| Bug #107638 | Assertion in val_real() failed in MySQL 8.0.29 | ||
|---|---|---|---|
| Submitted: | 23 Jun 2022 4:53 | Modified: | 16 Aug 2022 23:25 |
| Reporter: | Wang Ke | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server: Optimizer | Severity: | S6 (Debug Builds) |
| Version: | 8.0.29 | OS: | Any |
| Assigned to: | CPU Architecture: | Any | |
| Tags: | assertion failure | ||
[23 Jun 2022 6:12]
MySQL Verification Team
Hello Wang Ke, Thank you for the report and test case. Observed that 8.0.29 debug build is affected with provided test case. regards, Umesh
[23 Jun 2022 6:14]
MySQL Verification Team
- 8.0.29 release build not affected rm -rf 107638/ bin/mysqld --no-defaults --initialize-insecure --basedir=$PWD --datadir=$PWD/107638 --log-error-verbosity=3 bin/mysqld_safe --no-defaults --basedir=$PWD --datadir=$PWD/107638 --core-file --socket=/tmp/mysql.sock --port=3306 --log-error=$PWD/107638/log.err --mysqlx-port=33330 --mysqlx-socket=/tmp/mysql_x_ushastry.sock --log-error-verbosity=3 --secure-file-priv="" --local-infile=1 2>&1 & bin/mysql -uroot -S /tmp/mysql.sock Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 7 Server version: 8.0.29 MySQL Community Server - GPL Copyright (c) 2000, 2022, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database test; Query OK, 1 row affected (0.01 sec) mysql> use test Database changed mysql> CREATE TABLE t1 ( k INT , KEY ( k ) ) ENGINE = MyISAM ; Query OK, 0 rows affected (0.00 sec) mysql> INSERT INTO t1 VALUES ( 1 ) ; Query OK, 1 row affected (0.01 sec) mysql> SELECT t1 . k FROM t1 WHERE MATCH ( t1 . k ) AGAINST ( 'deadbeef' IN BOOLEAN MODE ) AND t1 . k = 1 ORDER BY t1 . k DESC ; +------+ | k | +------+ | 1 | +------+ 1 row in set (0.00 sec) - 8.0.29 debug build affected rm -rf 107638/ bin/mysqld --no-defaults --initialize-insecure --basedir=$PWD --datadir=$PWD/107638 --log-error-verbosity=3 bin/mysqld_safe --no-defaults --mysqld-version=debug --basedir=$PWD --datadir=$PWD/107638 --core-file --socket=/tmp/mysql.sock --port=3306 --log-error=$PWD/107638/log.err --mysqlx-port=33330 --mysqlx-socket=/tmp/mysql_x_ushastry.sock --log-error-verbosity=3 --secure-file-priv="" --local-infile=1 2>&1 & bin/mysql -uroot -S /tmp/mysql.sock Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 7 Server version: 8.0.29-debug MySQL Community Server - GPL - Debug Copyright (c) 2000, 2022, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database test; Query OK, 1 row affected (0.01 sec) mysql> use test Database changed mysql> CREATE TABLE t1 ( k INT , KEY ( k ) ) ENGINE = MyISAM ; Query OK, 0 rows affected (0.01 sec) mysql> INSERT INTO t1 VALUES ( 1 ) ; Query OK, 1 row affected (0.01 sec) mysql> SELECT t1 . k FROM t1 WHERE MATCH ( t1 . k ) AGAINST ( 'deadbeef' IN BOOLEAN MODE ) AND t1 . k = 1 ORDER BY t1 . k DESC ; ERROR 2013 (HY000): Lost connection to MySQL server during query
[23 Jun 2022 6:23]
MySQL Verification Team
- 5.7.38 release/debug not affected bin/mysql -uroot -S /tmp/mysql.sock Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 2 Server version: 5.7.38-debug MySQL Community Server - Debug (GPL) Copyright (c) 2000, 2022, Oracle and/or its affiliates. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> create database test1; Query OK, 1 row affected (0.00 sec) mysql> use test1 Database changed mysql> CREATE TABLE t1 ( k INT , KEY ( k ) ) ENGINE = MyISAM ; Query OK, 0 rows affected (0.00 sec) mysql> INSERT INTO t1 VALUES ( 1 ) ; Query OK, 1 row affected (0.00 sec) mysql> SELECT t1 . k FROM t1 WHERE MATCH ( t1 . k ) AGAINST ( 'deadbeef' IN BOOLEAN MODE ) AND t1 . k = 1 ORDER BY t1 . k DESC ; Empty set (0.00 sec)
[16 Aug 2022 23:25]
Jon Stephens
Documented fix as follows in the MySQL 8.0.31 changelog:
A query performing a full-text search in boolean mode on a
column of a MyISAM table led to an assertion in debug builds
when the column was not of a string type. This was due to the
fact that MyISAM allows MATCH columns without indexes in boolean
mode, and therefore also allows integer columns, which are
subject to constant propagation. Such queries on tables using
any storage engine other than MyISAM were not affected by this
issue.
