Bug #18140 Server crash with function, procedure and partitions
Submitted: 10 Mar 2006 17:45 Modified: 13 Apr 2006 1:57
Reporter: Andrey Hristov Email Updates:
Status: No Feedback Impact on me:
None 
Category:MySQL Server: Partitions Severity:S3 (Non-critical)
Version:5.1. OS:Linux (Linux)
Assigned to: MySQL Verification Team CPU Architecture:Any

[10 Mar 2006 17:45] Andrey Hristov 
Description:
(the test case is from bug#16805). Seems it did not crash this way when bug #16805 was reported. I have cleaned my corrupted partitioned tables.
[Switching to Thread 1112640432 (LWP 6985)]
0x08160876 in Item_func_sp::execute (this=0x9137620, flp=0x913769c) at item_func.cc:4760
(gdb) bt
#0  0x08160876 in Item_func_sp::execute (this=0x9137620, flp=0x913769c) at item_func.cc:4760
#1  0x081649a9 in Item_func_sp::val_str (this=0x9137620, str=0x9137628) at item_func.h:1424
#2  0x081394db in Item::save_in_field (this=0x9137620, field=0x9143fe8, no_conversions=false) at item.cc:4069
#3  0x0822096e in fill_record (thd=0x9112878, ptr=0x9143fe4, values=@0x91374e0, ignore_errors=false) at sql_base.cc:5733
#4  0x08220a0a in fill_record_n_invoke_before_triggers (thd=0x9112878, ptr=0x9143fe0, values=@0x91374e0, ignore_errors=false, triggers=0x0, event=TRG_EVENT_INSERT) at sql_base.cc:5769
#5  0x08250eac in mysql_insert (thd=0x9112878, table_list=0x9137340, fields=@0x913eec0, values_list=@0x913eee4, update_fields=@0x913eed8, update_values=@0x913eecc, duplic=DUP_ERROR, ignore=false) at sql_insert.cc:481
#6  0x081eaf07 in mysql_execute_command (thd=0x9112878) at sql_parse.cc:3291
#7  0x0833f44d in sp_instr_stmt::exec_core (this=0x9137e90, thd=0x9112878, nextp=0x425178b0) at sp_head.cc:2370
#8  0x0833f032 in sp_lex_keeper::reset_lex_and_exec_core (this=0x9137eb8, thd=0x9112878, nextp=0x425178b0, open_tables=false, instr=0x9137e90) at sp_head.cc:2244
#9  0x0833f2b8 in sp_instr_stmt::execute (this=0x9137e90, thd=0x9112878, nextp=0x425178b0) at sp_head.cc:2321
#10 0x0833bd13 in sp_head::execute (this=0x9136298, thd=0x9112878) at sp_head.cc:1071
#11 0x0833d07e in sp_head::execute_procedure (this=0x9136298, thd=0x9112878, args=0x9112d54) at sp_head.cc:1531
#12 0x081eeac4 in mysql_execute_command (thd=0x9112878) at sql_parse.cc:4444
#13 0x081f2534 in mysql_parse (thd=0x9112878, inBuf=0x912a9f0 "call db1.p9()", length=13) at sql_parse.cc:5777
#14 0x081e6d11 in dispatch_command (command=COM_QUERY, thd=0x9112878, packet=0x9103bf9 "call db1.p9()", packet_length=14) at sql_parse.cc:1740
#15 0x081e64d5 in do_command (thd=0x9112878) at sql_parse.cc:1536
#16 0x081e5534 in handle_one_connection (arg=0x9112878) at sql_parse.cc:1178
#17 0x40173aa7 in start_thread () from /lib/tls/libpthread.so.0
#18 0x402a4c2e in clone () from /lib/tls/libc.so.6

(gdb) p *this
$1 = {<Item_func> = {<Item_result_field> = {<Item> = {_vptr.Item = 0x85ce388, rsize = 0, str_value = {Ptr = 0x42516c20 "\r", str_length = 766, Alloced_length = 766, alloced = false, str_charset = 0x87c7220}, name = 0x0, orig_name = 0x0, next = 0x9137528, max_length = 0, name_length = 0, marker = 0 '\0', decimals = 0 '\0', maybe_null = 1 '\001', null_value = 0 '\0', unsigned_flag = 0 '\0', with_sum_func = 0 '\0', fixed = 1 '\001', is_autogenerated_name = 1 '\001', collation = {collation = 0x87c7220, derivation = DERIVATION_COERCIBLE}}, result_field = 0x0}, args = 0x9137668, tmp_arg = {0x9137528, 0xa5a5a5a5}, allowed_arg_cols = 1, arg_count = 1, used_tables_cache = 0, not_null_tables_cache = 0, const_item_cache = true}, context = 0x913ec9c, m_name = 0x91375c0, m_sp = 0x0, dummy_table = 0x91376f8, result_field = 0x0, result_buf = '

