[MDEV-13180] Unused left join causes server crash Created: 2017-06-26  Updated: 2017-07-12  Resolved: 2017-07-12

Status: Closed
Project: MariaDB Server
Component/s: Data Manipulation - Subquery, Optimizer, Server
Affects Version/s: 5.5, 10.0, 10.1, 10.2
Fix Version/s: 10.1.26, 5.5.57, 10.0.32, 10.2.8

Type: Bug Priority: Major
Reporter: Eric P Assignee: Sergei Golubchik
Resolution: Fixed Votes: 0
Labels: None
Environment:

Ubuntu 14.04 and Official Docker containers

Issue Links:
Relates
relates to MDEV-7826 Server crashes in Item_subselect::enu... Closed

 Description   

The following queries cause a server crash for the latest versions of MariaDB from 5.5 to 10.3.

I've tested it against the TGZ version of 10.0.28 and the Docker versions of 5.5.56, 10.0.31, 10.1.24, 10.2.6, and 10.3.0.

It seems to be a MariaDB-specific issue as the same queries don't result in a crash in the Docker versions of MySQL 5.6 and 5.7 and Percona 5.6.

CREATE DATABASE IF NOT EXISTS `test`;
 
 
 
USE `test`;
 
 
 
CREATE TABLE
 
    `test1`
 
SELECT
 
    1
 
;
 
 
 
CREATE TABLE
 
    `test2`
 
    (
 
        `effdt` datetime NOT NULL,
 
        `column` enum('TEST') NOT NULL
 
    )
 
;
 
 
 
INSERT INTO
 
    `test2`
 
    (`effdt`,`column`)
 
VALUES
 
    ('1900-01-01 00:00:00', 'TEST')
 
;
 
 
 
SELECT
 
    1
 
FROM
 
    `test1` a
 
        LEFT JOIN
 
    `test2` b
 
        ON
 
            b.`effdt` = (
 
                SELECT
 
                    MAX(b.`effdt`)
 
                FROM
 
                    `test2` b_t
 
                WHERE
 
                    b_t.`column` = b.`column`
 
            )

docker-maria-5.5.56

 
Version: '5.5.56-MariaDB-1~wheezy'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
 
170626 20:45:09 [ERROR] mysqld got signal 11 ;
 
This could be because you hit a bug. It is also possible that this binary
 
or one of the libraries it was linked against is corrupt, improperly built,
 
or misconfigured. This error can also be caused by malfunctioning hardware.
 
 
 
To report this bug, see http://kb.askmonty.org/en/reporting-bugs
 
 
 
We will try our best to scrape up some info that will hopefully help
 
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.
 
 
 
Server version: 5.5.56-MariaDB-1~wheezy
 
key_buffer_size=134217728
 
read_buffer_size=2097152
 
max_used_connections=1
 
max_threads=102
 
thread_count=1
 
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 759561 K  bytes of memory
 
Hope that's ok; if not, decrease some variables in the equation.
 
 
 
Thread pointer: 0x7fe72dc06000
 
Attempting backtrace. You can use the following information to find out
 
where mysqld died. If you see no messages after this, something went
 
terribly wrong...
 
stack_bottom = 0x7fe754f25e40 thread_stack 0x48000
 
mysqld(my_print_stacktrace+0x2b)[0x55c9428b521b]
 
mysqld(handle_fatal_signal+0x422)[0x55c9424ea382]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf0a0)[0x7fe754b880a0]
 
mysqld(_ZN14Item_subselect30enumerate_field_refs_processorEPh+0x44)[0x55c9425636b4]
 
mysqld(_ZN20Dep_analysis_context27setup_equality_modules_depsEP4ListI10Dep_moduleE+0x13d)[0x55c94249bc2d]
 
mysqld(+0x4901a4)[0x55c94249c1a4]
 
mysqld(+0x4902ba)[0x55c94249c2ba]
 
mysqld(+0x3e7ba2)[0x55c9423f3ba2]
 
mysqld(_ZN4JOIN8optimizeEv+0x7c1)[0x55c9423f5a91]
 
mysqld(_Z12mysql_selectP3THDPPP4ItemP10TABLE_LISTjR4ListIS1_ES2_jP8st_orderSB_S2_SB_yP13select_resultP18st_select_lex_unitP13st_select_lex+0xd4)[0x55c9423f8044]
 
mysqld(_Z13handle_selectP3THDP3LEXP13select_resultm+0x2c3)[0x55c9423fee73]
 
mysqld(+0x39b4b1)[0x55c9423a74b1]
 
mysqld(_Z21mysql_execute_commandP3THD+0x1bcd)[0x55c9423aed2d]
 
mysqld(+0x3a7057)[0x55c9423b3057]
 
