Description:
When CREATE TABLE IF NOT EXIST ... SELECT ... 
founds existing table it performs INSERT.

But if SELECT contains more columns tnan exisitng table mysqld crashes with backtrace:

#0  0x080cb215 in Item_int::save_in_field(Field*, bool) (this=0x8485760, field=0xa5a5a5a5) at field.h:115
#1  0x08142616 in fill_record(Field**, List<Item>&, bool) (ptr=0x84682f8, values=@0x1, ignore_errors=true) at sql_base.cc:2151
#2  0x0815d459 in select_create::send_data(List<Item>&) (this=0x8485818, values=@0x1) at sql_insert.cc:1469
#3  0x0814735a in mysql_select(THD*, st_table_list*, List<Item>&, Item*, st_order*, st_order*, Item*, st_order*, unsigned long, select_result*) (thd=0x845bc40, tables=0x0, fields=@0x845bdec, conds=0x0, order=0x0, group=0x0, having=0x0, proc_param=0x1, select_options=2231931904, result=0x8485818) at sql_select.cc:432
#4  0x081461bc in handle_select(THD*, st_lex*, select_result*) (thd=0x845bc40, lex=0xa5a5a5a5, result=0x8485818) at sql_select.cc:183
#5  0x08126322 in mysql_execute_command() () at sql_parse.cc:1660
#6  0x0812a060 in mysql_parse(THD*, char*, unsigned) (thd=0x845bc40, inBuf=0x845bd70 "\001", length=46) at sql_parse.cc:2970
#7  0x08124880 in dispatch_command(enum_server_command, THD*, char*, unsigned) (command=COM_QUERY, thd=0x845bc40, packet=0x847d651 "CREATE TABLE IF NOT EXISTS bug2 SELECT 1, 2, 3", packet_length=46) at sql_parse.cc:1064
#8  0x08124241 in do_command(THD*) (thd=0x845bc40) at sql_parse.cc:939
#9  0x081237bd in handle_one_connection (arg=0x1) at sql_parse.cc:722
#10 0x40173332 in start_thread () from /lib/tls/libpthread.so.0
#11 0x420de867 in clone () from /lib/tls/libc.so.6

How to repeat:
CREATE TABLE IF NOT EXISTS a SELECT 1;
CREATE TABLE IF NOT EXISTS a SELECT 1, 2;

Thank you for the bug report I was able to repeat on 4.0.16 Windows
server. below call stack:

mysqld.exe!Field::set_notnull(int row_offset=0)  Line 115 + 0xb	C++
mysqld.exe!Item_int::save_in_field(Field * field=0xa5a5a5a5, int no_conversions=0)
 Line 557	C++
mysqld.exe!fill_record(Field * * ptr=0x031fc610, List<Item> & values={...},
 int ignore_errors=1)  Line 2149 + 0x11	C++
mysqld.exe!select_create::send_data(List<Item> & values={...})
 Line 1469 + 0x12	C++
mysqld.exe!mysql_select(THD * thd=0x03205040, st_table_list * tables=0x00000000,
 List<Item> & fields={...}, Item * conds=0x00000000, st_order * order=0x00000000,
 st_order * group=0x00000000, Item * having=0x00000000, st_order 
 * proc_param=0x00000000, unsigned long select_options=2231931904, select_result
 * result=0x031f85a0)  Line 432 + 0x18	C++
mysqld.exe!handle_select(THD * thd=0x03205040, st_lex * lex=0x03205170,
 select_result * result=0x031f85a0)  Line 191 + 0x51	C++
mysqld.exe!mysql_execute_command()  Line 1660 + 0x11	C++
mysqld.exe!mysql_parse(THD * thd=0x03205040, char * inBuf=0x031f8470,
 unsigned int length=40)  Line 2971	C++
mysqld.exe!dispatch_command(enum_server_command command=COM_QUERY,
 THD * thd=0x03205040, char * packet=0x00cf7041, unsigned int packet_length=40)
 Line 1064 + 0x17	C++
mysqld.exe!do_command(THD * thd=0x03205040)  Line 939 + 0x31	C++
mysqld.exe!handle_one_connection(void * arg=0x03205040)  Line 722 + 0x9	C++
mysqld.exe!pthread_start(void * param=0x00be7f18)  Line 63 + 0x7	C
mysqld.exe!_threadstart(void * ptd=0x00cf9080)  Line 173 + 0xd	C
kernel32.dll!77e6d33b()

Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.

If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information 
about accessing the source trees is available at
    http://www.mysql.com/doc/en/Installing_source_tree.html

fixed in 4.0.16