155954 – dev-db/mysql-5.0.26 crashes on certain selects

Bug 155954 - dev-db/mysql-5.0.26 crashes on certain selects

Summary: dev-db/mysql-5.0.26 crashes on certain selects

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Server (show other bugs)
Hardware:	All Linux

Importance:	High major (vote)
Assignee:	Gentoo Linux MySQL bugs team

URL:	http://bugs.mysql.com/bug.php?id=23184
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-11-22 09:05 UTC by Davide Ferrari
Modified:	2007-01-12 22:31 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Davide Ferrari 2006-11-22 09:05:19 UTC

There seems to be a bug in mysql 5.0.26 that makes it crash on certain select. 
see
http://bugs.mysql.com/bug.php?id=23184

and it seems that there is a patch available, so please consider a -r2 to apply this patch.
I'm experiencing the same problem here with mysql-5.0.26-r1

here it is my mysqld.err output:

thd=0x8d140c8
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0xb3d379b8, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x818e95c
0x81e1993
0x81f8ab5
0x81fa282
0x81fcca3
0x815c3ee
0x815b565
0x815beeb
0x811969d
0x8122c0e
0x80fb997
0x81063c0
0x81df3d4
0x81f8637
0x81eca4f
0x81ecb07
0x81f9eed
0x81fe9f1
0x81fef4a
0x81ff8c8
0x81aaeb0
0x81b0ae4
0x81b107e
0x81b2652
0x81b3444
0xb7dd6294
0xb7c1932e
New value of fp=(nil) failed sanity check, terminating stack trace!
Please read http://dev.mysql.com/doc/mysql/en/Using_stack_trace.html and follow instructions on how to resolve the stack trace. Resolved
stack trace is much more helpful in diagnosing the problem, so please do
resolve it
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x8d57ad8 = select distinct ViajePedido.*,viajePedidoEstados.*,concat(date_format(viajeFechas.fechaInicio ,'%e-%c-%Y'),'/',date_format(viajeFechas.fechaFin ,'%e-%c-%Y'))as fecha, viajes.Nombre as NombreViaje,viajeProveedores.Nombre as Proveedor,viajeDestinos.*,viajeOwner.aliasOwner as propietario_ord, @anticipada := group_concat(distinct VC.idCategoria) like '%17%' as reservaAnticipada, @precio := (select sum(valorTotal) as precio from detallePrecioViajePedido where idviajePedido=ViajePedido.idviajePedido group by MonedaTxt) as precio, (select MonedaTxt as MonedaTxt from detallePrecioViajePedido where idviajePedido=ViajePedido.idviajePedido group by MonedaTxt) as MonedaTxt, cast(lpad(format((VIA_pedidos_prioridades.punts + (@precio/250) + if(convert(ViajePedido.fechaInicioPedido,datetime) < date_add(now(),interval 7 day),20,0) + if(ViajePedido.fechaPedido < date_sub(now(),interval 3 day),20,if(ViajePedido.fechaPedido < date_sub(now(),interval 2 day),10,if(ViajePedido.fechaPedido < date_sub(now(),interval 1 day),5,0))) +
thd->thread_id=16
The manual page at http://www.mysql.com/doc/en/Crashing.html contains
information that should help you find out what is causing the crash.
pure virtual method called


here it is my emerge --info:

Portage 2.1.1-r1 (default-linux/x86/2006.1, gcc-4.1.1, glibc-2.4-r3, 2.6.17-gentoo-r8 i686)
=================================================================
System uname: 2.6.17-gentoo-r8 i686 Pentium III (Coppermine)
Gentoo Base System version 1.12.5
Last Sync: Tue, 31 Oct 2006 01:47:01 +0000
app-admin/eselect-compiler: [Not Present]
dev-java/java-config: [Not Present]
dev-lang/python:     2.4.3-r4
dev-python/pycrypto: 2.0.1-r5
dev-util/ccache:     [Not Present]
dev-util/confcache:  [Not Present]
sys-apps/sandbox:    1.2.17
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2
sys-devel/binutils:  2.16.1-r3
sys-devel/gcc-config: 1.3.13-r3
sys-devel/libtool:   1.5.22
virtual/os-headers:  2.6.17-r1
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-O2 -march=i686 -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo"
CXXFLAGS="-O2 -march=i686 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig distlocks metadata-transfer sandbox sfperms strict"
GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo"
PKGDIR="/usr/portage/packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://portage.atrapalo.com/gentoo-portage"
USE="x86 bash-completion bitmap-fonts cli cracklib crypt cups dlloader dri elibc_glibc fortran gdbm gpm iconv innodb input_devices_evdev input_devices_keyboard input_devices_mouse isdnlog kernel_linux latin1 libg++ mysql mysqli ncurses nls nptl nptlonly pam pcntl pcre perl ppds pppd python readline reflection session snmp sockets spl ssl tcpd threads truetype-fonts type1-fonts udev unicode userland_GNU video_cards_apm video_cards_ark video_cards_ati video_cards_chips video_cards_cirrus video_cards_cyrix video_cards_dummy video_cards_fbdev video_cards_glint video_cards_i128 video_cards_i740 video_cards_i810 video_cards_imstt video_cards_mga video_cards_neomagic video_cards_nsc video_cards_nv video_cards_rendition video_cards_s3 video_cards_s3virge video_cards_savage video_cards_siliconmotion video_cards_sis video_cards_sisusb video_cards_tdfx video_cards_tga video_cards_trident video_cards_tseng video_cards_v4l video_cards_vesa video_cards_vga video_cards_via video_cards_vmware video_cards_voodoo xorg zlib"
Unset:  CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, MAKEOPTS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY

I've tried to debug the problem following these instructions
http://bugs.mysql.com/bug.php?id=23184
but even if I had enabled USE="debug" when emerging mysql, it produces a stripped mysqld and I cannot run nm on it.

