Bug #7257 Crash in default tests: 'subselect'
Submitted: 14 Dec 2004 10:02 Modified: 14 Dec 2004 12:40
Reporter: Joerg Bruehe Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S1 (Critical)
Version:4.1.8 OS:Linux (Linux / x86)
Assigned to: Ramil Kalimullin CPU Architecture:Any

[14 Dec 2004 10:02] Joerg Bruehe
Description:
The supposed-to-be-released build of 4.1.8 crashed in the tests executed by Bootstrap.

Test:
subselect

Failing command:
EXPLAIN EXTENDED SELECT * FROM t2 WHERE id IN (SELECT 1 UNION SELECT 3)

Backtrace:
#0  0xffffe410 in ?? ()
#1  0xb2782734 in ?? ()
#2  0x0000000b in ?? ()
#3  0x0825475b in write_core (sig=1114949215) at stacktrace.c:220
#4  0x0818233f in handle_segfault (sig=11) at mysqld.cc:1898
#5  <signal handler called>
#6  0x0810ebac in Item_ref::set_properties (this=0x8b84c38) at item.cc:2242
#7  0x08159c8b in Item_in_subselect::single_value_transformer (this=0x8b885a8, join=0x8b841f0,
    func=0x863d92c) at item.h:857
#8  0x0815a9e5 in Item_in_subselect::select_transformer (this=0x8b885a8, join=0x8b841f0)
    at item_subselect.cc:1053
#9  0x081bc2cf in JOIN::prepare (this=0x8b841f0, rref_pointer_array=0x84d9e68,
    tables_init=0x8b84c38, wild_num=146065616, conds_init=0x8b4c8d0, og_num=146065616,
    order_init=0x8b4c8d0, group_init=0x8b4c8d0, having_init=0x8b4c8d0, proc_param_init=0x8b4c8d0,
    select_lex_arg=0x1, unit_arg=0x8b881e8) at sql_select.cc:304
#10 0x0824f64a in st_select_lex_unit::prepare (this=0x8b881e8, thd_arg=0x8b4c8d0,
    sel_result=0x8b88408, additional_options=268435456) at sql_union.cc:223
#11 0x0815af9b in subselect_union_engine::prepare (this=0x1) at item_subselect.cc:1183
#12 0x08158132 in Item_subselect::fix_fields (this=0x8b885a8, thd_param=0x1, tables=0x1,
    ref=0x8b89384) at item_subselect.cc:144
#13 0x081b76c3 in setup_conds (thd=0x8b4c8d0, tables=0x8b88000, conds=0x8b89384)
    at sql_base.cc:2597
#14 0x081bc20a in JOIN::prepare (this=0x8b889e8, rref_pointer_array=0x8b4cae0,
    tables_init=0x8b84c38, wild_num=146065616, conds_init=0x8b4c8d0, og_num=146065616,
    order_init=0x8b4c8d0, group_init=0x8b4c8d0, having_init=0x8b4c8d0, proc_param_init=0x8b4c8d0,
    select_lex_arg=0x1, unit_arg=0x8b4c918) at sql_select.cc:225
#15 0x081bf84f in mysql_select (thd=0x8b4c8d0, rref_pointer_array=0x8b4cae0, tables=0x8b88000,
    wild_num=1, fields=@0x8b4c8d0, conds=0x8b885a8, og_num=0, order=0x0, group=0x0, having=0x0,
    proc_param=0x0, select_options=146310568, result=0x8b886c8, unit=0x8b4c918,
    select_lex=0x8b4c9f8) at sql_select.cc:1562
#16 0x081cee29 in mysql_explain_union (thd=0x8b4c8d0, unit=0x8b4c918, result=0x8b886c8)
    at sql_select.cc:9476
#17 0x08196298 in mysql_execute_command (thd=0x8b4c8d0) at sql_parse.cc:1998
#18 0x0819b7b0 in mysql_parse (thd=0x8b4c8d0,
    inBuf=0x8b87ef8 "EXPLAIN EXTENDED SELECT * FROM t2 WHERE id IN (SELECT 1 UNION SELECT 3)",
    length=146065676) at sql_parse.cc:4099
#19 0x08194d37 in dispatch_command (command=146065616, thd=0x8b4c8d0, packet=0x8b7b659 "",
    packet_length=71) at sql_parse.cc:1477
#20 0x08194926 in do_command (thd=0x8b4c8d0) at sql_parse.cc:1291
#21 0x08194088 in handle_one_connection (arg=0x8b4c8d0) at sql_parse.cc:1023
#22 0x4274898c in start_thread () from /lib/tls/libpthread.so.0
#23 0x426b67da in clone () from /lib/tls/libc.so.6

How to repeat:
Run the test suite.
[14 Dec 2004 12:40] Ramil Kalimullin
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.

If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information 
about accessing the source trees is available at
    http://www.mysql.com/doc/en/Installing_source_tree.html

Additional info:

fixed in 4.1.8