Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
5.5(EOL), 10.0(EOL), 10.1(EOL)
-
None
-
MariaDB 10.0.21 Docker Container running on Ubuntu 15.04.
-
10.0.22
Description
MariaDB 10.0.21 crashes during preparation of an UPDATE statement with a SELECT subquery in combination with ONLY_FULL_GROUP_BY.
One can reproduce the issue using docker as follows:
First start the MariaDB database container:
docker run -it --rm --name crasher -e MYSQL_ROOT_PASSWORD=root mariadb:10.0.21
|
Afterwards connect with the MariaDB command line client:
docker run -ti --rm --link crasher:mariadb mariadb mysql --host=mariadb -proot
|
Inside the command line client perform the following querys:
-- create test database
|
CREATE DATABASE IF NOT EXISTS db; use db; |
-- drop test tables
|
DROP TABLE IF EXISTS t1; DROP TABLE IF EXISTS t2; |
-- create test tables
|
CREATE TABLE t1 ( id INT(10), value INT(10) ); CREATE TABLE t2 ( id INT(10) ); |
-- enable full group by
|
SET SESSION sql_mode = 'ONLY_FULL_GROUP_BY'; |
-- try to prepare query
|
PREPARE stmt FROM 'UPDATE t1 t1 SET value = (SELECT 1 FROM t2 WHERE id = t1.id)'; |
The last query will return:
ERROR 2013 (HY000): Lost connection to MySQL server during query
|
And the server crashes because of signal 11. The stack trace is a follows:
Thread pointer: 0x0x7fa1d3641008
|
Attempting backtrace. You can use the following information to find out
|
where mysqld died. If you see no messages after this, something went
|
terribly wrong...
|
stack_bottom = 0x7fa1f779ce70 thread_stack 0x48000
|
mysqld(my_print_stacktrace+0x3d)[0x7fa1f7195a2d]
|
mysqld(handle_fatal_signal+0x31a)[0x7fa1f6cd375a]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf8d0)[0x7fa1f633d8d0]
|
mysqld(_ZN10Item_field15fix_outer_fieldEP3THDPP5FieldPP4Item+0x14c)[0x7fa1f6cf8a1c]
|
mysqld(_ZN10Item_field10fix_fieldsEP3THDPP4Item+0x4f2)[0x7fa1f6cf9742]
|
mysqld(_ZN9Item_func10fix_fieldsEP3THDPP4Item+0x1b3)[0x7fa1f6d2f3a3]
|
mysqld(_Z11setup_condsP3THDP10TABLE_LISTR4ListIS1_EPP4Item+0x1c3)[0x7fa1f6b09573]
|
mysqld(+0x42f111)[0x7fa1f6b9d111]
|
mysqld(_ZN30subselect_single_select_engine7prepareEv+0x688)[0x7fa1f6d62788]
|
mysqld(_ZN14Item_subselect10fix_fieldsEP3THDPP4Item+0xed)[0x7fa1f6d60aed]
|
mysqld(_Z12setup_fieldsP3THDPP4ItemR4ListIS1_E17enum_mark_columnsPS5_b+0x184)[0x7fa1f6b07594]
|
mysqld(+0x3f7f7a)[0x7fa1f6b65f7a]
|
mysqld(_ZN18Prepared_statement7prepareEPKcj+0x6dd)[0x7fa1f6b6771d]
|
mysqld(_Z22mysql_sql_stmt_prepareP3THD+0x39f)[0x7fa1f6b67caf]
|
mysqld(_Z21mysql_execute_commandP3THD+0x90e)[0x7fa1f6b4edfe]
|
mysqld(_Z11mysql_parseP3THDPcjP12Parser_state+0x1e2)[0x7fa1f6b551d2]
|
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x1787)[0x7fa1f6b56f87]
|
mysqld(_Z24do_handle_one_connectionP3THD+0x28b)[0x7fa1f6c2da5b]
|
mysqld(handle_one_connection+0x40)[0x7fa1f6c2dac0]
|
/lib/x86_64-linux-gnu/libpthread.so.0(+0x80a4)[0x7fa1f63360a4]
|
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fa1f493e04d]
|
|
|
Trying to get some variables.
|
Some pointers may be invalid and cause the dump to abort.
|
Query (0x7fa1be042408): is an invalid pointer
|
Connection ID (thread ID): 2
|
Status: NOT_KILLED
|
Attachments
Activity
The fix has been pushed into 10.0 tree, it will be soon merged into 10.1 tree and released in 10.1.9.
Hello together,
will this issue also be solved within the 5.5 tree in any of the next releases?
Thanks and kind regards
sanja, was there a reason why it was only fixed in 10.0, but not 5.5? Initially it was targeted for 5.5.
This issue still exists in 10.1.