| Bug #4941 | Stored procedure crash fetching null value into variable | ||
|---|---|---|---|
| Submitted: | 8 Aug 2004 2:09 | Modified: | 10 Sep 2004 14:32 |
| Reporter: | Peter Gulutzan | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server | Severity: | S3 (Non-critical) |
| Version: | 5.0.2-alpha-debug | OS: | Linux (SuSE 8.2) |
| Assigned to: | Per-Erik Martin | CPU Architecture: | Any |
[8 Aug 2004 2:09]
Peter Gulutzan
[8 Aug 2004 8:27]
MySQL Verification Team
Backtrace:
/home/miguel/dbs/5.0/libexec/mysqld: ready for connections.
Version: '5.0.2-alpha-debug-log' socket: '/tmp/mysql.sock' port: 3306
[New Thread 8936368 (LWP 2639)]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 8936368 (LWP 2639)]
0x00178d6c in memcpy () from /lib/tls/libc.so.6
(gdb) backtrace full
#0 0x00178d6c in memcpy () from /lib/tls/libc.so.6
No symbol table info available.
#1 0x082a55e0 in Protocol_cursor::write (this=0x9b2e308) at protocol_cursor.cc:127
cp = (byte *) 0x9b3df61 "def"
end_pos = (byte *) 0x9b3df61 "def"
len = 4294967295
cur_field = (MYSQL_FIELD *) 0x9b56fff
fields_end = (MYSQL_FIELD *) 0x9b48df0
new_record = (MYSQL_ROWS *) 0x9b48e20
data_tmp = (byte **) 0x9b4c12c
to = (byte *) 0x9b48e34 "def"
#2 0x081811f8 in select_send::send_data (this=0x9b3b158, items=@0x9b2e308) at sql_class.cc:772
li = {<base_list_iterator> = {list = 0x9b2ddc0, el = 0x863929c, prev = 0x0, current = 0x0}, <No data fields>}
protocol = (class Protocol *) 0x9b2e308
buff = "\025\000\000\000�\t\005", '\0' <repeats 11 times>, "\004\000\000\000\230E\210", '\0' <repeats 25 times>, "pX\t�\210\000�C\b\025\000\000\000�\t\005", '\0' <repeats 11 times>, "\004", '\0' <repeats 15 times>, "pX\tHF\210\000sC\b\022\001\000\000(F\210\000,F\210\0000F\210\000,F\210\0000F\210\0004F\210\000\ne\ta\001\t\ve\tHF\210\000H\t", '\0' <repeats 24 times>, "b\001\t\001\000\000\000\001\000\000\0001\000\000\0001\000\000\000pX\t\030d\t@\000\000\000\210F\210\000(hC\bpX\t�\t\000\000\000\000"...
buffer = {Ptr = 0x884570 "\025", str_length = 766, Alloced_length = 766, alloced = false,
str_charset = 0x8637cc0}
_db_func_ = 0x0
_db_file_ = 0x0
_db_level_ = 3
---Type <return> to continue, or q <return> to quit---
_db_framep_ = (char **) 0x142
item = (class Item *) 0x3fffc78d
#3 0x081e98ef in end_send (join=0x9b3b168, join_tab=0x9b3c2d4, end_of_records=false) at sql_select.cc:8384
error = 162827680
_db_func_ = 0x9b2e308 "h3L\b`2\t�\t�\t\001"
_db_file_ = 0x9b2ddc0 "�001\t�001\t\001"
_db_level_ = 5
_db_framep_ = (char **) 0x9b2ddc0
