From: Heikki Tuuri Date: March 26 2001 1:49pm Subject: Re: Signal 11 on Innobase table range queries List-Archive: http://lists.mysql.com/mysql/69514 Message-Id: <20010326134937.LZRB4748.fep08.tmt.tele.fi@omnibook> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Hi! I found the bug: memory was written over in the function which estimates the number of rows in ha_innobase.cc. The bug is fixed in version 3.23.36, which may be out today. You can also fix the bug by editing ha_innobase.cc, about line 2460. The last argument in the two calls to dict_index_copy_types should be key->key_parts: ......................... range_start = dtuple_create_for_mysql(&heap1, key->key_parts); dict_index_copy_types(range_start, index, key->key_parts); range_end = dtuple_create_for_mysql(&heap2, key->key_parts); dict_index_copy_types(range_end, index, key->key_parts); ......................... In the buggy version the last argument was the number of fields in the clustered index, and when the table had many columns this caused some overwrite of memory. I will run sql-bench with memory debugging switched on to check if there are similar errors. It has been a while since I last time switched memory debugging on in the tests, and that is maybe the reason the bug got past the tests. Regards, Heikki At 10:01 PM 3/25/01 -0800, you wrote: >On Sun, Mar 25, 2001 at 09:52:22PM -0800, Arne Claassen wrote: >> >> I've got a reproducable signal 11 death in mysqld using Innobase >> tables and range queries (at least reproducable on my machine, >> Redhat 6.2, mysql 3.23.35). >> >> Here's how it manifests itself: Create a table with at least 32 >> columns. Then load a row or two into the table and try to do any >> query using a range (>, <, between, in) on the primary key and i get >> this: >> >> mysql> select * from foo where id > 1 limit 1; > >[snip] > >> Let me know if anyone can reproduce this, as it's quite the >> nuisance... > >Yep. I've got a similar result here. > >To reproduce you only need one row in the table: > >---snip--- > >create table in_crash ( > > a int primary key, > b int, > c int, > d int, > e int, > f int, > g int, > h int, > i int, > j int, > k int, > l int, > m int, > n int, > o int, > p int, > q int, > r int, > s int, > t int, > u int, > v int, > w int, > x int, > y int, > z int, > a1 int, > a2 int, > a3 int, > a4 int, > a5 int, > a6 int, > a7 int, > a8 int, > a9 int, > b1 int, > b2 int, > b3 int, > b4 int, > b5 int, > b6 int > >) type = Innobase; > >insert into in_crash values (1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 ,1,1,1); > >explain select * from in_crash where a > 0 and a < 50; > >*boom* > >---snip--- > >Jeremy >-- >Jeremy D. Zawodny, >Technical Yahoo - Yahoo Finance >Desk: (408) 328-7878 Fax: (408) 530-5454 >Cell: (408) 439-9951 >