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x1b51)[0x55c9423b54e1]
 
mysqld(_Z24do_handle_one_connectionP3THD+0x22b)[0x55c94246bdeb]
 
mysqld(handle_one_connection+0x51)[0x55c94246be71]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0x6b50)[0x7fe754b7fb50]
 
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fe75348bfbd]
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x7fe72001f018): SELECT     1 FROM     `test1` a         LEFT JOIN     `test2` b         ON             b.`effdt` = (                 SELECT                     MAX(b.`effdt`)                 FROM                     `test2` b_t                 WHERE                     b_t.`column` = b.`column`             )
 
Connection ID (thread ID): 1
 
Status: NOT_KILLED
 
 
 
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=off
 
 
 
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains

docker-maria-10.0.31

 
Version: '10.0.31-MariaDB-1~jessie'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
 
170626 20:24:46 [ERROR] mysqld got signal 11 ;
 
This could be because you hit a bug. It is also possible that this binary
 
or one of the libraries it was linked against is corrupt, improperly built,
 
or misconfigured. This error can also be caused by malfunctioning hardware.
 
 
 
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
 
 
 
We will try our best to scrape up some info that will hopefully help
 
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.
 
 
 
Server version: 10.0.31-MariaDB-1~jessie
 
key_buffer_size=134217728
 
read_buffer_size=2097152
 
max_used_connections=1
 
max_threads=102
 
thread_count=1
 
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 759763 K  bytes of memory
 
Hope that's ok; if not, decrease some variables in the equation.
 
 
 
Thread pointer: 0x7f33c9ff5008
 
Attempting backtrace. You can use the following information to find out
 
where mysqld died. If you see no messages after this, something went
 
terribly wrong...
 
stack_bottom = 0x7f33f142be88 thread_stack 0x48000
 
mysqld(my_print_stacktrace+0x2e)[0xbc576e]
 
mysqld(handle_fatal_signal+0x3af)[0x73860f]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf890)[0x7f33f108c890]
 
mysqld(_ZN14Item_subselect30enumerate_field_refs_processorEPh+0x28)[0x7bd4e8]
 
mysqld[0x6d4fad]
 
mysqld[0x6d51da]
 
mysqld[0x60f88a]
 
mysqld[0x617933]
 
mysqld(_ZN4JOIN8optimizeEv+0x11b)[0x61a08b]
 
mysqld(_Z13handle_selectP3THDP3LEXP13select_resultm+0xa52)[0x61e022]
 
mysqld[0x5baa4b]
 
mysqld(_Z21mysql_execute_commandP3THD+0x4e3f)[0x5c673f]
 
mysqld(_Z11mysql_parseP3THDPcjP12Parser_state+0x1ca)[0x5c83ba]
 
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x1559)[0x5c9ea9]
 
mysqld(_Z24do_handle_one_connectionP3THD+0x25b)[0x6993ab]
 
mysqld(handle_one_connection+0x39)[0x6993f9]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8064)[0x7f33f1085064]
 
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f33ef68b62d]
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x7f33b9020020): SELECT     1 FROM     `test1` a         LEFT JOIN     `test2` b         ON             b.`effdt` = (                 SELECT                     MAX(b.`effdt`)                 FROM                     `test2` b_t                 WHERE                     b_t.`column` = b.`column`             )
 
Connection ID (thread ID): 2
 
Status: NOT_KILLED
 
 
 
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on
 
 
 
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
 
information that should help you find out what is causing the crash.

docker-maria-10.1.24

 
Version: '10.1.24-MariaDB-1~jessie'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
 
170626 20:25:21 [ERROR] mysqld got signal 11 ;
 
This could be because you hit a bug. It is also possible that this binary
 
or one of the libraries it was linked against is corrupt, improperly built,
 
or misconfigured. This error can also be caused by malfunctioning hardware.
 