This is fixed by disabling constant propagation on the MATCH
clause when the column is not of a string type, so that we can
safely assume that it contains only column references.
Closed.
Description: An assertion occurred in mysql server(8.0.29-debug-asan): Test case: ``` CREATE TABLE t1 ( k INT , KEY ( k ) ) ENGINE = MyISAM ; INSERT INTO t1 VALUES ( 1 ) ; SELECT t1 . k FROM t1 WHERE MATCH ( t1 . k ) AGAINST ( 'deadbeef' IN BOOLEAN MODE ) AND t1 . k = 1 ORDER BY t1 . k DESC ; ``` Log file: ``` 2022-06-23T04:48:50.600161Z 0 [System] [MY-010931] [Server] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld: ready for connections. Version: '8.0.29-debug-asan' socket: '/tmp/mysql.sock' port: 3306 Source distribution. mysqld: /home/mysql-server/mysql-8.0.29-origin/sql/item_func.cc:7895: virtual double Item_func_match::val_real(): Assertion `std::all_of(args, args + arg_count, [](const Item *item) { return item->real_item()->type() == FIELD_ITEM; })' failed. 04:49:06 UTC - mysqld got signal 6 ; Most likely, you have hit a bug, but this error can also be caused by malfunctioning hardware. Thread pointer: 0x62700028e900 Attempting backtrace. You can use the following information to find out where mysqld died. If you see no messages after this, something went terribly wrong... stack_bottom = 7f9ab7b51b20 thread_stack 0x100000 /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(__interceptor_backtrace+0x5b) [0x5e4e34b] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(my_print_stacktrace(unsigned char const*, unsigned long)+0x10d) [0xb6ab1cd] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(print_fatal_signal(int)+0x389) [0x8149469] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(handle_fatal_signal+0x175) [0x8149ab5] /lib/x86_64-linux-gnu/libpthread.so.0(+0x11390) [0x7f9ae8d6f390] /lib/x86_64-linux-gnu/libc.so.6(gsignal+0x38) [0x7f9ae7263438] /lib/x86_64-linux-gnu/libc.so.6(abort+0x16a) [0x7f9ae726503a] /lib/x86_64-linux-gnu/libc.so.6(+0x2dbe7) [0x7f9ae725bbe7] /lib/x86_64-linux-gnu/libc.so.6(+0x2dc92) [0x7f9ae725bc92] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Item_func_match::val_real()+0xcbe) [0x637572e] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Item_func_match::val_int()+0x8c) [0x63bd4dc] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Item::val_bool()+0x192) [0x61f0f72] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(eval_const_cond(THD*, Item*, bool*)+0xf1) [0x62fea51] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(remove_eq_conds(THD*, Item*, Item**, Item::cond_result*)+0xaaa) [0x774cb4a] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(remove_eq_conds(THD*, Item*, Item**, Item::cond_result*)+0x49d) [0x774c53d] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(optimize_cond(THD*, Item**, COND_EQUAL**, mem_root_deque<TABLE_LIST*>*, Item::cond_result*)+0xf7b) [0x773722b] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(JOIN::optimize(bool)+0x21d9) [0x772bca9] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Query_block::optimize(THD*, bool)+0x330) [0x7b71280] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Query_expression::optimize(THD*, TABLE*, bool, bool)+0x404) [0x7e176c4] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Sql_cmd_dml::execute_inner(THD*)+0x9a) [0x7b66eba] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(Sql_cmd_dml::execute(THD*)+0xe1d) [0x7b6423d] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(mysql_execute_command(THD*, bool)+0x3583) [0x794fbc3] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(dispatch_sql_command(THD*, Parser_state*)+0x1b5d) [0x7945c8d] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(dispatch_command(THD*, COM_DATA const*, enum_server_command)+0x756f) [0x793a43f] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld(do_command(THD*)+0xf9c) [0x794149c] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld() [0x80d00a2] /home/mysql-server/mysql-8.0.29-origin-dev/bin/mysqld() [0xd6ac2da] /lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba) [0x7f9ae8d656ba] /lib/x86_64-linux-gnu/libc.so.6(clone+0x6d) [0x7f9ae733551d] Trying to get some variables. Some pointers may be invalid and cause the dump to abort. Query (60f000059ad0): SELECT t1 . k FROM t1 WHERE MATCH ( t1 . k ) AGAINST ( 'deadbeef' IN BOOLEAN MODE ) AND t1 . k = 1 ORDER BY t1 . k DESC Connection ID (thread ID): 8 Status: NOT_KILLED The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains information that should help you find out what is causing the crash. ``` How to repeat: Run the test case: ``` CREATE TABLE t1 ( k INT , KEY ( k ) ) ENGINE = MyISAM ; INSERT INTO t1 VALUES ( 1 ) ; SELECT t1 . k FROM t1 WHERE MATCH ( t1 . k ) AGAINST ( 'deadbeef' IN BOOLEAN MODE ) AND t1 . k = 1 ORDER BY t1 . k DESC ; ```