#4 0x081e7dac in do_select (join=0x9b3b168, fields=0x9b3c2d4, table=0x0, procedure=0x9b48da0) at sql_select.cc:7450
error = 0
join_tab = (JOIN_TAB *) 0x9b3c2d4
end_select = 0x81e981c <end_send>
_db_func_ = 0x884964 "�\t"
_db_file_ = 0x884960 "h\t�\t"
_db_level_ = 8931684
_db_framep_ = (char **) 0x884968
#5 0x081da7db in JOIN::exec (this=0x9b3b168) at sql_select.cc:1550
tmp_error = 162771304
_db_func_ = 0x0
_db_file_ = 0x0
_db_level_ = 162771288
_db_framep_ = (char **) 0x9b2c060
curr_join = (JOIN *) 0x9b3b168
curr_all_fields = (List<Item> *) 0x9b3be7c
---Type <return> to continue, or q <return> to quit---
curr_fields_list = (List<Item> *) 0x9b2ddc0
curr_tmp_table = (TABLE *) 0x8849f8
#6 0x081db4c8 in mysql_select (thd=0x9b2c060, rref_pointer_array=0x9b2de54, tables=0x9b40208, wild_num=0,
fields=@0x9b48da0, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=42224128,
result=0x9b3b158, unit=0x9b2dbcc, select_lex=0x9b2dd54) at sql_select.cc:1972
err = 8931956
free_join = true
_db_func_ = 0x884a78 ""
_db_file_ = 0x884a74 ""
_db_level_ = 8931960
_db_framep_ = (char **) 0x884a7c
join = (JOIN *) 0x9b3b168
#7 0x081d6c6a in handle_select (thd=0x9b2c060, lex=0x9b2dbc0, result=0x9b3b158) at sql_select.cc:209
unit = (SELECT_LEX_UNIT *) 0x9b2dbcc
res = 162716620
select_lex = (SELECT_LEX *) 0x9b2dd54
_db_func_ = 0x92b215 "\201�m"
_db_file_ = 0x9b3b158 "h(L\b`2\t�\t"
_db_level_ = 162791944
_db_framep_ = (char **) 0x884ab8
#8 0x081a6d6e in mysql_execute_command (thd=0x9b2c060) at sql_parse.cc:2039
result = (class select_result *) 0x9b3b158
res = -1
lex = (LEX *) 0x9b2dbc0
---Type <return> to continue, or q <return> to quit---
first_table = (TABLE_LIST *) 0x9b40208
all_tables = (TABLE_LIST *) 0x9b40208
select_lex = (SELECT_LEX *) 0x9b2dd54
unit = (SELECT_LEX_UNIT *) 0x9b2dbcc
_db_func_ = 0x9b2e320 "\001"
_db_file_ = 0x0
_db_level_ = 0
_db_framep_ = (char **) 0x0
#9 0x082acc29 in sp_instr_stmt::exec_stmt (this=0x9b40338, thd=0x9b2c060, lex=0x9b2dbc0) at sp_head.cc:1090
olex = (LEX *) 0x9b2c094
res = 162709600
#10 0x082add4f in sp_instr_copen::execute (this=0x9b40338, thd=0x9b2c060, nextp=0x9b48da0) at sp_head.cc:1451
lex = (LEX *) 0x9b2dbc0
c = (class sp_cursor *) 0x9b3b118
res = -1
_db_func_ = 0x847e678 "\213]�213u\213}\211��\211�203�030\211]\213]\b\203;"
_db_file_ = 0x885098 "8\003\t\200=d"
_db_level_ = 162716540
_db_framep_ = (char **) 0x4
#11 0x082aaaf9 in sp_head::execute (this=0x9b3ff90, thd=0x9b2c060) at sp_head.cc:416
i = (sp_instr *) 0x9b40338
hip = 1515953
_db_func_ = 0x8850a8 "�\210"
_db_file_ = 0x929f20 "]�215\001�207."