 
 
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
 
 
 
We will try our best to scrape up some info that will hopefully help
 
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.
 
 
 
Server version: 10.1.24-MariaDB-1~jessie
 
key_buffer_size=134217728
 
read_buffer_size=2097152
 
max_used_connections=1
 
max_threads=102
 
thread_count=1
 
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 759836 K  bytes of memory
 
Hope that's ok; if not, decrease some variables in the equation.
 
 
 
Thread pointer: 0x7ff0b625a008
 
Attempting backtrace. You can use the following information to find out
 
where mysqld died. If you see no messages after this, something went
 
terribly wrong...
 
stack_bottom = 0x7ff0b983c1f8 thread_stack 0x48400
 
mysqld(my_print_stacktrace+0x2e)[0x564c0deacb1e]
 
mysqld(handle_fatal_signal+0x2fd)[0x564c0d9e55cd]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf890)[0x7ff0b94f2890]
 
mysqld(_ZN14Item_subselect30enumerate_field_refs_processorEPh+0x28)[0x564c0da68e68]
 
mysqld(_ZN20Dep_analysis_context27setup_equality_modules_depsEP4ListI10Dep_moduleE+0x132)[0x564c0d96b572]
 
mysqld(+0x52f4c5)[0x564c0d96c4c5]
 
mysqld(+0x52f5df)[0x564c0d96c5df]
 
mysqld(+0x46b19e)[0x564c0d8a819e]
 
mysqld(_ZN4JOIN14optimize_innerEv+0x7be)[0x564c0d8b068e]
 
mysqld(_ZN4JOIN8optimizeEv+0x29)[0x564c0d8b2f59]
 
mysqld(_Z12mysql_selectP3THDPPP4ItemP10TABLE_LISTjR4ListIS1_ES2_jP8st_orderSB_S2_SB_yP13select_resultP18st_select_lex_unitP13st_select_lex+0x8ee)[0x564c0d8b38fe]
 
mysqld(_Z13handle_selectP3THDP3LEXP13select_resultm+0x141)[0x564c0d8b3ae1]
 
mysqld(+0x414b51)[0x564c0d851b51]
 
mysqld(_Z21mysql_execute_commandP3THD+0x5e83)[0x564c0d85dcc3]
 
mysqld(_Z11mysql_parseP3THDPcjP12Parser_state+0x275)[0x564c0d860f35]
 
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x1c99)[0x564c0d8639d9]
 
mysqld(_Z10do_commandP3THD+0x14e)[0x564c0d8640fe]
 
mysqld(_Z24do_handle_one_connectionP3THD+0x182)[0x564c0d92fcd2]
 
mysqld(handle_one_connection+0x40)[0x564c0d92fe70]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8064)[0x7ff0b94eb064]
 
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7ff0b769562d]
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x7ff07e421020): SELECT     1 FROM     `test1` a         LEFT JOIN     `test2` b         ON             b.`effdt` = (                 SELECT                     MAX(b.`effdt`)                 FROM                     `test2` b_t                 WHERE                     b_t.`column` = b.`column`             )
 
Connection ID (thread ID): 2
 
Status: NOT_KILLED
 
 
 
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=off
 
 
 
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
 
information that should help you find out what is causing the crash.

docker-maria-10.2.6

 
Version: '10.2.6-MariaDB-10.2.6+maria~jessie'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
 
170626 20:28:56 [ERROR] mysqld got signal 11 ;
 
This could be because you hit a bug. It is also possible that this binary
 
or one of the libraries it was linked against is corrupt, improperly built,
 
or misconfigured. This error can also be caused by malfunctioning hardware.
 
 
 
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
 
 
 
We will try our best to scrape up some info that will hopefully help
 
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.
 
 
 
Server version: 10.2.6-MariaDB-10.2.6+maria~jessie
 
key_buffer_size=134217728
 
read_buffer_size=2097152
 
max_used_connections=1
 
max_threads=102
 
thread_count=7
 
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 759887 K  bytes of memory
 
Hope that's ok; if not, decrease some variables in the equation.
 
