MySQL Bugs: #11076: user function use in select with cause server crash

Bug #11076	user function use in select with cause server crash
Submitted:	3 Jun 2005 15:02	Modified:	3 Jun 2005 15:18
Reporter:	Spencer Liu	Email Updates:
Status:	Duplicate	Impact on me:	None
Category:	MySQL Server	Severity:	S1 (Critical)
Version:	5.0.6-beta-nt	OS:	Windows (windows XP)
Assigned to:		CPU Architecture:	Any

Description:
User function use in select for change result data(ex.do format)
cause server crash.
It is only happen when data in table is plural.
No matter what the function job is or what it's return type.

ps.mysql didn't write any info in log but
InnoDB: Database was not shut down normally!

How to repeat:
create table tablea(a int);
create function fna(b int)
returns int
return b+10;

insert tablea values(1);
select fna(a) from  tablea;

+--------+
| fna(a) |
+--------+
|     11 |
+--------+
1 row in set (0.00 sec)

insert tablea values(2);
select fna(a) from tablea;

ERROR 2013 (HY000): Lost connection to MySQL server during query

I was able to repeat starting the server with --default-storage-engine=InnoDB.
Will test with server from BK source.

Thank you for the bug report.

Related to the same cause as:

http://bugs.mysql.com/bug.php?id=10760

Call stack.

mysqld-debug.exe!read_view_sees_trx_id(read_view_struct * view=0x00000000, dulint_struct trx_id={...})  Line 53 + 0x3	C
>	mysqld-debug.exe!lock_clust_rec_cons_read_sees(unsigned char * rec=0x01f0809b, dict_index_struct * index=0x01dccda0, const unsigned long * offsets=0x03f8e344, read_view_struct * view=0x00000000)  Line 495 + 0x11	C
 	mysqld-debug.exe!row_search_for_mysql(unsigned char * buf=0x030afc00, unsigned long mode=1, row_prebuilt_struct * prebuilt=0x01dcbea0, unsigned long match_mode=0, unsigned long direction=1)  Line 3736 + 0x31	C
 	mysqld-debug.exe!ha_innobase::general_fetch(unsigned char * buf=0x030afc00, unsigned int direction=1, unsigned int match_mode=0)  Line 3888 + 0x17	C++
 	mysqld-debug.exe!ha_innobase::rnd_next(unsigned char * buf=0x030afc00)  Line 4078 + 0x10	C++
 	mysqld-debug.exe!rr_sequential(st_read_record * info=0x03084558)  Line 193 + 0x1b	C++
 	mysqld-debug.exe!sub_select(JOIN * join=0x03083400, st_join_table * join_tab=0x03084518, int end_of_records=0)  Line 9234 + 0xa	C++
 	mysqld-debug.exe!do_select(JOIN * join=0x03083400, List<Item> * fields=0x0308e4b0, st_table * table=0x00000000, Procedure * procedure=0x00000000)  Line 8992 + 0xf	C++
 	mysqld-debug.exe!JOIN::exec()  Line 1650 + 0x19	C++
 	mysqld-debug.exe!mysql_select(THD * thd=0x0308e1c0, Item * * * rref_pointer_array=0x0308e548, st_table_list * tables=0x03083268, unsigned int wild_num=0, List<Item> & fields={...}, Item * conds=0x00000000, unsigned int og_num=0, st_order * order=0x00000000, st_order * group=0x00000000, Item * having=0x00000000, st_order * proc_param=0x00000000, unsigned long select_options=2158250496, select_result * result=0x030833f0, st_select_lex_unit * unit=0x0308e220, st_select_lex * select_lex=0x0308e438)  Line 2046	C++
 	mysqld-debug.exe!handle_select(THD * thd=0x0308e1c0, st_lex * lex=0x0308e208, select_result * result=0x030833f0, unsigned long setup_tables_done_option=0)  Line 256 + 0x92	C++
 	mysqld-debug.exe!mysql_execute_command(THD * thd=0x0308e1c0)  Line 2399 + 0x13	C++
 	mysqld-debug.exe!mysql_parse(THD * thd=0x0308e1c0, char * inBuf=0x03082a48, unsigned int length=25)  Line 5302 + 0x9	C++
 	mysqld-debug.exe!dispatch_command(enum_server_command command=COM_QUERY, THD * thd=0x0308e1c0, char * packet=0x03086321, unsigned int packet_length=26)  Line 1652 + 0x1d	C++
 	mysqld-debug.exe!do_command(THD * thd=0x0308e1c0)  Line 1455 + 0x31	C++
 	mysqld-debug.exe!handle_one_connection(void * arg=0x0308e1c0)  Line 1113 + 0x9	C++
 	mysqld-debug.exe!pthread_start(void * param=0x00eebf68)  Line 63 + 0x7	C
 	mysqld-debug.exe!_threadstart(void * ptd=0x00fdc028)  Line 173 + 0xd	C
 	kernel32.dll!7c80b50b() 	
 	kernel32.dll!7c8399f3()