| Bug #251 | DESCRIBE on a query with a grouped subquery crashes mysql | ||
|---|---|---|---|
| Submitted: | 8 Apr 2003 12:50 | Modified: | 13 Jun 2003 14:07 |
| Reporter: | Daniel Penning | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server | Severity: | S2 (Serious) |
| Version: | 4.1.0 | OS: | Any (All) |
| Assigned to: | CPU Architecture: | Any | |
[8 Apr 2003 12:50]
Daniel Penning
[8 Apr 2003 16:35]
MySQL Verification Team
Thanks for the debug report.
back trace:
/usr/local/mysql/libexec/mysqld: ready for connections.
Version: '4.1.0-alpha-debug' socket: '/tmp/mysql.sock' port: 3306
[New Thread 2051 (LWP 1024)]
pure virtual method called
Program received signal SIGABRT, Aborted.
[Switching to Thread 2051 (LWP 1024)]
0x401a7df1 in kill () from /lib/libc.so.6
(gdb) backtrace full
#0 0x401a7df1 in kill () from /lib/libc.so.6
No symbol table info available.
#1 0x4003e06d in pthread_kill () from /lib/libpthread.so.0
No symbol table info available.
#2 0x4003e5eb in raise () from /lib/libpthread.so.0
No symbol table info available.
#3 0x401a94d9 in abort () from /lib/libc.so.6
No symbol table info available.
#4 0x4012b5d7 in __cxxabiv1::__terminate(void (*)()) ()
from /usr/lib/libstdc++.so.5
No symbol table info available.
#5 0x4012b624 in std::terminate() () from /usr/lib/libstdc++.so.5
No symbol table info available.
#6 0x4012bb47 in __cxa_pure_virtual () from /usr/lib/libstdc++.so.5
No symbol table info available.
#7 0x08166ac0 in calc_group_buffer (join=0x852ff80, group=0x8528f20)
at sql_select.cc:7450
field = (class Field *) 0x4014c578
key_length = 1074016336
parts = 0
null_parts = 0
#8 0x081582e1 in JOIN::optimize() (this=0x852ff80) at sql_select.cc:628
_db_func_ = 0x0
---Type <return> to continue, or q <return> to quit---
_db_file_ = 0x0
_db_level_ = 1
_db_framep_ = (char **) 0x0
#9 0x0815a2fa in mysql_select(THD*, Item***, st_table_list*, unsigned, List<Item>&, Item*, unsigned, st_order*, st_order*, Item*, st_order*, unsigned long, select_result*, st_select_lex_unit*, st_select_lex*, bool) (
thd=0x8526cd8, rref_pointer_array=0x8528c58, tables=0x8528e70,
wild_num=0, fields=@0x8528c9c, conds=0x0, og_num=1, order=0x0,
group=0x8528f20, having=0x0, proc_param=0x0,
select_options=84448260, result=0x852a1d8, unit=0x8528d00,
select_lex=0x8528c08, tables_and_fields_initied=false)
at sql_select.cc:1351
err = 134753466
free_join = true
_db_func_ = 0x8531a45 "/)@2>"
_db_file_ = 0x8531a52 ""
_db_level_ = 139663942
_db_framep_ = (char **) 0x0
join = (JOIN *) 0x852ff80
#10 0x081694d5 in mysql_explain_select(THD*, st_select_lex*, char const*, select_result*) (thd=0x8526cd8, select_lex=0x8528c08,
type=0x83bd6b0 "DERIVED", result=0x852a1d8) at sql_select.cc:8128
_db_func_ = 0x4009f9a8 "\"\206\f\bP&y\v"
---Type <return> to continue, or q <return> to quit---
_db_file_ = 0x8528d00 "(;@\b"
_db_level_ = 139657024
_db_framep_ = (char **) 0xbf5feb14
unit = (st_select_lex_unit *) 0x0
res = 139627528
#11 0x081693c4 in mysql_explain_union(THD*, st_select_lex_unit*, select_result*) (thd=0x8526cd8, unit=0x0, result=0x852a1d8) at sql_select.cc:8096
sl = (st_select_lex *) 0x8528c08
_db_func_ = 0x0
_db_file_ = 0x852727c "XúR\bX\213R\bX\213R\b "
_db_level_ = 8
_db_framep_ = (char **) 0x852a4a8
res = 0
first = (st_select_lex *) 0x8528c08
#12 0x081692c3 in select_describe (join=0x852a4a8, need_tmp_table=false,
need_order=false, distinct=false, message=0x0) at sql_select.cc:8080
unit = (st_select_lex_unit *) 0x8528d00
field_list = {<base_list> = {<Sql_alloc> = {<No data fields>},
first = 0x84cb2c8, last = 0xbf5ff4dc,
elements = 0}, <No data fields>}
item_list = {<base_list> = {<Sql_alloc> = {<No data fields>},
first = 0x852fdf0, last = 0x852ff78,
elements = 10}, <No data fields>}
---Type <return> to continue, or q <return> to quit---
thd = (THD *) 0x8526cd8
select_lex = (st_select_lex *) 0x852ff40
result = (select_result *) 0x852a1d8
item_null = (Item *) 0x852fd78
_db_func_ = 0x0
