[#MDEV-6219] Server crashes in Bitmap<64u>::merge (this=0x180, map2=...) on 2nd execution of PS with INSERT .. SELECT, derived

SET optimizer_switch = 'in_to_exists=on,derived_merge=on';

CREATE TABLE t1 (a VARCHAR(8)) ENGINE=MyISAM;

INSERT INTO t1 VALUES ('foo'),('bar');

PREPARE stmt FROM "

  INSERT INTO t1 SELECT * FROM (

    SELECT * FROM t1

  ) AS sq

  WHERE sq.a IN ( SELECT 'baz' FROM DUAL )

";

EXECUTE stmt;

EXECUTE stmt;

#3  <signal handler called>

#4  0x0000000000623162 in Bitmap<64u>::merge (this=0x180, map2=...) at 10.0/sql/sql_bitmap.h:158

#5  0x00000000006b45e8 in add_key_field (join=0x7fd46a4dc2d8, key_fields=0x7fd48079c8a0, and_level=0, cond=0x7fd46a4ddd38, field=0x7fd46a428eb8, eq_func=true, value=0x7fd48079c790, num_values=1, usable_tables=18446744073709551615, sargables=0x7fd48079c9f8) at 10.0/sql/sql_select.cc:4370

#6  0x00000000006b57c7 in add_key_fields (join=0x7fd46a4dc2d8, key_fields=0x7fd48079c8a0, and_level=0x7fd48079c8ac, cond=0x7fd46a4ddd38, usable_tables=18446744073709551615, sargables=0x7fd48079c9f8) at 10.0/sql/sql_select.cc:4760

#7  0x00000000006b69d3 in update_ref_and_keys (thd=0x7fd4747f5070, keyuse=0x7fd46a4dc5e0, join_tab=0x7fd46a7fb088, tables=1, cond=0x7fd46a4ddd38, normal_tables=18446744073709551615, select_lex=0x7fd46a610840, sargables=0x7fd48079c9f8) at 10.0/sql/sql_select.cc:5184

#8  0x00000000006b1efd in make_join_statistics (join=0x7fd46a4dc2d8, tables_list=..., conds=0x7fd46a4ddd38, keyuse_array=0x7fd46a4dc5e0) at 10.0/sql/sql_select.cc:3575

#9  0x00000000006aa54e in JOIN::optimize_inner (this=0x7fd46a4dc2d8) at 10.0/sql/sql_select.cc:1327

#10 0x00000000006a950c in JOIN::optimize (this=0x7fd46a4dc2d8) at 10.0/sql/sql_select.cc:1013

#11 0x00000000006b108b in mysql_select (thd=0x7fd4747f5070, rref_pointer_array=0x7fd46a610ab8, tables=0x7fd46a7bc088, wild_num=0, fields=..., conds=0x7fd46a7bdd60, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=3489925888, result=0x7fd46a4dc240, unit=0x7fd46a610158, select_lex=0x7fd46a610840) at 10.0/sql/sql_select.cc:3279

#12 0x00000000006a7833 in handle_select (thd=0x7fd4747f5070, lex=0x7fd46a610090, result=0x7fd46a4dc240, setup_tables_done_option=1073741824) at 10.0/sql/sql_select.cc:372

#13 0x0000000000677011 in mysql_execute_command (thd=0x7fd4747f5070) at 10.0/sql/sql_parse.cc:3522

#14 0x0000000000697298 in Prepared_statement::execute (this=0x7fd46a599470, expanded_query=0x7fd48079db00, open_cursor=false) at 10.0/sql/sql_prepare.cc:3971

#15 0x0000000000696373 in Prepared_statement::execute_loop (this=0x7fd46a599470, expanded_query=0x7fd48079db00, open_cursor=false, packet=0x0, packet_end=0x0) at 10.0/sql/sql_prepare.cc:3626

#16 0x0000000000694675 in mysql_sql_stmt_execute (thd=0x7fd4747f5070) at 10.0/sql/sql_prepare.cc:2777

#17 0x00000000006749e1 in mysql_execute_command (thd=0x7fd4747f5070) at 10.0/sql/sql_parse.cc:2564

#18 0x000000000067ed75 in mysql_parse (thd=0x7fd4747f5070, rawbuf=0x7fd46a4dc088 "EXECUTE stmt", length=12, parser_state=0x7fd48079e610) at 10.0/sql/sql_parse.cc:6410

#19 0x0000000000671c54 in dispatch_command (command=COM_QUERY, thd=0x7fd4747f5070, packet=0x7fd474a23071 "EXECUTE stmt", packet_length=12) at 10.0/sql/sql_parse.cc:1309

#20 0x0000000000670ff6 in do_command (thd=0x7fd4747f5070) at 10.0/sql/sql_parse.cc:1006

#21 0x000000000078c03a in do_handle_one_connection (thd_arg=0x7fd4747f5070) at 10.0/sql/sql_connect.cc:1379

#22 0x000000000078bd8d in handle_one_connection (arg=0x7fd4747f5070) at 10.0/sql/sql_connect.cc:1293

#23 0x0000000000cb5ef4 in pfs_spawn_thread (arg=0x7fd474871bd0) at 10.0/storage/perfschema/pfs.cc:1853

#24 0x00007fd48041bb50 in start_thread (arg=<optimized out>) at pthread_create.c:304

#25 0x00007fd47e913a7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

revision-id: sergii@pisem.net-20140506115756-1q98x2ce75opl05y

revno: 4188

branch-nick: 10.0

Also reproducible on earlier versions of 10.0.
Could not reproduce on 5.5.
Could not reproduce with a merge view instead of SQ.
Could not reproduce with MySQL.

[MDEV-6219] Server crashes in Bitmap<64u>::merge (this=0x180, map2=...) on 2nd execution of PS with INSERT .. SELECT, derived_merge Created: 2014-05-07 Updated: 2015-08-31 Resolved: 2015-08-31
Status:	Closed
Project:	MariaDB Server
Component/s:	OTHER
Affects Version/s:	10.0.10
Fix Version/s:	10.0.22, 10.1.7

[MDEV-6219] Server crashes in Bitmap<64u>::merge (this=0x180, map2=...) on 2nd execution of PS with INSERT .. SELECT, derived_merge Created: 2014-05-07 Updated: 2015-08-31 Resolved: 2015-08-31