Bug #19835 Binary copy of corrupted tables crash the server when issuing a query
Submitted: 16 May 2006 1:57 Modified: 11 Jul 2006 9:12
Reporter: Tordjman Yohan Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: MyISAM storage engine Severity:S1 (Critical)
Version:5.0.22/4.1BK/5.0BK/5.1BK OS:Linux (Linux)
Assigned to: Ingo Strüwing CPU Architecture:Any
Tags: corruption, myisam

[16 May 2006 1:57] Tordjman Yohan 
Description:
mysqld: my_seek.c:30: my_seek: Assertion `pos != (~(my_off_t) 0)' failed.
mysqld got signal 6;

thd=0x8592528
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0x98662f98, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x815c633
0xffffe420
0x986633c8
0xb7d09735
0x82cede3
0x829ef3e
0x829e379
0x8291323
0x821e2d7
0x81bd486
0x81ac6b0
0x81a5ff1
0x81ac6d6
0x81bda55
0x81c0ebe
0x81c3257
0x81c374f
0x81707d4
0x8177c56
0x817856e
0x8179744
0x817a327
0xb7f77ced
0xb7db8d7e
New value of fp=(nil) failed sanity check, terminating stack trace!
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x8652230 = select distinct(id),url from site,idm_idc where idu!=538 and id!=0 and b=2 and credits>0 and idm=id and (  idc=16 or idc=16 or idc=16 )   order by id
thd->thread_id=1

CREATE TABLE `site` (
  `id` int(11) NOT NULL auto_increment,
  `idu` int(11) NOT NULL default '0',
  `site` varchar(255) collate latin1_general_ci NOT NULL default '',
  `language` int(11) NOT NULL default '0',
  `url` varchar(255) collate latin1_general_ci NOT NULL default '',
  `b` tinyint(4) NOT NULL default '0',
  `credits` float NOT NULL default '0',
  `pokaz` int(11) NOT NULL default '0',
  `p1` int(11) NOT NULL default '0',
  `p2` int(11) NOT NULL default '0',
  `p3` int(11) NOT NULL default '0',
  `p4` int(11) NOT NULL default '0',
  `p5` int(11) NOT NULL default '0',
  `p6` int(11) NOT NULL default '0',
  `p0` int(11) NOT NULL default '0',
  `cat` int(11) NOT NULL default '0',
  PRIMARY KEY  (`id`)
) ENGINE=MyISAM AUTO_INCREMENT=1696 DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci

CREATE TABLE `idm_idc` (
  `idm` int(11) NOT NULL default '0',
  `idc` int(11) NOT NULL default '0'
) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci

select distinct(id),url from site,idm_idc where idu!=363 and id!=0 and b=2 and credits>0 and idm=id and (  idc=19 or idc=18 or idc=17 )   order by id;

How to repeat:
whith the existing tables in this database the query always crash the server

by recreating all and populate the tables, the query does nothing.

i can upload to you the files of the 2 tables....?
[16 May 2006 1:59] Tordjman Yohan 
PS: the version is 5.0.22-nightly-20060515 with the patch http://lists.mysql.com/commits/6375 applyed

a mysqlcheck on the database reports nothing.
[16 May 2006 2:21] MySQL Verification Team 
Thank you for the bug report. Could you please provide a dump file
for to insert data to the tables? I was unable to repeat with the
tables empty.

Thanks in advance.
[16 May 2006 8:57] Tordjman Yohan 
I am inable to repeat too with new tables.

Only with the current tables....

Can i give you them ?
[16 May 2006 15:00] Tordjman Yohan 
I put you the .tgz that contains the tables.

I tryied with 5.0.19 : it's makes "Got error 134 when reading table './xxx/site'"

i did too a myisamcheck -o 
...
[16 May 2006 18:05] MySQL Verification Team 
Thank you for the feedback. I was able to repeat the crash with a binary
copy of the tables provided:

[New Thread 1099422640 (LWP 19797)]
[New Thread 1099623344 (LWP 19798)]
060516 14:44:42 [Note] /home/miguel/dbs/5.0/libexec/mysqld: ready for connections.
Version: '5.0.22-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution
[New Thread 1131862960 (LWP 19844)]
mysqld: my_seek.c:30: my_seek: Assertion `pos != (~(my_off_t) 0)' failed.

Program received signal SIGABRT, Aborted.
[Switching to Thread 1131862960 (LWP 19844)]
0xffffe410 in __kernel_vsyscall ()
(gdb) 

The table crashed is site and with a:

mysql> repair table site
    -> ;
+----------+--------+----------+-------------------------------------------------------+
| Table    | Op     | Msg_type | Msg_text                                              |
+----------+--------+----------+-------------------------------------------------------+
| dbk.site | repair | info     | Wrong block with wrong total length starting at 90308 | 
| dbk.site | repair | warning  | Number of rows changed from 1059 to 1058              | 
| dbk.site | repair | status   | OK                                                    | 
+----------+--------+----------+-------------------------------------------------------+
3 rows in set (0.05 sec)

mysql> select distinct(id),url from site,idm_idc where idu!=363 and id!=0 and b=2 and
    -> credits>0 and idm=id and (  idc=19 or idc=18 or idc=17 )   order by id;
+------+-----------------------------------------------------------+
| id   | url                                                       |
+------+-----------------------------------------------------------+
|  471 | http://ddacost.carrefourpro.com/site/index.html           | 
|  526 | http://tilt85.free.fr/index3.php                          | 
|  653 | http://money-invest.com/forum                             |
<cut>

The sever doesn't crash anymore. Could you please change the
Sypnosis that server crash with a crashed table and also explain
how that table got corrupted.

Thanks in advance.
[16 May 2006 18:13] Tordjman Yohan 
I did a myisamcheck -o on this tables.
I think that i did'nt do a flush-tables.

Test with the files in "toto.tgz"

mysqlcheck from 5.0.22 says nothing 
but the myisamcheck from 5.0.19 (the one i did) says that the table is corrupted...

Maybe they are corrupted, but so, why mysqlcheck says nothing & why mysqld crashes... ?!? :-)

Thanks you for your help
[15 Jun 2006 15:08] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/7708
[28 Jun 2006 12:50] Ingo Strüwing 
Second review done by Sergey Vojtovich.
I need to change the changeset comments and MY_FILEPOS_ERROR.
[28 Jun 2006 14:07] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/8420
[29 Jun 2006 12:08] Ingo Strüwing 
Pushed to mysql-5.0-engines.
[6 Jul 2006 13:49] Ingo Strüwing 
Pushed to mysql-5.1-engines.
[8 Jul 2006 19:10] Ingo Strüwing 
A corrupt table with dynamic record format can crash the 
  server when trying to select from it.
          
  I fixed the crash that resulted from the particular type 
  of corruption that has been reported for this bug.

Pushed to 5.1.12 and 5.0.24 and 4.1.21.
[11 Jul 2006 9:12] MC Brown 
Added to the 4.1, 5.0 and 5.1 changelog:

Using <literal>SELECT</literal> on a corrupt table using the dynamic record format can cause a server crash. (Bug #19835)
[13 Jul 2006 3:32] Paul DuBois 
5.0.x fix went to 5.0.25 instead.
[9 Oct 2006 2:35] Jon Stephens 
Updated changelog entries per Support request (JamesD).