_db_file_ = 0x0
_db_level_ = 0
_db_framep_ = (char **) 0x0
#13 0x08159105 in JOIN::exec() (this=0x852a4a8) at sql_select.cc:952
tmp_error = 139633832
_db_func_ = 0x1 <Address 0x1 out of bounds>
_db_file_ = 0x0
_db_level_ = 0
_db_framep_ = (char **) 0x0
curr_join = (JOIN *) 0x8528f70
curr_all_fields = (List<Item> *) 0x8526f54
curr_fields_list = (List<Item> *) 0x852a4a8
curr_tmp_table = (st_table *) 0xbf5ff570
#14 0x0815a355 in mysql_select(THD*, Item***, st_table_list*, unsigned, List<Item>&, Item*, unsigned, st_order*, st_order*, Item*, st_order*, unsigned long, select_result*, st_select_lex_unit*, st_select_lex*, bool) (
thd=0x8526cd8, rref_pointer_array=0x8526f54, tables=0x8528f70,
wild_num=1, fields=@0x8526f98, conds=0x0, og_num=0, order=0x0,
---Type <return> to continue, or q <return> to quit---
group=0x0, having=0x0, proc_param=0x0, select_options=218665988,
result=0x852a1d8, unit=0x8526e1c, select_lex=0x8526f04,
tables_and_fields_initied=false) at sql_select.cc:1362
err = 0
free_join = true
_db_func_ = 0x852bc10 "h»R\bp«R\b "
_db_file_ = 0x852bc10 "h»R\bp«R\b "
_db_level_ = 0
_db_framep_ = (char **) 0xbf5ff604
join = (JOIN *) 0x852a4a8
#15 0x081694d5 in mysql_explain_select(THD*, st_select_lex*, char const*, select_result*) (thd=0x8526cd8, select_lex=0x8526f04,
type=0x838ba05 "PRIMARY", result=0x852a1d8) at sql_select.cc:8128
_db_func_ = 0x811cf63 "%ÿ"
_db_file_ = 0x852a1d8 "È[A\bØlR\b"
_db_level_ = 139633112
_db_framep_ = (char **) 0xbf5ff694
unit = (st_select_lex_unit *) 0x0
res = 139620100
#16 0x081693c4 in mysql_explain_union(THD*, st_select_lex_unit*, select_result*) (thd=0x8526cd8, unit=0x0, result=0x852a1d8) at sql_select.cc:8096
sl = (st_select_lex *) 0x8526f04
_db_func_ = 0x8157431 "\203Ä\020\213[\024\205Ûuí\213]üÉÃU\211åVS\2---Type <return> to continue, or q <return> to quit---
13E\b\213p\020\205öt-\203ì\fVè\230ÿÿÿ\203Ä\020\213^\020\205Ût\023\203ì\fSèÕÿÿÿ\203Ä\020\213[\004\205Ûuí\213v\004\205öuÓ\215eø[^]Ã\220U\211åWVS\203ìP\213u\b\213}0\212]8\215EÔP\215EÐP\215EÌP\215EÈPh\021\001"
_db_file_ = 0x8526f04 "È:@\b"
_db_level_ = 12
_db_framep_ = (char **) 0x5ff7d4
res = 0
first = (st_select_lex *) 0x8526f04
#17 0x08138194 in mysql_execute_command(THD*) (thd=0x8526cd8)
at sql_parse.cc:1692
save_lock = (class st_mysql_lock *) 0x852a1d8
result = (class select_result *) 0x852a1d8
table = (st_table_list *) 0x852a1d8
res = 0
lex = (st_lex *) 0x8526e10
tables = (st_table_list *) 0x852a180
select_lex = (class st_select_lex *) 0x8526f04
unit = (class st_select_lex_unit *) 0x8526e1c
_db_func_ = 0x9230880 <Address 0x9230880 out of bounds>
_db_file_ = 0xa1e09aa <Address 0xa1e09aa out of bounds>
_db_level_ = 3210676835
_db_framep_ = (char **) 0x81c4c95
#18 0x0813c028 in mysql_parse(THD*, char*, unsigned) (thd=0x8526cd8,
---Type <return> to continue, or q <return> to quit---
inBuf=0x8528b68 "describe select * from (select * from bar group by id) bar", length=139619856) at sql_parse.cc:3362
lex = (st_lex *) 0x8526e10
_db_func_ = 0x8526cd8 "8\\A\b@ÇL\bDÇL\b°yR\b\bzR\b\b\202R\b/zR\b\bzR\b\t"
_db_file_ = 0x3 <Address 0x3 out of bounds>
_db_level_ = 139619544
_db_framep_ = (char **) 0xbf5ff9f4
#19 0x081371a8 in dispatch_command(enum_server_command, THD*, char*, unsigned) (command=COM_QUERY, thd=0x8526cd8, packet=0x8527a09 "",
packet_length=60) at sql_parse.cc:1249
net = (st_net *) 0x8526ce4
error = false
slow_command = false
_db_func_ = 0x3f <Address 0x3f out of bounds>
_db_file_ = 0xbf5ff948 "þì\003@\220l)@ÿÿÿÿdù_¿<"
_db_level_ = 3210737996
_db_framep_ = (char **) 0xbf5ff950
start_of_query = 139619544
#20 0x08136b46 in do_command(THD*) (thd=0x8526cd8) at sql_parse.cc:1049
packet = 0x8527a08 "#"
old_timeout = 30
packet_length = 60
---Type <return> to continue, or q <return> to quit---
net = (st_net *) 0x8526ce4
command = COM_QUERY
_db_func_ = 0x811b77b "\203Ä\020\213]ü\211ì]Ã\220U\211åS\203ì\020\213]\bSè<"
_db_file_ = 0x85276dc "xÃR\b"
_db_level_ = 4096
_db_framep_ = (char **) 0x1000
