Bug #2048 some subselect queries crashes mysqld in case of innodb tables
Submitted: 8 Dec 2003 12:12 Modified: 17 Jan 2004 3:04
Reporter: Aleksey Kishkin Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:4.1.2-alfa OS:Linux (Linux slackware 9.0)
Assigned to: Oleksandr Byelkin CPU Architecture:Any

[8 Dec 2003 12:12] Aleksey Kishkin 
Description:
This query works fine on myisam tables, but If I create innodb tables , the query:

select (select max(id) from bench6 where b=1 group by b) as x,b from bench5 where b=1

crashes mysqld following information in hostname.err:

mysqld got signal 11;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help diagnose
the problem, but since we have already crashed, something is definitely wrong
and this may fail.

key_buffer_size=134217728
read_buffer_size=1044480
max_used_connections=1
max_connections=100
threads_connected=1
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_connections = 335468 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

thd=0x85a3a50
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0xbe7fe758, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x814c903
0x4004ac45
0x82afcf0
0x8253ed3
0x81dd6da
0x81dd7d2
0x81926f3
0x8191d2b
0x8191933
0x8187798
0x8187c48
0x8183e85
0x816130a
0x816590f
0x815f1e6
0x815eb08
0x815e007
0x40044ca3
0x401e4c97
New value of fp=(nil) failed sanity check, terminating stack trace!
Please read http://www.mysql.com/doc/en/Using_stack_trace.html and follow instructions on how to resolve the stack trace. Resolved
stack trace is much more helpful in diagnosing the problem, so please do 
resolve it
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x85a48b0 = select (select max(id) from bench6 where b=1 group by b) as x,b from bench5 where b=1
thd->thread_id=3
The manual page at http://www.mysql.com/doc/en/Crashing.html contains
information that should help you find out what is causing the crash.

resolve_stack_dump shows on this data:

0x814c903 handle_segfault + 455
0x4004ac45 _end + 934932021
0x82afcf0 lock_sec_rec_cons_read_sees + 55
0x8253ed3 row_search_for_mysql + 3323
0x81dd6da _ZN11ha_innobase13general_fetchEPcjj + 134
0x81dd7d2 _ZN11ha_innobase15index_next_sameEPcPKcj + 48
0x81926f3 _Z19join_read_next_sameP14st_read_record + 59
0x8191d2b _Z10sub_selectP4JOINP13st_join_tableb + 337
0x8191933 _Z9do_selectP4JOINP4ListI4ItemEP8st_tableP9Procedure + 675
0x8187798 _ZN4JOIN4execEv + 5568
0x8187c48 _Z12mysql_selectP3THDPPP4ItemP13st_table_listjR4ListIS1_ES2_jP8st_orderSB_S2_SB_mP13select_resultP18st_select_lex_unitP13st_sel + 570
0x8183e85 _Z13handle_selectP3THDP6st_lexP13select_result + 261
0x816130a _Z21mysql_execute_commandP3THD + 4836
0x816590f _Z11mysql_parseP3THDPcj + 247
0x815f1e6 _Z16dispatch_command19enum_server_commandP3THDPcj + 1746
0x815eb08 _Z10do_commandP3THD + 500
0x815e007 handle_one_connection + 561
0x40044ca3 _end + 934907539
0x401e4c97 _end + 936611463

How to repeat:
I'll submit a test case

Suggested fix:
no idea
[8 Dec 2003 12:13] Aleksey Kishkin 
perl dbi script to reproduce this bug

Attachment: testcase.pl (application/octet-stream, text), 1.73 KiB.
[9 Dec 2003 4:02] Oleksandr Byelkin 
Thank you for bugreport, but I can't repeat it on current 4.1 tree (with your 
data from testcase.pl): 
+ select (select max(id) from bench6 where b=1 group by b) as x,b from bench5 
where b=1; 
+ x     b 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
+ 902   1 
 
feel free to reopen ticket if you know how to repeat it.
[9 Dec 2003 4:41] Oleksandr Byelkin 
OK, I found my problem tables was creted with wrong type
[9 Dec 2003 6:02] Heikki Tuuri 
Hi!

This looks like this could be yet another case of releasing the MySQL table locks too early.

I will add some diagnostic printf to InnoDB to print an error message if MySQL tries to perform a SELECT on an already committed transaction. In the AUTOCOMMIT=1 mode, InnoDB commits the transaction when thne last MySQL table lock is released in ::external_lock().

Regards,

Heikki
[10 Dec 2003 12:50] Oleksandr Byelkin 
ChangeSet 
  1.1665 03/12/10 22:46:14 bell@sanja.is.com.ua +6 -0 
  fixed unlocking tables during subquery execution (BUG#2048)
[17 Jan 2004 3:04] Oleksandr Byelkin 
Thank you for bugreport, patch for this bug is pushed to our source repository