| Bug #42778 | delete order by null global variable causes assertion .\filesort.cc, line 797 | ||
|---|---|---|---|
| Submitted: | 12 Feb 2009 5:42 | Modified: | 25 Jun 2009 22:41 |
| Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server: DML | Severity: | S2 (Serious) |
| Version: | >=5.1.31-debug, 5.1, 6.0 bzr | OS: | Any |
| Assigned to: | Gleb Shchepa | CPU Architecture: | Any |
| Tags: | assert, regression | ||
[12 Feb 2009 5:42]
Shane Bester
[12 Feb 2009 7:28]
MySQL Verification Team
the following variables cause a crash: @@global.INIT_FILE @@global.INNODB_DATA_HOME_DIR @@global.INNODB_FLUSH_METHOD @@global.RELAY_LOG @@global.RELAY_LOG_INDEX @@global.REPORT_HOST @@global.REPORT_PASSWORD @@global.REPORT_USER @@global.SECURE_FILE_PRIV @@global.SSL_CA @@global.SSL_CAPATH @@global.SSL_CERT @@global.SSL_CIPHER @@global.SSL_KEY
[12 Feb 2009 7:29]
MySQL Verification Team
cut 'n testcase for all the above variables !
Attachment: bug42778_testcases.sql (application/unknown, text), 2.33 KiB.
[12 Feb 2009 7:47]
Valeriy Kravchuk
Verified with recent 5.1.32-debug from bzr: openxs@suse:/home2/openxs/dbs/5.1> bin/mysql -uroot test Reading table information for completion of table and column names You can turn off this feature to get a quicker startup with -A Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 Server version: 5.1.32-debug Source distribution Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> drop table t1; Query OK, 0 rows affected (0.04 sec) mysql> create table t1(a int) engine=MyISAM; Query OK, 0 rows affected (0.03 sec) mysql> insert into t1 values(); Query OK, 1 row affected (0.03 sec) mysql> delete from t1 order by (@@global.ssl_ca) asc limit 10; ERROR 2013 (HY000): Lost connection to MySQL server during query mysql> 090116 10:29:27 mysqld_safe Number of processes running now: 0 090116 10:29:27 mysqld_safe mysqld restarted mysql> exit Bye openxs@suse:/home2/openxs/dbs/5.1> tail -100 var/suse.err 090115 16:10:42 InnoDB: Started; log sequence number 0 31521531 090115 16:10:43 [Warning] Neither --relay-log nor --relay-log-index were used; so replication may break when this MySQL server acts as a slave and has his hostname changed!! Please use '--relay-log=suse-relay-bin' to avoid this problem. 090115 16:10:43 [Note] Event Scheduler: Loaded 0 events 090115 16:10:43 [Note] /home2/openxs/dbs/5.1/libexec/mysqld: ready for connections. Version: '5.1.32-debug' socket: '/tmp/mysql.sock' port: 3306 Source distribution 090115 17:10:41 [Note] Got signal 15 to shutdown mysqld 090115 17:10:41 [Note] /home2/openxs/dbs/5.1/libexec/mysqld: Normal shutdown 090115 17:10:41 [Note] Event Scheduler: Purging the queue. 0 events 090115 17:10:41 InnoDB: Starting shutdown... 090115 17:10:43 InnoDB: Shutdown completed; log sequence number 0 31526291 090115 17:10:43 [Warning] Forcing shutdown of 2 plugins 090115 17:10:43 [Note] /home2/openxs/dbs/5.1/libexec/mysqld: Shutdown complete 090115 17:10:43 mysqld_safe mysqld from pid file /home2/openxs/dbs/5.1/var/suse.pid ended 090116 10:28:20 mysqld_safe Starting mysqld daemon with databases from /home2/openxs/dbs/5.1/var 090116 10:28:22 InnoDB: Started; log sequence number 0 31526291 090116 10:28:22 [Warning] Neither --relay-log nor --relay-log-index were used; so replication may break when this MySQL server acts as a slave and has his hostname changed!! Please use '--relay-log=suse-relay-bin' to avoid this problem. 