Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-7821

Server crashes in Item_func_group_concat::fix_fields on 2nd execution of PS

    Details

    • Sprint:
      5.5.45

      Description

      Stack trace from 5.5 commit 86f46a3da4a6d82cb510dc4c270d46cfd6a8965b

      #3  <signal handler called>
      #4  0x0000000000896832 in Item_func_group_concat::fix_fields (this=0x7fac14d3cd28, thd=0x7fac20226060, ref=0x7fac14d3afa8) at 5.5/sql/item_sum.cc:3415
      #5  0x00000000005e2368 in setup_fields (thd=0x7fac20226060, ref_pointer_array=0x7fac14d3f0b8, fields=..., mark_used_columns=MARK_COLUMNS_READ, sum_func_list=0x7fac14d515c0, allow_sum_func=true) at 5.5/sql/sql_base.cc:8169
      #6  0x0000000000663cec in JOIN::prepare (this=0x7fac14d51298, rref_pointer_array=0x7fac14d39a80, tables_init=0x7fac14d3d338, wild_num=0, conds_init=0x0, og_num=1, order_init=0x0, skip_order_by=false, group_init=0x7fac14d3f078, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7fac14d39810, unit_arg=0x7fac14d39130) at 5.5/sql/sql_select.cc:723
      #7  0x000000000066c43b in mysql_select (thd=0x7fac20226060, rref_pointer_array=0x7fac14d39a80, tables=0x7fac14d3d338, wild_num=0, fields=..., conds=0x0, og_num=1, order=0x0, group=0x7fac14d3f078, having=0x0, proc_param=0x0, select_options=2416184064, result=0x7fac14d3e018, unit=0x7fac14d39130, select_lex=0x7fac14d39810) at 5.5/sql/sql_select.cc:3074
      #8  0x0000000000662fbd in handle_select (thd=0x7fac20226060, lex=0x7fac14d39080, result=0x7fac14d3e018, setup_tables_done_option=0) at 5.5/sql/sql_select.cc:319
      #9  0x000000000063c1fc in execute_sqlcom_select (thd=0x7fac20226060, all_tables=0x7fac14d3d338) at 5.5/sql/sql_parse.cc:4689
      #10 0x00000000006353de in mysql_execute_command (thd=0x7fac20226060) at 5.5/sql/sql_parse.cc:2234
      #11 0x0000000000656655 in Prepared_statement::execute (this=0x7fac14ddf460, expanded_query=0x7fac27393c90, open_cursor=false) at 5.5/sql/sql_prepare.cc:3928
      #12 0x000000000065576c in Prepared_statement::execute_loop (this=0x7fac14ddf460, expanded_query=0x7fac27393c90, open_cursor=false, packet=0x0, packet_end=0x0) at 5.5/sql/sql_prepare.cc:3587
      #13 0x0000000000653890 in mysql_sql_stmt_execute (thd=0x7fac20226060) at 5.5/sql/sql_prepare.cc:2737
      #14 0x000000000063540c in mysql_execute_command (thd=0x7fac20226060) at 5.5/sql/sql_parse.cc:2244
      #15 0x000000000063ece2 in mysql_parse (thd=0x7fac20226060, rawbuf=0x7fac14d51078 "EXECUTE stmt", length=12, parser_state=0x7fac27394620) at 5.5/sql/sql_parse.cc:5909
      #16 0x0000000000632925 in dispatch_command (command=COM_QUERY, thd=0x7fac20226060, packet=0x7fac16cb5061 "EXECUTE stmt", packet_length=12) at 5.5/sql/sql_parse.cc:1079
      #17 0x0000000000631ab1 in do_command (thd=0x7fac20226060) at 5.5/sql/sql_parse.cc:793
      #18 0x0000000000734122 in do_handle_one_connection (thd_arg=0x7fac20226060) at 5.5/sql/sql_connect.cc:1266
      #19 0x0000000000733be1 in handle_one_connection (arg=0x7fac20226060) at 5.5/sql/sql_connect.cc:1181
      #20 0x0000000000b6c629 in pfs_spawn_thread (arg=0x7fac2022ea20) at 5.5/storage/perfschema/pfs.cc:1015
      #21 0x00007fac26fcdb50 in start_thread (arg=<optimized out>) at pthread_create.c:304
      #22 0x00007fac2528370d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

      Test case

      CREATE TABLE t1 (f1 INT);
      INSERT INTO t1 VALUES (2),(3);
       
      CREATE TABLE t2 (f2 INT);
      INSERT INTO t2 VALUES (1),(8);
       
      PREPARE stmt FROM "
      SELECT GROUP_CONCAT( t2a.f2 ORDER BY 1, ( t2a.f2 IN ( SELECT f1 FROM t1 ) ) ), t2a.f2 
      FROM t2 AS t2a, t2 AS t2b 
      GROUP BY t2a.f2
      ";
       
      EXECUTE stmt;
      EXECUTE stmt;

        Attachments

          Activity

            People

            • Assignee:
              svoj Sergey Vojtovich
              Reporter:
              elenst Elena Stepanova
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: