Bug #31069 crash in 'sounds like'
Submitted: 17 Sep 2007 21:48 Modified: 23 Oct 2007 0:07
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Charsets Severity:S2 (Serious)
Version:5.0.50,5.1.23BK OS:Any
Assigned to: Ramil Kalimullin CPU Architecture:Any

[17 Sep 2007 21:48] Shane Bester
Description:
0x818b1e5 handle_segfault + 417
0x83cd20d my_mb_wc_gb2312 + 17
0x814d6eb Item_func_soundex::val_str(String*) + 159
0x813cffc Arg_comparator::compare_binary_string() + 72
0x813e029 Item_func_eq::val_int() + 45
0x811c6f9 Item::send(Protocol*, String*) + 581
0x817fc19 select_send::send_data(List<Item>&) + 201
0x81dc2f1 end_send(JOIN*, st_join_table*, bool) + 485
0x81dbadd evaluate_join_record(JOIN*, st_join_table*, int, char*) + 317
0x81d4d6a sub_select(JOIN*, st_join_table*, bool) + 262
0x81db7b0 do_select(JOIN*, List<Item>*, st_table*, Procedure*) + 260
0x81d0cea JOIN::exec() + 4426
0x81d17a5 _Z12mysql_selectP3THDPPP4ItemP10TABLE_LISTjR4ListIS1_ES2_jP8st_orderSB_S2_SB_yP13select_resultP18st_select_lex_unitP13st_select + 309
0x81ccfdc handle_select(THD*, st_lex*, select_result*, unsigned long) + 260
0x81a03d2 mysql_execute_command(THD*) + 678
0x81a6c3d mysql_parse(THD*, char const*, unsigned int, char const**) + 241
0x819ed46 dispatch_command(enum_server_command, THD*, char*, unsigned int) + 1198
0x819e85c do_command(THD*) + 144
0x819dec6 handle_one_connection + 646
0x40045aa7 _end + 933533303
0x40176c2e _end + 934782974
New value of fp=(nil) failed sanity check, terminating stack trace!
Please read http://dev.mysql.com/doc/mysql/en/using-stack-trace.html and follow instructions on how to resolve the stack trace. Resolved
stack trace is much more helpful in diagnosing the problem, so please do 
resolve it
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x89ef6c8 = select col017 sounds like col043 from t1
thd->thread_id=2

How to repeat:
.

Suggested fix:
.
[18 Sep 2007 3:57] Shane Bester
maybe same underlying cause as bug #31070 "crash during conversion of charsets"
[18 Sep 2007 4:02] Shane Bester
---------------------------------
testcase1
---------------------------------
drop table if exists `t1`;
create table `t1` (`col001` set('a') charset gb2312 collate gb2312_bin not null )engine=myisam;
insert into `t1` values (),();
select col001 sounds like col001 from t1;
[23 Sep 2007 6:21] Shane Bester
could be the same cause as the more generic bug #31070 "crash during conversion of charsets" .
[3 Oct 2007 6:42] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/34801

ChangeSet@1.2685, 2007-10-03 11:42:44+05:00, ramil@mysql.com +11 -0
  Fix for bug #31069: crash in 'sounds like'
  and for bug #31070: crash during conversion of charsets
  
  Problem: passing a 0 byte length string to some my_mb_wc_XXX() 
  functions leads to server crash due to improper argument check.
  
  Fix: properly check arguments passed to my_mb_wc_XXX() functions.
[3 Oct 2007 7:58] Alexander Barkov
http://lists.mysql.com/commits/34801 is ok to push
[4 Oct 2007 5:20] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/34864

ChangeSet@1.2685, 2007-10-04 10:20:00+05:00, ramil@mysql.com +11 -0
  Fix for bug #31069: crash in 'sounds like'
  and for bug #31070: crash during conversion of charsets
  
  Problem: passing a 0 byte length string to some my_mb_wc_XXX() 
  functions leads to server crash due to improper argument check.
  
  Fix: properly check arguments passed to my_mb_wc_XXX() functions.
[18 Oct 2007 21:35] Bugs System
Pushed into 5.1.23-beta
[18 Oct 2007 21:36] Bugs System
Pushed into 5.0.52
[18 Oct 2007 21:37] Bugs System
Pushed into 4.1.24
[23 Oct 2007 0:07] Paul Dubois
Noted in 4.1.24, 5.0.52, 5.1.23 changelogs.

Internal conversion routines could fail for several multi-byte
character sets (big5, cp932, euckr, gb2312, sjis) for empty strings
or during evaluation of SOUNDS LIKE.