Bug #4204 Mysql crashes with long string query
Submitted: 18 Jun 2004 13:40 Modified: 24 Jun 2004 21:20
Reporter: [ name withheld ] Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:4.1.2 OS:Sun Solaris 8
Assigned to: Oleksandr Byelkin CPU Architecture:Any

[18 Jun 2004 13:40] [ name withheld ]
Description:
Mysql crashes if a long query (multiple UNIONs and JOINs) is issued.

How to repeat:
This is the query:

(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1) UNION
(SELECT * FROM PARTITIONED_A_1_1 AS PARTITIONED, PARTITIONED_B_1 AS
PARTITIONED_B WHERE PARTITIONED_B.ID=PARTITIONED.ID1)

These are the tables (NO DATA, mysql crashes even with no data):

CREATE TABLE IF NOT EXISTS PARTITIONED_A_1_1 (
  ID1 int(10) unsigned NOT NULL DEFAULT '0' ,
  ID2 datetime NOT NULL DEFAULT '0000-00-00 00:00:00' ,
  DATA1 varchar(10) ,
  DATA2 double(5,4) ,
  DATA3 datetime ,
  PRIMARY KEY (ID1,ID2)
);

CREATE TABLE IF NOT EXISTS PARTITIONED_B_1 (
  ID int(3) unsigned NOT NULL DEFAULT '0' ,
  DATA1 timestamp DEFAULT '0000-00-00 00:00:00' ,
  PRIMARY KEY (ID)
);

Executing the same query, but with less unions (at least one less) does not
crash mysql.

This is the error I get:

mysqld got signal 11;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help
diagnose
the problem, but since we have already crashed, something is definitely
wrong
and this may fail.

key_buffer_size=268435456
read_buffer_size=1044480
max_used_connections=2
max_connections=100
threads_connected=2
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_connections =
466543 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

This is my my.cnf:

# The following options will be passed to all MySQL clients
[client]
port            = 3310
socket          = /tmp/mysql3.sock
host            = 192.168.0.252

[mysqld]
user       = mysql
socket          = /tmp/mysql3.sock
port            = 3310
pid-file = /opt/mysql4.1.2/hostname.pid
datadir = /opt/mysql4.1.2/data
binlog-do-db = none
character-sets-dir=/opt/mysql4.1.2/share/mysql
language=/opt/mysql4.1.2/share/mysql/english/
old-passwords

skip-locking
set-variable    = key_buffer=256M
set-variable    = max_allowed_packet=1M
set-variable    = table_cache=56
set-variable    = sort_buffer=1M
set-variable    = record_buffer=1M
set-variable    = myisam_sort_buffer_size=64M
set-variable    = thread_cache=8
# Try number of CPU's*2 for thread_concurrency
set-variable    = thread_concurrency=8
log-bin
server-id       = 1

# Uncomment the following if you are using BDB tables
#set-variable   = bdb_cache_size=64M
#set-variable   = bdb_max_lock=100000

# Uncomment the following if you are using Innobase tables
innodb_data_file_path = ibdata1:10M:autoextend
innodb_data_home_dir =/opt/mysql4.1.2/data
innodb_log_group_home_dir = /opt/mysql4.1.2/var/
innodb_log_arch_dir = /opt/mysql4.1.2/var/
set-variable = innodb_log_file_size=125M
set-variable = innodb_log_buffer_size=20M
innodb_flush_log_at_trx_commit=1
set-variable = innodb_buffer_pool_size=100M
set-variable = innodb_additional_mem_pool_size=10M

[mysqldump]
quick
set-variable    = max_allowed_packet=16M

[mysql]
no-auto-rehash
# Remove the next comment character if you are not familiar with SQL
#safe-updates

[isamchk]
set-variable    = key_buffer=128M
set-variable    = sort_buffer=128M
set-variable    = read_buffer=2M
set-variable    = write_buffer=2M

[myisamchk]
set-variable    = key_buffer=128M
set-variable    = sort_buffer=128M
set-variable    = read_buffer=2M
set-variable    = write_buffer=2M

[mysqlhotcopy]
interactive-timeout
[18 Jun 2004 13:41] [ name withheld ]
I think this is serious (mysql crashes even with empty tables)
[22 Jun 2004 1:47] Matthew Lord
I was able to repeat this on both Solaris 8 & 9 on sparc 64 bit hardware and the 64 bit version of mysql.
[22 Jun 2004 2:50] Matthew Lord
This looks to be a solaris 64 bit problem.  I was able to reproduce the problem on solaris 8 & 9 sparc 
64 bit machines using our 64 bit distro.  I was unable to reproduce it on the same solaris machines 
using our 32 bit distro nor was I able to reproduce it on x86_64 linux.
[24 Jun 2004 2:00] Oleksandr Byelkin
ChangeSet 
  1.1955 04/06/24 02:57:57 bell@sanja.is.com.ua +4 -0 
  parameter of my_yyoverflow made independed from YYSIZE_T (BUG#4204)
[24 Jun 2004 11:47] Michael Widenius
Fix will be done in 3.23 and test case will be done in 4.0
[24 Jun 2004 21:20] Oleksandr Byelkin
Thank you for bugreport! patch is pushed in our soiurces repositories and will 
be present in next releases of servers.