090116 10:28:22 [Note] Event Scheduler: Loaded 0 events 090116 10:28:22 [Note] /home2/openxs/dbs/5.1/libexec/mysqld: ready for connections. Version: '5.1.32-debug' socket: '/tmp/mysql.sock' port: 3306 Source distribution mysqld: filesort.cc:797: void make_sortkey(SORTPARAM*, uchar*, uchar*): Assertion `0' failed. /home2/openxs/dbs/5.1/libexec/mysqld(my_print_stacktrace+0x29)[0x86af0b0] /home2/openxs/dbs/5.1/libexec/mysqld(handle_segfault+0x253)[0x82894a9] [0xffffe420] /lib/tls/libc.so.6(abort+0x1a5)[0x400e6b75] /lib/tls/libc.so.6(__assert_fail+0x103)[0x400de903] /home2/openxs/dbs/5.1/libexec/mysqld[0x83aecaf] /home2/openxs/dbs/5.1/libexec/mysqld[0x83ae55f] /home2/openxs/dbs/5.1/libexec/mysqld(_Z8filesortP3THDP8st_tableP13st_sort_fieldjP10SQL_SELECTybPy+0x5b1)[0x83ad2e1] /home2/openxs/dbs/5.1/libexec/mysqld(_Z12mysql_deleteP3THDP10TABLE_LISTP4ItemP11st_sql_listyyb+0xb8b)[0x83439b7] /home2/openxs/dbs/5.1/libexec/mysqld(_Z21mysql_execute_commandP3THD+0x3006)[0x829c020] /home2/openxs/dbs/5.1/libexec/mysqld(_Z11mysql_parseP3THDPKcjPS2_+0x1d5)[0x82a32c9] /home2/openxs/dbs/5.1/libexec/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x9f2)[0x82977c0] /home2/openxs/dbs/5.1/libexec/mysqld(_Z10do_commandP3THD+0x254)[0x8296b40] /home2/openxs/dbs/5.1/libexec/mysqld(handle_one_connection+0x123)[0x829511f] /lib/tls/libpthread.so.0[0x40031aa7] /lib/tls/libc.so.6(__clone+0x5e)[0x40177c2e] 090116 10:29:27 - mysqld got signal 6 ; This could be because you hit a bug. It is also possible that this binary or one of the libraries it was linked against is corrupt, improperly built, or misconfigured. This error can also be caused by malfunctioning hardware. We will try our best to scrape up some info that will hopefully help diagnose the problem, but since we have already crashed, something is definitely wrong and this may fail. key_buffer_size=8384512 read_buffer_size=131072 max_used_connections=1 max_threads=151 threads_connected=1 It is possible that mysqld could use up to key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 337725 K bytes of memory Hope that's ok; if not, decrease some variables in the equation. thd: 0x8eaf220 Attempting backtrace. You can use the following information to find out where mysqld died. If you see no messages after this, something went terribly wrong... stack_bottom = 0x42829430 thread_stack 0x30000 Trying to get some variables. Some pointers may be invalid and cause the dump to abort... thd->query at 0x8f11060 = delete from t1 order by (@@global.ssl_ca) asc limit 10 thd->thread_id=1 thd->killed=NOT_KILLED The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains information that should help you find out what is causing the crash. 090116 10:29:27 mysqld_safe Number of processes running now: 0 090116 10:29:27 mysqld_safe mysqld restarted ...
[12 Feb 2009 7:47]
Sveta Smirnova
Thank you for the feedback. Bug is repeatable on Linux with testcase provided.
[12 Feb 2009 7:49]
Valeriy Kravchuk
5.0.79-debug does NOT crash, so this is, indeed, a regression.
[7 Apr 2009 12:39]
Gleb Shchepa
5.0 is not affected, so target version has to be 5.1+. Analysis of the problem: In the fix for bug #32124 Item_func_set_system_var::maybe_null was unconditionally set to FALSE. However, we have few system variables that have valid value of NULL: @@GLOBAL.SSL_* (is SSL support is disabled), some InnoDB variables etc. So, there is a nonsense, that crashes filesort functions: mysql> SELECT @@global.INIT_FILE, @@global.INIT_FILE IS NULL; +--------------------+----------------------------+ | @@global.INIT_FILE | @@global.INIT_FILE IS NULL | +--------------------+----------------------------+ | NULL | 0 | +--------------------+----------------------------+ 1 row in set (0.03 sec) etc.