 
 
Thread pointer: 0x7fc9780009a8
 
Attempting backtrace. You can use the following information to find out
 
where mysqld died. If you see no messages after this, something went
 
terribly wrong...
 
stack_bottom = 0x7fc9c63bce38 thread_stack 0x49000
 
mysqld(my_print_stacktrace+0x2e)[0x5589d77b1a5e]
 
mysqld(handle_fatal_signal+0x305)[0x5589d71f24f5]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf890)[0x7fc9ebd3e890]
 
mysqld(_ZN14Item_subselect30enumerate_field_refs_processorEPv+0x28)[0x5589d7290d68]
 
mysqld(_ZN20Dep_analysis_context27setup_equality_modules_depsEP4ListI10Dep_moduleE+0x13b)[0x5589d716543b]
 
mysqld(+0x5eb42d)[0x5589d716642d]
 
mysqld(+0x5eb55f)[0x5589d716655f]
 
mysqld(+0x522bcb)[0x5589d709dbcb]
 
mysqld(_ZN4JOIN14optimize_innerEv+0xa25)[0x5589d70a5365]
 
mysqld(_ZN4JOIN8optimizeEv+0x33)[0x5589d70a7943]
 
mysqld(_Z12mysql_selectP3THDP10TABLE_LISTjR4ListI4ItemEPS4_jP8st_orderS9_S7_S9_yP13select_resultP18st_select_lex_unitP13st_select_lex+0x8bc)[0x5589d70aa0ec]
 
mysqld(_Z13handle_selectP3THDP3LEXP13select_resultm+0x137)[0x5589d70aa307]
 
mysqld(+0x4caf7e)[0x5589d7045f7e]
 
mysqld(_Z21mysql_execute_commandP3THD+0x4dca)[0x5589d705127a]
 
mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x28a)[0x5589d705444a]
 
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x1cf3)[0x5589d7056e53]
 
mysqld(_Z10do_commandP3THD+0x164)[0x5589d70576f4]
 
mysqld(_Z24do_handle_one_connectionP7CONNECT+0x232)[0x5589d7129e72]
 
mysqld(handle_one_connection+0x3d)[0x5589d712a00d]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8064)[0x7fc9ebd37064]
 
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fc9ea11962d]
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x7fc97800ef10): SELECT     1 FROM     `test1` a         LEFT JOIN     `test2` b         ON             b.`effdt` = (                 SELECT                     MAX(b.`effdt`)                 FROM                     `test2` b_t                 WHERE                     b_t.`column` = b.`column`             )
 
Connection ID (thread ID): 8
 
Status: NOT_KILLED
 
 
 
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on
 
 
 
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
 
information that should help you find out what is causing the crash.

docker-maria-10.3.0

 
Version: '10.3.0-MariaDB-10.3.0+maria~jessie'  socket: '/var/run/mysqld/mysqld.sock'  port: 3306  mariadb.org binary distribution
 
170626 22:21:44 [ERROR] mysqld got signal 11 ;
 
This could be because you hit a bug. It is also possible that this binary
 
or one of the libraries it was linked against is corrupt, improperly built,
 
or misconfigured. This error can also be caused by malfunctioning hardware.
 
 
 
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
 
 
 
We will try our best to scrape up some info that will hopefully help
 
diagnose the problem, but since we have already crashed, 
something is definitely wrong and this may fail.
 
 
 
Server version: 10.3.0-MariaDB-10.3.0+maria~jessie
 
key_buffer_size=134217728
 
read_buffer_size=2097152
 
max_used_connections=1
 
max_threads=102
 
thread_count=7
 
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 759906 K  bytes of memory
 
Hope that's ok; if not, decrease some variables in the equation.
 