#21 0x081361e5 in handle_one_connection (arg=0x0) at sql_parse.cc:838
error = 1074043584
net = (st_net *) 0x8526ce4
thd = (THD *) 0x8526cd8
launch_time = 0
set = {__val = {0 <repeats 32 times>}}
#22 0x4003b1b0 in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
#23 0x4003b22f in pthread_start_thread_event () from /lib/libpthread.so.0
[9 Apr 2003 7:53]
MySQL Verification Team
I can't repeat it. [/mnt/work/mysql-4.1]$ mysql telcent -e "DESCRIBE SELECT * FROM (SELECT * FROM mails GROUP BY file) mails" +----+-------------+------------+-------+---------------+---------+---------+------+------+----------------------------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+------------+-------+---------------+---------+---------+------+------+----------------------------------------------+ | 1 | PRIMARY | <derived2> | ALL | NULL | NULL | NULL | NULL | 6 | | | 2 | DERIVED | mails | index | NULL | msg_nro | 3 | NULL | 7 | Using index; Using temporary; Using filesort | +----+-------------+------------+-------+---------------+---------+---------+------+------+----------------------------------------------+ [/mnt/work/mysql-4.1]$ mysql telcent -e "DESCRIBE mails" +-----------+-----------------------------------+-------------------+------+-----+---------------------+----------------+ | Field | Type | Collation | Null | Key | Default | Extra | +-----------+-----------------------------------+-------------------+------+-----+---------------------+----------------+ | msg_nro | mediumint(8) unsigned | binary | | MUL | NULL | auto_increment | | date | datetime | latin1_swedish_ci | | PRI | 0000-00-00 00:00:00 | | | time_zone | varchar(6) character set latin1 | latin1_swedish_ci | | PRI | | | | mail_from | varchar(120) character set latin1 | latin1_swedish_ci | | PRI | | | | reply | varchar(120) character set latin1 | latin1_swedish_ci | YES | | NULL | | | mail_to | text character set latin1 | latin1_swedish_ci | YES | | NULL | | | cc | text character set latin1 | latin1_swedish_ci | YES | | NULL | | | sbj | varchar(200) character set latin1 | latin1_swedish_ci | YES | | NULL | | | txt | mediumtext character set latin1 | latin1_swedish_ci | | | | | | file | varchar(32) character set latin1 | latin1_swedish_ci | | | | | | hash | int(11) | binary | | PRI | 0 | | +-----------+-----------------------------------+-------------------+------+-----+---------------------+----------------+ [/mnt/work/mysql-4.1]$
[15 May 2003 8:30]
Michael Widenius
I reopend this bug as Miguel was able to repeat this.
[2 Jun 2003 10:15]
MySQL Verification Team
I tried with a latest 4.1.1 from BK tree and had no problem. [/mnt/work/mysql-4.1]$ mysql telcent -e "DESCRIBE nazivi" +-------+-----------------+-------------------+------+-----+---------+-------+ | Field | Type | Collation | Null | Key | Default | Extra | +-------+-----------------+-------------------+------+-----+---------+-------+ | BROJ | int(4) unsigned | NULL | | PRI | 0 | | | naziv | char(25) | latin1_swedish_ci | YES | MUL | NULL | | +-------+-----------------+-------------------+------+-----+---------+-------+ [/mnt/work/mysql-4.1]$ mysql telcent -e "DESCRIBE SELECT * FROM (SELECT * FROM nazivi GROUP BY naziv) bar" +----+-------------+------------+------+---------------+------+---------+------+------+---------------------------------+ | id | select_type | table | type | possible_keys | key | key_len | ref | rows | Extra | +----+-------------+------------+------+---------------+------+---------+------+------+---------------------------------+ | 1 | PRIMARY | <derived2> | ALL | NULL | NULL | NULL | NULL | 10 | | | 2 | DERIVED | nazivi | ALL | NULL | NULL | NULL | NULL | 11 | Using temporary; Using filesort | +----+-------------+------------+------+---------------+------+---------+------+------+---------------------------------+ This is probably some bug fixed long time ago .....
[13 Jun 2003 14:07]
Sergei Golubchik
Fixed in 4.1.1