---Type <return> to continue, or q <return> to quit---
_db_level_ = 8933592
_db_framep_ = (char **) 0x848c5f1
olddb = "g\233\222\000[\210\000�\210\000@c\b�\210\000 \237\222\000P\210\000�H\b@c\b[\210\000P\210\000ж\034\b �\b\002\000\000\000\030Q\210\000\000\000\000\000`2\t\000\000\000\000HQ\210\000�034\b\001\000\000,Q\210\0000Q\210\000\025\222\000ళ\t\020\t(Q\210\000\025\222\000ళ\t\020\tHQ\210\000\026�020\b"
dbchanged = false
ctx = (class sp_rcontext *) 0x9b3b030
ret = 0
ip = 1
old_arena = (class Item_arena *) 0x0
#12 0x082ab34c in sp_head::execute_procedure (this=0x9b3ff90, thd=0x9b2c060, args=0x9b2c444) at sp_head.cc:630
_db_func_ = 0x8851f0 "\220\t\b\001"
_db_file_ = 0x8851f4 "\b\001"
_db_level_ = 8933880
_db_framep_ = (char **) 0x82ae188
ret = 0
csize = 1
params = 0
hmax = 0
cmax = 1
octx = (class sp_rcontext *) 0x9b3b088
nctx = (class sp_rcontext *) 0x9b3b030
tmp_octx = 1 '\001'
#13 0x081ab9f1 in mysql_execute_command (thd=0x9b2c060) at sql_parse.cc:3663
---Type <return> to continue, or q <return> to quit---
save_ctx = {changed = false, master_access = 8936368, db_access = 1, priv_user = 0x885318 "HS\210",
priv_host = "\235\020\027\000\200\227\"\000!\000\000\000\000\000\000\000S�ttS\210\000HS\210\000I\b@�\b8S\210\000S�tT�tT�t\001\000\000\000T\000\000\000", user = 0x9b1be14 "", host = 0x1 <Address 0x1 out of bounds>,
ip = 0x885378 "�\210"}
select_limit = 4294967295
smrx = 0
nsok = 0 '\0'
sp = (class sp_head *) 0x9b3ff90
res = 0
lex = (LEX *) 0x9b2c094
first_table = (TABLE_LIST *) 0x0
all_tables = (TABLE_LIST *) 0x8852f0
select_lex = (SELECT_LEX *) 0x9b2c228
unit = (SELECT_LEX_UNIT *) 0x9b2c0a0
_db_func_ = 0x8852e8 "\030S\210"
_db_file_ = 0x929f20 "]�215\001�207."
_db_level_ = 8934168
_db_framep_ = (char **) 0x848c5f1
#14 0x081ad3f0 in mysql_parse (thd=0x9b2c060, inBuf=0x9b3af10 "call p1()", length=162709652) at sql_parse.cc:4428
lex = (LEX *) 0x9b2c094
_db_func_ = 0x848c9d6 "\211��\211�203�030\215E\211D$\b\215E\211D$\004\213E\b\211\004$�207�\205�:\203=4!d\b"
_db_file_ = 0x885bb0 "[\210"
_db_level_ = 0
---Type <return> to continue, or q <return> to quit---
_db_framep_ = (char **) 0x885764
#15 0x081a57fb in dispatch_command (command=COM_QUERY, thd=0x9b2c060, packet=0x9b36eb1 "call p1()", packet_length=10)
at sql_parse.cc:1486
net = (NET *) 0x9b2c6d8
error = false
_db_func_ = 0x8641fe0 ""
_db_file_ = 0x885bb0 "[\210"
_db_level_ = 8935464
_db_framep_ = (char **) 0x847be77
start_of_query = 162709600
#16 0x081a50f0 in do_command (thd=0x9b2c060) at sql_parse.cc:1296
packet = 0x9b36eb0 "\003call p1()"
old_timeout = 30
packet_length = 10
net = (NET *) 0x9b2c6d8
command = COM_QUERY
_db_func_ = 0x817f09b "\213]\211��\211�203�\211]\213]\b\211\034$�212"
_db_file_ = 0x9b2d3e4 "0ϳ\t"
_db_level_ = 8192
_db_framep_ = (char **) 0x1000
#17 0x081a4561 in handle_one_connection (arg=0x9b48da0) at sql_parse.cc:1032
error = 1073727373
net = (NET *) 0x9b2c6d8
thd = (class THD *) 0x9b2c060
---Type <return> to continue, or q <return> to quit---
launch_time = 162827680
set = {__val = {0 <repeats 32 times>}}
#18 0x0092798c in start_thread () from /lib/tls/libpthread.so.0
No symbol table info available.
#19 0x001cc16a in clone () from /lib/tls/libc.so.6
No symbol table info available.
(gdb)
[25 Aug 2004 18:06]
Peter Gulutzan
Correction: the FETCH is not necessary. I can crash on OPEN.
[10 Sep 2004 14:32]
Per-Erik Martin
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.
If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information
about accessing the source trees is available at
http://www.mysql.com/doc/en/Installing_source_tree.html