 
 
Thread pointer: 0x7f7c040009a8
 
Attempting backtrace. You can use the following information to find out
 
where mysqld died. If you see no messages after this, something went
 
terribly wrong...
 
stack_bottom = 0x7f7c78188e38 thread_stack 0x49000
 
mysqld(my_print_stacktrace+0x2e)[0x557336b8818e]
 
mysqld(handle_fatal_signal+0x305)[0x5573365b6405]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf890)[0x7f7c8210a890]
 
mysqld(_ZN14Item_subselect30enumerate_field_refs_processorEPv+0x28)[0x55733665c5d8]
 
mysqld(_ZN20Dep_analysis_context27setup_equality_modules_depsEP4ListI10Dep_moduleE+0x13b)[0x55733650209b]
 
mysqld(+0x61608d)[0x55733650308d]
 
mysqld(+0x6161bf)[0x5573365031bf]
 
mysqld(+0x54c07b)[0x55733643907b]
 
mysqld(_ZN4JOIN14optimize_innerEv+0xa25)[0x557336440865]
 
mysqld(_ZN4JOIN8optimizeEv+0x33)[0x557336442e13]
 
mysqld(_Z12mysql_selectP3THDP10TABLE_LISTjR4ListI4ItemEPS4_jP8st_orderS9_S7_S9_yP13select_resultP18st_select_lex_unitP13st_select_lex+0x8bc)[0x55733644555c]
 
mysqld(_Z13handle_selectP3THDP3LEXP13select_resultm+0x139)[0x557336445779]
 
mysqld(+0x4f30ee)[0x5573363e00ee]
 
mysqld(_Z21mysql_execute_commandP3THD+0x6276)[0x5573363ecf96]
 
mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x351)[0x5573363f0481]
 
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x2708)[0x5573363f3a48]
 
mysqld(_Z10do_commandP3THD+0x160)[0x5573363f4330]
 
mysqld(_Z24do_handle_one_connectionP7CONNECT+0x232)[0x5573364c6602]
 
mysqld(handle_one_connection+0x3d)[0x5573364c679d]
 
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8064)[0x7f7c82103064]
 
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f7c804e562d]
 
 
 
Trying to get some variables.
 
Some pointers may be invalid and cause the dump to abort.
 
Query (0x7f7c0400f0e0): SELECT     1 FROM     `test1` a         LEFT JOIN     `test2` b         ON             b.`effdt` = (                 SELECT                     MAX(b.`effdt`)                 FROM                     `test2` b_t                 WHERE                     b_t.`column` = b.`column`             )
 
Connection ID (thread ID): 8
 
Status: NOT_KILLED
 
 
 
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on
 
 
 
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
 
information that should help you find out what is causing the crash.



 Comments   
Comment by Alice Sherepa [ 2017-06-27 ]

Reproduced on 5.5, 10.0, 10.1, 10.2 , Innodb and MyISAM engines. (MIN/MAX/AVG functions)

CREATE TABLE t1 (i1 int);
 
INSERT INTO t1 VALUES (1);
 
 
 
CREATE TABLE t2 (i int);
 
INSERT INTO t2 VALUES (2);
 
 
 
SELECT 1 FROM t1 left JOIN t2 b ON b.i = (SELECT MAX(b.i) FROM `t2`);

Server version: 5.5.57-MariaDB-debug commit ded614d7dbc930e373d1a69a0d2a7e4bf0a2c6d3

Thread 1 (Thread 0x7fa9cb094700 (LWP 316)):
 
#0  __pthread_kill (threadid=<optimized out>, signo=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:62
 
#1  0x0000000000d14c66 in my_write_core (sig=11) at /home/alice/git/5.5/mysys/stacktrace.c:457
 
#2  0x00000000007d7dc0 in handle_fatal_signal (sig=11) at /home/alice/git/5.5/sql/signal_handler.cc:262
 
#3  <signal handler called>
 
#4  0x0000000000871520 in Item_subselect::enumerate_field_refs_processor (this=0x7fa9a0c46d18, arg=0x7fa9cb091e00 "p\\5\001") at /home/alice/git/5.5/sql/item_subselect.cc:319
 
#5  0x0000000000871fe2 in Item_subselect::walk (this=0x7fa9a0c46d18, processor=&virtual table offset 688, walk_subquery=false, argument=0x7fa9cb091e00 "p\\5\001") at /home/alice/git/5.5/sql/item_subselect.cc:638
 
