Bug #26337 Query causes crash in server
Submitted: 13 Feb 2007 17:54 Modified: 21 Mar 2007 13:22
Reporter: Harrison Fisk Email Updates:
Status: Can't repeat Impact on me:
Category:MySQL Server Severity:S1 (Critical)
Version:5.0.34 OS:Linux (Linux, Mac OS X)
Assigned to: CPU Architecture:Any
Tags: bfsm_2007_02_15

[13 Feb 2007 17:54] Harrison Fisk
There is another apparent regression crash that has appeared in recent versions of MySQL Enterprise.  This may be related to BUG #26089 but I am not sure what the root cause of that bug is, so this is being reported as separate.

Please see attached data and query to reproduce.

How to repeat:
Run the data file and then the SQL command given.

Suggested fix:
Make the server not crash.
[14 Feb 2007 7:26] MySQL Verification Team
Version: '5.0.32-enterprise-gpl'  socket: '/tmp/mysql.sock'  port: 3306  MySQL Enterprise Server (GPL)
mysqld got signal 11;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help diagnose
the problem, but since we have already crashed, something is definitely wrong
and this may fail.

It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_connections = 225791 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0x4256bbec, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x8181f14 handle_segfault + 356
0x8117c31 _ZN8Item_ref11val_decimalEP10my_decimal + 25
0x812aa2b _ZN13Item_func_div10decimal_opEP10my_decimal + 123
0x8129991 _ZN19Item_func_numhybrid11val_decimalEP10my_decimal + 45
0x812c83c _ZN15Item_func_round10decimal_opEP10my_decimal + 44
0x8129605 _ZN19Item_func_numhybrid7val_strEP6String + 81
0x8116b9c _ZN4Item4sendEP8ProtocolP6String + 160
0x8176995 _ZN11select_send9send_dataER4ListI4ItemE + 201
0x81d09d9 _Z8end_sendP4JOINP13st_join_tableb + 485
0x81d0169 _Z20evaluate_join_recordP4JOINP13st_join_tableiPc + 329
0x81c98f6 _Z10sub_selectP4JOINP13st_join_tableb + 270
0x81cfe2b _Z9do_selectP4JOINP4ListI4ItemEP8st_tableP9Procedure + 275
0x81c58c4 _ZN4JOIN4execEv + 4332
0x81c637d _Z12mysql_selectP3THDPPP4ItemP13st_table_listjR4ListIS1_ES2_jP8st_orderSB_S2_SB_yP13select_resultP18st_select_lex_unitP13st_sel + 313
0x81c2115 _Z13handle_selectP3THDP6st_lexP13select_resultm + 289
0x8196b6a _Z21mysql_execute_commandP3THD + 650
0x819d4fe _Z11mysql_parseP3THDPcj + 302
0x81953b6 _Z16dispatch_command19enum_server_commandP3THDPcj + 1206
0x8194ec5 _Z10do_commandP3THD + 129
0x819455c handle_one_connection + 620
0x40045aa7 _end + 933662807
0x40176c2e _end + 934912478
New value of fp=(nil) failed sanity check, terminating stack trace!
Please read http://dev.mysql.com/doc/mysql/en/using-stack-trace.html and follow instructions on how to resolve the stack trace. Resolved
stack trace is much more helpful in diagnosing the problem, so please do 
resolve it
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
[5 Mar 2007 16:38] Konstantin Osipov
Can not be reproduced with the latest tree.
Perhaps a duplicate of some other closed crash.
[5 Mar 2007 16:41] Konstantin Osipov
My version is 5.0.38-valgrind-max-debug
[21 Mar 2007 13:22] Valeriy Kravchuk
Looks like the problem is not repeatable on current versions.