb-10.4.15-linux-systemd-x86_64/data/ib_buffer_pool 2020-10-08 2:45:39 0 [Note] Plugin 'FEEDBACK' is disabled. 2020-10-08 2:45:39 0 [Note] InnoDB: Buffer pool(s) load completed at 201008 2:45:39 2020-10-08 2:45:39 0 [Note] Server socket created on IP: '::'. 2020-10-08 2:45:39 0 [Note] Reading of all Master_info entries succeeded 2020-10-08 2:45:39 0 [Note] Added new Master_info '' to hash table 2020-10-08 2:45:39 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections. Version: '10.4.15-MariaDB' socket: '/tmp/mysql.sock' port: 3306 MariaDB Server 201008 2:46:38 [ERROR] mysqld got signal 11 ; This could be because you hit a bug. It is also possible that this binary or one of the libraries it was linked against is corrupt, improperly built, or misconfigured. This error can also be caused by malfunctioning hardware. To report this bug, see https://mariadb.com/kb/en/reporting-bugs We will try our best to scrape up some info that will hopefully help diagnose the problem, but since we have already crashed, something is definitely wrong and this may fail. Server version: 10.4.15-MariaDB key_buffer_size=134217728 read_buffer_size=131072 max_used_connections=1 max_threads=153 thread_count=7 It is possible that mysqld could use up to key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467753 K bytes of memory Hope that's ok; if not, decrease some variables in the equation. Thread pointer: 0x55ad62e791e8 Attempting backtrace. You can use the following information to find out where mysqld died. If you see no messages after this, something went terribly wrong... stack_bottom = 0x7f50b8ac8e50 thread_stack 0x49000 /usr/local/mysql/bin/mysqld(my_print_stacktrace+0x2e) [0x55ad5fff12de] /usr/local/mysql/bin/mysqld(handle_fatal_signal+0x30f) [0x55ad5f9fd12f] /lib/x86_64-linux-gnu/libpthread.so.0(+0x128a0) [0x7f50bda418a0] /usr/local/mysql/bin/mysqld(_ZN13st_join_table7cleanupEv+0xa) [0x55ad5f83229a] /usr/local/mysql/bin/mysqld(_ZN4JOIN7cleanupEb+0x368) [0x55ad5f832998] /usr/local/mysql/bin/mysqld(_ZN4JOIN7destroyEv+0x46) [0x55ad5f832e36] /usr/local/mysql/bin/mysqld(_ZN13st_select_lex7cleanupEv+0x69) [0x55ad5f893959] /usr/local/mysql/bin/mysqld(_ZN30subselect_single_select_engine7prepareEP3THD+0x44) [0x55ad5fab2364] /usr/local/mysql/bin/mysqld(_ZN14Item_subselect10fix_fieldsEP3THDPP4Item+0x135) [0x55ad5fab1d55] /usr/local/mysql/bin/mysqld(_ZN9Item_func10fix_fieldsEP3THDPP4Item+0x15c) [0x55ad5fa69aac] /usr/local/mysql/bin/mysqld(_ZN13Item_func_not10fix_fieldsEP3THDPP4Item+0x1be) [0x55ad5fa3954e] /usr/local/mysql/bin/mysqld(_ZN9Item_cond10fix_fieldsEP3THDPP4Item+0x2b0) [0x55ad5fa39ee0] /usr/local/mysql/bin/mysqld(_ZN3THD16sp_fix_func_itemEPP4Item+0x90) [0x55ad5f7550d0] /usr/local/mysql/bin/mysqld(_ZN3THD20sp_prepare_func_itemEPP4Itemj+0xf) [0x55ad5f7550ef] /usr/local/mysql/bin/mysqld(_ZN20sp_instr_jump_if_not9exec_coreEP3THDPj+0x1e) [0x55ad5f75513e] /usr/local/mysql/bin/mysqld(_ZN13sp_lex_keeper23reset_lex_and_exec_coreEP3THDPjbP8sp_instr+0x119) [0x55ad5f75b429] /usr/local/mysql/bin/mysqld(_ZN7sp_head7executeEP3THDb+0x9c7) [0x55ad5f756e67] /usr/local/mysql/bin/mysqld(_ZN7sp_head15execute_triggerEP3THDPK25st_mysql_const_lex_stringS4_P13st_grant_info+0x1d7) [0x55ad5f7579b7] /usr/local/mysql/bin/mysqld(_ZN19Table_triggers_list16process_triggersEP3THD14trg_event_type20trg_action_time_typeb+0x105) [0x55ad5f88b4e5] /usr/local/mysql/bin/mysqld(_Z36fill_record_n_invoke_before_triggersP3THDP5TABLER4ListI4ItemES6_b14trg_event_type+0x7d) [0x55ad5f794dcd] /usr/local/mysql/bin/mysqld( Z12mysql_updateP3THDP10TABLE_LISTR4ListI4ItemES6_PS4_jP8st_orderybPySA +0x1677) [0x55ad5f89a607] /usr/local/mysql/bin/mysqld(_Z21mysql_execute_commandP3THD+0x3440) [0x55ad5f7f0e40] /usr/local/mysql/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x1d2) [0x55ad5f7f6762] /usr/local/mysql/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x149e) [0x55ad5f7f843e] /usr/local/mysql/bin/mysqld(_Z10do_commandP3THD+0x109) [0x55ad5f7f9cb9] /usr/local/mysql/bin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x1fa) [0x55ad5f8d80ba] /usr/local/mysql/bin/mysqld(handle_one_connection+0x3d) [0x55ad5f8d819d] /lib/x86_64-linux-gnu/libpthread.so.0(+0x76db) [0x7f50bda366db] /lib/x86_64-linux-gnu/libc.so.6(clone+0x3f) [0x7f50bcc2ca3f] Trying to get some variables. Some pointers may be invalid and cause the dump to abort. Query (0x55ad62e87520): update tbl_thing set name = concat(name) Connection ID (thread ID): 9 Status: NOT_KILLED Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on The manual page at https://mariadb.com/kb/en/how-to-produce-a-full-stack-trace-for-mysqld/ contains information that should help you find out what is causing the crash. Writing a core file... Working directory at /usr/local/mariadb-10.4.15-linux-systemd-x86_64/data Resource Limits: Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size 0 unlimited bytes Max resident set unlimited unlimited bytes Max processes 15393 15393 processes Max open files 32184 32184 files Max locked memory 16777216 16777216 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 15393 15393 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us Core pattern: |/usr/share/apport/apport %p %s %c %d %P %E 2020-10-08 2:46:38 0 [Note] InnoDB: Using Linux native AIO 2020-10-08 2:46:38 0 [Note] InnoDB: Mutexes and rw_locks use GCC atomic builtins 2020-10-08 2:46:38 0 [Note] InnoDB: Uses event mutexes 2020-10-08 2:46:38 0 [Note] InnoDB: Compressed tables use zlib 1.2.11 2020-10-08 2:46:38 0 [Note] InnoDB: Number of pools: 1 2020-10-08 2:46:38 0 [Note] InnoDB: Using SSE2 crc32 instructions 2020-10-08 2:46:38 0 [Note] mysqld: O_TMPFILE is not supported on /tmp (disabling future attempts) 2020-10-08 2:46:38 0 [Note] InnoDB: Initializing buffer pool, total size = 128M, instances = 1, chunk size = 128M 2020-10-08 2:46:38 0 [Note] InnoDB: Completed initialization of buffer pool 2020-10-08 2:46:38 0 [Note] InnoDB: If the mysqld execution user is authorized, page cleaner thread priority can be changed. See the man page of setpriority(). 2020-10-08 2:46:38 0 [Note] InnoDB: Starting crash recovery from checkpoint LSN=60967 2020-10-08 2:46:38 0 [Note] InnoDB: Starting final batch to recover 41 pages from redo log. 2020-10-08 2:46:39 0 [Note] InnoDB: 128 out of 128 rollback segments are active. 2020-10-08 2:46:39 0 [Note] InnoDB: Removed temporary tablespace data file: "ibtmp1" 2020-10-08 2:46:39 0 [Note] InnoDB: Creating shared tablespace for temporary tables 2020-10-08 2:46:39 0 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ... 2020-10-08 2:46:39 0 [Note] InnoDB: File './ibtmp1' size is now 12 MB. 2020-10-08 2:46:39 0 [Note] InnoDB: Waiting for purge to start 2020-10-08 2:46:39 0 [Note] InnoDB: 10.4.15 started; log sequence number 130180; transaction id 56 2020-10-08 2:46:39 0 [Note] InnoDB: Loading buffer pool(s) from /usr/local/mariadb-10.4.15-linux-systemd-x86_64/data/ib_buffer_pool 2020-10-08 2:46:39 0 [Note] Plugin 'FEEDBACK' is disabled. 2020-10-08 2:46:39 0 [Note] InnoDB: Buffer pool(s) load completed at 201008 2:46:39 2020-10-08 2:46:39 0 [Note] Server socket created on IP: '::'. 2020-10-08 2:46:39 0 [Note] Reading of all Master_info entries succeeded 2020-10-08 2:46:39 0 [Note] Added new Master_info '' to hash table 2020-10-08 2:46:39 0 [Note] /usr/local/mysql/bin/mysqld: ready for connections. Version: '10.4.15-MariaDB' socket: '/tmp/mysql.sock' port: 3306 MariaDB Server
            danblack Daniel Black added a comment -