(gdb)  p *flp
$2 = (class Field *) 0x0

(gdb) p f
$3 = (class Field *) 0x0

(gdb) p result_field
$6 = (class Field *) 0x0
(gdb) print *str
$7 = {Ptr = 0x42516c20 "\r", str_length = 766, Alloced_length = 766, alloced = false, str_charset = 0x87c7220}
(gdb) f 3
#3  0x0822096e in fill_record (thd=0x9112878, ptr=0x9143fe4, values=@0x91374e0, ignore_errors=false) at sql_base.cc:5733
/work/mysql-5.1-bug18078/sql/sql_base.cc:5733:178138:beg:0x822096e
(gdb) p field->field_name
$11 = 0x91439a9 "s1"
(gdb) p *field->table_name
$13 = 0x9105b30 "t9"
(gdb) f 9
#9  0x0833f2b8 in sp_instr_stmt::execute (this=0x9137e90, thd=0x9112878, nextp=0x425178b0) at sp_head.cc:2321
(gdb) print query
$18 = 0x912a9f0 "call db1.p9()"
(gdb) print m_query
$19 = {str = 0x9137ed0 "insert into t9 values (partition_exists('p1'))", length = 46}

How to repeat:
DELIMITER //
CREATE TABLE t9 (s1 int)//

CREATE FUNCTION `partition_exists`(p_p_name varchar(64))
RETURNS int(11)
return (select count(*) from information_schema.partitions
where partition_name = p_p_name) //

CREATE PROCEDURE p9 ()
begin
declare continue handler for sqlexception insert into t9 values
(partiton_exists('p2'));
insert into t9 values (partition_exists('p1'));
end//

call p9()//
[13 Mar 2006 1:57] MySQL Verification Team 
Hi,

I was unable to repeat with latest source:

miguel@hegel:~/dbs/mysql-5.1-new> bk changes | head
ChangeSet@1.2165, 2006-03-11 21:34:49+01:00, jonas@perch.ndb.mysql.com
  ndb -
    Dont put object file in list of SOURCES...causing really weird make dist problem

ChangeSet@1.2162.1.1, 2006-03-11 19:13:31+01:00, kent@mysql.com
  dict0dict.h, dict0dict.c, ha_innodb.cc:
    Make inline dict_table_is_comp() visible to ha_innodb.c as innodb_dict_table_is_comp()

miguel@hegel:~/dbs/5.1> bin/mysqladmin -uroot create db28
miguel@hegel:~/dbs/5.1> bin/mysql -uroot db28
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 5.1.8-beta-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> DELIMITER //
mysql> CREATE TABLE t9 (s1 int)//
Query OK, 0 rows affected (0.02 sec)

mysql> 
mysql> CREATE FUNCTION `partition_exists`(p_p_name varchar(64))
    -> RETURNS int(11)
    -> return (select count(*) from information_schema.partitions
    -> where partition_name = p_p_name) //
Query OK, 0 rows affected (0.03 sec)

mysql> 
mysql> CREATE PROCEDURE p9 ()
    -> begin
    -> declare continue handler for sqlexception insert into t9 values
    -> (partiton_exists('p2'));
    -> insert into t9 values (partition_exists('p1'));
    -> end//
Query OK, 0 rows affected (0.00 sec)

mysql> 
mysql> call p9()//
Query OK, 1 row affected, 1 warning (0.27 sec)

mysql> show warnings //
+---------+------+----------------------------------------------------+
| Level   | Code | Message                                            |
+---------+------+----------------------------------------------------+
| Warning | 1264 | Out of range value for column 'NODEGROUP' at row 1 |
+---------+------+----------------------------------------------------+
1 row in set (0.00 sec)
[13 Apr 2006 23:00] Bugs System 
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".