Bug #14497 crash + stackdump
Submitted: 30 Oct 2005 22:46 Modified: 31 Jan 2006 18:51
Reporter: Michael Wallner (Candidate Quality Contributor) Email Updates:
Status: Can't repeat Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:4.1.14 OS:Linux (Linux (Debian/testing))
Assigned to: CPU Architecture:Any

[30 Oct 2005 22:46] Michael Wallner 
Description:
Some MySQL people on IRC necessitated me to try some code.

Obviously the didn't tell me that it may cause my mysqld to restart, because I wouldn't have to make this report otherwise ;)

0x815460b handle_segfault + 523
0x4005ffe1 _end + 933956433
0x4030b409 _end + 936755065
0x80f3f81 _ZN4Item4sendEP8ProtocolP6String + 433
0x81492d7 _ZN11select_send9send_dataER4ListI4ItemE + 167
0x8187976 _Z8end_sendP4JOINP13st_join_tableb + 182
0x818dca7 _Z10sub_selectP4JOINP13st_join_tableb + 263
0x81913ed _Z9do_selectP4JOINP4ListI4ItemEP8st_tableP9Procedure + 781
0x819b52b _ZN4JOIN4execEv + 3931
0x819c597 _Z12mysql_selectP3THDPPP4ItemP13st_table_listjR4ListIS1_ES2_jP8st_orderSB_S2_SB_mP13select_resultP18st_select_lex_unitP13st_sel + 375
0x819ccc4 _Z13handle_selectP3THDP6st_lexP13select_result + 196
0x8168354 _Z21mysql_execute_commandP3THD + 9620
0x81a2856 _Z12execute_stmtP3THDP18Prepared_statementP6Stringb + 406
0x81a2d65 _Z18mysql_stmt_executeP3THDPcj + 485
0x816b14e _Z16dispatch_command19enum_server_commandP3THDPcj + 3166
0x816b606 _Z10do_commandP3THD + 118
0x816be6b handle_one_connection + 1899
0x40058f3c _end + 933927596
0x402ad8ba _end + 936371242

How to repeat:
<?php
$dbh = new PDO('mysql:host=localhost;dbname=', '', '');
$dbh->exec('create table foo ( bar text NULL, FULLTEXT KEY bar (bar) )');
/* init some data */
$dbh->exec('insert into foo (bar) values ( "This is row sample")');
$dbh->exec('insert into foo (bar) values ( "This is row foobar" )');
$dbh->exec('insert into foo (bar) values ( "This is row sample")');
$dbh->exec('insert into foo (bar) values ( "This is row another" )');
$dbh->exec('insert into foo (bar) values ( "This is row wordlist" )');
$dbh->exec('insert into foo (bar) values ( "This is row random" )');

$match =  "MATCH(bar) AGAINST ('foobar sample')";
$sql = "select bar, $match as afoo from foo where $match";
$stmt = $dbh->prepare($sql)
  or print_r($dbh->errorInfo());

print "First Exec\n";
$stmt->execute() or print_r($stmt->errorInfo());

while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
  print "{$row['afoo']}: {$row['bar']}\n";
}

print "\nSecond Exec\n";
$stmt->execute() or print_r($stmt->errorInfo());
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
  print "{$row['afoo']}: {$row['bar']}\n";
}

$dbh->exec('drop table foo');
?>
[31 Oct 2005 22:02] Jorge del Conde 
Thanks for your bug report.  I was able to reproduce this under FC4 using a recent 4.1 clone
[2 Nov 2005 11:02] Michael Wallner 
Please note that I seemingly had hit "Submit" twice, so this became a duplicate of bug #14496
[11 Jan 2006 11:39] Sergey Vojtovich 
Wasn't able to repeat this bug on Debian/Sarge using recent 4.1.17 clone and following testcase:
create table foo ( bar text NULL, FULLTEXT KEY bar (bar) );
insert into foo (bar) values ( "This is row sample");
insert into foo (bar) values ( "This is row foobar" );
insert into foo (bar) values ( "This is row sample");
insert into foo (bar) values ( "This is row another" );
insert into foo (bar) values ( "This is row wordlist" );
insert into foo (bar) values ( "This is row random" );
PREPARE stmt1 FROM "select bar, MATCH(bar) AGAINST ('foobar sample') as afoo
from foo where MATCH(bar) AGAINST ('foobar sample')";
EXECUTE stmt1;
EXECUTE stmt1;
DEALLOCATE PREPARE stmt1;
DROP TABLE foo;

It seems several similiar bugs were fixed since 4.1.14, could you please reverify?
[31 Jan 2006 18:51] Jorge del Conde 
I was unable to repeat using a recent 4.1 pull