            Sorry I was testing the latest 10.4 branch which is fixed as below. I was assuming the 10.4.15 included everything up until that point but apparently it only included the security fix.

            Sorry to mislead you, however by next month the release will include this fix.

            10.4.16-prior-to-release-at-c2ac0ce1f02e3ae2b1de5c07ba40bed25c30dc40

            ...(many many more inserts)
             
            MariaDB [main]> update tbl_thing set name = concat(name);
            Query OK, 0 rows affected (0.002 sec)
            Rows matched: 1  Changed: 0  Warnings: 0
             
            MariaDB [main]> 
            MariaDB [main]> update tbl_thing set name = concat(name);
            Query OK, 0 rows affected (0.002 sec)
            Rows matched: 1  Changed: 0  Warnings: 0
             
            MariaDB [main]> 
            MariaDB [main]> update tbl_thing set name = concat(name);
            Query OK, 0 rows affected (0.002 sec)
            Rows matched: 1  Changed: 0  Warnings: 0
             
            MariaDB [main]> 
            MariaDB [main]> update tbl_thing set name = concat(name);
            Query OK, 1 row affected (0.002 sec)
            Rows matched: 1  Changed: 1  Warnings: 0
             
            MariaDB [main]> update tbl_thing set name = concat(name);
            Query OK, 1 row affected (0.002 sec)
            Rows matched: 1  Changed: 1  Warnings: 0
             
            MariaDB [main]> select version();
            +-----------------+
            | version()       |
            +-----------------+
            | 10.4.16-MariaDB |
            +-----------------+
            1 row in set (0.001 sec)
            

            danblack Daniel Black added a comment - Sorry I was testing the latest 10.4 branch which is fixed as below. I was assuming the 10.4.15 included everything up until that point but apparently it only included the security fix. Sorry to mislead you, however by next month the release will include this fix. 10.4.16-prior-to-release-at-c2ac0ce1f02e3ae2b1de5c07ba40bed25c30dc40 ...(many many more inserts)   MariaDB [main]> update tbl_thing set name = concat(name); Query OK, 0 rows affected (0.002 sec) Rows matched: 1 Changed: 0 Warnings: 0   MariaDB [main]> MariaDB [main]> update tbl_thing set name = concat(name); Query OK, 0 rows affected (0.002 sec) Rows matched: 1 Changed: 0 Warnings: 0   MariaDB [main]> MariaDB [main]> update tbl_thing set name = concat(name); Query OK, 0 rows affected (0.002 sec) Rows matched: 1 Changed: 0 Warnings: 0   MariaDB [main]> MariaDB [main]> update tbl_thing set name = concat(name); Query OK, 1 row affected (0.002 sec) Rows matched: 1 Changed: 1 Warnings: 0   MariaDB [main]> update tbl_thing set name = concat(name); Query OK, 1 row affected (0.002 sec) Rows matched: 1 Changed: 1 Warnings: 0   MariaDB [main]> select version(); +-----------------+ | version() | +-----------------+ | 10.4.16-MariaDB | +-----------------+ 1 row in set (0.001 sec)
            mikeininfo Mike Ingle added a comment -

            Thank you. If I were to install 10.4.15 and then check out and compile mariadb from that commit and swap out the mysqld, would I likely have a stable server? Have there been major changes since 10.4.15 or just bug fixes?

            mikeininfo Mike Ingle added a comment - Thank you. If I were to install 10.4.15 and then check out and compile mariadb from that commit and swap out the mysqld, would I likely have a stable server? Have there been major changes since 10.4.15 or just bug fixes?
            alice Alice Sherepa added a comment -

            fixed by

            commit 0f080dd60a9a4fbfcd9c8a2d0361c9d7f0c080aa (HEAD, origin/bb-10.4-MDEV-23094)
            Author: Oleksandr Byelkin <sanja@mariadb.com>
            Date:   Tue Aug 11 16:37:48 2020 +0200
             
                MDEV-23094: Multiple calls to a Stored Procedure from another Stored Procedure crashes server
                
                Added system-SELECT to IF/WHILE/REPET/FOR for correct subqueries connecting.
                
                Added control of system/usual selects for correct error detection.
            
            

            alice Alice Sherepa added a comment - fixed by commit 0f080dd60a9a4fbfcd9c8a2d0361c9d7f0c080aa (HEAD, origin/bb-10.4-MDEV-23094) Author: Oleksandr Byelkin <sanja@mariadb.com> Date: Tue Aug 11 16:37:48 2020 +0200   MDEV-23094: Multiple calls to a Stored Procedure from another Stored Procedure crashes server Added system-SELECT to IF/WHILE/REPET/FOR for correct subqueries connecting. Added control of system/usual selects for correct error detection.

            People

              sanja Oleksandr Byelkin
              mikeininfo Mike Ingle
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.