Bug #32560 crash with interval function and count(*)
Submitted: 21 Nov 2007 7:40 Modified: 14 Dec 2007 19:14
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: General Severity:S1 (Critical)
Version:5.0.50, 5.1.23, 6.0.4 OS:Any
Assigned to: Ramil Kalimullin
Tags: interval

[21 Nov 2007 7:40] Shane Bester
Description:
when using count(*) as an argument to the interval function, a crash occurs:

mysqld.exe!decimal_cmp
mysqld.exe!my_decimal_cmp
mysqld.exe!Item_func_interval::val_int
mysqld.exe!Item::send
mysqld.exe!select_send::send_data
mysqld.exe!return_zero_rows
mysqld.exe!JOIN::exec
mysqld.exe!mysql_select
mysqld.exe!handle_select
mysqld.exe!execute_sqlcom_select
mysqld.exe!mysql_execute_command
mysqld.exe!mysql_parse
mysqld.exe!dispatch_command
mysqld.exe!do_command
mysqld.exe!handle_one_connection
mysqld.exe!pthread_start
mysqld.exe!_callthreadstart
mysqld.exe!_threadstart
kernel32.dll!FlsSetValue

My build:

sbester@www:~/build/mysql-5.1> bkf changes|head -n 10
OK-root OK
ChangeSet@1.2620, 2007-11-15 12:31:40+01:00, tnurnberg@white.intern.koehntopp.de +1 -0

How to repeat:
drop table if exists `t1`;
create table `t1` (`a` int)engine=myisam;
select interval(count(*),`a`) from `t1`;
[21 Nov 2007 8:38] Sveta Smirnova
Thank you for the report.

Verified as described.
[22 Nov 2007 10:07] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/38261

ChangeSet@1.2578, 2007-11-22 14:07:38+04:00, ramil@mysql.com +4 -0
  Fix for bug #32560: crash with interval function and count(*)
  
  Problem: interval function implementation doesn't handle NULL range values.
  
  Fix: mark NULL ranges, skip them looking for a proper range.
[23 Nov 2007 12:14] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/38355

ChangeSet@1.2578, 2007-11-23 16:14:29+04:00, ramil@mysql.com +3 -0
  Fix for bug #32560: crash with interval function and count(*)
  
  Problem: INTERVAL function implementation doesn't handle NULL range values.
  
  Fix: skip NULL ranges looking for a proper one.
[23 Nov 2007 12:30] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/38358

ChangeSet@1.2578, 2007-11-23 16:30:06+04:00, ramil@mysql.com +3 -0
  Fix for bug #32560: crash with interval function and count(*)
  
  Problem: INTERVAL function implementation doesn't handle NULL range values.
  
  Fix: skip NULL ranges looking for a proper one.
[28 Nov 2007 10:23] Bugs System
Pushed into 6.0.4-alpha
[28 Nov 2007 10:25] Bugs System
Pushed into 5.1.23-rc
[28 Nov 2007 10:27] Bugs System
Pushed into 5.0.54
[14 Dec 2007 19:14] Paul Dubois
Noted in 5.0.54, 5.1.23, 6.0.4 changelogs.

The INTERVAL() function incorrectly handled NULL values in the value
list.