#6  0x000000000076af40 in Dep_analysis_context::setup_equality_modules_deps (this=0x7fa9cb091f10, bound_modules=0x7fa9cb091ef0) at /home/alice/git/5.5/sql/opt_table_elimination.cc:1070
 
#7  0x000000000076a919 in check_func_dependency (join=0x7fa9a0c4cd18, dep_tables=2, it=0x0, oj_tbl=0x7fa9a0c45890, cond=0x7fa9a0c46e98) at /home/alice/git/5.5/sql/opt_table_elimination.cc:856
 
#8  0x000000000076a497 in eliminate_tables_for_list (join=0x7fa9a0c4cd18, join_list=0x7fa9b57f6bf8, list_tables=3, on_expr=0x0, tables_used_elsewhere=0) at /home/alice/git/5.5/sql/opt_table_elimination.cc:746
 
#9  0x000000000076a2f7 in eliminate_tables (join=0x7fa9a0c4cd18) at /home/alice/git/5.5/sql/opt_table_elimination.cc:670
 
#10 0x000000000064b06f in make_join_statistics (join=0x7fa9a0c4cd18, tables_list=..., conds=0x0, keyuse_array=0x7fa9a0c4d040) at /home/alice/git/5.5/sql/sql_select.cc:3403
 
#11 0x0000000000643093 in JOIN::optimize (this=0x7fa9a0c4cd18) at /home/alice/git/5.5/sql/sql_select.cc:1235
 
#12 0x0000000000649f85 in mysql_select (thd=0x7fa9b57f3060, rref_pointer_array=0x7fa9b57f6cf0, tables=0x7fa9a0c45260, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7fa9a0c47050, unit=0x7fa9b57f6388, select_lex=0x7fa9b57f6a68) at /home/alice/git/5.5/sql/sql_select.cc:3089
 
#13 0x000000000064016d in handle_select (thd=0x7fa9b57f3060, lex=0x7fa9b57f62d8, result=0x7fa9a0c47050, setup_tables_done_option=0) at /home/alice/git/5.5/sql/sql_select.cc:319
 
#14 0x000000000061666e in execute_sqlcom_select (thd=0x7fa9b57f3060, all_tables=0x7fa9a0c45260) at /home/alice/git/5.5/sql/sql_parse.cc:4686
 
#15 0x000000000060f11d in mysql_execute_command (thd=0x7fa9b57f3060) at /home/alice/git/5.5/sql/sql_parse.cc:2234
 
#16 0x0000000000619588 in mysql_parse (thd=0x7fa9b57f3060, rawbuf=0x7fa9a0c45078 "SELECT 1 FROM t1 left JOIN t2 b ON b.i = (SELECT MAX(b.i) FROM `t2`)", length=68, parser_state=0x7fa9cb0936c0) at /home/alice/git/5.5/sql/sql_parse.cc:5931
 
#17 0x000000000060c4ba in dispatch_command (command=COM_QUERY, thd=0x7fa9b57f3060, packet=0x7fa9b549a061 "SELECT 1 FROM t1 left JOIN t2 b ON b.i = (SELECT MAX(b.i) FROM `t2`)", packet_length=68) at /home/alice/git/5.5/sql/sql_parse.cc:1079
 
#18 0x000000000060b5f3 in do_command (thd=0x7fa9b57f3060) at /home/alice/git/5.5/sql/sql_parse.cc:793
 
#19 0x00000000007208ae in do_handle_one_connection (thd_arg=0x7fa9b57f3060) at /home/alice/git/5.5/sql/sql_connect.cc:1268
 
#20 0x0000000000720617 in handle_one_connection (arg=0x7fa9b57f3060) at /home/alice/git/5.5/sql/sql_connect.cc:1184
 
#21 0x00007fa9ca2536ba in start_thread (arg=0x7fa9cb094700) at pthread_create.c:333
 
#22 0x00007fa9c98fe3dd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109

Comment by Elena Stepanova [ 2017-07-03 ]

Thanks for the report and test case.
The crash looks related to MDEV-7826, but even if the root cause is the same, the test case is much better here (and it's still applicable to 10.1/10.2, while the test case from MDEV-7826 not anymore).
sanja, while fixing either of these bugs, please also check another one.

Generated at Thu Feb 08 08:03:32 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.