[7 Apr 2009 13:41]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/71544 2846 Gleb Shchepa 2009-04-07 Bug #42778: delete order by null global variable causes assertion .\filesort.cc, line 797 A query with the "ORDER BY @@some_system_variable" clause, where @@some_system_variable is NULL, causes assertion failure in the filesort procedures. The reason of the failure is in the value of Item_func_get_system_var::maybe_null: it was unconditionally set to false even if the value of a variable was NULL. modified: mysql-test/r/variables.result mysql-test/suite/sys_vars/r/innodb_data_home_dir_basic.result mysql-test/suite/sys_vars/r/innodb_flush_method_basic.result mysql-test/suite/sys_vars/r/rpl_init_slave_func.result mysql-test/suite/sys_vars/r/ssl_capath_basic.result mysql-test/suite/sys_vars/r/ssl_cipher_basic.result mysql-test/suite/sys_vars/t/innodb_data_home_dir_basic.test mysql-test/suite/sys_vars/t/innodb_flush_method_basic.test mysql-test/suite/sys_vars/t/ssl_capath_basic.test mysql-test/suite/sys_vars/t/ssl_cipher_basic.test mysql-test/t/variables.test sql/item.cc sql/item_func.cc sql/item_func.h
[21 May 2009 20:41]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/74754 2903 Gleb Shchepa 2009-05-22 Bug #42778: delete order by null global variable causes assertion .\filesort.cc, line 797 A query with the "ORDER BY @@some_system_variable" clause, where @@some_system_variable is NULL, causes assertion failure in the filesort procedures. The reason of the failure is in the value of Item_func_get_system_var::maybe_null: it was unconditionally set to false even if the value of a variable was NULL. @ mysql-test/r/variables.result Added test case for bug #42778. @ mysql-test/suite/sys_vars/r/innodb_data_home_dir_basic.result Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/r/innodb_flush_method_basic.result Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/r/rpl_init_slave_func.result Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/r/ssl_capath_basic.result Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/r/ssl_cipher_basic.result Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/t/innodb_data_home_dir_basic.test Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/t/innodb_flush_method_basic.test Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/t/ssl_capath_basic.test Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/suite/sys_vars/t/ssl_cipher_basic.test Updated test case for bug #42778: system variables were NOT NULL, now they are nullable. @ mysql-test/t/variables.test Added test case for bug #42778. @ sql/item.cc Bug #42778: delete order by null global variable causes assertion .\filesort.cc, line 797 The longlong_from_string_with_check function has been modified to skip unwanted warnings: now it uses the THD::no_errors flag to suppress warnings. The Item_func_get_system_var::update_null_value method sets the no_error flag. @ sql/item_func.cc Bug #42778: delete order by null global variable causes assertion .\filesort.cc, line 797 1. The Item_func_get_system_var::fix_length_and_dec method has been modified to make system variables truly nullable. 2. The Item_func_get_system_var::update_null_value method method has been overloaded with a simple wrapper (like Item_field::update_null_value) to suppress unwanted warnings from Item_func_get_system_var::val_int() calls on non-numeric variable values: the Item_func_get_system_var::update_null_value method sets and restores THD::no_errors flag for a nested call of the longlong_from_string_with_check function. @ sql/item_func.h Bug #42778: delete order by null global variable causes assertion .\filesort.cc, line 797 The Item_func_get_system_var::update_null_value method method has been overloaded.
[22 May 2009 7:08]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/74767 2904 Gleb Shchepa 2009-05-22 Bug #42778: delete order by null global variable causes assertion .\filesort.cc, line 797 Minor fix to test case (embedded server failure).
[28 May 2009 8:21]
Bugs System
Pushed into 5.1.36 (revid:joro@sun.com-20090528073639-yohsb4q1jzg7ycws) (version source revid:gshchepa@mysql.com-20090522064411-ddp8nbjdg7ns1l9e) (merge vers: 5.1.36) (pib:6)
[30 May 2009 2:40]
Paul DuBois
Noted in 5.1.36 changelog. For DELETE statements with ORDER BY var, where var was a global system variable with a NULL value, the server could crash. Setting report to NDI pending push into 6.0.x.
[17 Jun 2009 19:28]
Bugs System
Pushed into 5.4.4-alpha (revid:alik@sun.com-20090616183122-chjzbaa30qopdra9) (version source revid:gshchepa@mysql.com-20090522065059-7k4vo51wl0ik75rt) (merge vers: 6.0.12-alpha) (pib:11)
[25 Jun 2009 22:41]
Paul DuBois
Noted in 5.4.4 changelog.
[12 Aug 2009 22:42]
Paul DuBois
Noted in 5.4.2 changelog because next 5.4 version will be 5.4.2 and not 5.4.4.
[15 Aug 2009 1:58]
Paul DuBois
Ignore previous comment about 5.4.2.
[26 Aug 2009 13:46]
Bugs System
Pushed into 5.1.37-ndb-7.0.8 (revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (version source revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (merge vers: 5.1.37-ndb-7.0.8) (pib:11)
[26 Aug 2009 13:46]
Bugs System
Pushed into 5.1.37-ndb-6.3.27 (revid:jonas@mysql.com-20090826105955-bkj027t47gfbamnc) (version source revid:jonas@mysql.com-20090826105955-bkj027t47gfbamnc) (merge vers: 5.1.37-ndb-6.3.27) (pib:11)
[26 Aug 2009 13:48]
Bugs System
Pushed into 5.1.37-ndb-6.2.19 (revid:jonas@mysql.com-20090825194404-37rtosk049t9koc4) (version source revid:jonas@mysql.com-20090825194404-37rtosk049t9koc4) (merge vers: 5.1.37-ndb-6.2.19) (pib:11)
[27 Aug 2009 16:33]
Bugs System
Pushed into 5.1.35-ndb-7.1.0 (revid:magnus.blaudd@sun.com-20090827163030-6o3kk6r2oua159hr) (version source revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (merge vers: 5.1.37-ndb-7.0.8) (pib:11)
[8 Oct 2009 2:50]
Paul DuBois
The 5.4 fix has been pushed to 5.4.2.
[26 Jul 2010 17:18]
MySQL Verification Team
related: bug #55565