Comment 1 Robin Johnson archtester

2006-11-22 12:28:46 UTC

please try this testcase from the upstream patch (http://lists.mysql.com/commits/14591):

USE test;
CREATE TABLE t1 (a INT, b INT);
INSERT INTO t1 VALUES (1,1),(1,2),(1,3),(1,4),(1,5),(1,6),(1,7),(1,8);
INSERT INTO t1 SELECT a, b+8       FROM t1;
INSERT INTO t1 SELECT a, b+16      FROM t1;
INSERT INTO t1 SELECT a, b+32      FROM t1;
INSERT INTO t1 SELECT a, b+64      FROM t1;
INSERT INTO t1 SELECT a, b+128     FROM t1;
INSERT INTO t1 SELECT a, b+256     FROM t1;
INSERT INTO t1 SELECT a, b+512     FROM t1;
INSERT INTO t1 SELECT a, b+1024    FROM t1;
INSERT INTO t1 SELECT a, b+2048    FROM t1;
INSERT INTO t1 SELECT a, b+4096    FROM t1;
INSERT INTO t1 SELECT a, b+8192    FROM t1;
INSERT INTO t1 SELECT a, b+16384   FROM t1;
INSERT INTO t1 SELECT a, b+32768   FROM t1;
SELECT a,COUNT(DISTINCT b) AS cnt FROM t1 GROUP BY a HAVING cnt > 50;
SELECT a,SUM(DISTINCT b) AS sumation FROM t1 GROUP BY a HAVING sumation > 50;
SELECT a,AVG(DISTINCT b) AS average FROM t1 GROUP BY a HAVING average > 50;

Comment 2 Davide Ferrari 2006-11-23 01:46:05 UTC

Argh, this test case doesn't crash mysql...:/
So it shouldn't be the bug I pointed out the one that affect my installation, should it?
Is there any way in gentoo to collect this debug info? (http://dev.mysql.com/doc/mysql/en/Using_stack_trace.html)

Comment 3 Robin Johnson archtester

2006-11-23 05:24:31 UTC

FEATURES='nostrip debug' CFLAGS='-O2 -march=i686 -pipe -ggdb' CXXFLAGS='-O2 -march=i686 -pipe -ggdb' USE=debug emerge mysql

Comment 4 Davide Ferrari 2006-11-23 05:57:05 UTC

FEATURES=nostrip ....stupid me, I didn't remember. Thanks for the tip :) I'm going to compile

Comment 5 Davide Ferrari 2006-11-23 07:36:08 UTC

resolve_stack_dump output:

0x818e95c handle_segfault + 668
0x81e1993 _Z11copy_fieldsP15TMP_TABLE_PARAM + 35
0x81f8ab5 _Z10end_updateP4JOINP13st_join_tableb + 133
0x81fa282 _Z9do_selectP4JOINP4ListI4ItemEP8st_tableP9Procedure + 1202
0x81fcca3 _ZN4JOIN4execEv + 1635
0x815c3ee _ZN30subselect_single_select_engine4execEv + 158
0x815b565 _ZN14Item_subselect4execEv + 21
0x815beeb _ZN24Item_singlerow_subselect8val_realEv + 27
0x811969d _ZN22Item_func_set_user_var5checkEb + 301
0x8122c0e _ZN22Item_func_set_user_var8val_realEv + 30
0x80fb997 _ZN4Item13save_in_fieldEP5Fieldb + 455
0x81063c0 _ZN17Item_result_field20save_in_result_fieldEb + 32
0x81df3d4 _Z10copy_funcsPP4Item + 52
0x81f8637 _Z15end_write_groupP4JOINP13st_join_tableb + 599
0x81eca4f _Z20evaluate_join_recordP4JOINP13st_join_tableiPc + 447
0x81ecb07 _Z10sub_selectP4JOINP13st_join_tableb + 119
0x81f9eed _Z9do_selectP4JOINP4ListI4ItemEP8st_tableP9Procedure + 285
0x81fe9f1 _ZN4JOIN4execEv + 9137
0x81fef4a _Z12mysql_selectP3THDPPP4ItemP13st_table_listjR4ListIS1_ES2_jP8st_orderSB_S2_SB_mP13select_resultP18st_select_lex_unitP13st_sel + 362
0x81ff8c8 _Z13handle_selectP3THDP6st_lexP13select_resultm + 456
0x81aaeb0 _Z21mysql_execute_commandP3THD + 9888
0x81b0ae4 _Z11mysql_parseP3THDPcj + 612
0x81b107e _Z16dispatch_command19enum_server_commandP3THDPcj + 1326
0x81b2652 _Z10do_commandP3THD + 258
0x81b3444 handle_one_connection + 3076
0xb7ddf294 _end + -1351138236
0xb7c2232e _end + -1352960802


anyway I'm reporting the problem to mysql devs too (i've added a comment in the bug I mentioned in #1 )

Comment 6 Luca Longinotti (RETIRED) gentoo-dev

2007-01-12 22:31:35 UTC

According to upstream bug "Pushed in 5.0.32/5.1.14-beta", so please use dev-db/mysql-5.0.32, which should fix this. If not, reopen the bug upstream and reoprt back here once they fixed it fully, so that we can add the patch to the ebuilds (all this is hypotetical, it should now work with 5.0.32).
Best regards, CHTEKK.